"okyy.vbs" na flashdisku

[imperratorr]

Dobrý den,
na flashdisku se mi místo složek a souborů objevují pouze jejich zástupci o velikosti 1kb, nevšiml jsem si toho, ale po dvojkliku na složku mě varoval comodo firewall, že se cmd snaží spustit soubor "okyy.vbs" nechal jsem to zablokovat. nezaznamenal jsem žádnou změnu chování PC, ale google říká že to je problém a tak se obracím na Vás s prosbou o pomoc tady log z RSIT


u Logfile of random's system information tool 1.09 (written by random/random)
Run by Rendor at 2014-01-16 17:09:52
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 27 GB (46%) free of 57 GB
Total RAM: 8173 MB (79% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:10:07, on 16.1.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NirSoft\Volumouse\volumouse.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
F:\GAMES\NW\Arc\Arc.exe
F:\GAMES\NW\Arc\ArcBrowser.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\foobar2000\foobar2000.exe
C:\Program Files\trend micro\Rendor.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: ArcPluginIEBHO - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - F:\GAMES\NW\Arc\Plugins\ArcPluginIE.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Arc] F:\GAMES\NW\Arc\ArcLauncher.exe /autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [$Volumouse$] "C:\Program Files (x86)\NirSoft\Volumouse\volumouse.exe" /nodlg
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Arc Service (ArcService) - Perfect World Entertainment Inc - F:\GAMES\NW\Arc\ArcService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: SW Distributed TS Coordinator Service (CoordinatorServiceHost) - Dassault Systemes SolidWorks Corp. - F:\SolidWorks\SolidWorks\swScheduler\DTSCoordinatorService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9632 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\viakaraokesrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-8c12b6f6-5bdb-4416-bdd6-5b5662297fe6 -SystemEventPortName:HostProcess-cac7dcc6-f3d7-4736-a31f-cb4a0017053f -IoCancelEventPortName:HostProcess-8babef6d-34c8-4bee-b4c7-2150960a2010 -NonStateChangingEventPortName:HostProcess-a74456b2-c419-49a6-87ba-d675ce0e1fdf -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e7b70d82-ec8b-447b-9545-65b8b3bd4d84
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
"C:\Program Files (x86)\NirSoft\Volumouse\volumouse.exe" /nodlg
"C:\Windows\System32\StikyNot.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"F:\GAMES\NW\Arc\Arc.exe" noupdate /autorun
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
"1" "70330" "70332" "" "http://arc01.perfectworld.com/client/newallgames"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\foobar2000\foobar2000.exe"
"C:\Users\Rendor\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup

=========Mozilla firefox=========

ProfilePath - C:\Users\Rendor\AppData\Roaming\Mozilla\Firefox\Profiles\nph6igpq.default

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.startup.homepage" - "google.com"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@perfectworld.com/npArcPlayNowPlugin]
"Description"=Arc PlayNow plugin for Mozilla browsers
"Path"=F:\GAMES\NW\Arc\Plugins\npArcPluginFF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-11-27 1567016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-13 81024]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-13 69760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-01-16 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84BFE29A-8139-402a-B2A4-C23AE9E1A75F}]
ArcPluginIEBHO Class - F:\GAMES\NW\Arc\Plugins\ArcPluginIE.dll [2013-10-10 108904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-11-27 606544]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-01-16 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-11-27 1567016]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-11-27 606544]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2012-11-08 9577680]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"$Volumouse$"=C:\Program Files (x86)\NirSoft\Volumouse\volumouse.exe [2009-08-05 33280]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\20131121]
C:\Program Files\AVAST Software\Avast\setup\emupdate\5f36cc74-b09c-42fa-8bef-b4c2ebaeed60.exe [2013-11-27 180184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-08-28 3671904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EasyTuneVI]
C:\Program Files (x86)\Gigabyte\ET6\ETCall.exe [2012-02-01 40960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager]
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2009-12-03 976320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON SX218 Series]
C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGDE.EXE [2009-09-14 224768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RESTART_STICKY_NOTES]
C:\Windows\System32\StikyNot.exe [2009-07-14 427520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\Steam.exe [2013-12-11 1823656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SolidWorks Nástroj pro stahování na pozadí.lnk]
C:\PROGRA~2\COMMON~1\MANAER~1\BACKGR~1\SLDBGD~1.EXE [2010-10-07 1826600]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2012-05-11 5119600]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-04-06 641664]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-11-27 3568312]
"Arc"=F:\GAMES\NW\Arc\ArcLauncher.exe [2013-10-10 129384]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\Windows\system32\guard64.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-01-16 17:09:58 ----D---- C:\Program Files\trend micro
2014-01-16 17:09:52 ----D---- C:\rsit
2014-01-16 11:56:07 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-01-16 11:56:03 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-01-16 11:56:03 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-01-16 11:56:03 ----A---- C:\Windows\SYSWOW64\java.exe
2014-01-16 11:55:58 ----D---- C:\Program Files (x86)\Java

