VIRY nejdou odstranit z notasu...pls help

Zpráva

Paulii · #1 Příspěvek od **Paulii** » 31 pro 2013 11:26

Zdravim prosim o pomoc pri odstaneni haveti. Eset Online Scanner nasel 20 infiltraci, z toho 9 neodstranil

Log z notasu je zde

Diky moc za pomoc

Logfile of random's system information tool 1.06 (written by random/random)
Run by Lucka at 2013-12-31 11:13:02
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 324 GB (53%) free of 610 GB
Total RAM: 3022 MB (53% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2739945366-2785903207-2513892113-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2739945366-2785903207-2513892113-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Users\Lucka\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2010-12-13 141184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10 3834016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2013-04-30 1527432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-08-26 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll []
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2013-04-30 1527432]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-04-10 142680]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-04-10 176472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-04-10 175448]
"IntelWirelessWiMAX"=C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe [2011-06-02 1622016]
"ISBMgr.exe"=C:\Program Files\Sony\ISB Utility\ISBMgr.exe [2011-02-15 2757312]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]
"vProt"=C:\Program Files\AVG Secure Search\vprot.exe [2013-12-09 2471448]
"DocCreatorClient"=C:\Program Files\Global Graphics\gDoc\DocCreatorClient.exe [2009-11-24 292248]
"AVG_UI"=C:\Program Files\AVG\AVG2014\avgui.exe [2013-11-07 4956176]
""= []
"ApnUpdater"=C:\Program Files\Ask.com\Updater\Updater.exe [2013-04-30 1721480]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208]
"SDTray"=C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [2013-07-25 5624784]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"QIP Internet Guardian"=C:\Users\Lucka\AppData\Roaming\QipGuard\QipGuard.exe [2011-08-22 190336]
"Seznam Postak"=C:\Users\Lucka\AppData\Local\Seznam.cz\bin\postak.exe [2012-01-10 491040]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"Facebook Update"=C:\Users\Lucka\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11 138096]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 354304]
"HP Deskjet 3510 series (NET)"=C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe [2012-10-17 1837672]
"Cookienator"=C:\Program Files\Cookienator\cookienator.exe [2009-10-19 1333472]

C:\Users\Lucka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Facebook Messenger.lnk - C:\Users\Lucka\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
Sledovat výstrahy inkoustu - HP Deskjet 3510 series (Síť).lnk - C:\Windows\system32\RunDll32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-04-10 288768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon]
SDWinLogon.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vga.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vgasave.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E972-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E973-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E974-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E975-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon"
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6166b05c-edb8-11e0-a3e2-78843c91afae}]
shell\AutoRun\command - E:\AutoRun.exe

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2013-12-31 10:17:20 ----D---- C:\Program Files\ESET
2013-12-31 10:15:33 ----D---- C:\Program Files\trend micro
2013-12-31 10:15:32 ----D---- C:\rsit
2013-12-30 22:20:32 ----D---- C:\Program Files\Cookienator
2013-12-30 22:10:55 ----A---- C:\Windows\system32\sdnclean.exe
2013-12-30 22:10:54 ----D---- C:\ProgramData\Spybot - Search & Destroy
2013-12-30 22:10:51 ----D---- C:\Program Files\Spybot - Search & Destroy 2
2013-12-25 14:07:54 ----D---- C:\ProgramData\Visan
2013-12-25 14:07:54 ----D---- C:\ProgramData\HP Photo Creations
2013-12-25 14:07:54 ----D---- C:\Program Files\HP Photo Creations
2013-12-25 14:07:14 ----D---- C:\Users\Lucka\AppData\Roaming\HpUpdate
2013-12-25 14:07:11 ----N---- C:\Windows\system32\HPDiscoPMAD11.dll
2013-12-25 14:06:18 ----D---- C:\ProgramData\HP
2013-12-25 14:05:38 ----D---- C:\Program Files\HP
2013-12-25 14:05:26 ----A---- C:\ProgramData\Ament.ini
2013-12-12 22:17:04 ----A---- C:\Windows\system32\jsproxy.dll
2013-12-12 22:17:04 ----A---- C:\Windows\system32\ieui.dll
2013-12-12 22:17:04 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 22:17:04 ----A---- C:\Windows\system32\ie4uinit.exe
2013-12-12 22:17:03 ----A---- C:\Windows\system32\jscript9diag.dll
2013-12-12 22:17:03 ----A---- C:\Windows\system32\ieUnatt.exe
2013-12-12 22:17:03 ----A---- C:\Windows\system32\iesetup.dll
2013-12-12 22:17:03 ----A---- C:\Windows\system32\iernonce.dll
2013-12-12 22:17:03 ----A---- C:\Windows\system32\ieetwproxystub.dll
2013-12-12 22:17:03 ----A---- C:\Windows\system32\ieetwcollector.exe
2013-12-12 22:17:03 ----A---- C:\Windows\system32\ieapfltr.dll
2013-12-12 22:17:02 ----A---- C:\Windows\system32\wininet.dll
2013-12-12 22:17:02 ----A---- C:\Windows\system32\urlmon.dll
2013-12-12 22:17:02 ----A---- C:\Windows\system32\iertutil.dll
2013-12-12 22:17:01 ----A---- C:\Windows\system32\ieframe.dll
2013-12-12 22:17:00 ----A---- C:\Windows\system32\mshtml.dll
2013-12-12 22:17:00 ----A---- C:\Windows\system32\jscript9.dll
2013-12-12 22:13:59 ----A---- C:\Windows\system32\wmp.dll
2013-12-12 22:13:58 ----A---- C:\Windows\system32\wmploc.DLL
2013-12-12 19:48:14 ----A---- C:\Windows\system32\msieftp.dll
2013-12-12 19:48:13 ----A---- C:\Windows\system32\imagehlp.dll
2013-12-12 19:48:09 ----A---- C:\Windows\system32\tzres.dll
2013-12-12 19:48:07 ----A---- C:\Windows\system32\WMPhoto.dll
2013-12-12 19:48:06 ----A---- C:\Windows\system32\wscript.exe
2013-12-12 19:48:06 ----A---- C:\Windows\system32\scrrun.dll
2013-12-12 19:48:06 ----A---- C:\Windows\system32\cscript.exe
2013-12-08 21:49:40 ----D---- C:\Users\Lucka\AppData\Roaming\MoZiGo

======List of files/folders modified in the last 1 months======

2013-12-31 11:09:01 ----D---- C:\ProgramData\YTD Video Downloader
2013-12-31 11:08:44 ----D---- C:\Windows\system32\Tasks
2013-12-31 11:08:39 ----D---- C:\Windows\Tasks
2013-12-31 11:08:38 ----D---- C:\Windows\Temp
2013-12-31 11:08:38 ----D---- C:\ProgramData\Download and Sa
2013-12-31 10:23:01 ----D---- C:\Windows\system32\config
2013-12-31 10:17:20 ----RD---- C:\Program Files
2013-12-31 10:14:01 ----D---- C:\ProgramData\MFAData
2013-12-31 10:08:38 ----D---- C:\Windows\System32
2013-12-31 10:08:24 ----AD---- C:\Windows
2013-12-30 22:21:57 ----SHD---- C:\Windows\Installer
2013-12-30 22:20:26 ----SHD---- C:\System Volume Information
2013-12-30 22:10:58 ----SD---- C:\ProgramData\Microsoft
2013-12-30 22:10:54 ----HD---- C:\ProgramData
2013-12-30 20:28:10 ----D---- C:\Windows\debug
2013-12-29 20:49:56 ----D---- C:\Users\Lucka\AppData\Roaming\vlc
2013-12-26 19:45:56 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-12-25 14:40:42 ----D---- C:\Windows\system32\drivers
2013-12-25 14:18:06 ----D---- C:\Windows\inf
2013-12-25 14:07:05 ----D---- C:\Windows\system32\DriverStore
2013-12-25 14:07:05 ----D---- C:\Windows\system32\catroot
2013-12-25 14:06:59 ----D---- C:\Windows\system32\catroot2
2013-12-25 14:06:04 ----D---- C:\Windows\twain_32
2013-12-23 10:58:23 ----D---- C:\Program Files\Mozilla Firefox
2013-12-23 10:58:08 ----D---- C:\Windows\Prefetch
2013-12-17 22:58:34 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-12-17 10:10:23 ----D---- C:\Users\Lucka\AppData\Roaming\Nitro PDF
2013-12-13 09:15:01 ----D---- C:\Windows\winsxs
2013-12-13 09:12:04 ----D---- C:\Program Files\Internet Explorer
2013-12-13 09:12:01 ----D---- C:\Windows\system32\cs-CZ
2013-12-12 22:16:51 ----D---- C:\ProgramData\Microsoft Help
2013-12-12 22:15:52 ----D---- C:\Windows\system32\MRT
2013-12-12 22:14:18 ----A---- C:\Windows\system32\MRT.exe
2013-12-12 22:14:04 ----D---- C:\Program Files\Windows Media Player
2013-12-10 20:19:34 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-12-09 21:08:47 ----D---- C:\Program Files\Common Files\AVG Secure Search
2013-12-09 21:08:42 ----D---- C:\ProgramData\AVG Secure Search
2013-12-09 21:08:41 ----D---- C:\Program Files\AVG Secure Search
2013-12-09 12:49:20 ----SD---- C:\Users\Lucka\AppData\Roaming\Microsoft
2013-12-05 14:39:45 ----D---- C:\Program Files\MyHeritage
2013-12-01 10:39:42 ----D---- C:\Windows\Logs