======List of files/folders modified in the last 1 month======

2014-01-16 17:10:06 ----D---- C:\Windows\Temp
2014-01-16 17:09:58 ----RD---- C:\Program Files
2014-01-16 17:08:29 ----D---- C:\foobar2000
2014-01-16 16:57:11 ----D---- C:\Windows\System32
2014-01-16 16:57:11 ----D---- C:\Windows\inf
2014-01-16 16:57:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-01-16 11:56:12 ----D---- C:\ProgramData\Oracle
2014-01-16 11:56:07 ----SHD---- C:\Windows\Installer
2014-01-16 11:56:07 ----D---- C:\Windows\SysWOW64
2014-01-16 11:56:07 ----D---- C:\Program Files (x86)\Common Files
2014-01-16 11:55:58 ----RD---- C:\Program Files (x86)
2014-01-16 11:55:56 ----SHD---- C:\System Volume Information
2014-01-16 11:48:18 ----D---- C:\Windows\system32\catroot2
2014-01-10 20:47:48 ----D---- C:\Users\Rendor\AppData\Roaming\uTorrent
2014-01-10 11:07:13 ----D---- C:\Users\Rendor\AppData\Roaming\Media Player Classic
2014-01-09 14:21:45 ----D---- C:\Windows
2014-01-07 12:02:19 ----SD---- C:\Users\Rendor\AppData\Roaming\Microsoft
2014-01-07 12:02:19 ----D---- C:\ProgramData\Microsoft Help
2014-01-03 15:36:26 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-02 14:43:41 ----D---- C:\Windows\SoftwareDistribution
2014-01-02 11:55:39 ----D---- C:\Windows\system32\config
2014-01-01 15:43:20 ----D---- C:\Windows\Minidump
2014-01-01 15:43:20 ----D---- C:\Program Files (x86)\Steam
2013-12-31 21:55:58 ----D---- C:\Windows\system32\NDF
2013-12-31 21:51:21 ----SHD---- C:\$Recycle.Bin
2013-12-31 21:51:18 ----RD---- C:\Users
2013-12-17 11:43:41 ----D---- C:\Windows\system32\Tasks
2013-12-17 11:43:32 ----D---- C:\Windows\Tasks
2013-12-17 11:43:31 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-11-27 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2013-11-27 205320]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2013-11-27 92544]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2013-11-27 1032416]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2013-11-27 409832]
R1 aswTdi;aswTdi; \??\C:\Windows\system32\drivers\aswTdi.sys [2013-11-27 65264]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2012-11-08 584056]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2012-11-08 38144]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-07-01 283200]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2012-11-08 94288]
R2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
R2 aswFsBlk;aswFsBlk; \??\C:\Windows\system32\drivers\aswFsBlk.sys [2013-11-27 38984]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-11-27 84328]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-04-06 11174400]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-04-06 343040]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-02-23 95760]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2011-07-29 56960]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2011-07-29 79104]
R3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2014-01-16 25640]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2012-05-04 2196592]
S3 AODDriver;AODDriver; \??\C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys [2010-03-12 52280]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 etdrv;etdrv; \??\C:\Windows\etdrv.sys [2013-08-15 25640]
S3 GVTDrv64;GVTDrv64; \??\C:\Windows\GVTDrv64.sys [2013-12-16 30528]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-04-06 236544]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-04-05 361984]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-11-27 50344]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2012-11-08 2828408]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ES lite Service;ES lite Service for program management.; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-08-24 68136]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-10-11 76888]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2012-05-04 27760]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 ArcService;Arc Service; F:\GAMES\NW\Arc\ArcService.exe [2013-10-10 88424]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service; F:\SolidWorks\SolidWorks\swScheduler\DTSCoordinatorService.exe [2010-10-05 87336]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-11-22 1431888]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-11-22 1044816]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2011-08-30 160256]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-11 119408]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2013-11-22 79360]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-12-11 569768]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2013-11-06 758224]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]

-----------------EOF-----------------

[vyosek]

Zdravim

Zapojte do PC vsechny USB klice (flashky, ext. disky apod.)

• Stahne a ulozte na plochu UsbFix http://www.viry.cz/forum/viewtopic.php?f=24&t=102308
• Spustte a kliknete na Deletion
• Po dokonceni sem vlozte log, pokud na Vas nevyskoci, najdete jej zde C:\UsbFix.txt

[imperratorr]

############################## | UsbFix V 7.134 | [Deletion]

User: Rendor (Administrator) # NIX
Updated 06/09/2013 by El Desaparecido
Started at 17:45:15 | 16/01/2014

Website: http://www.sosvirus.net/
Upload Malware: http://www.sosvirus.net/upload_malware.php
Contact: eldesaparecido@sosvirus.net

PC: Gigabyte Technology Co., Ltd. (GA-970A-D3) (x64-based PC)
CPU: AMD FX(tm)-6100 Six-Core Processor (3300)
RAM -> [Total : 8173 | Free : 6393]
BIOS: Award Modular BIOS v6.00PG
BOOT: Normal boot

OS: Microsoft Windows 7 Professional (6.1.7601 64-Bit) # Service Pack 1
WB: Windows Internet Explorer 8.0.7601.17514

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: avast! Antivirus [(!) Disabled | Updated]
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Fixed drive # 56 Gb (26 Mb free - 46%) [] # NTFS
D:\ -> CD-ROM
E:\ -> Fixed drive # 49 Gb (8 Mb free - 17%) [] # NTFS
F:\ -> Fixed drive # 439 Gb (4 Mb free - 1%) [] # NTFS
G:\ -> Fixed drive # 443 Gb (5 Mb free - 1%) [] # NTFS
I:\ -> CD-ROM
J:\ -> Removable drive # 15 Gb (6 Mb free - 43%) [TADYTUTEN] # NTFS

################## | El Desaparecido Section |

HKLM\SOFTWARE | Run : [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
HKLM\SOFTWARE | Run : [StartCCC] - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
HKLM\SOFTWARE | Run : [AMD AVT] - Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
HKLM\SOFTWARE | Run : [AvastUI.exe] - "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
HKLM\SOFTWARE | Run : [Arc] - F:\GAMES\NW\Arc\ArcLauncher.exe /autorun
HKLM\SOFTWARE | Run : [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM\SOFTWARE\wow6432Node | Run : [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
HKLM\SOFTWARE\wow6432Node | Run : [StartCCC] - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
HKLM\SOFTWARE\wow6432Node | Run : [AMD AVT] - Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
HKLM\SOFTWARE\wow6432Node | Run : [AvastUI.exe] - "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
HKLM\SOFTWARE\wow6432Node | Run : [Arc] - F:\GAMES\NW\Arc\ArcLauncher.exe /autorun
HKLM\SOFTWARE\wow6432Node | Run : [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM\SOFTWARE | RunOnce : [] -
HKLM\SOFTWARE\wow6432Node | RunOnce : [] -
HKU\S-1-5-19\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-1419693804-363834060-2933006463-1000\SOFTWARE | Run : [$Volumouse$] - "C:\Program Files (x86)\NirSoft\Volumouse\volumouse.exe" /nodlg
HKU\S-1-5-21-1419693804-363834060-2933006463-1000\SOFTWARE | Run : [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe
HKU\S-1-5-19\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
HKU\S-1-5-20\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe

################## | Stopped processes |

Stopped! C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (996)
Stopped! C:\Windows\system32\atiesrxx.exe (500)
Stopped! C:\Windows\system32\atieclxx.exe (1456)
Stopped! C:\Program Files\AVAST Software\Avast\AvastSvc.exe (1472)
Stopped! C:\Windows\System32\spoolsv.exe (1704)
Stopped! C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (1820)
Stopped! C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (1844)
Stopped! C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE (1880)
Stopped! C:\Windows\SysWOW64\PnkBstrA.exe (1936)
Stopped! C:\Windows\system32\viakaraokesrv.exe (2012)
Stopped! C:\Windows\system32\WUDFHost.exe (2744)
Stopped! C:\Windows\system32\taskhost.exe (844)
Stopped! C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (3180)
Stopped! C:\Program Files (x86)\NirSoft\Volumouse\volumouse.exe (3240)
Stopped! C:\Windows\System32\StikyNot.exe (3276)
Stopped! C:\Windows\system32\SearchIndexer.exe (3372)
Stopped! C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (3420)
Stopped! C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (3476)
Stopped! C:\Program Files\AVAST Software\Avast\AvastUI.exe (3536)
Stopped! C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (3604)
Stopped! C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (4004)
Stopped! F:\GAMES\NW\Arc\Arc.exe (3220)
Stopped! C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (4252)
Stopped! F:\GAMES\NW\Arc\ArcBrowser.exe (5064)
Stopped! C:\Program Files (x86)\Mozilla Firefox\firefox.exe (5084)
Stopped! C:\foobar2000\foobar2000.exe (3500)

################## | Files # Infected Folders |

Deleted ! J:\BM.lnk
Deleted ! J:\FYZ prednasky.lnk
Deleted ! J:\interiér.lnk
Deleted ! J:\System Volume Information.lnk
Deleted ! J:\okyy.vbs

(!) Temporary files deleted.