Jeste posilam vysledek Eset Online Scannaru

C:\Users\All Users\Download and Sa\5081b39cb6a4c.ocx Win32/Adware.MultiPlug.D aplikace
C:\Users\All Users\Download and Sa\5081b39cb6a85.html Win32/Adware.MultiPlug.H aplikace
C:\Users\All Users\Download and Sa\5081b539597b6.ocx Win32/Adware.MultiPlug.D aplikace
C:\Users\All Users\Download and Sa\5081b539597ee.html Win32/Adware.MultiPlug.H aplikace
C:\Users\All Users\Download and Sa\akcmcblgpiejeenmfficamieibnjghom.crx Win32/Adware.MultiPlug.H aplikace
C:\Users\All Users\Download and Sa\ocilnpoobhmkkoalfjjemnnklnodahlm.crx Win32/Adware.MultiPlug.H aplikace
C:\Users\All Users\Premium\OptimizerPro1\OptimizerPro1.exe Win32/GenUpdater aplikace
C:\Users\All Users\Premium\OptimizerPro1\run3919.tmp Win32/GenUpdater aplikace
C:\Users\All Users\YTD Video Downloader\ytd_installer.exe více infiltrací
C:\ProgramData\Download and Sa\5081b39cb6a4c.ocx Win32/Adware.MultiPlug.D aplikace vylé?en smazáním - ulo?en do karantény
C:\ProgramData\Download and Sa\5081b39cb6a85.html Win32/Adware.MultiPlug.H aplikace vylé?en smazáním - ulo?en do karantény
C:\ProgramData\Download and Sa\5081b539597b6.ocx Win32/Adware.MultiPlug.D aplikace vylé?en smazáním - ulo?en do karantény
C:\ProgramData\Download and Sa\5081b539597ee.html Win32/Adware.MultiPlug.H aplikace vylé?en smazáním - ulo?en do karantény
C:\ProgramData\Download and Sa\akcmcblgpiejeenmfficamieibnjghom.crx Win32/Adware.MultiPlug.H aplikace smazán - ulo?en do karantény
C:\ProgramData\Download and Sa\ocilnpoobhmkkoalfjjemnnklnodahlm.crx Win32/Adware.MultiPlug.H aplikace smazán - ulo?en do karantény
C:\ProgramData\Premium\OptimizerPro1\OptimizerPro1.exe Win32/GenUpdater aplikace vylé?en smazáním (po nejbli??ím restartu) - ulo?en do karantény
C:\ProgramData\Premium\OptimizerPro1\run3919.tmp Win32/GenUpdater aplikace vylé?en smazáním - ulo?en do karantény
C:\ProgramData\YTD Video Downloader\ytd_installer.exe více infiltrací vylé?en smazáním - ulo?en do karantény
C:\Users\Lucka\AppData\LocalLow\AskToolbar\setup.exe varianta infiltrace Win32/Bundled.Toolbar.Ask aplikace vylé?en smazáním - ulo?en do karantény
C:\Users\Lucka\ZOHAN\Programy\SoftonicDownloader_for_spb-time.exe Win32/SoftonicDownloader.C aplikace vylé?en smazáním - ulo?en do karantény

#2 Příspěvek od **vyosek** » 31 pro 2013 13:25

Zdravim

Odinstalujte Spybot - Search & Destroy - program ma uz nejlepsi leta davno za sebou a posledni cca 3 roky neni schopen celit aktualnim hrozbam

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Trvate na antiviru AVG - u nas neni moc obliben - vysoka zatez systemu, slabsi detekce

Paulii · #3 Příspěvek od **Paulii** » 31 pro 2013 14:44

Zdravím

Dobrá AVG odinstaluji a dám tady Avas!

přikládám log Adw

# AdwCleaner v3.016 - Report created 31/12/2013 at 14:34:50
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Lucka - SONY
# Running from : C:\Users\Lucka\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\Download and Sa
Folder Deleted : C:\ProgramData\Premium
[/!\] Not Deleted ( Junction ) : C:\ProgramData\Download and Sa
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Download and Sa
Folder Deleted : C:\Program Files\AVG Secure Search
Folder Deleted : C:\Program Files\GreenTree Applications
Folder Deleted : C:\Program Files\WinZip Registry Optimizer
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Users\Lucka\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Lucka\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Lucka\AppData\Roaming\Mozilla\Firefox\Profiles\4eomhzio.default-1351237613122\Extensions\{241aae70-0022-11de-87af-0800200c9a66}
File Deleted : C:\Users\Lucka\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
File Deleted : C:\Users\Lucka\AppData\Roaming\Mozilla\Firefox\Profiles\4eomhzio.default-1351237613122\searchplugins\Askcom.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ocilnpoobhmkkoalfjjemnnklnodahlm
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D2682734-9D73-6ED3-741E-5FB7D53FBB70}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2682734-9D73-6ED3-741E-5FB7D53FBB70}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2682734-9D73-6ED3-741E-5FB7D53FBB70}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Speedchecker Limited
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{20E7BC40-33F6-4A81-9D52-B58349326206}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

-\\ Mozilla Firefox v26.0 (cs)

[ File : C:\Users\Lucka\AppData\Roaming\Mozilla\Firefox\Profiles\4eomhzio.default-1351237613122\prefs.js ]

Line Deleted : user_pref("browser.search.order.1", "Ask.com");

-\\ Google Chrome v

[ File : C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage

*************************

AdwCleaner[R0].txt - [10454 octets] - [31/12/2013 14:28:48]
AdwCleaner[R1].txt - [10515 octets] - [31/12/2013 14:33:58]
AdwCleaner[S0].txt - [10188 octets] - [31/12/2013 14:34:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10249 octets] ##########

#4 Příspěvek od **vyosek** » 31 pro 2013 22:19

Avast je velmi dobra volba

Poprosim o log dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=30&t=133101

Paulii · #5 Příspěvek od **Paulii** » 01 led 2014 15:27

Dobrý den a hezký Nový rok 2014

Avast nainstalován

Log FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-12-2013
Ran by Lucka (administrator) on SONY on 01-01-2014 15:11:18
Running from C:\Users\Lucka\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Realsil Microelectronics Inc.) C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Nitro PDF Software) C:\Program Files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe
(Nalpeiron Ltd.) C:\Windows\System32\NLSSRV32.EXE
(QIP.ru) C:\Program Files\QipGuard\QipGuard.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
(Red Bend Ltd.) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe
(Sony Corporation) C:\Program Files\Sony\ISB Utility\ISBMgr.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Global Graphics Software Ltd.) C:\Program Files\Global Graphics\gDoc\DocCreatorClient.exe
(Global Graphics Software Ltd) C:\Windows\System32\DCMessages.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
() C:\Users\Lucka\AppData\Local\Seznam.cz\bin\postak.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicatorCom.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
forum.viry.cz) C:\Users\Lucka\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IntelWirelessWiMAX] - C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe [1622016 2011-06-02] (Intel® Corporation)
HKLM\...\Run: [ISBMgr.exe] - C:\Program Files\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [DocCreatorClient] - C:\Program Files\Global Graphics\gDoc\DocCreatorClient.exe [292248 2009-11-24] (Global Graphics Software Ltd.)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\hpwuschd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-01] (AVAST Software)
HKCU\...\Run: [Seznam Postak] - C:\Users\Lucka\AppData\Local\Seznam.cz\bin\postak.exe [491040 2012-01-10] ()
HKCU\...\Run: [Facebook Update] - "C:\Users\Lucka\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
HKCU\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [354304 2009-07-14] (Microsoft Corporation)
HKCU\...\Run: [HP Deskjet 3510 series (NET)] - C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.)
HKCU\...\Run: [Cookienator] - C:\Program Files\Cookienator\cookienator.exe [1333472 2009-10-19] (CodeFromThe70s.org)
HKCU\...\Run: [AVG-Secure-Search-Update_1213b] - C:\Users\Lucka\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=dc714cd2c77f47d1bcfca9cd7a75465d-455f5bef840fd1a6af9be63ae259d531b5bfc636 /CMPID=1213b
MountPoints2: {6166b05c-edb8-11e0-a3e2-78843c91afae} - E:\AutoRun.exe
Startup: C:\Users\Lucka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 3510 series (Síť).lnk
ShortcutTarget: Sledovat výstrahy inkoustu - HP Deskjet 3510 series (Síť).lnk -> C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {95289393-33EA-4F8D-B952-483415B9C955} URL = http://search.qip.ru/?query={searchTerms}
SearchScopes: HKCU - {5D23370E-AEE8-4E07-BBA3-F28FEEBC3A3E} URL = http://www.google.cz/search?q={searchTe ... {startPage}
SearchScopes: HKCU - {B12C9402-D1BD-48FF-B6DB-35C1A386CEFC} URL = http://websearch.ask.com/redirect?clien ... 3AF5852E04
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Lucka\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Lucka\AppData\Roaming\Mozilla\Firefox\Profiles\3cxp3wm4.default-1388579106733
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Fast Dial - C:\Users\Lucka\AppData\Roaming\Mozilla\Firefox\Profiles\3cxp3wm4.default-1388579106733\Extensions\fastdial@telega.phpnet.us
FF Extension: Blue Fox - C:\Users\Lucka\AppData\Roaming\Mozilla\Firefox\Profiles\3cxp3wm4.default-1388579106733\Extensions\{241aae70-0022-11de-87af-0800200c9a66}
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR Extension: (Click to call with Skype) - C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8153_0
CHR HKLM\...\Chrome\Extension: [akcmcblgpiejeenmfficamieibnjghom] - C:\ProgramData\Download and Sa\akcmcblgpiejeenmfficamieibnjghom.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-01] (AVAST Software)
R3 DCMessages; C:\Windows\System32\DCMessages.exe [99720 2009-11-24] (Global Graphics Software Ltd)
R2 DMAgent; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [450560 2011-06-06] (Red Bend Ltd.)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2012-04-08] (Flexera Software, Inc.)
R2 IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1817088 2011-04-17] (Realsil Microelectronics Inc.)
R2 NitroDriverReadSpool2; C:\Program Files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe [196896 2011-11-02] (Nitro PDF Software)
R2 QipGuard; C:\Program Files\QipGuard\QipGuard.exe [190336 2011-08-22] (QIP.ru)
R2 VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [64704 2011-03-05] (Sony Corporation)
R2 WiMAXAppSrv; C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [765952 2011-06-06] (Intel(R) Corporation)
S2 vToolbarUpdater17.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe [x]