################## | Registry |


################## | Mountpoints2 |

Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{c2896c72-e205-11e2-8dbd-902b34916cf9}

################## | Listing |

[31/12/2013 - 21:51:21 | SHD ] C:\$Recycle.Bin
[30/06/2013 - 14:22:06 | N | 156] C:\csb.log
[14/07/2009 - 06:08:56 | SHD ] C:\Documents and Settings
[16/01/2014 - 17:08:29 | D ] C:\foobar2000
[30/06/2013 - 14:20:24 | N | 189] C:\Install.log
[30/06/2013 - 14:21:49 | D ] C:\Intel
[01/12/2006 - 23:37:14 | N | 904704] C:\msdia80.dll
[28/10/2013 - 16:56:10 | RHD ] C:\MSOCache
[16/01/2014 - 14:15:44 | ASH | 8570265600] C:\pagefile.sys
[14/07/2009 - 04:20:08 | D ] C:\PerfLogs
[16/01/2014 - 17:09:58 | D ] C:\Program Files
[16/01/2014 - 11:55:58 | D ] C:\Program Files (x86)
[27/11/2013 - 10:24:08 | HD ] C:\ProgramData
[30/06/2013 - 14:05:32 | SHD ] C:\Recovery
[16/01/2014 - 17:10:09 | D ] C:\rsit
[16/01/2014 - 17:10:09 | N | 199] C:\service.log
[22/11/2013 - 18:14:49 | D ] C:\SolidWorks Data
[16/01/2014 - 11:55:56 | SHD ] C:\System Volume Information
[16/01/2014 - 17:47:19 | D ] C:\UsbFix
[16/01/2014 - 17:47:34 | A | 6367] C:\UsbFix [Clean 1] NIX.txt
[31/12/2013 - 21:51:18 | D ] C:\Users
[09/01/2014 - 14:21:45 | D ] C:\Windows
[31/12/2013 - 21:51:21 | SHD ] E:\$RECYCLE.BIN
[22/05/2013 - 21:14:38 | D ] E:\750
[01/09/2013 - 20:05:53 | D ] E:\Borderlands Original Soundtrack
[07/07/2013 - 16:57:37 | D ] E:\C&C Generals and Zero Hour
[07/07/2013 - 19:53:32 | D ] E:\CC Generals
[07/07/2013 - 20:48:24 | N | 115766360] E:\Contra007.rar
[02/11/2013 - 20:09:58 | D ] E:\GAMES
[08/07/2013 - 07:21:17 | N | 18401585] E:\GeneralsZH-104-english.exe
[18/07/2013 - 19:50:02 | D ] E:\Grimm S02E22 HDTV XviD-FUM[ettv]
[18/07/2013 - 09:01:44 | N | 316122344] E:\grimm.222.hdtv-lol.mp4
[22/05/2013 - 21:29:24 | N | 45974] E:\grimm.222.hdtv-lol.srt
[24/03/2013 - 16:14:25 | D ] E:\matika
[22/05/2013 - 21:02:35 | D ] E:\karta
[28/10/2013 - 23:15:50 | N | 15764411] E:\Kill_or_Get_Killed.pdf
[21/12/2013 - 00:03:09 | D ] E:\MENDELU
[02/07/2013 - 18:42:59 | D ] E:\Nová složka
[01/12/2013 - 12:14:43 | D ] E:\PROGRAMY
[23/07/2013 - 15:54:26 | D ] E:\S.T.A.L.K.E.R. Shadow of Chernobyl čeština
[30/09/2013 - 20:47:47 | D ] E:\savy
[14/09/2013 - 13:26:37 | D ] E:\SCPT
[14/09/2013 - 12:39:13 | N | 2418688227] E:\SCPT.rar
[07/07/2013 - 19:50:02 | N | 3067400] E:\Setup_MagicISO.exe
[30/09/2013 - 20:46:48 | D ] E:\skrypta
[16/09/2013 - 19:00:34 | N | 44385262] E:\skrypta.rar
[22/02/2013 - 01:02:03 | D ] E:\SolidWorks 2011 SP0.0 (x32x64) [Full Multilanguage Editions + Applications][WwW.ZoNaTorrent.CoM]
[12/07/2013 - 09:07:14 | D ] E:\SubtitleToolCZ
[12/07/2013 - 09:07:05 | N | 290722] E:\SubtitleToolCZ.zip
[11/12/2012 - 18:55:14 | SHD ] E:\System Volume Information
[20/08/2013 - 21:37:32 | N | 366078374] E:\The.Walking.Dead.S02E10.HDTV.XviD-2HD.[VTV].avi
[20/08/2013 - 21:32:35 | N | 32624] E:\The.Walking.Dead.S02E10.HDTV.XviD-2HD.[VTV].srt
[08/09/2013 - 23:47:56 | N | 18348495] E:\Tom.Clancys.Splinter.Cell.Conviction-SKIDROW.Crack.Only.rar
[31/12/2013 - 21:50:31 | D ] E:\ToR
[07/07/2013 - 16:47:40 | N | 1126480] E:\utorrent.exe
[19/07/2013 - 12:08:50 | N | 1441792] E:\XR_3DA.exe
[31/12/2013 - 21:51:21 | SHD ] F:\$RECYCLE.BIN
[12/08/2013 - 19:58:57 | D ] F:\,,,,,,,,
[09/12/2013 - 20:07:39 | D ] F:\ArcTemp
[26/11/2013 - 12:03:00 | D ] F:\Arrow.S02E07.720p.HDTV.X264-DIMENSION [PublicHD]
[28/12/2013 - 14:07:52 | N | 1202833786] F:\Arrow.S02E09.720p.HDTV.X264-DIMENSION.mkv
[28/12/2013 - 14:25:56 | N | 37964] F:\Arrow.S02E09.720p.HDTV.X264-DIMENSION.srt
[15/07/2013 - 15:14:39 | N | 306718193] F:\Autoskola_Plus.zip
[15/07/2013 - 14:42:11 | D ] F:\Autoskola_Testy_Demo_3
[15/07/2013 - 14:41:46 | N | 18276444] F:\Autoskola_Testy_Demo_3.zip
[29/09/2013 - 00:15:36 | D ] F:\Borderlands.2.Ultimate.Edition.1.7.Incl.All.24.DLC.ENG.Repack[WB]
[26/12/2013 - 22:17:53 | D ] F:\Doctor Who - Series 6
[28/12/2013 - 02:01:11 | D ] F:\Doctor.Who.Season.6
[04/02/2013 - 10:25:46 | D ] F:\DOWNLOAD
[07/11/2007 - 07:00:40 | N | 17734] F:\eula.1028.txt
[07/11/2007 - 07:00:40 | N | 17734] F:\eula.1031.txt
[07/11/2007 - 07:00:40 | N | 10134] F:\eula.1033.txt
[07/11/2007 - 07:00:40 | N | 17734] F:\eula.1036.txt
[07/11/2007 - 07:00:40 | N | 17734] F:\eula.1040.txt
[07/11/2007 - 07:00:40 | N | 118] F:\eula.1041.txt
[07/11/2007 - 07:00:40 | N | 17734] F:\eula.1042.txt
[07/11/2007 - 07:00:40 | N | 17734] F:\eula.2052.txt
[07/11/2007 - 07:00:40 | N | 17734] F:\eula.3082.txt
[26/12/2013 - 14:11:11 | D ] F:\GAMES
[07/11/2007 - 07:00:40 | N | 1110] F:\globdata.ini
[13/09/2013 - 14:36:41 | D ] F:\IMAGES
[03/11/2013 - 19:26:17 | D ] F:\INSTAL
[07/11/2007 - 07:03:18 | N | 562688] F:\install.exe
[07/11/2007 - 07:00:40 | N | 843] F:\install.ini
[07/11/2007 - 07:03:18 | N | 76304] F:\install.res.1028.dll
[07/11/2007 - 07:03:18 | N | 96272] F:\install.res.1031.dll
[07/11/2007 - 07:03:18 | N | 91152] F:\install.res.1033.dll
[07/11/2007 - 07:03:18 | N | 97296] F:\install.res.1036.dll
[07/11/2007 - 07:03:18 | N | 95248] F:\install.res.1040.dll
[07/11/2007 - 07:03:18 | N | 81424] F:\install.res.1041.dll
[07/11/2007 - 07:03:18 | N | 79888] F:\install.res.1042.dll
[07/11/2007 - 07:03:18 | N | 75792] F:\install.res.2052.dll
[07/11/2007 - 07:03:18 | N | 96272] F:\install.res.3082.dll
[06/11/2013 - 13:55:00 | D ] F:\MOVIES
[25/10/2012 - 18:33:42 | SHD ] F:\RECYCLER
[16/08/2013 - 13:08:02 | D ] F:\scscsc
[22/11/2013 - 18:15:24 | D ] F:\SolidWorks
[10/10/2013 - 22:52:51 | D ] F:\Splinter Cell all books English + bonus
[28/10/2012 - 21:40:09 | SHD ] F:\System Volume Information
[19/12/2013 - 10:13:51 | D ] F:\Tzar The Burden of the Crown 2.0.0.8
[07/11/2007 - 07:00:40 | N | 5686] F:\vcredist.bmp
[07/11/2007 - 07:09:22 | N | 1442522] F:\VC_RED.cab
[07/11/2007 - 07:12:28 | N | 232960] F:\VC_RED.MSI
[10/01/2014 - 20:38:57 | D ] F:\Worakls - Discographie
[26/12/2013 - 21:43:40 | D ] F:\[www.Cpasbien.com] Doctor.Who.2005.S06E02.FRENCH.LD.BDRiP.XViD-EPZ
[01/06/2013 - 14:31:17 | D ] F:\ 
[17/09/2013 - 23:13:56 | D ] F:\ŠKOLA
[31/12/2013 - 21:51:21 | SHD ] G:\$RECYCLE.BIN
[14/02/2013 - 16:47:35 | D ] G:\750
[01/06/2013 - 15:09:03 | N | 193024] G:\binkw32.dll
[07/07/2013 - 20:20:25 | D ] G:\Config.Msi
[14/10/2013 - 20:48:46 | D ] G:\GAMES
[02/07/2013 - 11:44:38 | D ] G:\GAMES INSTAL
[16/08/2013 - 13:11:03 | D ] G:\ho ho ho
[09/01/2013 - 20:50:47 | N | 327672268] G:\Hobit,-mluvene-slovo.rar
[24/12/2013 - 01:27:23 | D ] G:\HUDBA
[27/02/2013 - 21:02:48 | N | 75935224] G:\Metro-2033-čeština.exe
[03/11/2013 - 19:33:24 | D ] G:\MOVIES_G
[01/12/2006 - 23:37:14 | N | 904704] G:\msdia80.dll
[01/07/2013 - 06:47:18 | D ] G:\msdownld.tmp
[29/10/2012 - 18:15:11 | RHD ] G:\MSOCache
[08/12/2012 - 23:41:31 | D ] G:\Nová složka
[13/12/2012 - 23:06:23 | N | 2427447] G:\OGLauncher.zip
[03/11/2013 - 19:36:48 | D ] G:\PICTURES
[29/10/2012 - 18:14:19 | SHD ] G:\System Volume Information
[20/12/2012 - 19:21:11 | N | 33597888] G:\TeamSpeak3-Client-win64-3.0.9.2.exe
[09/12/2012 - 17:00:29 | D ] G:\text
[11/01/2013 - 00:57:06 | D ] G:\The Animatrix
[09/10/2013 - 20:46:25 | D ] G:\ČTIVO
[25/11/2013 - 16:33:56 | D ] J:\BM
[16/12/2013 - 16:30:47 | D ] J:\FYZ prednasky
[07/01/2014 - 12:55:25 | D ] J:\interiér
[10/12/2013 - 21:16:12 | SHD ] J:\System Volume Information