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-01-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [79720 2014-01-01] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2014-01-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2014-01-01] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410528 2014-01-01] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [64168 2014-01-01] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [180248 2014-01-01] ()
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-11-10] (AVG Technologies)
R3 bpenum; C:\Windows\System32\DRIVERS\bpenum.sys [67584 2011-05-19] (Intel Corporation)
R3 bpmp; C:\Windows\System32\DRIVERS\bpmp.sys [149504 2011-05-19] (Intel Corporation)
R3 bpusb; C:\Windows\System32\Drivers\bpusb.sys [70144 2011-05-19] (Intel Corporation)
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [9344 2009-04-17] (GARMIN Corp.)
S3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [23424 2009-12-15] (Huawei Tech. Co., Ltd.)
R3 NETwNs32; C:\Windows\System32\DRIVERS\NETwNs32.sys [7513088 2011-05-01] (Intel Corporation)
R3 RSPCIESTOR; C:\Windows\System32\DRIVERS\RtsPStor.sys [250984 2011-04-17] (Realtek Semiconductor Corp.)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [198656 2009-12-15] (Huawei Technologies Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-01-01 15:11 - 2014-01-01 15:11 - 00012168 _____ C:\Users\Lucka\Desktop\FRST.txt
2014-01-01 15:10 - 2014-01-01 15:10 - 00112640 _____ (forum.viry.cz) C:\Users\Lucka\Desktop\FRSTLauncher.exe
2014-01-01 15:06 - 2014-01-01 15:06 - 00000000 ____D C:\Users\Lucka\AppData\Roaming\AVAST Software
2014-01-01 15:05 - 2014-01-01 15:06 - 00064168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-01 15:05 - 2014-01-01 15:05 - 00775952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-01 15:05 - 2014-01-01 15:05 - 00410528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-01-01 15:05 - 2014-01-01 15:05 - 00270240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-01 15:05 - 2014-01-01 15:05 - 00180248 _____ C:\Windows\system32\Drivers\aswVmm.sys
2014-01-01 15:05 - 2014-01-01 15:05 - 00079720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-01-01 15:05 - 2014-01-01 15:05 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-01 15:05 - 2014-01-01 15:05 - 00066752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys.1388585161
2014-01-01 15:05 - 2014-01-01 15:05 - 00049944 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2014-01-01 15:05 - 2014-01-01 15:05 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-01 15:03 - 2014-01-01 15:03 - 00000000 ____D C:\Program Files\AVAST Software
2014-01-01 15:02 - 2014-01-01 15:02 - 00000000 ____D C:\ProgramData\AVAST Software
2014-01-01 15:01 - 2014-01-01 15:01 - 00012744 _____ C:\Windows\PFRO.log
2014-01-01 15:01 - 2014-01-01 15:01 - 00000056 _____ C:\Windows\setupact.log
2014-01-01 15:01 - 2014-01-01 15:01 - 00000000 _____ C:\Windows\setuperr.log
2014-01-01 14:46 - 2014-01-01 14:46 - 00000000 ____D C:\FRST
2014-01-01 14:40 - 2014-01-01 14:40 - 01064333 _____ (Farbar) C:\Users\Lucka\Desktop\FRST.exe
2013-12-31 14:28 - 2013-12-31 14:35 - 00000000 ____D C:\AdwCleaner
2013-12-31 14:28 - 2013-12-31 14:28 - 01233962 _____ C:\Users\Lucka\Desktop\adwcleaner.exe
2013-12-31 12:18 - 2013-12-31 14:30 - 00002000 _____ C:\Windows\wininit.ini
2013-12-31 10:15 - 2013-12-31 11:13 - 00000000 ____D C:\Program Files\trend micro
2013-12-31 10:15 - 2013-12-31 10:15 - 00000000 ____D C:\rsit
2013-12-30 22:28 - 2013-12-30 22:29 - 00001428 _____ C:\Users\Lucka\Desktop\Cookienator.lnk
2013-12-30 22:20 - 2013-12-30 22:21 - 00002979 _____ C:\Users\Lucka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cookienator.lnk
2013-12-30 22:20 - 2013-12-30 22:20 - 00000000 ____D C:\Program Files\Cookienator
2013-12-30 22:10 - 2013-12-31 14:32 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2013-12-30 22:10 - 2013-12-31 14:30 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-12-27 19:01 - 2013-12-27 19:02 - 00000000 ____D C:\Users\Lucka\Documents\Ostatní
2013-12-25 14:07 - 2014-01-01 14:14 - 00000000 ____D C:\Users\Lucka\AppData\Roaming\HpUpdate
2013-12-25 14:07 - 2013-12-25 14:07 - 00002212 _____ C:\Users\Public\Desktop\HP Deskjet 3510 series.lnk
2013-12-25 14:07 - 2013-12-25 14:07 - 00001953 _____ C:\Users\Public\Desktop\HP Photo Creations.lnk
2013-12-25 14:07 - 2013-12-25 14:07 - 00000000 ____D C:\ProgramData\Visan
2013-12-25 14:07 - 2013-12-25 14:07 - 00000000 ____D C:\ProgramData\HP Photo Creations
2013-12-25 14:07 - 2013-12-25 14:07 - 00000000 ____D C:\Program Files\HP Photo Creations
2013-12-25 14:07 - 2012-10-17 04:04 - 00580712 ____N (Hewlett-Packard Co.) C:\Windows\system32\HPDiscoPMAD11.dll
2013-12-25 14:06 - 2013-12-25 14:06 - 00000000 ____D C:\ProgramData\HP
2013-12-25 14:05 - 2013-12-25 14:07 - 00000000 ____D C:\Program Files\HP
2013-12-25 14:05 - 2013-12-25 14:05 - 00000057 _____ C:\ProgramData\Ament.ini
2013-12-25 14:03 - 2013-12-25 14:18 - 00000000 ____D C:\Users\Lucka\AppData\Local\HP
2013-12-12 22:17 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 22:17 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-12 22:17 - 2013-11-26 10:22 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 22:17 - 2013-11-26 09:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-12 22:17 - 2013-11-26 09:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-12 22:17 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 22:17 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-12 22:17 - 2013-11-26 09:36 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-12 22:17 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-12 22:17 - 2013-11-26 09:29 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-12 22:17 - 2013-11-26 09:29 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-12 22:17 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-12 22:17 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 22:17 - 2013-11-26 09:13 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-12 22:17 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-12 22:17 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 22:17 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-12 22:17 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 22:17 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-12 22:13 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-12 22:13 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-12 19:48 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-12 19:48 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-12 19:48 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-12 19:48 - 2013-10-30 02:27 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-12 19:48 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-12 19:48 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-12 19:48 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-12 19:48 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-12 19:48 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-12 19:48 - 2013-10-04 02:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-12 19:48 - 2013-10-04 02:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-08 21:49 - 2013-12-09 17:31 - 00000000 ____D C:\Users\Lucka\AppData\Roaming\MoZiGo

==================== One Month Modified Files and Folders =======

2014-01-01 15:11 - 2014-01-01 15:11 - 00012168 _____ C:\Users\Lucka\Desktop\FRST.txt
2014-01-01 15:10 - 2014-01-01 15:10 - 00112640 _____ (forum.viry.cz) C:\Users\Lucka\Desktop\FRSTLauncher.exe
2014-01-01 15:08 - 2009-07-14 05:34 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-01 15:08 - 2009-07-14 05:34 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-01 15:06 - 2014-01-01 15:06 - 00000000 ____D C:\Users\Lucka\AppData\Roaming\AVAST Software
2014-01-01 15:06 - 2014-01-01 15:05 - 00064168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-01 15:05 - 2014-01-01 15:05 - 00775952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-01 15:05 - 2014-01-01 15:05 - 00410528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-01-01 15:05 - 2014-01-01 15:05 - 00270240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-01 15:05 - 2014-01-01 15:05 - 00180248 _____ C:\Windows\system32\Drivers\aswVmm.sys
2014-01-01 15:05 - 2014-01-01 15:05 - 00079720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-01-01 15:05 - 2014-01-01 15:05 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-01 15:05 - 2014-01-01 15:05 - 00066752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys.1388585161
2014-01-01 15:05 - 2014-01-01 15:05 - 00049944 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2014-01-01 15:05 - 2014-01-01 15:05 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-01 15:05 - 2011-08-24 11:13 - 01455901 _____ C:\Windows\WindowsUpdate.log
2014-01-01 15:03 - 2014-01-01 15:03 - 00000000 ____D C:\Program Files\AVAST Software
2014-01-01 15:02 - 2014-01-01 15:02 - 00000000 ____D C:\ProgramData\AVAST Software
2014-01-01 15:01 - 2014-01-01 15:01 - 00012744 _____ C:\Windows\PFRO.log
2014-01-01 15:01 - 2014-01-01 15:01 - 00000056 _____ C:\Windows\setupact.log
2014-01-01 15:01 - 2014-01-01 15:01 - 00000000 _____ C:\Windows\setuperr.log
2014-01-01 15:01 - 2013-05-31 20:13 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-01-01 15:01 - 2011-08-28 11:57 - 00000000 ____D C:\ProgramData\MFAData
2014-01-01 15:01 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-01 15:00 - 2011-08-28 12:00 - 00000000 ____D C:\Program Files\AVG
2014-01-01 14:46 - 2014-01-01 14:46 - 00000000 ____D C:\FRST
2014-01-01 14:41 - 2011-08-24 11:14 - 00000000 ___RD C:\Users\Lucka\Stažené soubory
2014-01-01 14:40 - 2014-01-01 14:40 - 01064333 _____ (Farbar) C:\Users\Lucka\Desktop\FRST.exe
2014-01-01 14:19 - 2012-06-08 08:16 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-01 14:14 - 2013-12-25 14:07 - 00000000 ____D C:\Users\Lucka\AppData\Roaming\HpUpdate
2014-01-01 13:43 - 2012-04-14 15:33 - 00000982 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2739945366-2785903207-2513892113-1000UA.job
2013-12-31 14:35 - 2013-12-31 14:28 - 00000000 ____D C:\AdwCleaner
2013-12-31 14:32 - 2013-12-30 22:10 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2013-12-31 14:30 - 2013-12-31 12:18 - 00002000 _____ C:\Windows\wininit.ini
2013-12-31 14:30 - 2013-12-30 22:10 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-12-31 14:28 - 2013-12-31 14:28 - 01233962 _____ C:\Users\Lucka\Desktop\adwcleaner.exe
2013-12-31 13:03 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2013-12-31 11:13 - 2013-12-31 10:15 - 00000000 ____D C:\Program Files\trend micro
2013-12-31 11:09 - 2013-01-10 15:30 - 00000000 ____D C:\ProgramData\YTD Video Downloader
2013-12-31 10:15 - 2013-12-31 10:15 - 00000000 ____D C:\rsit
2013-12-30 22:29 - 2013-12-30 22:28 - 00001428 _____ C:\Users\Lucka\Desktop\Cookienator.lnk
2013-12-30 22:21 - 2013-12-30 22:20 - 00002979 _____ C:\Users\Lucka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cookienator.lnk
2013-12-30 22:20 - 2013-12-30 22:20 - 00000000 ____D C:\Program Files\Cookienator
2013-12-30 22:03 - 2011-09-21 16:32 - 00000000 ____D C:\Users\Lucka\Filmy
2013-12-29 22:43 - 2012-04-14 15:33 - 00000960 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2739945366-2785903207-2513892113-1000Core.job
2013-12-29 20:49 - 2011-11-01 19:54 - 00000000 ____D C:\Users\Lucka\AppData\Roaming\vlc
2013-12-27 19:02 - 2013-12-27 19:01 - 00000000 ____D C:\Users\Lucka\Documents\Ostatní
2013-12-26 19:45 - 2012-04-26 21:00 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-25 14:18 - 2013-12-25 14:03 - 00000000 ____D C:\Users\Lucka\AppData\Local\HP
2013-12-25 14:07 - 2013-12-25 14:07 - 00002212 _____ C:\Users\Public\Desktop\HP Deskjet 3510 series.lnk
2013-12-25 14:07 - 2013-12-25 14:07 - 00001953 _____ C:\Users\Public\Desktop\HP Photo Creations.lnk
2013-12-25 14:07 - 2013-12-25 14:07 - 00000000 ____D C:\ProgramData\Visan
2013-12-25 14:07 - 2013-12-25 14:07 - 00000000 ____D C:\ProgramData\HP Photo Creations
2013-12-25 14:07 - 2013-12-25 14:07 - 00000000 ____D C:\Program Files\HP Photo Creations
2013-12-25 14:07 - 2013-12-25 14:05 - 00000000 ____D C:\Program Files\HP
2013-12-25 14:06 - 2013-12-25 14:06 - 00000000 ____D C:\ProgramData\HP
2013-12-25 14:06 - 2009-07-14 05:52 - 00000000 ____D C:\Windows\twain_32
2013-12-25 14:05 - 2013-12-25 14:05 - 00000057 _____ C:\ProgramData\Ament.ini
2013-12-23 10:58 - 2013-11-15 22:06 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-17 22:58 - 2010-11-20 22:01 - 01464520 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-17 10:11 - 2011-08-24 11:14 - 00000000 ____D C:\Users\Lucka
2013-12-17 10:10 - 2011-12-10 16:33 - 00000000 ____D C:\Users\Lucka\AppData\Roaming\Nitro PDF
2013-12-17 09:37 - 2013-01-10 15:32 - 00000000 ____D C:\Users\Lucka\Desktop\YouTube
2013-12-13 09:14 - 2009-07-14 05:33 - 00409960 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-12 22:16 - 2011-08-27 09:17 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-12 22:15 - 2013-09-02 22:09 - 00000000 ____D C:\Windows\system32\MRT
2013-12-12 22:14 - 2011-08-24 11:48 - 88123800 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-10 20:19 - 2012-06-08 08:16 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-12-10 20:19 - 2011-08-24 11:26 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-12-09 21:08 - 2013-06-21 17:15 - 00003728 _____ C:\Program Files\Mozilla Firefoxavg-secure-search.xml
2013-12-09 17:31 - 2013-12-08 21:49 - 00000000 ____D C:\Users\Lucka\AppData\Roaming\MoZiGo
2013-12-05 14:39 - 2013-08-01 16:39 - 00000000 ____D C:\Program Files\MyHeritage