################## | Vaccin |

C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
E:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
F:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
G:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
J:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)

################## | E.O.F | http://www.sosvirus.net |

[vyosek]

Dejte log dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100

[imperratorr]

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-01-2014 02
Ran by Rendor (administrator) on NIX on 17-01-2014 20:21:43
Running from C:\Users\Rendor\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(NirSoft) C:\Program Files (x86)\NirSoft\Volumouse\volumouse.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Perfect World Entertainment Inc) F:\GAMES\NW\Arc\Arc.exe
(Peter Pawlowski) C:\foobar2000\foobar2000.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [9577680 2012-11-08] (COMODO)
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5119600 2012-05-11] (VIA)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641664 2012-04-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] - C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [10752 2012-02-20] ()
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-11-27] (AVAST Software)
HKLM-x32\...\Run: [Arc] - F:\GAMES\NW\Arc\ArcLauncher.exe [129384 2013-10-10] (Perfect World Entertainment)
HKCU\...\Run: [$Volumouse$] - C:\Program Files (x86)\NirSoft\Volumouse\volumouse.exe [33280 2009-08-05] (NirSoft)
HKCU\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\guard64.dll [390392 2012-11-08] (COMODO)
AppInit_DLLs-x32: C:\Windows\SysWOW64\guard32.dll [301264 2012-11-08] (COMODO)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_search_url = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_page_url = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages =
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - ${searchCLSID} URL = http://search.live.com/results.aspx?q={ ... rer:source?}
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: ArcPluginIEBHO Class - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - F:\GAMES\NW\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 195.178.72.150

FireFox:
========
FF ProfilePath: C:\Users\Rendor\AppData\Roaming\Mozilla\Firefox\Profiles\nph6igpq.default
FF Homepage: google.com
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin - F:\GAMES\NW\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Adblock Plus - C:\Users\Rendor\AppData\Roaming\Mozilla\Firefox\Profiles\nph6igpq.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-06-30]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-06-30]

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-04-05] (Advanced Micro Devices, Inc.)
S3 ArcService; F:\GAMES\NW\Arc\ArcService.exe [88424 2013-10-10] (Perfect World Entertainment Inc)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-11-27] (AVAST Software)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2828408 2012-11-08] (COMODO)
S3 CoordinatorServiceHost; F:\SolidWorks\SolidWorks\swScheduler\DTSCoordinatorService.exe [87336 2010-10-05] (Dassault Systèmes SolidWorks Corp.)
R2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] ()
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-11] ()
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-05-04] (VIA Technologies, Inc.)

==================== Drivers (Whitelisted) ====================

S3 AODDriver; C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys [52280 2010-03-12] (Advanced Micro Devices)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-11-27] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-11-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-11-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-11-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-11-27] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-11-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-11-27] ()
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [584056 2012-11-08] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [38144 2012-11-08] (COMODO)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-07-01] (DT Soft Ltd)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-12-16] ()
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [94288 2012-11-08] (COMODO)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-17 20:21 - 2014-01-17 20:22 - 00010831 _____ C:\Users\Rendor\Desktop\FRST.txt
2014-01-17 20:21 - 2014-01-17 20:21 - 00000000 ____D C:\FRST
2014-01-17 20:03 - 2014-01-17 20:03 - 02075648 _____ (Farbar) C:\Users\Rendor\Desktop\FRST64.exe
2014-01-16 17:45 - 2014-01-16 17:55 - 00013162 _____ C:\UsbFix [Clean 1] NIX.txt
2014-01-16 17:44 - 2014-01-16 17:47 - 00000000 ____D C:\UsbFix
2014-01-16 17:42 - 2014-01-16 17:42 - 01144875 _____ (El Desaparecido - SosVirus.net) C:\Users\Rendor\Desktop\UsbFix.exe
2014-01-16 17:09 - 2014-01-16 17:10 - 00000000 ____D C:\rsit
2014-01-16 17:09 - 2014-01-16 17:10 - 00000000 ____D C:\Program Files\trend micro
2014-01-16 17:04 - 2014-01-16 17:04 - 00935175 _____ C:\Users\Rendor\Desktop\RSITx64.exe
2014-01-16 11:55 - 2014-01-16 11:55 - 00921000 _____ (Oracle Corporation) C:\Users\Rendor\Desktop\jxpiinstall.exe
2014-01-09 14:21 - 2014-01-17 19:53 - 00002688 _____ C:\Windows\setupact.log
2014-01-09 14:21 - 2014-01-09 14:21 - 00000000 _____ C:\Windows\setuperr.log
2014-01-03 13:17 - 2014-01-06 20:21 - 00000000 ____D C:\Users\Rendor\Desktop\Nová složka
2014-01-03 13:14 - 2014-01-03 13:15 - 00000085 _____ C:\Users\Rendor\Desktop\Nový textový dokument (2).txt
2014-01-02 14:42 - 2014-01-17 19:56 - 00243728 _____ C:\Windows\WindowsUpdate.log
2013-12-26 14:11 - 2013-12-26 14:11 - 00000219 _____ C:\Users\Rendor\Desktop\Left 4 Dead 2.url
2013-12-26 14:11 - 2013-12-26 14:11 - 00000000 ____D C:\Users\Rendor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-12-23 13:25 - 2013-12-23 13:25 - 01476657 _____ C:\Users\Rendor\Desktop\facebook-Rendor.zip
2013-12-23 13:25 - 2013-12-23 13:25 - 00000000 ____D C:\Users\Rendor\Desktop\facebook-Rendor
2013-12-19 10:14 - 2013-12-19 10:14 - 00000000 ____D C:\Users\Rendor\Documents\Tzar - The Burden Of The Crown
2013-12-18 10:59 - 2013-12-18 11:01 - 31531520 _____ C:\Users\Rendor\Documents\Prostor.ppt
2013-12-18 10:59 - 2013-12-18 10:59 - 16338432 _____ C:\Users\Rendor\Documents\Bytový-interiér.ppt