Some content of TEMP:
====================
C:\Users\Lucka\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-12-31 12:56

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:596.07 GB) (Free:316.53 GB) NTFS

Available physical RAM: 1923.09 MB
Total physical RAM: 3021.86 MB
Percentage of memory in use: 36%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 628D66CD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=596 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{438BF377-A605-4A7C-BD48-F8B57FCC04E9}.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2739945366-2785903207-2513892113-1000Core.job => C:\Users\Lucka\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2739945366-2785903207-2513892113-1000UA.job => C:\Users\Lucka\AppData\Local\Facebook\Update\FacebookUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Windows:nlsPreferences

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Lucka\Desktop" je 3767 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

LOG Addition.txt viz ZIP

Paulii · #6 Příspěvek od **Paulii** » 01 led 2014 15:29

Prosím o radu AVAST hlásí něco ohledně poštovního štítu a hláška vyskakuje x-krát za minutu

viz příloha

#7 Příspěvek od **vyosek** » 02 led 2014 10:35

Dobre rano a PF 2014

Jak si prohlizite maily, pres nejaky mailovy klient (Outlook, Thunderbird) nebo pre webove rozhrani (zadate napr. seznam.cz a tam se prihlasite)?

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\hpwuschd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKCU\...\Run: [Seznam Postak] - C:\Users\Lucka\AppData\Local\Seznam.cz\bin\postak.exe [491040 2012-01-10] ()
HKCU\...\Run: [Facebook Update] - "C:\Users\Lucka\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
HKCU\...\Run: [AVG-Secure-Search-Update_1213b] - C:\Users\Lucka\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=dc714cd2c77f47d1bcfca9cd7a75465d-455f5bef840fd1a6af9be63ae259d531b5bfc636 /CMPID=1213b
MountPoints2: {6166b05c-edb8-11e0-a3e2-78843c91afae} - E:\AutoRun.exe

SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {95289393-33EA-4F8D-B952-483415B9C955} URL = http://search.qip.ru/?query={searchTerms}
SearchScopes: HKCU - {5D23370E-AEE8-4E07-BBA3-F28FEEBC3A3E} URL = http://www.google.cz/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {B12C9402-D1BD-48FF-B6DB-35C1A386CEFC} URL = http://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=en_EU&apn_ptnrs=^AHO&apn_dtid=^YYYYYY^YY^CZ&apn_uid=22ddf719-0239-4e56-814d-dad1212f5491&apn_sauid=1CFFE9C1-0DA5-4785-9917-8C3AF5852E04
BHO: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Lucka\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File

CHR HKLM\...\Chrome\Extension: [akcmcblgpiejeenmfficamieibnjghom] - C:\ProgramData\Download and Sa\akcmcblgpiejeenmfficamieibnjghom.crx

S2 vToolbarUpdater17.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe [x]
R2 QipGuard; C:\Program Files\QipGuard\QipGuard.exe [190336 2011-08-22] (QIP.ru)

2013-12-31 14:28 - 2013-12-31 14:28 - 01233962 _____ C:\Users\Lucka\Desktop\adwcleaner.exe
2013-12-30 22:10 - 2013-12-31 14:32 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2013-12-30 22:10 - 2013-12-31 14:30 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2014-01-01 15:00 - 2011-08-28 12:00 - 00000000 ____D C:\Program Files\AVG
C:\Users\Lucka\AppData\Roaming\AVG 1213b Campaign
C:\Program Files\Common Files\AVG Secure Search
C:\Program Files\QipGuard

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{438BF377-A605-4A7C-BD48-F8B57FCC04E9}.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2739945366-2785903207-2513892113-1000Core.job => C:\Users\Lucka\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2739945366-2785903207-2513892113-1000UA.job => C:\Users\Lucka\AppData\Local\Facebook\Update\FacebookUpdate.exe

AlternateDataStreams: C:\Windows:nlsPreferences

Hosts:
CMD: shutdown /r /f /t 2

End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Paulii · #8 Příspěvek od **Paulii** » 02 led 2014 17:26

Hezký den

Pro poštu používáme webové rozhraní + aplikaci Seznam Pošťák

Nastal problém, kdy dáme nový panel v prohlížeči Firefox, tak vyjede AVG Secure Search a nejde se toho zbavit a není v programech install/odinstall a nejde vidět ani ve správci vyhledávacích modulů. Dříve tam byl rychlí přístup k webovým stránkám a teď tam naskočilo to AVG, můžete prosím poradit

Log Fixlog viz příloha

#9 Příspěvek od **vyosek** » 02 led 2014 19:19

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

Paulii · #10 Příspěvek od **Paulii** » 02 led 2014 19:55

Log OTL

OTL logfile created on: 2.1.2014 19:26:07 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lucka\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,95 Gb Total Physical Memory | 1,93 Gb Available Physical Memory | 65,38% Memory free
5,90 Gb Paging File | 4,73 Gb Available in Paging File | 80,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 596,07 Gb Total Space | 316,84 Gb Free Space | 53,16% Space Free | Partition Type: NTFS

Computer Name: SONY | User Name: Lucka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2014.01.02 19:25:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lucka\Desktop\OTL.exe
PRC - [2014.01.01 22:54:14 | 002,151,744 | ---- | M] (IObit) -- C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
PRC - [2014.01.01 15:05:29 | 003,764,024 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014.01.01 15:05:29 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013.12.23 10:58:22 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013.05.10 08:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.11.23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012.10.17 04:05:54 | 001,837,672 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe
PRC - [2012.10.17 04:02:20 | 000,790,120 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicatorCom.exe
PRC - [2011.11.02 08:24:04 | 000,068,896 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\System32\NLSSRV32.EXE
PRC - [2011.11.02 08:23:44 | 000,196,896 | ---- | M] (Nitro PDF Software) -- C:\Program Files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe
PRC - [2011.06.06 15:13:46 | 000,450,560 | ---- | M] (Red Bend Ltd.) -- C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
PRC - [2011.06.06 15:08:08 | 000,765,952 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
PRC - [2011.06.02 14:53:08 | 001,622,016 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe
PRC - [2011.04.17 12:38:12 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) -- C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
PRC - [2011.03.05 15:42:36 | 000,180,928 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2011.03.05 15:42:36 | 000,064,704 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.02.15 10:47:02 | 002,757,312 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\ISB Utility\ISBMgr.exe
PRC - [2009.11.24 10:53:50 | 000,292,248 | ---- | M] (Global Graphics Software Ltd.) -- C:\Program Files\Global Graphics\gDoc\DocCreatorClient.exe
PRC - [2009.11.24 10:53:44 | 000,099,720 | ---- | M] (Global Graphics Software Ltd) -- C:\Windows\System32\DCMessages.exe
PRC - [2009.07.14 02:14:41 | 000,354,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\StikyNot.exe

========== Modules (No Company Name) ==========

MOD - [2014.01.01 15:05:29 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013.12.23 10:58:22 | 003,559,024 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013.10.12 19:00:19 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2013.09.03 07:48:11 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013.09.03 07:47:54 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013.09.03 07:47:50 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013.07.29 22:15:20 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2011.04.10 09:40:40 | 000,094,208 | ---- | M] () -- C:\Windows\System32\IccLibDll.dll
MOD - [2010.11.13 02:54:29 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_cs_b77a5c561934e089\System.Windows.Forms.resources.dll

========== Services (SafeList) ==========

SRV - [2014.01.01 22:54:14 | 002,151,744 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2014.01.01 15:05:29 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013.12.23 10:58:22 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.12.10 20:19:35 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.11.26 09:29:52 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2013.05.27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.05.10 08:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.04.08 10:25:56 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011.11.02 08:24:04 | 000,068,896 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\System32\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2011.11.02 08:23:44 | 000,196,896 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe -- (NitroDriverReadSpool2)
SRV - [2011.08.24 11:40:10 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011.06.06 15:13:46 | 000,450,560 | ---- | M] (Red Bend Ltd.) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe -- (DMAgent)
SRV - [2011.06.06 15:08:08 | 000,765,952 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe -- (WiMAXAppSrv)
SRV - [2011.04.17 12:38:12 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011.03.05 15:42:36 | 000,064,704 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2009.11.24 10:53:44 | 000,099,720 | ---- | M] (Global Graphics Software Ltd) [On_Demand | Running] -- C:\Windows\System32\DCMessages.exe -- (DCMessages)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2007.05.31 15:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 15:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)

========== Driver Services (SafeList) ==========

DRV - [2014.01.01 15:06:01 | 000,064,168 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\aswstm.sys -- (aswStm)
DRV - [2014.01.01 15:05:30 | 000,775,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014.01.01 15:05:30 | 000,410,528 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2014.01.01 15:05:30 | 000,180,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014.01.01 15:05:30 | 000,079,720 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2014.01.01 15:05:30 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014.01.01 15:05:30 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013.11.10 17:15:29 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2011.08.24 12:04:52 | 000,068,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2011.05.19 12:25:38 | 000,149,504 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bpmp.sys -- (bpmp)
DRV - [2011.05.19 12:25:34 | 000,070,144 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bpusb.sys -- (bpusb)
DRV - [2011.05.19 12:25:30 | 000,067,584 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bpenum.sys -- (bpenum)
DRV - [2011.05.01 22:32:08 | 007,513,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETwNs32.sys -- (NETwNs32)
DRV - [2011.04.17 12:38:14 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV - [2010.11.20 22:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 22:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)
DRV - [2010.11.20 22:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010.11.11 01:11:46 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2010.11.11 01:11:46 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2010.11.11 01:11:46 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2010.10.15 00:27:20 | 000,269,824 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud)
DRV - [2009.12.15 13:05:42 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.12.15 13:05:42 | 000,101,120 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009.12.15 13:05:42 | 000,023,424 | ---- | M] (Huawei Tech. Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewdcsc.sys -- (Huawei)
DRV - [2007.08.03 04:36:10 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}: "URL" = http://search.qip.ru/?query={searchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}: "URL" = http://search.qip.ru/?query={searchTerms}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2739945366-2785903207-2513892113-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-2739945366-2785903207-2513892113-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKU\S-1-5-21-2739945366-2785903207-2513892113-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKU\S-1-5-21-2739945366-2785903207-2513892113-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2739945366-2785903207-2513892113-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.bing.com
IE - HKU\S-1-5-21-2739945366-2785903207-2513892113-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKU\S-1-5-21-2739945366-2785903207-2513892113-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-2739945366-2785903207-2513892113-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2739945366-2785903207-2513892113-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE10SR
IE - HKU\S-1-5-21-2739945366-2785903207-2513892113-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7B241aae70-0022-11de-87af-0800200c9a66%7D:26.0.29.12.13
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014.01.01 15:05:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011.08.27 07:49:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lucka\AppData\Roaming\Mozilla\Extensions
[2014.01.01 22:58:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lucka\AppData\Roaming\Mozilla\Firefox\Profiles\i8diibmk.default-1388613448403\extensions
[2014.01.01 22:58:45 | 000,000,000 | ---D | M] (Blue Fox) -- C:\Users\Lucka\AppData\Roaming\Mozilla\Firefox\Profiles\i8diibmk.default-1388613448403\extensions\{241aae70-0022-11de-87af-0800200c9a66}
[2013.11.15 22:06:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.11.15 22:06:53 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.11.15 22:06:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.12.23 10:58:22 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - Extension: No name found = C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8153_0\

O1 HOSTS File: ([2014.01.02 17:10:01 | 000,000,035 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DocCreatorClient] C:\Program Files\Global Graphics\gDoc\DocCreatorClient.exe (Global Graphics Software Ltd.)
O4 - HKLM..\Run: [IntelWirelessWiMAX] C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe (Intel® Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKU\S-1-5-21-2739945366-2785903207-2513892113-1000..\Run: [Cookienator] C:\Program Files\Cookienator\cookienator.exe (CodeFromThe70s.org)
O4 - HKU\S-1-5-21-2739945366-2785903207-2513892113-1000..\Run: [HP Deskjet 3510 series (NET)] C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKU\S-1-5-21-2739945366-2785903207-2513892113-1000..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2739945366-2785903207-2513892113-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{382D011A-B1C4-49DC-A210-75673A503475}: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7D3E3ECB-6F56-4815-AAD2-54A4A831C1CF}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.04.08 10:12:49 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.divxa32 - C:\Windows\System32\divxa32.acm (Kristal StudioDFileDescription)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\Windows\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.HFYU - C:\Windows\System32\huffyuv.dll (Disappearing Inc.)
Drivers32: vidc.iv41 - C:\Windows\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\Windows\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.LAGS - C:\Windows\System32\lagarith.dll ( )
Drivers32: VIDC.VP70 - C:\Windows\System32\vp7vfw.dll (On2.com)
Drivers32: VIDC.X264 - C:\Windows\System32\x264vfw.dll ()
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2014.01.02 19:25:06 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Lucka\Desktop\OTL.exe
[2014.01.01 22:54:19 | 000,000,000 | ---D | C] -- C:\Users\Lucka\AppData\Roaming\IObit
[2014.01.01 22:54:18 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2014.01.01 22:54:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
[2014.01.01 22:54:16 | 000,000,000 | ---D | C] -- C:\ProgramData\ProductData
[2014.01.01 22:54:14 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2014.01.01 15:10:56 | 000,112,640 | ---- | C] (forum.viry.cz) -- C:\Users\Lucka\Desktop\FRSTLauncher.exe
[2014.01.01 15:06:19 | 000,000,000 | ---D | C] -- C:\Users\Lucka\AppData\Roaming\AVAST Software
[2014.01.01 15:06:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014.01.01 15:05:40 | 000,064,168 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswstm.sys
[2014.01.01 15:05:37 | 000,775,952 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014.01.01 15:05:36 | 000,410,528 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2014.01.01 15:05:36 | 000,067,824 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014.01.01 15:05:35 | 000,079,720 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2014.01.01 15:05:33 | 000,270,240 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014.01.01 15:05:30 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014.01.01 15:03:40 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014.01.01 15:02:31 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014.01.01 14:58:07 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014.01.01 14:46:45 | 000,000,000 | ---D | C] -- C:\FRST
[2014.01.01 14:40:34 | 001,064,481 | ---- | C] (Farbar) -- C:\Users\Lucka\Desktop\FRST.exe
[2013.12.31 14:28:34 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.12.31 10:15:33 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.12.31 10:15:32 | 000,000,000 | ---D | C] -- C:\rsit
[2013.12.30 22:20:32 | 000,000,000 | ---D | C] -- C:\Program Files\Cookienator
[2013.12.30 22:10:31 | 000,000,000 | ---D | C] -- C:\Users\Lucka\AppData\Local\Programs
[2013.12.27 19:01:47 | 000,000,000 | ---D | C] -- C:\Users\Lucka\Documents\Ostatní

========== Files - Modified Within 7 Days ==========

[2014.01.02 19:27:33 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.01.02 19:25:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lucka\Desktop\OTL.exe
[2014.01.02 17:44:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.01.02 17:19:39 | 000,028,352 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.01.02 17:19:39 | 000,028,352 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.01.02 17:13:28 | 000,001,992 | ---- | M] () -- C:\Users\Lucka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 3510 series (Síť).lnk
[2014.01.02 17:12:11 | 2376,486,912 | -HS- | M] () -- C:\hiberfil.sys
[2014.01.02 17:10:01 | 000,000,035 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2014.01.02 17:08:49 | 001,064,481 | ---- | M] (Farbar) -- C:\Users\Lucka\Desktop\FRST.exe
[2014.01.01 15:10:57 | 000,112,640 | ---- | M] (forum.viry.cz) -- C:\Users\Lucka\Desktop\FRSTLauncher.exe
[2014.01.01 15:06:01 | 000,064,168 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswstm.sys
[2014.01.01 15:05:30 | 000,775,952 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014.01.01 15:05:30 | 000,410,528 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2014.01.01 15:05:30 | 000,270,240 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014.01.01 15:05:30 | 000,180,248 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014.01.01 15:05:30 | 000,079,720 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2014.01.01 15:05:30 | 000,067,824 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014.01.01 15:05:30 | 000,049,944 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014.01.01 15:05:30 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.12.31 14:30:15 | 000,002,000 | ---- | M] () -- C:\Windows\wininit.ini
[2013.12.31 14:28:23 | 001,233,962 | ---- | M] () -- C:\Users\Lucka\Desktop\adwcleaner.exe
[2013.12.30 22:29:16 | 000,001,428 | ---- | M] () -- C:\Users\Lucka\Desktop\Cookienator.lnk

========== Files Created - No Company Name ==========

[2014.01.02 19:27:33 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.01.01 15:05:38 | 000,180,248 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014.01.01 15:05:36 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013.12.31 14:28:22 | 001,233,962 | ---- | C] () -- C:\Users\Lucka\Desktop\adwcleaner.exe
[2013.12.31 12:18:47 | 000,002,000 | ---- | C] () -- C:\Windows\wininit.ini
[2013.12.30 22:28:49 | 000,001,428 | ---- | C] () -- C:\Users\Lucka\Desktop\Cookienator.lnk
[2013.12.30 22:20:32 | 000,002,979 | ---- | C] () -- C:\Users\Lucka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cookienator.lnk
[2013.12.25 14:05:26 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013.08.01 16:51:15 | 000,000,489 | ---- | C] () -- C:\Windows\Viewer.INI
[2013.06.21 17:15:27 | 000,003,728 | ---- | C] () -- C:\Program Files\Mozilla Firefoxavg-secure-search.xml
[2013.01.07 20:52:23 | 007,629,368 | ---- | C] () -- C:\Users\Lucka\sony.pdf
[2012.10.26 08:18:19 | 000,027,520 | ---- | C] () -- C:\Users\Lucka\AppData\Local\dt.dat
[2012.05.04 16:16:59 | 000,042,584 | ---- | C] () -- C:\Windows\SETUPQSB.EXE
[2012.05.01 18:27:39 | 000,009,216 | ---- | C] () -- C:\Users\Lucka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.04.08 10:26:33 | 000,000,147 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011.09.02 17:48:39 | 001,332,961 | ---- | C] () -- C:\Users\Lucka\AppData\Roaming\UserTile.png

========== ZeroAccess Check ==========

[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 22:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012.11.09 09:59:27 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2012.11.09 09:59:27 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2013.10.16 14:47:05 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Ancestry
[2011.08.24 11:50:59 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Auslogics
[2012.04.08 10:29:23 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Autodesk
[2014.01.01 15:06:19 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\AVAST Software
[2011.09.06 18:47:17 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\DAEMON Tools Lite
[2011.12.10 16:31:55 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Downloaded Installations
[2011.09.28 10:14:06 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\GARMIN
[2014.01.01 22:54:19 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\IObit
[2012.04.08 11:45:19 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\IrfanView
[2013.12.09 17:31:29 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\MoZiGo
[2013.11.14 21:38:20 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Nico Mak Computing
[2013.12.17 10:10:23 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Nitro PDF
[2012.02.03 16:03:53 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\QIP
[2011.10.06 17:36:31 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Telefónica Móviles
[2012.11.05 16:18:42 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\TuneUp Software

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.07.14 05:53:46 | 000,032,610 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_a5025d31bee4647c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_df26d4d57fdef5b0\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_dfc9143c98e9a6c4\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 22:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 22:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.20 22:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 22:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 22:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2010.11.20 22:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 22:29:19 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 22:29:19 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll

< MD5 for: SCECLI.DLL >
[2010.11.20 22:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 22:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.06.21 06:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2012.08.22 18:05:21 | 001,306,992 | ---- | M] (Microsoft Corporation) MD5=23790A44D9A6B67F8690C34D4F516446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_b55b785ade04500f\tcpip.sys
[2011.04.25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2010.11.20 22:29:20 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011.09.29 17:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2013.01.04 05:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2013.07.06 06:05:35 | 001,293,760 | ---- | M] (Microsoft Corporation) MD5=4E8B9BE71B807B3BAEDB7F4243F85E3C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_b52f2f65c4a146e5\tcpip.sys
[2013.07.06 05:57:37 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=528F7CC60391DD0FAB0344F32F051FDF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_b5721e2eddf328f9\tcpip.sys
[2013.05.08 07:15:22 | 001,309,032 | ---- | M] (Microsoft Corporation) MD5=6088D01FAD49729EA0A5A3D9B9BA8B84 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_b5b3fe00ddc19aaa\tcpip.sys
[2011.09.29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2013.09.07 03:06:48 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=6C4F3D92764FFA22D28061A4D9235446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_b58e8eb0ddde6cf1\tcpip.sys
[2011.04.25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013.01.03 06:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2012.03.30 11:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2012.03.30 10:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2012.08.22 18:16:54 | 001,292,144 | ---- | M] (Microsoft Corporation) MD5=A5EBB8F648000E88B7D9390B514976BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_b514e56fc4b40532\tcpip.sys
[2013.09.08 03:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\System32\drivers\tcpip.sys
[2013.09.08 03:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_b4fa2013c4c8ebf1\tcpip.sys
[2013.05.08 06:38:00 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=D32FDAC73FCD76B85389C39BC1087F2A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_b508ef41c4bd3835\tcpip.sys
[2012.10.03 17:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2011.06.21 07:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
[2012.10.03 17:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 22:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 22:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 22:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 22:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe

< >

< %systemroot%*.* /U /s >
[5 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2007.11.07 07:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.08.26 21:40:51 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Adobe
[2013.10.16 14:47:05 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Ancestry
[2011.08.24 11:50:59 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Auslogics
[2012.04.08 10:29:23 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Autodesk
[2014.01.01 15:06:19 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\AVAST Software
[2011.09.06 18:47:17 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\DAEMON Tools Lite
[2011.12.10 16:31:55 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Downloaded Installations
[2013.05.10 10:54:00 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\dvdcss
[2011.10.07 19:18:48 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\FastStone
[2011.09.28 10:14:06 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\GARMIN
[2014.01.01 14:14:06 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\HpUpdate
[2011.08.24 11:14:18 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Identities
[2014.01.01 22:54:19 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\IObit
[2012.04.08 11:45:19 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\IrfanView
[2011.08.24 11:26:52 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Macromedia
[2010.11.21 02:24:44 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Media Center Programs
[2013.12.09 12:49:20 | 000,000,000 | --SD | M] -- C:\Users\Lucka\AppData\Roaming\Microsoft
[2013.12.09 17:31:29 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\MoZiGo
[2011.08.27 07:49:33 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Mozilla
[2013.11.14 21:38:20 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Nico Mak Computing
[2013.12.17 10:10:23 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Nitro PDF
[2012.02.03 16:03:53 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\QIP
[2013.02.28 18:33:49 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Skype
[2011.08.26 21:41:50 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Sony Corporation
[2011.10.06 17:36:31 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Telefónica Móviles
[2012.11.05 16:18:42 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\TuneUp Software
[2014.01.02 12:57:16 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\vlc

< %APPDATA%\*.exe /s >
[2012.03.11 16:45:16 | 000,001,406 | R--- | M] () -- C:\Users\Lucka\AppData\Roaming\Microsoft\Installer\{874F937F-42D9-49A6-874E-D797BBF78165}\_3F85B7C96F1987D23625EB.exe
[2012.03.11 16:45:16 | 000,001,406 | R--- | M] () -- C:\Users\Lucka\AppData\Roaming\Microsoft\Installer\{874F937F-42D9-49A6-874E-D797BBF78165}\_6FEFF9B68218417F98F549.exe
[2013.12.30 22:21:56 | 000,086,358 | R--- | M] () -- C:\Users\Lucka\AppData\Roaming\Microsoft\Installer\{BF307EDA-A176-4D83-9775-D337810CF7A7}\_EA3E2819DD980FBD00EEEC.exe
[2011.01.06 14:57:32 | 000,344,576 | ---- | M] () -- C:\Users\Lucka\AppData\Roaming\MoZiGo\backup\Barla.exe
[2013.06.10 20:14:54 | 008,904,192 | ---- | M] (Home) -- C:\Users\Lucka\AppData\Roaming\MoZiGo\backup\MoZiGo.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >
[2014.01.01 15:05:30 | 000,067,824 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswMonFlt.sys
[2014.01.01 15:05:30 | 000,079,720 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswRdr2.sys
[2014.01.01 15:05:30 | 000,049,944 | ---- | M] () -- C:\Windows\system32\drivers\aswRvrt.sys
[2014.01.01 15:05:30 | 000,775,952 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswSnx.sys
[2014.01.01 15:05:30 | 000,410,528 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswSP.sys
[2014.01.01 15:06:01 | 000,064,168 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswstm.sys
[2014.01.01 15:05:30 | 000,180,248 | ---- | M] () -- C:\Windows\system32\drivers\aswVmm.sys

< %systemroot%\system32\*.* /3 >
[2014.01.02 17:19:39 | 000,028,352 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.01.02 17:19:39 | 000,028,352 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.01.01 15:05:30 | 000,270,240 | ---- | M] (AVAST Software) -- C:\Windows\system32\aswBoot.exe

< %SYSTEMDRIVE%\*.exe >
[2007.11.07 07:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 22:29:41 | 001,174,016 | ---- | M] (Microsoft Corporation)
"RESTART_STICKY_NOTES" = C:\Windows\System32\StikyNot.exe -- [2009.07.14 02:14:41 | 000,354,304 | ---- | M] (Microsoft Corporation)
"HP Deskjet 3510 series (NET)" = "C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN3581PM8M05Y8:NW" -scfn "HP Deskjet 3510 series (NET)" -AutoStart 1 -- [2012.10.17 04:05:54 | 001,837,672 | ---- | M] (Hewlett-Packard Co.)
"Cookienator" = "C:\Program Files\Cookienator\cookienator.exe" /auto -- [2009.10.19 00:29:22 | 001,333,472 | ---- | M] (CodeFromThe70s.org)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2013.12.23 10:58:22 | 000,275,568 | ---- | M] (Mozilla Corporation) MD5=1EEA6C1B35191DC177EA83672B9C3FC0 -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013.11.26 22:50:04 | 000,806,096 | ---- | M] (Microsoft Corporation) MD5=C8A8321292A459B0A17FB39A782A5C74 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.01.02 19:27:33 | 000,000,512 | ---- | M] () MD5=B78A975347A19C70FCFB05E60DBE7961 -- C:\PhysicalMBR.bin

< End of report >

Log Extras

OTL Extras logfile created on: 2.1.2014 19:26:07 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lucka\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,95 Gb Total Physical Memory | 1,93 Gb Available Physical Memory | 65,38% Memory free
5,90 Gb Paging File | 4,73 Gb Available in Paging File | 80,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 596,07 Gb Total Space | 316,84 Gb Free Space | 53,16% Space Free | Partition Type: NTFS

Computer Name: SONY | User Name: Lucka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2739945366-2785903207-2513892113-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1346AF04-621C-4C62-A5A3-4AD5A93CF7FC}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{2905CDA7-8926-4FA9-A1BD-28AC4105EC36}" = rport=137 | protocol=17 | dir=out | app=system |
"{36CB7ECF-FB61-4420-A5D2-A972D1D15E90}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{3C948034-B886-4C06-B98A-5290602B1FEF}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=%systemroot%\microsoft.net\framework\v3.0\windows communication foundation\smsvchost.exe |
"{44C5E5E9-E2DC-4999-B149-60C09E5CBD54}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{4FD1BD79-98F6-444B-8C5B-228E7A84D3CC}" = rport=445 | protocol=6 | dir=out | app=system |
"{5188B174-D81F-4B28-B3B0-F658C3FE4D35}" = lport=445 | protocol=6 | dir=in | app=system |
"{5FE32EF8-F2C9-45BC-8715-B74AF19CA3A4}" = lport=138 | protocol=17 | dir=in | app=system |
"{66BCAB4D-2E18-4CA0-82C7-ED3B98A674B9}" = rport=138 | protocol=17 | dir=out | app=system |
"{754454DC-650B-400E-B5D7-518DE4E8533A}" = lport=139 | protocol=6 | dir=in | app=system |
"{78A820C8-FCD6-4EA0-9A11-4A5DE77E5374}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7E6EA348-40B0-4E71-8661-37639CF2FAA7}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{8A3893F9-8D15-4B33-8409-454F1B68391E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AF0C0325-DA41-43A8-82F7-DFE7B572FBA3}" = rport=139 | protocol=6 | dir=out | app=system |
"{AF47D258-0BFC-4859-89CD-15BAA033285A}" = lport=137 | protocol=17 | dir=in | app=system |
"{D2EB4E6F-06AB-449D-9541-CD5DF4099F14}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D3663978-45CA-476F-AAE8-A6DD6FEBBEC4}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{E7E1C81E-3AE0-44A1-A4AE-38BB9475DF0F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{EACADE0A-12EF-4761-B035-CCFE0DF4FA04}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00709286-4215-4E27-BA65-D347C38647E3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{33C98724-3A80-4286-BF5C-719D8B846814}" = dir=in | app=c:\program files\hp\hp deskjet 3510 series\bin\devicesetup.exe |
"{3C095A35-A3E3-4717-83A5-F74EC0631D0A}" = protocol=6 | dir=in | app=c:\program files\intel\wimax\bin\dmagent.exe |
"{45A4847B-5511-441E-BD2A-F516EFDFD188}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{465786F0-3AC4-477E-A37A-2D960638837C}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{4767C750-E688-441D-B00A-6795F35A7205}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{481B6D78-65CF-4F14-BF78-A07A7E27F9BE}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{48417B56-B5DF-4C59-8CE7-468B4D960087}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{4E1164EA-8EF2-48E7-A577-DEA4AB4E7E36}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{55E3E1F6-9F25-458B-BEB6-24F27A4A3F8A}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{5A23BCD9-4D02-48C4-835A-BD9EBD076612}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{5B65F86B-8851-4E1F-ACA2-2A72D4FB2E53}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgmfapx.exe |
"{5DBD5834-E4FC-4416-BC24-9C5B5E380360}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{720D62CA-E817-49DC-9FB7-E21360530803}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{76385401-5004-4707-AD4F-DC209C135E2C}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgmfapx.exe |
"{7D6BDA8C-0C00-4A60-ADD7-1E8F5A9BF7A9}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |
"{818E7BB8-A63A-4428-AF9C-A56705D2FAC2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{89BC744F-A722-4575-A769-6DC3FA326F2D}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{9F9DAC1F-7353-4B9B-9255-8157540B4C62}" = protocol=17 | dir=in | app=c:\program files\intel\wimax\bin\appsrv.exe |
"{A60064D4-FAC8-4EBC-A86D-FD66375CA6D3}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{ACED381B-CBD8-402B-BF76-345BC9792B03}" = dir=in | app=c:\program files\hp\hp deskjet 3510 series\bin\hpnetworkcommunicatorcom.exe |
"{AE567B83-9E0E-470E-9363-1B5380CF6863}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B1ECE818-1F79-43A9-BC8C-86CCE36565BD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B8B2B182-A666-4828-8B4E-122B1313C02C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B97AF60F-EE38-448E-8E10-C8401B9A30BC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B9907BCD-2F8E-4C72-96E5-D5611D2322F5}" = dir=in | app=c:\program files\winzip driver updater\winzipdu.exe |
"{BEC76DFD-A736-4D9E-A06F-F4C16CAA436C}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C7219D21-1677-4F39-BEA7-DD7BCF021EB9}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{CA564907-1D9F-450A-A546-E9F033115AB9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D795E41F-B50C-48BB-9533-80A2B7E191AF}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{D825EE11-0D34-48AB-8E6B-D214B442CF6D}" = protocol=6 | dir=in | app=c:\program files\intel\wimax\bin\appsrv.exe |
"{DFFD0159-4890-4A41-8A25-8EB01743078D}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{E248F6F2-80C9-4611-80CC-1907598ABD2B}" = protocol=17 | dir=in | app=c:\program files\intel\wimax\bin\dmagent.exe |
"{E5010FF2-602A-487A-817D-BA9E7ACFC5AD}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgnsx.exe |
"{F02F7B50-6A2D-4D45-AFD6-452EB76E9CD0}" = dir=in | app=c:\program files\hp\hp deskjet 3510 series\bin\hpnetworkcommunicator.exe |
"{FDD800E5-6CAD-45A2-9E4D-3CC8F3E785F5}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgnsx.exe |
"{FE2BACC8-1FFC-478A-BE75-8BE09B2E0332}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |
"TCP Query User{105A78B0-68DA-4940-A3E4-60E874A84EA8}C:\program files\qip 2010\qip.exe" = protocol=6 | dir=in | app=c:\program files\qip 2010\qip.exe |
"TCP Query User{BBA7BDBD-30E1-4C0C-9E44-A0683B31BCD2}C:\program files\qip 2010\qip.exe" = protocol=6 | dir=in | app=c:\program files\qip 2010\qip.exe |
"TCP Query User{EB310D5F-E967-4224-BBE3-E1FE2C358DF5}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{36EB9260-0A93-40AC-9B8B-CABBD75A0A9D}C:\program files\qip 2010\qip.exe" = protocol=17 | dir=in | app=c:\program files\qip 2010\qip.exe |
"UDP Query User{E75FDE85-E350-4CAC-9C1C-316445530AA5}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{EE220571-B7CA-4427-AD2B-408F1A702936}C:\program files\qip 2010\qip.exe" = protocol=17 | dir=in | app=c:\program files\qip 2010\qip.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01D55832-B40C-45C3-A8B4-17923394FDF6}" = HP Deskjet 3510 series Nápověda
"{06DC6C98-BBF6-4543-A052-95BB21CA5C54}" = gDoc Installer
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 4.7
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216027FF}" = Java(TM) 6 Update 27
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{3A94F54D-A8A4-4B82-B346-92B4D56A2708}" = VESx86
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D9E5B51-ED02-4F31-98B7-F99BABE958D0}" = gDocExcel2007AddIn
"{414A373B-59DF-4102-94CA-9FE9A74CBDDA}" = Garmin Trip and Waypoint Manager v5
"{48AD3E2E-5AEE-4FF8-8BF6-02D5846F3D25}" = TOPO Czech 2011
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{5C1DA3D9-F590-4317-A4FB-274F658E504B}" = Intel® PROSet/Wireless WiMAX Software
"{63C43435-F428-42BA-8E7B-5848749D9262}" = SSLx86
"{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}" = HP Update
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7204BDEE-1A48-4D95-A964-44A9250B439E}" = Facebook Messenger 2.1.4814.0
"{73D8886A-D416-4687-B609-0D3836BA410C}" = VAIO Event Service
"{75CAF285-3130-4DD1-A077-58463F2E5DBC}" = Nitro Pro 7
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{874F937F-42D9-49A6-874E-D797BBF78165}" = Binary Clock
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Centrum zařízení Windows Mobile
"{978D05B9-5ECD-4806-941E-99E4CB44B53B}" = gDoc Installer
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9B088046-8A01-4355-99DD-8530C022F682}" = VCCx86
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.8) - Czech
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BF307EDA-A176-4D83-9775-D337810CF7A7}" = Cookienator
"{C0E05CBA-6900-4103-B396-2A6500E67A54}" = gDocWord2007AddIn
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{E5604D13-205E-43EA-A024-A41F194D9D65}" = Základní software zařízení HP Deskjet 3510 series
"{EABCE84D-314C-4D47-8B8D-2743B45A4686}" = gDoc
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F5E3017E-47B0-43E9-A13D-8BCA3EC84EEA}" = gDocPowerPoint2007AddIn
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"ENTERPRISE" = Microsoft Office Enterprise 2007
"HP Photo Creations" = HP Photo Creations
"IObitUninstall" = IObit Uninstaller
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 7.6.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Microsoft Visual Studio 2005 Tools for Office Runtime
"Mozilla Firefox 26.0 (x86 cs)" = Mozilla Firefox 26.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"O2CZ" = O2
"OptimizerPro1" = OptimizerPro1
"Picasa 3" = Picasa 3
"ProInst" = Intel PROSet Wireless
"VLC media player" = VLC media player 1.1.11

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2739945366-2785903207-2513892113-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"QIP 2010" = QIP 2010 3.1.6116
"QIP 2012" = QIP 2012 4.0.7102
"QipGuard" = QIP Internet Guardian
"szn-software-postak" = Seznam Pošťák 2 (Pouze já.)

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 31.12.2013 8:29:03 | Computer Name = SONY | Source = MsiInstaller | ID = 11001
Description =

Error - 31.12.2013 8:29:28 | Computer Name = SONY | Source = MsiInstaller | ID = 11001
Description =

Error - 31.12.2013 9:33:53 | Computer Name = SONY | Source = WinMgmt | ID = 10
Description =

Error - 31.12.2013 9:38:25 | Computer Name = SONY | Source = WinMgmt | ID = 10
Description =

Error - 1.1.2014 7:10:17 | Computer Name = SONY | Source = WinMgmt | ID = 10
Description =

Error - 1.1.2014 10:03:02 | Computer Name = SONY | Source = WinMgmt | ID = 10
Description =

Error - 1.1.2014 10:03:23 | Computer Name = SONY | Source = VSS | ID = 8194
Description =

Error - 2.1.2014 4:12:46 | Computer Name = SONY | Source = WinMgmt | ID = 10
Description =

Error - 2.1.2014 7:57:08 | Computer Name = SONY | Source = Application Error | ID = 1000
Description = Název chybující aplikace: vlc.exe, verze: 1.1.11.0, časové razítko:
0x4e1edf37 Název chybujícího modulu: vlc.exe, verze: 1.1.11.0, časové razítko: 0x4e1edf37
Kód
výjimky: 0xc0000005 Posun chyby: 0x000016ee ID chybujícího procesu: 0x1874 Čas spuštění
chybující aplikace: 0x01cf07b1c0237eda Cesta k chybující aplikaci: C:\Program Files\VideoLAN\VLC\vlc.exe
Cesta
k chybujícímu modulu: C:\Program Files\VideoLAN\VLC\vlc.exe ID zprávy: 014eefcd-73a5-11e3-a953-78843c91afae

Error - 2.1.2014 11:10:07 | Computer Name = SONY | Source = WinMgmt | ID = 10
Description =

Error - 2.1.2014 12:14:03 | Computer Name = SONY | Source = WinMgmt | ID = 10
Description =

[ OSession Events ]
Error - 27.2.2012 9:17:59 | Computer Name = SONY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 16
seconds with 0 seconds of active time. This session ended with a crash.

Error - 4.5.2012 2:35:52 | Computer Name = SONY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 9
seconds with 0 seconds of active time. This session ended with a crash.

Error - 21.6.2012 11:11:44 | Computer Name = SONY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.

Error - 27.2.2013 15:29:49 | Computer Name = SONY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 22
seconds with 0 seconds of active time. This session ended with a crash.

Error - 23.3.2013 12:04:00 | Computer Name = SONY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 8
seconds with 0 seconds of active time. This session ended with a crash.

Error - 15.4.2013 12:45:38 | Computer Name = SONY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 8
seconds with 0 seconds of active time. This session ended with a crash.

Error - 3.6.2013 6:03:07 | Computer Name = SONY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 16
seconds with 0 seconds of active time. This session ended with a crash.

Error - 19.6.2013 9:50:38 | Computer Name = SONY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 7
seconds with 0 seconds of active time. This session ended with a crash.

Error - 27.11.2013 14:51:24 | Computer Name = SONY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 29
seconds with 0 seconds of active time. This session ended with a crash.

Error - 1.12.2013 8:41:43 | Computer Name = SONY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 15
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 2.1.2014 11:52:32 | Computer Name = SONY | Source = Schannel | ID = 36888
Description = Byla vygenerována následující výstraha o závažné chybě: 43. Stav interní
chyby: 552

Error - 2.1.2014 11:52:32 | Computer Name = SONY | Source = Schannel | ID = 36876
Description = Certifikát získaný ze vzdáleného serveru nebyl správně ověřen. Kód
chyby je 0x80092012. Žádost o připojení SSL byla odmítnuta. Připojená data obsahují
certifikát serveru.

Error - 2.1.2014 11:58:22 | Computer Name = SONY | Source = Schannel | ID = 36888
Description = Byla vygenerována následující výstraha o závažné chybě: 43. Stav interní
chyby: 552

Error - 2.1.2014 11:58:22 | Computer Name = SONY | Source = Schannel | ID = 36876
Description = Certifikát získaný ze vzdáleného serveru nebyl správně ověřen. Kód
chyby je 0x80092012. Žádost o připojení SSL byla odmítnuta. Připojená data obsahují
certifikát serveru.

Error - 2.1.2014 11:58:54 | Computer Name = SONY | Source = Schannel | ID = 36888
Description = Byla vygenerována následující výstraha o závažné chybě: 43. Stav interní
chyby: 552

Error - 2.1.2014 11:58:54 | Computer Name = SONY | Source = Schannel | ID = 36876
Description = Certifikát získaný ze vzdáleného serveru nebyl správně ověřen. Kód
chyby je 0x80092012. Žádost o připojení SSL byla odmítnuta. Připojená data obsahují
certifikát serveru.

Error - 2.1.2014 12:04:44 | Computer Name = SONY | Source = Schannel | ID = 36888
Description = Byla vygenerována následující výstraha o závažné chybě: 43. Stav interní
chyby: 552

Error - 2.1.2014 12:04:44 | Computer Name = SONY | Source = Schannel | ID = 36876
Description = Certifikát získaný ze vzdáleného serveru nebyl správně ověřen. Kód
chyby je 0x80092012. Žádost o připojení SSL byla odmítnuta. Připojená data obsahují
certifikát serveru.

Error - 2.1.2014 12:10:35 | Computer Name = SONY | Source = Schannel | ID = 36888
Description = Byla vygenerována následující výstraha o závažné chybě: 43. Stav interní
chyby: 552

Error - 2.1.2014 12:10:35 | Computer Name = SONY | Source = Schannel | ID = 36876
Description = Certifikát získaný ze vzdáleného serveru nebyl správně ověřen. Kód
chyby je 0x80092012. Žádost o připojení SSL byla odmítnuta. Připojená data obsahují
certifikát serveru.

< End of report >

#11 Příspěvek od **vyosek** » 02 led 2014 20:08

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
SRV - [2014.01.01 22:54:14 | 002,151,744 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
DRV - [2013.11.10 17:15:29 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}: "URL" = http://search.qip.ru/?query={searchTerms}
IE - HKU\S-1-5-18\..\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}: "URL" = http://search.qip.ru/?query={searchTerms}
IE - HKU\S-1-5-21-2739945366-2785903207-2513892113-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-2739945366-2785903207-2513892113-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2739945366-2785903207-2513892113-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
O2 - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
O13 - gopher Prefix: missing
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2014.01.01 22:54:19 | 000,000,000 | ---D | C] -- C:\Users\Lucka\AppData\Roaming\IObit
[2014.01.01 22:54:18 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2014.01.01 22:54:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
[2014.01.01 22:54:16 | 000,000,000 | ---D | C] -- C:\ProgramData\ProductData
[2014.01.01 22:54:14 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2014.01.01 15:10:56 | 000,112,640 | ---- | C] (forum.viry.cz) -- C:\Users\Lucka\Desktop\FRSTLauncher.exe
[2013.06.21 17:15:27 | 000,003,728 | ---- | C] () -- C:\Program Files\Mozilla Firefoxavg-secure-search.xml
[2014.01.01 22:54:19 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\IObit
[5 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

:files
C:\Program Files\IObit
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Paulii · #12 Příspěvek od **Paulii** » 02 led 2014 21:03

AVG stále prudí

Log OTL

All processes killed
========== OTL ==========
Service LiveUpdateSvc stopped successfully!
Service LiveUpdateSvc deleted successfully!
C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe moved successfully.
Service avgtp stopped successfully!
Service avgtp deleted successfully!
C:\Windows\System32\drivers\avgtpx86.sys moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.
Registry value HKEY_USERS\S-1-5-21-2739945366-2785903207-2513892113-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
HKEY_USERS\S-1-5-21-2739945366-2785903207-2513892113-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2739945366-2785903207-2513892113-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}\ deleted successfully.
C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Users\Lucka\AppData\Roaming\IObit\IObit Uninstaller folder moved successfully.
C:\Users\Lucka\AppData\Roaming\IObit folder moved successfully.
C:\ProgramData\IObit folder moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller folder moved successfully.
C:\ProgramData\ProductData folder moved successfully.
C:\Program Files\IObit\LiveUpdate\update\Uninstaller folder moved successfully.
C:\Program Files\IObit\LiveUpdate\update folder moved successfully.
C:\Program Files\IObit\LiveUpdate\Language folder moved successfully.
C:\Program Files\IObit\LiveUpdate folder moved successfully.
C:\Program Files\IObit\IObit Uninstaller\LatestNews folder moved successfully.
C:\Program Files\IObit\IObit Uninstaller\Lan_LiveUpt folder moved successfully.
C:\Program Files\IObit\IObit Uninstaller\Language folder moved successfully.
C:\Program Files\IObit\IObit Uninstaller\Images folder moved successfully.
C:\Program Files\IObit\IObit Uninstaller folder moved successfully.
C:\Program Files\IObit folder moved successfully.
C:\Users\Lucka\Desktop\FRSTLauncher.exe moved successfully.
C:\Program Files\Mozilla Firefoxavg-secure-search.xml moved successfully.
Folder C:\Users\Lucka\AppData\Roaming\IObit\ not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP57A1.tmp\System.Data.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP57A1.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E64.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7C7F.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8545.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPDF78.tmp folder deleted successfully.
C:\Windows\Temp\A1D0.tmp deleted successfully.
========== FILES ==========
File\Folder C:\Program Files\IObit not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Lucka
->Temp folder emptied: 109579782 bytes
->Temporary Internet Files folder emptied: 6524900 bytes
->Java cache emptied: 210626004 bytes
->FireFox cache emptied: 357510700 bytes
->Google Chrome cache emptied: 6504624 bytes
->Flash cache emptied: 1358 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 674983 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 659,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Lucka
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Lucka
->Java cache emptied: 0 bytes

User: Public

Total Java Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 01022014_203417

Files\Folders moved on Reboot...
C:\Users\Lucka\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#13 Příspěvek od **vyosek** » 02 led 2014 21:04

Fajn, jak se chova nas pacient??

Paulii · #14 Příspěvek od **Paulii** » 02 led 2014 21:10

výsledek logu viz výše

jen AVG stále dělá neplechu

#15 Příspěvek od **vyosek** » 03 led 2014 10:02

Zkusime jeste dle kolegy

Márty84 píše: Zkuste jeste spustit mozillu a do adresniho radku napsat about:config a odentrujte. Slibte ji, ze tam budete opatrna a najedte tam.

Napiste avg a vse smazte

VIRY.CZ

VIRY nejdou odstranit z notasu...pls help

VIRY nejdou odstranit z notasu...pls help

Re: VIRY nejdou odstranit z notasu...pls help

Re: VIRY nejdou odstranit z notasu...pls help

Re: VIRY nejdou odstranit z notasu...pls help

Re: VIRY nejdou odstranit z notasu...pls help

Re: VIRY nejdou odstranit z notasu...pls help

Re: VIRY nejdou odstranit z notasu...pls help

Re: VIRY nejdou odstranit z notasu...pls help

Re: VIRY nejdou odstranit z notasu...pls help

Re: VIRY nejdou odstranit z notasu...pls help

Re: VIRY nejdou odstranit z notasu...pls help

Re: VIRY nejdou odstranit z notasu...pls help

Re: VIRY nejdou odstranit z notasu...pls help

Re: VIRY nejdou odstranit z notasu...pls help

Re: VIRY nejdou odstranit z notasu...pls help