==================== One Month Modified Files and Folders =======

2014-01-17 20:22 - 2014-01-17 20:21 - 00010831 _____ C:\Users\Rendor\Desktop\FRST.txt
2014-01-17 20:21 - 2014-01-17 20:21 - 00000000 ____D C:\FRST
2014-01-17 20:03 - 2014-01-17 20:03 - 02075648 _____ (Farbar) C:\Users\Rendor\Desktop\FRST64.exe
2014-01-17 20:00 - 2009-07-14 05:45 - 00031088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-17 20:00 - 2009-07-14 05:45 - 00031088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-17 19:59 - 2011-04-12 09:34 - 00631054 _____ C:\Windows\system32\perfh005.dat
2014-01-17 19:59 - 2011-04-12 09:34 - 00121708 _____ C:\Windows\system32\perfc005.dat
2014-01-17 19:59 - 2009-07-14 06:13 - 01470062 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-17 19:56 - 2014-01-02 14:42 - 00243728 _____ C:\Windows\WindowsUpdate.log
2014-01-17 19:53 - 2014-01-09 14:21 - 00002688 _____ C:\Windows\setupact.log
2014-01-17 19:53 - 2013-06-30 14:29 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-01-17 19:53 - 2013-06-30 14:18 - 00000144 _____ C:\service.log
2014-01-17 19:53 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-16 17:55 - 2014-01-16 17:45 - 00013162 _____ C:\UsbFix [Clean 1] NIX.txt
2014-01-16 17:47 - 2014-01-16 17:44 - 00000000 ____D C:\UsbFix
2014-01-16 17:42 - 2014-01-16 17:42 - 01144875 _____ (El Desaparecido - SosVirus.net) C:\Users\Rendor\Desktop\UsbFix.exe
2014-01-16 17:10 - 2014-01-16 17:09 - 00000000 ____D C:\rsit
2014-01-16 17:10 - 2014-01-16 17:09 - 00000000 ____D C:\Program Files\trend micro
2014-01-16 17:08 - 2013-06-30 15:04 - 00000000 ____D C:\foobar2000
2014-01-16 17:04 - 2014-01-16 17:04 - 00935175 _____ C:\Users\Rendor\Desktop\RSITx64.exe
2014-01-16 11:56 - 2013-09-29 22:14 - 00000000 ____D C:\ProgramData\Oracle
2014-01-16 11:55 - 2014-01-16 11:55 - 00921000 _____ (Oracle Corporation) C:\Users\Rendor\Desktop\jxpiinstall.exe
2014-01-16 11:47 - 2013-06-30 14:38 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-14 19:29 - 2009-07-14 06:08 - 00032552 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-10 20:47 - 2013-07-07 16:45 - 00000000 ____D C:\Users\Rendor\AppData\Roaming\uTorrent
2014-01-10 11:07 - 2013-06-30 21:43 - 00000000 ____D C:\Users\Rendor\AppData\Roaming\Media Player Classic
2014-01-09 14:21 - 2014-01-09 14:21 - 00000000 _____ C:\Windows\setuperr.log
2014-01-07 12:02 - 2013-10-28 16:56 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-06 20:21 - 2014-01-03 13:17 - 00000000 ____D C:\Users\Rendor\Desktop\Nová složka
2014-01-06 20:21 - 2013-11-27 18:45 - 00000000 ____D C:\Users\Rendor\Desktop\txt
2014-01-06 20:21 - 2013-06-30 14:05 - 00000000 ____D C:\Users\Rendor
2014-01-03 15:36 - 2013-08-18 13:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-03 13:15 - 2014-01-03 13:14 - 00000085 _____ C:\Users\Rendor\Desktop\Nový textový dokument (2).txt
2014-01-01 15:43 - 2013-12-01 18:27 - 00000000 ____D C:\Windows\Minidump
2014-01-01 15:43 - 2013-08-13 12:15 - 00000000 ____D C:\Program Files (x86)\Steam
2013-12-31 21:55 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2013-12-26 14:11 - 2013-12-26 14:11 - 00000219 _____ C:\Users\Rendor\Desktop\Left 4 Dead 2.url
2013-12-26 14:11 - 2013-12-26 14:11 - 00000000 ____D C:\Users\Rendor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-12-26 14:00 - 2013-12-07 17:25 - 00000027 _____ C:\Users\Rendor\Desktop\Nový textový dokument.txt
2013-12-24 01:29 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-12-22 01:10 - 2013-12-14 20:47 - 00007620 _____ C:\Users\Rendor\AppData\Local\Resmon.ResmonCfg
2013-12-21 12:49 - 2013-11-27 18:46 - 00000000 ___RD C:\Users\Rendor\Desktop\ 
2013-12-19 10:14 - 2013-12-19 10:14 - 00000000 ____D C:\Users\Rendor\Documents\Tzar - The Burden Of The Crown
2013-12-18 11:01 - 2013-12-18 10:59 - 31531520 _____ C:\Users\Rendor\Documents\Prostor.ppt
2013-12-18 10:59 - 2013-12-18 10:59 - 16338432 _____ C:\Users\Rendor\Documents\Bytový-interiér.ppt

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-31 13:01

==================== End Of Log ============================

[vyosek]

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
  HKCU\Software\Microsoft\Internet Explorer\Main,Default_search_url = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
  HKCU\Software\Microsoft\Internet Explorer\Main,Default_page_url = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
  HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
  HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
  HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
  HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm
  HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = 
  StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
  SearchScopes: HKCU - ${searchCLSID} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
  
  2014-01-16 17:45 - 2014-01-16 17:55 - 00013162 _____ C:\UsbFix [Clean 1] NIX.txt
  2014-01-16 17:44 - 2014-01-16 17:47 - 00000000 ____D C:\UsbFix
  2014-01-16 17:42 - 2014-01-16 17:42 - 01144875 _____ (El Desaparecido - SosVirus.net) C:\Users\Rendor\Desktop\UsbFix.exe
  
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\20131121" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard" /f
  
  Hosts:
  
  End

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[imperratorr]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-01-2014 02
Ran by Rendor at 2014-01-17 21:20:10 Run:1
Running from C:\Users\Rendor\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_search_url = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_page_url = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages =
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - ${searchCLSID} URL = http://search.live.com/results.aspx?q={ ... rer:source?}

2014-01-16 17:45 - 2014-01-16 17:55 - 00013162 _____ C:\UsbFix [Clean 1] NIX.txt
2014-01-16 17:44 - 2014-01-16 17:47 - 00000000 ____D C:\UsbFix
2014-01-16 17:42 - 2014-01-16 17:42 - 01144875 _____ (El Desaparecido - SosVirus.net) C:\Users\Rendor\Desktop\UsbFix.exe

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\20131121" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard" /f

Hosts:

End
*****************

HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search bar => Value deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Secondary Start Pages => Value deleted successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\${searchCLSID} => Key deleted successfully.
HKCR\CLSID\${searchCLSID} => Key not found.
C:\UsbFix [Clean 1] NIX.txt => Moved successfully.
C:\UsbFix => Moved successfully.
C:\Users\Rendor\Desktop\UsbFix.exe => Moved successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\20131121" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

==== End of Fixlog ====

[vyosek]

Jak se chova PC??

[imperratorr]

flashka už zobrazuje obsah a ani známka problému.
Děkuji

[vyosek]

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel èistiè

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse