avast!Free opakovaně hlásí rootkity

Zpráva

Hamil · #1 Příspěvek od **Hamil** » 15 led 2014 07:40

Dobrý den,
avast!Free při kontrolách opakovaně hlásí, že nalezl rootkity
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\Users\Ing. Radek Houda\AppData\Local\Temp\CRX_DF399A9B283A\ChromeRecovery.exe [L] Rootkit: hidden file (0)
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\Users\Ing. Radek Houda\AppData\Local\Temp\CRX_DF399A9B283A\GoogleUpdateSetup.exe [L] Rootkit: hidden file (0)
Nabídne akci Smazat po příštím restartu. Počítač ihned po antivirové kontrole restartuji. Avšak druhý den při kontrole hlásí avast stejný nález.
Prosím o radu co s tím. Předem děkuji.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Ing. Radek Houda at 2014-01-15 07:20:33
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 115 GB (58%) free of 200 GB
Total RAM: 3327 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:20:44, on 15.1.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Ing. Radek Houda\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\SimStream client\UI\Mediaresearch.SimStream.Client.Win.UI.exe
C:\Program Files\Spyware Terminator\st_rsser.exe
C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Ing. Radek Houda\Searches\Downloads\RSIT.exe
C:\Program Files\trend micro\Ing. Radek Houda.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - (no file)
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Ing. Radek Houda\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SkyDrive] "C:\Users\Ing. Radek Houda\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_81C94577406AFE2423AB30497B98317B] "C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Ing. Radek Houda\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ing. Radek Houda\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Ing. Radek Houda\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ing. Radek Houda\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Ing. Radek Houda\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ing. Radek Houda\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Ing. Radek Houda\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ing. Radek Houda\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1101881980-2868113236-2782137678-1004\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1101881980-2868113236-2782137678-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: SimStream client.lnk = C:\Program Files\SimStream client\UI\Mediaresearch.SimStream.Client.Win.UI.exe
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - (no file)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Program Files\Nero\Nero BackItUp 4\IoctlSvc.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files\Spyware Terminator\st_rsser.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: vToolbarUpdater15.1.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.1.0\ToolbarUpdater.exe

--
End of file - 12911 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1101881980-2868113236-2782137678-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1101881980-2868113236-2782137678-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Ing. Radek Houda\AppData\Roaming\Mozilla\Firefox\Profiles\2yblxzbl.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.google.cz/"
prefs.js - "extensions.enabledItems" - "helperbar@helperbar.com:1.0, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, xmlfiller@software602.cz:3.16.1, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"avg@toolbar"=C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\15.1.0.2
"{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.1.0\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader Peppe rFlash Video Shim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51]
"Description"=RealPlayer Download Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprpplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@realnetworks.com/npdlplugin;version=1]
"Description"=RealDownloader Plugin
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdjvu.dll
nppdf32.dll
nppl3260.dll
nppl3260.xpt
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
nprpplugin.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
safeguard-secure-search.xml
yahoo.xml

C:\Users\Ing. Radek Houda\AppData\Roaming\Mozilla\Firefox\Profiles\2yblxzbl.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\Ing. Radek Houda\AppData\Roaming\Mozilla\Firefox\Profiles\2yblxzbl.default\searchplugins\
ashampoo-us-customized-web-search.xml
babylon.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealNetworks Download and Record Plugin for Internet Explorer - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14 542376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-11-07 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-06 1138536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-15 194128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14 4531320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-11-07 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{ae07101b-46d4-4a98-af68-0333ea26e113}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-15 194128]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-06 1138536]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-01-06 3764024]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"=C:\Program Files\Google\Drive\googledrivesync.exe [2013-12-06 20203904]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2013-01-18 39408]
"Google Update"=C:\Users\Ing. Radek Houda\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-08 136176]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"SkyDrive"=C:\Users\Ing. Radek Houda\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [2013-08-14 257136]
""= []
"GoogleChromeAutoLaunch_81C94577406AFE2423AB30497B98317B"=C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\Application\chrome.exe [2014-01-11 866584]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Ing. Radek Houda\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112"=C:\Windows\system32\cmd.exe [2010-11-20 302592]
"Uninstall C:\Users\Ing. Radek Houda\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314"=C:\Windows\system32\cmd.exe [2010-11-20 302592]
"Uninstall C:\Users\Ing. Radek Houda\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530"=C:\Windows\system32\cmd.exe [2010-11-20 302592]
"Uninstall C:\Users\Ing. Radek Houda\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627"=C:\Windows\system32\cmd.exe [2010-11-20 302592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Aware Browsing Protection]
C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [2013-10-02 1090912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2013-05-01 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorShield]
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2012-09-07 2777296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdater]
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2013-04-03 3684488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
c:\program files\real\realplayer\Update\realsched.exe [2013-11-12 295512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
C:\Program Files\Unlocker\UnlockerAssistant.exe [2010-07-04 17408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Ing. Radek Houda^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Ing. Radek Houda^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
SimStream client.lnk - C:\Program Files\SimStream client\UI\Mediaresearch.SimStream.Client.Win.UI.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"VIDC.FMVC"=fmcodec.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-01-15 07:20:34 ----D---- C:\Program Files\trend micro
2014-01-15 07:20:33 ----D---- C:\rsit
2014-01-14 01:05:13 ----A---- C:\Windows\system32\drivers\sp_rsdrv2.sys
2014-01-06 18:36:02 ----A---- C:\Windows\system32\drivers\aswstm.sys
2013-12-26 21:11:20 ----D---- C:\LG_VDR
2013-12-20 15:45:20 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2014-01-15 07:20:39 ----D---- C:\Windows\Temp
2014-01-15 07:20:34 ----RD---- C:\Program Files
2014-01-15 07:14:23 ----D---- C:\Windows\system32\config
2014-01-15 06:56:56 ----D---- C:\Windows\system32\Tasks
2014-01-15 06:55:00 ----D---- C:\ProgramData\NVIDIA
2014-01-14 13:08:59 ----D---- C:\Windows\Prefetch
2014-01-14 07:14:44 ----SHD---- C:\System Volume Information
2014-01-14 01:05:13 ----D---- C:\Windows\system32\drivers
2014-01-10 11:50:06 ----RSD---- C:\Windows\Fonts
2014-01-09 09:18:33 ----D---- C:\Program Files\CCleaner
2014-01-09 07:31:01 ----D---- C:\ProgramData\Spyware Terminator
2014-01-06 18:35:40 ----D---- C:\Windows
2014-01-06 18:35:18 ----A---- C:\Windows\system32\aswBoot.exe
2014-01-03 13:41:50 ----D---- C:\Windows\system32\catroot2
2014-01-02 08:15:39 ----RD---- C:\Users
2014-01-01 20:38:27 ----D---- C:\Windows\System32
2014-01-01 20:38:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-01-01 20:38:26 ----D---- C:\Windows\inf
2013-12-31 09:21:19 ----D---- C:\Users\Ing. Radek Houda\AppData\Roaming\doublecmd
2013-12-29 18:55:12 ----D---- C:\Windows\system32\wdi
2013-12-28 20:19:07 ----SHD---- C:\$Recycle.Bin
2013-12-28 17:33:34 ----D---- C:\Users\Ing. Radek Houda\AppData\Roaming\Mp3tag
2013-12-28 17:26:11 ----D---- C:\Program Files\Mp3tag
2013-12-26 21:10:41 ----D---- C:\ProgramData\DVD Shrink
2013-12-26 08:16:16 ----D---- C:\Windows\system32\NDF
2013-12-21 20:54:45 ----HD---- C:\Config.Msi
2013-12-21 20:46:53 ----SHD---- C:\Windows\Installer
2013-12-21 19:04:44 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-12-18 07:23:00 ----D---- C:\Windows\system32\FxsTmp

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-11-26 49944]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-01-06 180248]
R0 gfibto;gfibto; C:\Windows\system32\drivers\gfibto.sys [2013-05-03 13560]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2008-07-04 44944]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2013-05-02 21576]
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2013-11-26 79720]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2014-01-06 775952]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2014-01-06 410528]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2013-05-04 34592]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2011-06-21 32768]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2014-01-06 67824]
R3 aswStm;aswStm; \??\C:\Windows\system32\drivers\aswStm.sys [2014-01-06 64168]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2011-06-27 2191872]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-10-06 2779104]
R3 nuviocir;Nuvoton W836x7HG CIR Device Driver; C:\Windows\system32\DRIVERS\nuviocir_win7_x86.sys [2009-06-26 29696]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2013-10-27 161056]
R3 NVNET;NVIDIA nForce Ethernet Driver; C:\Windows\system32\DRIVERS\nvmf6232.sys [2010-08-12 298216]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2009-06-28 17920]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 16384]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 39272]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2013-01-23 18560]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2013-01-23 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2013-01-23 137600]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-13 347264]
S3 PAC7302;Eye 312; C:\Windows\system32\DRIVERS\PAC7302.SYS [2009-04-28 461824]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-10-17 19072]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2009-12-12 25984]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2013-01-23 8192]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2013-01-23 8192]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-01-06 50344]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [2009-07-23 387616]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-12-05 935208]
R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [2009-07-23 178720]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-10-23 664352]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-10-27 1364256]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Program Files\Nero\Nero BackItUp 4\IoctlSvc.exe [2008-12-05 81920]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe [2011-08-24 430136]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files\Spyware Terminator\st_rsser.exe [2012-09-07 587472]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-23 414496]
R2 vToolbarUpdater15.1.0;vToolbarUpdater15.1.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.1.0\ToolbarUpdater.exe [2013-05-04 1008816]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-04-10 136176]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-08-14 39056]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-06-21 162408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-04-10 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-01-18 194032]
S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 108032]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-20 119408]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-07-07 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 15 led 2014 10:50

Zdravim

Odinstalujte Spyware Terminator - uz davno neni co byval

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Stahnete aswMBR http://public.avast.com/%7Egmerek/aswMBR.exe a ulozte jej na plochu.

Utilitu spustte a prikazte ji, at skenuje - klik na Scan
Kliknutim na Save log ulozte log aswMBR na plochu
Obsah logu aswMBR mi sem vlozte

Hamil · #3 Příspěvek od **Hamil** » 15 led 2014 14:45

Níže jsou logy z AdwCleaner a aswMBR.
Brzy po spuštění programu aswMBR se skenování zastavilo na "Disk 0 trace - called modules:", za nějakou chvíli naskočila modrá obrazovka, hlášky na ní jsem nestačil zaregistrovat a počítač se restartoval. Po naběhnutí Windows jsem spustil aswMBR znovu a tentokrát skenování proběhlo. Log je z druhého, dokončeného skenování. Z toho prvního log není.

# AdwCleaner v3.017 - Report created 15/01/2014 at 11:31:27
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Ing. Radek Houda - HOUDA
# Running from : C:\Users\Ing. Radek Houda\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\blekko toolbars
Folder Deleted : C:\Program Files\adawaretb
Folder Deleted : C:\Program Files\Toolbar Cleaner
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Users\Ing. Radek Houda\AppData\Local\Conduit
Folder Deleted : C:\Users\Ing. Radek Houda\AppData\Local\PackageAware
Folder Deleted : C:\Users\Ing. Radek Houda\AppData\LocalLow\adawaretb
Folder Deleted : C:\Users\Ing. Radek Houda\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Ing. Radek Houda\AppData\Roaming\BabSolution
Folder Deleted : C:\Users\Ing. Radek Houda\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Ing. Radek Houda\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Ing. Radek Houda\AppData\Roaming\Mozilla\Firefox\Profiles\2yblxzbl.default\adawaretb
File Deleted : C:\END
File Deleted : C:\Users\Ing. Radek Houda\AppData\Roaming\Mozilla\Firefox\Profiles\2yblxzbl.default\bProtector_extensions.rdf
File Deleted : C:\Users\Ing. Radek Houda\AppData\Roaming\Mozilla\Firefox\Profiles\2yblxzbl.default\searchplugins\Babylon.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\safeguard-secure-search.xml
File Deleted : C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage
File Deleted : C:\Windows\System32\Tasks\EPUpdater

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{926C2F0A-F80C-4B0D-BE17-B538F988AB7A}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{926C2F0A-F80C-4B0D-BE17-B538F988AB7A}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\adawaretb
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Toolbar Cleaner
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v26.0 (cs)

[ File : C:\Users\Ing. Radek Houda\AppData\Roaming\Mozilla\Firefox\Profiles\2yblxzbl.default\prefs.js ]

Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2481032&SearchSource=13&CUI=SB_CUI");
Line Deleted : user_pref("Smartbar.ConduitSearchEngineList", "Ashampoo US Customized Web Search");
Line Deleted : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481032&SearchSource=2&q=");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=302398&p=");
Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT2481032");
Line Deleted : user_pref("extensions.enabledItems", "helperbar@helperbar.com:1.0,{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21,xmlfiller@software602.cz:3.16.1,{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22,{CAFEEFAC-[...]

-\\ Google Chrome v

[ File : C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [8849 octets] - [15/01/2014 11:29:01]
AdwCleaner[S0].txt - [8945 octets] - [15/01/2014 11:31:27]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9005 octets] ##########

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-01-15 11:53:34
-----------------------------
11:53:34.148 OS Version: Windows 6.1.7601 Service Pack 1
11:53:34.148 Number of processors: 4 586 0x1C02
11:53:34.148 ComputerName: HOUDA UserName:
11:53:37.633 Initialize success
11:53:41.383 AVAST engine defs: 14011401
11:54:05.776 The log file has been saved successfully to "C:\Users\Ing. Radek Houda\Desktop\aswMBR.txt"
11:54:25.350 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
11:54:25.366 Disk 0 Vendor: ST9500420AS 0002SDM1 Size: 476940MB BusType: 3
11:54:25.491 Disk 0 MBR read successfully
11:54:25.491 Disk 0 MBR scan
11:54:25.506 Disk 0 unknown MBR code
11:54:25.522 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
11:54:25.538 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 199899 MB offset 206848
11:54:25.569 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 190858 MB offset 409600000
11:54:25.584 Disk 0 Partition - 00 05 Extended 86080 MB offset 800479230
11:54:25.631 Disk 0 Partition 4 00 83 Linux 82754 MB offset 800479232
11:54:25.647 Disk 0 Partition - 00 05 Extended 3326 MB offset 969959424
11:54:25.694 Disk 0 scanning sectors +976771072
11:54:25.803 Disk 0 scanning C:\Windows\system32\drivers
11:54:40.934 Service scanning
11:55:09.513 Modules scanning
11:55:21.274 Disk 0 trace - called modules:
11:55:21.305 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
11:55:21.321 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8668d030]
11:55:21.352 3 CLASSPNP.SYS[8ce6059e] -> nt!IofCallDriver -> [0x8655c918]
11:55:21.368 5 ACPI.sys[8c6613d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x86511030]
11:55:22.415 AVAST engine scan C:\Windows
11:55:24.274 AVAST engine scan C:\Windows\system32
11:59:01.362 AVAST engine scan C:\Windows\system32\drivers
11:59:22.343 AVAST engine scan C:\Users\Ing. Radek Houda
13:24:08.317 AVAST engine scan C:\ProgramData
13:39:47.431 Scan finished successfully
14:31:42.689 Disk 0 MBR has been saved successfully to "C:\Users\Ing. Radek Houda\Desktop\MBR.dat"
14:31:42.706 The log file has been saved successfully to "C:\Users\Ing. Radek Houda\Desktop\aswMBR.txt"

#4 Příspěvek od **vyosek** » 15 led 2014 16:29

Poprosim o log dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100

Hamil · #5 Příspěvek od **Hamil** » 15 led 2014 17:07

Addition.zip: (4.91 KiB) Staženo 41 x

Děkuji za rychlou reakci. Přikládám Adition.zip a zde je log:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-01-2014 01
Ran by Ing. Radek Houda (administrator) on HOUDA on 15-01-2014 16:51:29
Running from C:\Users\Ing. Radek Houda\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
(Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Prolific Technology Inc.) C:\Program Files\Nero\Nero BackItUp 4\IoctlSvc.exe
(Sony Corporation) C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Users\Ing. Radek Houda\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Google Inc.) C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\Application\chrome.exe
(Mediaresearch a.s.) C:\Program Files\SimStream client\UI\Mediaresearch.SimStream.Client.Win.UI.exe
(Google Inc.) C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\Ing. Radek Houda\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-06] (AVAST Software)
HKCU\...\Run: [GoogleDriveSync] - C:\Program Files\Google\Drive\googledrivesync.exe [20203904 2013-12-06] (Google)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-01-18] (Google Inc.)
HKCU\...\Run: [Google Update] - C:\Users\Ing. Radek Houda\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-06-08] (Google Inc.)
HKCU\...\Run: [SkyDrive] - C:\Users\Ing. Radek Houda\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136 2013-08-14] (Microsoft Corporation)
HKCU\...\Run: [] - [x]
HKCU\...\Run: [GoogleChromeAutoLaunch_81C94577406AFE2423AB30497B98317B] - C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\Application\chrome.exe [866584 2014-01-11] (Google Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4D11669D4320CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
URLSearchHook: HKLM - (No Name) - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - No File
URLSearchHook: HKCU - (No Name) - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {52BB61EF-2325-4602-A19C-7741E9DB71E7} URL = http://www.google.cz/search?q={searchTe ... NI_csCZ519
SearchScopes: HKCU - {33F54BC3-9695-42C6-ABDB-4CEBCDC7ABCF} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
SearchScopes: HKCU - {52BB61EF-2325-4602-A19C-7741E9DB71E7} URL = http://www.google.cz/search?q={searchTe ... NI_csCZ519
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {124D001A-BDCB-472F-AA59-BBE7E4BC3204} - No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Winsock: Catalog9 02 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Winsock: Catalog9 03 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Winsock: Catalog9 04 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Winsock: Catalog9 05 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Winsock: Catalog9 06 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Winsock: Catalog9 17 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Winsock: Catalog9 18 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Tcpip\Parameters: [DhcpNameServer] 10.4.188.1 88.83.187.1

FireFox:
========
FF ProfilePath: C:\Users\Ing. Radek Houda\AppData\Roaming\Mozilla\Firefox\Profiles\2yblxzbl.default
FF NewTab: about:blank
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF Homepage: https://www.google.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Ing. Radek Houda\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Ing. Radek Houda\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Ing. Radek Houda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdjvu.dll (Caminova, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF SearchPlugin: C:\Users\Ing. Radek Houda\AppData\Roaming\Mozilla\Firefox\Profiles\2yblxzbl.default\searchplugins\ashampoo-us-customized-web-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Seznam lištička - C:\Users\Ing. Radek Houda\AppData\Roaming\Mozilla\Firefox\Profiles\2yblxzbl.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2013-03-29]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-20]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-20]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-05-04]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-11-12]

Chrome:
=======
CHR HomePage: hxxp://www.google.cz/
CHR Plugin: (Shockwave Flash) - C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\Application\32.0.1700.76\pdf.dll ()
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (DjVu Plugin Viewer) - C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\Application\plugins\npdjvu.dll (Caminova, Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Java(TM) Platform SE 7 U45) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Nokia Suite Enabler Plugin) - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
CHR Plugin: (Unity Player) - C:\Users\Ing. Radek Houda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Google Update) - C:\Users\Ing. Radek Houda\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.110.21) - C:\Windows\system32\npDeployJava1.dll No File
CHR Extension: (HP Product Detection Plugin) - C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelbknmfcacjffmgnoaaonhgoghlmlkp\2.0.5.6_0 [2013-10-29]
CHR Extension: (Google Docs) - C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 [2013-01-31]
CHR Extension: (Google Drive) - C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 [2012-12-02]
CHR Extension: (Seznam Li\u0161ti\u010Dka - Email) - C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig\1.3.13_0 [2013-03-08]
CHR Extension: (YouTube) - C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 [2013-04-11]
CHR Extension: (Google Search) - C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 [2013-03-28]
CHR Extension: (PageRank Fast) - C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\User Data\Default\Extensions\imboecihmboiphcjjnnbganojpoeeemh\2.2_0 [2013-02-24]
CHR Extension: (Tag Assistant (by Google)) - C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\User Data\Default\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk\0.9.52_0 [2014-01-13]
CHR Extension: (Google Wallet) - C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1 [2014-01-14]
CHR Extension: (Collabim) - C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\User Data\Default\Extensions\oinjknlpcckmnnjpodcifmifeghabelo\0.5.5_0 [2013-09-30]
CHR Extension: (Seznam Li\u0161ti\u010Dka - Rychl\u00E1 volba) - C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak\1.5.14_0 [2013-03-15]
CHR Extension: (Google Publisher Toolbar) - C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\User Data\Default\Extensions\omioeahgfecgfpfldejlnideemfidnkc\4.2.1_0 [2014-01-13]
CHR Extension: (Gmail) - C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 [2012-11-09]
CHR HKLM\...\Chrome\Extension: [ggagiiobgjmfpdadhecbofeoelcpidec] - C:\Users\Ing. Radek Houda\AppData\Local\CRE\ggagiiobgjmfpdadhecbofeoelcpidec.crx [2012-12-01]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
CHR HKCU\...\Chrome\Extension: [ggagiiobgjmfpdadhecbofeoelcpidec] - C:\Users\Ing. Radek Houda\AppData\Local\CRE\ggagiiobgjmfpdadhecbofeoelcpidec.crx [2012-12-01]
CHR StartMenuInternet: Google Chrome - C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\Application\chrome.exe
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-06] (AVAST Software)
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [387616 2009-07-23] ()
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [178720 2009-07-23] ()
R2 PLFlash DeviceIoControl Service; C:\Program Files\Nero\Nero BackItUp 4\IoctlSvc.exe [81920 2008-12-05] (Prolific Technology Inc.)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
S2 vToolbarUpdater15.1.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.1.0\ToolbarUpdater.exe [x]

==================== Drivers (Whitelisted) ====================

R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21576 2013-05-02] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-01-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [79720 2013-11-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2013-11-26] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2014-01-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410528 2014-01-06] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [64168 2014-01-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [180248 2014-01-06] ()
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [34592 2013-05-04] (AVG Technologies)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [13560 2013-05-03] (GFI Software)
R3 nuviocir; C:\Windows\System32\DRIVERS\nuviocir_win7_x86.sys [29696 2009-06-26] (Nuvoton Technology Corp.)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [461824 2009-04-28] (PixArt Imaging Inc.)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [25984 2009-12-12] (The OpenVPN Project)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] ()

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-01-15 16:51 - 2014-01-15 16:52 - 00025970 _____ C:\Users\Ing. Radek Houda\Desktop\FRST.txt
2014-01-15 16:51 - 2014-01-15 16:51 - 00000000 ____D C:\FRST
2014-01-15 16:47 - 2014-01-15 16:47 - 00112640 _____ (forum.viry.cz) C:\Users\Ing. Radek Houda\Desktop\FRSTLauncher.exe
2014-01-15 16:36 - 2014-01-15 16:36 - 01220608 _____ (Farbar) C:\Users\Ing. Radek Houda\Desktop\FRST.exe
2014-01-15 14:31 - 2014-01-15 14:31 - 00002468 _____ C:\Users\Ing. Radek Houda\Desktop\aswMBR.txt
2014-01-15 14:31 - 2014-01-15 14:31 - 00000512 _____ C:\Users\Ing. Radek Houda\Desktop\MBR.dat
2014-01-15 11:45 - 2014-01-15 11:45 - 393071632 _____ C:\Windows\MEMORY.DMP
2014-01-15 11:45 - 2014-01-15 11:45 - 00154752 _____ C:\Windows\Minidump\011514-24703-01.dmp
2014-01-15 11:45 - 2014-01-15 11:45 - 00000000 ____D C:\Windows\Minidump
2014-01-15 11:37 - 2014-01-15 11:36 - 04745728 _____ (AVAST Software) C:\Users\Ing. Radek Houda\Desktop\aswMBR.exe
2014-01-15 11:28 - 2014-01-15 11:31 - 00000000 ____D C:\AdwCleaner
2014-01-15 11:28 - 2014-01-15 11:25 - 01236282 _____ C:\Users\Ing. Radek Houda\Desktop\adwcleaner.exe
2014-01-15 08:58 - 2014-01-15 08:59 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{EF2FD37E-6C9F-4CF6-95FD-2ED39DBF1499}
2014-01-15 07:45 - 2013-11-27 02:14 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 07:45 - 2013-11-27 02:13 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 07:45 - 2013-11-27 02:13 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 07:45 - 2013-11-27 02:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 07:45 - 2013-11-27 02:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 07:45 - 2013-11-27 02:13 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 07:45 - 2013-11-27 02:13 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 07:45 - 2013-11-26 12:11 - 00240576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 07:45 - 2013-11-26 11:10 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-15 07:20 - 2014-01-15 07:20 - 00000000 ____D C:\rsit
2014-01-15 07:20 - 2014-01-15 07:20 - 00000000 ____D C:\Program Files\trend micro
2014-01-14 20:58 - 2014-01-14 20:58 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{12F19A0A-0687-4EB3-8B08-E771DA5C8A82}
2014-01-14 08:50 - 2014-01-14 08:51 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{7526E567-73AF-402C-ADB6-1D7832AAC27D}
2014-01-14 01:05 - 2011-06-21 11:24 - 00032768 _____ C:\Windows\system32\Drivers\sp_rsdrv2.sys
2014-01-13 20:50 - 2014-01-13 20:50 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{6E3EAFFF-91DB-4B16-9A8E-A887BE7FEAEE}
2014-01-13 07:05 - 2014-01-13 07:06 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{FF3BD3C8-478C-435C-8914-2C903DB97784}
2014-01-12 14:20 - 2014-01-12 14:20 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{3DB39AA7-DC23-496E-8E0F-5C3012760F6D}
2014-01-11 10:44 - 2014-01-11 10:44 - 00005009 _____ C:\Users\Ing. Radek Houda\AppData\Local\recently-used.xbel
2014-01-11 10:19 - 2014-01-11 10:19 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{4A6DF6BC-34E5-43CD-A9F7-33ACF70C8286}
2014-01-10 21:04 - 2014-01-10 21:04 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{20B50A55-F346-47E4-83B0-986EDE85B4F4}
2014-01-10 08:55 - 2014-01-10 08:55 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{061C115E-C27A-40E2-95B5-A4AA16E1D25D}
2014-01-09 20:54 - 2014-01-09 20:55 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{F5E57E77-B526-4452-B328-2C19915B8D11}
2014-01-09 07:09 - 2014-01-09 07:09 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{827E0A96-FECB-4395-813C-D8178290C3C7}
2014-01-08 08:36 - 2014-01-08 08:36 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{38076CE0-F7F3-46E4-AAED-8DB7074A5CE5}
2014-01-07 20:36 - 2014-01-07 20:36 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{14BEBE9B-AE08-4CF5-84AC-2BE0CF554632}
2014-01-07 07:29 - 2014-01-07 07:30 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{4FBB7B8F-166D-4696-A3CD-9FFF3710A243}
2014-01-06 19:29 - 2014-01-06 19:29 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{A0C16DC0-2733-4BEF-B94E-E91B23AE1928}
2014-01-06 18:36 - 2014-01-06 18:36 - 00064168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-06 07:21 - 2014-01-06 07:21 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{94CD095C-22A9-484C-9A08-DCA2A0B5C6B8}
2014-01-05 09:34 - 2014-01-05 09:34 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{BC2A0211-B43A-4265-B0B8-057FF1E7A98F}
2014-01-04 16:07 - 2014-01-04 16:08 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{E8C59E55-0EC5-4E69-81C4-C062575F0685}
2014-01-03 21:09 - 2014-01-03 21:09 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{90334D3C-DBA5-42D1-B9C1-4BDE054D1313}
2014-01-03 08:56 - 2014-01-03 08:56 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{82A3899F-8492-4D0A-9C9E-C2B474E79C9C}
2014-01-02 20:56 - 2014-01-02 20:56 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{4ED7DCCA-D108-4911-8313-5B99C04D687D}
2014-01-02 08:17 - 2014-01-02 08:17 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{303F29C8-2D90-4038-8447-6B78DA4DBBBA}
2014-01-01 16:49 - 2014-01-01 16:49 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{3DB611B3-A6DC-4EB9-870C-1C315A80EB6D}
2013-12-31 08:51 - 2013-12-31 08:51 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{54CA3384-B6DE-478C-9E5C-9CA24C20DD6F}
2013-12-30 09:17 - 2013-12-30 09:17 - 00000996 _____ C:\Users\Ing. Radek Houda\Desktop\PSPad Editor.lnk
2013-12-30 07:42 - 2013-12-30 07:42 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{2E1D2472-94CC-4B01-9AB9-916F8CCF37C1}
2013-12-29 07:27 - 2013-12-29 07:27 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{FEF9097F-B700-494B-AEB9-3E145CBC5ED4}
2013-12-28 10:00 - 2013-12-28 10:00 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{8E46FF70-DAD3-492C-ACD9-844D4D94E4E6}
2013-12-27 08:36 - 2013-12-27 08:36 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{F8782F56-3E48-44DD-BE6D-4AF30DDCCCB6}
2013-12-26 21:11 - 2013-12-26 21:11 - 00000000 ____D C:\LG_VDR
2013-12-26 20:35 - 2013-12-26 20:35 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{93124A42-7566-447D-9ED6-D6189FA9629E}
2013-12-26 08:17 - 2013-12-26 08:17 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{1E395A1D-C99A-4E78-9FB0-0D5AB24A2A59}
2013-12-25 11:38 - 2013-12-25 11:39 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{B7E74B19-8581-4C10-AE1C-94652BDD7BB0}
2013-12-24 11:19 - 2013-12-24 11:19 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{A6C9BD3D-0225-4654-9E06-05C28D87C8B7}
2013-12-23 21:21 - 2013-12-23 21:21 - 00001013 _____ C:\Users\Ing. Radek Houda\Desktop\tipy-pro-podnikani-na-internetu.pdf – zástupce.lnk
2013-12-23 21:04 - 2013-12-23 21:05 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{C0A59794-FCF8-479C-8116-F3A96B707E52}
2013-12-22 21:39 - 2013-12-22 21:39 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{F9CAED9E-BD1B-4C12-A21D-E2930DC6AE26}
2013-12-21 20:29 - 2013-12-21 20:29 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{0770066C-0B3A-466E-83B0-625B44F65A69}
2013-12-20 19:11 - 2013-12-20 19:12 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{BB8476B9-C106-4B15-90FF-0022E8C7B1F1}
2013-12-20 15:45 - 2013-12-20 15:45 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-20 07:11 - 2013-12-20 07:11 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{5F6CF49B-7525-4436-8443-7CB8573464C0}
2013-12-19 19:10 - 2013-12-19 19:10 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{C8C94B8F-6C63-4E3E-B8A2-5143F8109C8B}
2013-12-19 07:09 - 2013-12-19 07:10 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{1B2FD20E-99AC-46E9-8E8F-39F7FE1F07C1}
2013-12-18 19:09 - 2013-12-18 19:09 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{72B533F1-EBA4-4BDF-9CF3-2343FDFF1A38}
2013-12-18 07:08 - 2013-12-18 07:09 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{6093C8BD-8E2D-490D-950F-641DA3FA1D15}
2013-12-17 10:13 - 2013-12-17 10:13 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{04C9A8C9-9694-4D5E-B470-9A60CF7B1E4B}
2013-12-16 16:21 - 2013-12-16 16:21 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{3CE1AA88-FD3B-40C9-9961-48C4945BA3D6}

==================== One Month Modified Files and Folders =======

2014-01-15 16:52 - 2014-01-15 16:51 - 00025970 _____ C:\Users\Ing. Radek Houda\Desktop\FRST.txt
2014-01-15 16:52 - 2011-04-10 20:21 - 00000960 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-15 16:51 - 2014-01-15 16:51 - 00000000 ____D C:\FRST
2014-01-15 16:51 - 2009-07-14 05:34 - 00018432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-15 16:51 - 2009-07-14 05:34 - 00018432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-15 16:47 - 2014-01-15 16:47 - 00112640 _____ (forum.viry.cz) C:\Users\Ing. Radek Houda\Desktop\FRSTLauncher.exe
2014-01-15 16:47 - 2010-07-07 19:47 - 01431994 _____ C:\Windows\WindowsUpdate.log
2014-01-15 16:45 - 2012-12-12 08:42 - 00000000 ___RD C:\Users\Ing. Radek Houda\SkyDrive
2014-01-15 16:45 - 2011-07-15 19:34 - 00001006 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1101881980-2868113236-2782137678-1000UA.job
2014-01-15 16:45 - 2011-07-15 19:34 - 00000954 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1101881980-2868113236-2782137678-1000Core.job
2014-01-15 16:44 - 2012-05-26 12:23 - 00000000 ___RD C:\Users\Ing. Radek Houda\Google Drive
2014-01-15 16:43 - 2011-04-10 20:21 - 00000956 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-15 16:42 - 2013-11-14 13:10 - 00010305 _____ C:\Windows\setupact.log
2014-01-15 16:42 - 2010-07-07 15:06 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-15 16:42 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-15 16:40 - 2012-04-21 19:09 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-15 16:36 - 2014-01-15 16:36 - 01220608 _____ (Farbar) C:\Users\Ing. Radek Houda\Desktop\FRST.exe
2014-01-15 14:31 - 2014-01-15 14:31 - 00002468 _____ C:\Users\Ing. Radek Houda\Desktop\aswMBR.txt
2014-01-15 14:31 - 2014-01-15 14:31 - 00000512 _____ C:\Users\Ing. Radek Houda\Desktop\MBR.dat
2014-01-15 11:45 - 2014-01-15 11:45 - 393071632 _____ C:\Windows\MEMORY.DMP
2014-01-15 11:45 - 2014-01-15 11:45 - 00154752 _____ C:\Windows\Minidump\011514-24703-01.dmp
2014-01-15 11:45 - 2014-01-15 11:45 - 00000000 ____D C:\Windows\Minidump
2014-01-15 11:36 - 2014-01-15 11:37 - 04745728 _____ (AVAST Software) C:\Users\Ing. Radek Houda\Desktop\aswMBR.exe
2014-01-15 11:31 - 2014-01-15 11:28 - 00000000 ____D C:\AdwCleaner
2014-01-15 11:25 - 2014-01-15 11:28 - 01236282 _____ C:\Users\Ing. Radek Houda\Desktop\adwcleaner.exe
2014-01-15 08:59 - 2014-01-15 08:58 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{EF2FD37E-6C9F-4CF6-95FD-2ED39DBF1499}
2014-01-15 08:10 - 2009-07-14 05:33 - 00341944 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-15 08:06 - 2013-07-16 06:28 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 07:46 - 2010-07-07 15:29 - 83425928 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 07:20 - 2014-01-15 07:20 - 00000000 ____D C:\rsit
2014-01-15 07:20 - 2014-01-15 07:20 - 00000000 ____D C:\Program Files\trend micro
2014-01-14 20:58 - 2014-01-14 20:58 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{12F19A0A-0687-4EB3-8B08-E771DA5C8A82}
2014-01-14 14:58 - 2011-07-04 19:37 - 00000000 ____D C:\Users\Ing. Radek Houda\Documents\Moje naskenované obrázky
2014-01-14 08:51 - 2014-01-14 08:50 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{7526E567-73AF-402C-ADB6-1D7832AAC27D}
2014-01-14 01:05 - 2009-07-14 05:53 - 00032622 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-13 20:50 - 2014-01-13 20:50 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{6E3EAFFF-91DB-4B16-9A8E-A887BE7FEAEE}
2014-01-13 07:06 - 2014-01-13 07:05 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{FF3BD3C8-478C-435C-8914-2C903DB97784}
2014-01-12 14:20 - 2014-01-12 14:20 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{3DB39AA7-DC23-496E-8E0F-5C3012760F6D}
2014-01-12 14:13 - 2013-11-20 14:01 - 00152396 _____ C:\Windows\PFRO.log
2014-01-11 21:55 - 2013-01-24 15:24 - 00001083 _____ C:\Users\Public\Desktop\FreeFileSync.lnk
2014-01-11 18:12 - 2010-10-23 16:55 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\Windows Live
2014-01-11 13:27 - 2012-04-15 17:36 - 00000000 ____D C:\Users\Ing. Radek Houda\.gimp-2.8
2014-01-11 10:44 - 2014-01-11 10:44 - 00005009 _____ C:\Users\Ing. Radek Houda\AppData\Local\recently-used.xbel
2014-01-11 10:19 - 2014-01-11 10:19 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{4A6DF6BC-34E5-43CD-A9F7-33ACF70C8286}
2014-01-10 21:04 - 2014-01-10 21:04 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{20B50A55-F346-47E4-83B0-986EDE85B4F4}
2014-01-10 14:09 - 2010-07-10 14:27 - 00065544 _____ C:\Users\Ing. Radek Houda\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-10 08:55 - 2014-01-10 08:55 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{061C115E-C27A-40E2-95B5-A4AA16E1D25D}
2014-01-09 20:55 - 2014-01-09 20:54 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{F5E57E77-B526-4452-B328-2C19915B8D11}
2014-01-09 09:18 - 2011-08-21 17:31 - 00000969 _____ C:\Users\Public\Desktop\CCleaner.lnk
2014-01-09 09:18 - 2011-08-21 17:31 - 00000000 ____D C:\Program Files\CCleaner
2014-01-09 07:09 - 2014-01-09 07:09 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{827E0A96-FECB-4395-813C-D8178290C3C7}
2014-01-08 08:36 - 2014-01-08 08:36 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{38076CE0-F7F3-46E4-AAED-8DB7074A5CE5}
2014-01-07 20:36 - 2014-01-07 20:36 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{14BEBE9B-AE08-4CF5-84AC-2BE0CF554632}
2014-01-07 17:37 - 2012-03-13 21:12 - 00000000 ____D C:\Users\UpdatusUser.Houda
2014-01-07 07:30 - 2014-01-07 07:29 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{4FBB7B8F-166D-4696-A3CD-9FFF3710A243}
2014-01-06 19:29 - 2014-01-06 19:29 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{A0C16DC0-2733-4BEF-B94E-E91B23AE1928}
2014-01-06 18:36 - 2014-01-06 18:36 - 00064168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-06 18:36 - 2013-11-26 18:09 - 00002047 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-01-06 18:35 - 2013-05-04 16:39 - 00775952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-06 18:35 - 2013-05-04 16:39 - 00410528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-01-06 18:35 - 2013-05-04 16:39 - 00270240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-06 18:35 - 2013-05-04 16:39 - 00180248 _____ C:\Windows\system32\Drivers\aswVmm.sys
2014-01-06 18:35 - 2013-05-04 16:39 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-06 18:35 - 2013-05-04 16:38 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-06 07:21 - 2014-01-06 07:21 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{94CD095C-22A9-484C-9A08-DCA2A0B5C6B8}
2014-01-05 09:34 - 2014-01-05 09:34 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{BC2A0211-B43A-4265-B0B8-057FF1E7A98F}
2014-01-04 16:08 - 2014-01-04 16:07 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{E8C59E55-0EC5-4E69-81C4-C062575F0685}
2014-01-03 21:09 - 2014-01-03 21:09 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{90334D3C-DBA5-42D1-B9C1-4BDE054D1313}
2014-01-03 08:56 - 2014-01-03 08:56 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{82A3899F-8492-4D0A-9C9E-C2B474E79C9C}
2014-01-02 20:56 - 2014-01-02 20:56 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{4ED7DCCA-D108-4911-8313-5B99C04D687D}
2014-01-02 08:34 - 2012-10-18 13:00 - 00002083 _____ C:\Users\Public\Desktop\S3 Kasa.lnk
2014-01-02 08:34 - 2012-10-18 13:00 - 00002078 _____ C:\Users\Public\Desktop\Money S3.lnk
2014-01-02 08:17 - 2014-01-02 08:17 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{303F29C8-2D90-4038-8447-6B78DA4DBBBA}
2014-01-01 20:38 - 2010-07-07 15:04 - 01608676 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-01 16:49 - 2014-01-01 16:49 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{3DB611B3-A6DC-4EB9-870C-1C315A80EB6D}
2013-12-31 09:21 - 2013-09-01 08:12 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Roaming\doublecmd
2013-12-31 08:51 - 2013-12-31 08:51 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{54CA3384-B6DE-478C-9E5C-9CA24C20DD6F}
2013-12-30 09:17 - 2013-12-30 09:17 - 00000996 _____ C:\Users\Ing. Radek Houda\Desktop\PSPad Editor.lnk
2013-12-30 07:42 - 2013-12-30 07:42 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{2E1D2472-94CC-4B01-9AB9-916F8CCF37C1}
2013-12-29 07:27 - 2013-12-29 07:27 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{FEF9097F-B700-494B-AEB9-3E145CBC5ED4}
2013-12-28 17:33 - 2010-08-22 14:02 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Roaming\Mp3tag
2013-12-28 17:26 - 2010-08-22 14:02 - 00000941 _____ C:\Users\Public\Desktop\Mp3tag.lnk
2013-12-28 17:26 - 2010-08-22 14:01 - 00000000 ____D C:\Program Files\Mp3tag
2013-12-28 10:00 - 2013-12-28 10:00 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{8E46FF70-DAD3-492C-ACD9-844D4D94E4E6}
2013-12-27 08:36 - 2013-12-27 08:36 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{F8782F56-3E48-44DD-BE6D-4AF30DDCCCB6}
2013-12-26 21:11 - 2013-12-26 21:11 - 00000000 ____D C:\LG_VDR
2013-12-26 21:10 - 2010-08-22 12:04 - 00000000 ____D C:\ProgramData\DVD Shrink
2013-12-26 20:35 - 2013-12-26 20:35 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{93124A42-7566-447D-9ED6-D6189FA9629E}
2013-12-26 08:17 - 2013-12-26 08:17 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{1E395A1D-C99A-4E78-9FB0-0D5AB24A2A59}
2013-12-26 08:16 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2013-12-25 11:39 - 2013-12-25 11:38 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{B7E74B19-8581-4C10-AE1C-94652BDD7BB0}
2013-12-24 11:19 - 2013-12-24 11:19 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{A6C9BD3D-0225-4654-9E06-05C28D87C8B7}
2013-12-23 21:21 - 2013-12-23 21:21 - 00001013 _____ C:\Users\Ing. Radek Houda\Desktop\tipy-pro-podnikani-na-internetu.pdf – zástupce.lnk
2013-12-23 21:05 - 2013-12-23 21:04 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{C0A59794-FCF8-479C-8116-F3A96B707E52}
2013-12-22 21:39 - 2013-12-22 21:39 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{F9CAED9E-BD1B-4C12-A21D-E2930DC6AE26}
2013-12-21 20:29 - 2013-12-21 20:29 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{0770066C-0B3A-466E-83B0-625B44F65A69}
2013-12-21 19:04 - 2013-01-07 15:36 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-20 19:12 - 2013-12-20 19:11 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{BB8476B9-C106-4B15-90FF-0022E8C7B1F1}
2013-12-20 15:45 - 2013-12-20 15:45 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-20 07:11 - 2013-12-20 07:11 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{5F6CF49B-7525-4436-8443-7CB8573464C0}
2013-12-19 19:10 - 2013-12-19 19:10 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{C8C94B8F-6C63-4E3E-B8A2-5143F8109C8B}
2013-12-19 07:10 - 2013-12-19 07:09 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{1B2FD20E-99AC-46E9-8E8F-39F7FE1F07C1}
2013-12-18 19:09 - 2013-12-18 19:09 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{72B533F1-EBA4-4BDF-9CF3-2343FDFF1A38}
2013-12-18 07:23 - 2009-07-14 05:52 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-12-18 07:09 - 2013-12-18 07:08 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{6093C8BD-8E2D-490D-950F-641DA3FA1D15}
2013-12-17 10:13 - 2013-12-17 10:13 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{04C9A8C9-9694-4D5E-B470-9A60CF7B1E4B}
2013-12-16 16:21 - 2013-12-16 16:21 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{3CE1AA88-FD3B-40C9-9961-48C4945BA3D6}

Some content of TEMP:
====================
C:\Users\Ing. Radek Houda\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Ing. Radek Houda\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1101881980-2868113236-2782137678-1000Core.job => C:\Users\Ing. Radek Houda\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1101881980-2868113236-2782137678-1000UA.job => C:\Users\Ing. Radek Houda\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Ing. Radek Houda\Desktop" je 10 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Aware Browsing Protection
"C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper
"C:\Program Files\iTunes\iTunesHelper.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files\QuickTime\QTTask.exe" -atboottime [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorShield
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdater
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe
"c:\program files\real\realplayer\Update\realsched.exe" -osboot [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant
"C:\Program Files\Unlocker\UnlockerAssistant.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Ing. Radek Houda^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Ing. Radek Houda^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.lnk
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [x]

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#6 Příspěvek od **vyosek** » 16 led 2014 06:17

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-01-18] (Google Inc.)
HKCU\...\Run: [Google Update] - C:\Users\Ing. Radek Houda\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-06-08] (Google Inc.)
HKCU\...\Run: [] - [x]
HKCU\...\Run: [GoogleChromeAutoLaunch_81C94577406AFE2423AB30497B98317B] - C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\Application\chrome.exe [866584 2014-01-11] (Google Inc.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4D11669D4320CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
URLSearchHook: HKLM - (No Name) - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - No File
URLSearchHook: HKCU - (No Name) - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {52BB61EF-2325-4602-A19C-7741E9DB71E7} URL = http://www.google.cz/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}&rlz=1I7GGNI_csCZ519
SearchScopes: HKCU - {33F54BC3-9695-42C6-ABDB-4CEBCDC7ABCF} URL = http://search.yahoo.com/search?fr=chr-g ... =302398&p={searchTerms}
SearchScopes: HKCU - {52BB61EF-2325-4602-A19C-7741E9DB71E7} URL = http://www.google.cz/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}&rlz=1I7GGNI_csCZ519
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {124D001A-BDCB-472F-AA59-BBE7E4BC3204} - No File

FF SearchPlugin: C:\Users\Ing. Radek Houda\AppData\Roaming\Mozilla\Firefox\Profiles\2yblxzbl.default\searchplugins\ashampoo-us-customized-web-search.xml

CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

S2 vToolbarUpdater15.1.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.1.0\ToolbarUpdater.exe [x]

C:\Program Files\Common Files\AVG Secure Search
2014-01-15 14:31 - 2014-01-15 14:31 - 00002468 _____ C:\Users\Ing. Radek Houda\Desktop\aswMBR.txt
2014-01-15 14:31 - 2014-01-15 14:31 - 00000512 _____ C:\Users\Ing. Radek Houda\Desktop\MBR.dat
2014-01-15 11:28 - 2014-01-15 11:25 - 01236282 _____ C:\Users\Ing. Radek Houda\Desktop\adwcleaner.exe
2014-01-15 11:37 - 2014-01-15 11:36 - 04745728 _____ (AVAST Software) C:\Users\Ing. Radek Houda\Desktop\aswMBR.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1101881980-2868113236-2782137678-1000Core.job => C:\Users\Ing. Radek Houda\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1101881980-2868113236-2782137678-1000UA.job => C:\Users\Ing. Radek Houda\AppData\Local\Google\Update\GoogleUpdate.exe

C:\ProgramData\Ad-Aware Browsing Protection
C:\Program Files\Spyware Terminator

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Aware Browsing Protection" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorShield" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdater" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant" /f

Hosts:

End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Hamil · #7 Příspěvek od **Hamil** » 16 led 2014 08:11

Fixlog je zde:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 15-01-2014 03
Ran by Ing. Radek Houda at 2014-01-16 08:00:35 Run:1
Running from C:\Users\Ing. Radek Houda\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-01-18] (Google Inc.)
HKCU\...\Run: [Google Update] - C:\Users\Ing. Radek Houda\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-06-08] (Google Inc.)
HKCU\...\Run: [] - [x]
HKCU\...\Run: [GoogleChromeAutoLaunch_81C94577406AFE2423AB30497B98317B] - C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\Application\chrome.exe [866584 2014-01-11] (Google Inc.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4D11669D4320CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
URLSearchHook: HKLM - (No Name) - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - No File
URLSearchHook: HKCU - (No Name) - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {52BB61EF-2325-4602-A19C-7741E9DB71E7} URL = http://www.google.cz/search?q={searchTe ... NI_csCZ519
SearchScopes: HKCU - {33F54BC3-9695-42C6-ABDB-4CEBCDC7ABCF} URL = http://search.yahoo.com/search?fr=chr-g ... =302398&p={searchTerms}
SearchScopes: HKCU - {52BB61EF-2325-4602-A19C-7741E9DB71E7} URL = http://www.google.cz/search?q={searchTe ... NI_csCZ519
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {124D001A-BDCB-472F-AA59-BBE7E4BC3204} - No File

FF SearchPlugin: C:\Users\Ing. Radek Houda\AppData\Roaming\Mozilla\Firefox\Profiles\2yblxzbl.default\searchplugins\ashampoo-us-customized-web-search.xml

CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

S2 vToolbarUpdater15.1.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.1.0\ToolbarUpdater.exe [x]

C:\Program Files\Common Files\AVG Secure Search
2014-01-15 14:31 - 2014-01-15 14:31 - 00002468 _____ C:\Users\Ing. Radek Houda\Desktop\aswMBR.txt
2014-01-15 14:31 - 2014-01-15 14:31 - 00000512 _____ C:\Users\Ing. Radek Houda\Desktop\MBR.dat
2014-01-15 11:28 - 2014-01-15 11:25 - 01236282 _____ C:\Users\Ing. Radek Houda\Desktop\adwcleaner.exe
2014-01-15 11:37 - 2014-01-15 11:36 - 04745728 _____ (AVAST Software) C:\Users\Ing. Radek Houda\Desktop\aswMBR.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1101881980-2868113236-2782137678-1000Core.job => C:\Users\Ing. Radek Houda\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1101881980-2868113236-2782137678-1000UA.job => C:\Users\Ing. Radek Houda\AppData\Local\Google\Update\GoogleUpdate.exe

C:\ProgramData\Ad-Aware Browsing Protection
C:\Program Files\Spyware Terminator

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Aware Browsing Protection" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorShield" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdater" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant" /f

Hosts:

End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\swg => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_81C94577406AFE2423AB30497B98317B => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Bar => Value deleted successfully.
HKLM\Software\Microsoft\Internet Explorer\URLSearchHooks\\{124d001a-bdcb-472f-aa59-bbe7e4bc3204} => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{124d001a-bdcb-472f-aa59-bbe7e4bc3204} => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33F54BC3-9695-42C6-ABDB-4CEBCDC7ABCF} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{33F54BC3-9695-42C6-ABDB-4CEBCDC7ABCF} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{52BB61EF-2325-4602-A19C-7741E9DB71E7} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{52BB61EF-2325-4602-A19C-7741E9DB71E7} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Value deleted successfully.
HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{124D001A-BDCB-472F-AA59-BBE7E4BC3204} => Value deleted successfully.
HKCR\CLSID\{124D001A-BDCB-472F-AA59-BBE7E4BC3204} => Key not found.
C:\Users\Ing. Radek Houda\AppData\Roaming\Mozilla\Firefox\Profiles\2yblxzbl.default\searchplugins\ashampoo-us-customized-web-search.xml => Moved successfully.
HKCU\SOFTWARE\Policies\Google => Key deleted successfully.
vToolbarUpdater15.1.0 => Service deleted successfully.
"C:\Program Files\Common Files\AVG Secure Search" => File/Directory not found.
C:\Users\Ing. Radek Houda\Desktop\aswMBR.txt => Moved successfully.
C:\Users\Ing. Radek Houda\Desktop\MBR.dat => Moved successfully.
C:\Users\Ing. Radek Houda\Desktop\adwcleaner.exe => Moved successfully.
C:\Users\Ing. Radek Houda\Desktop\aswMBR.exe => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1101881980-2868113236-2782137678-1000Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1101881980-2868113236-2782137678-1000UA.job => Moved successfully.
"C:\ProgramData\Ad-Aware Browsing Protection" => File/Directory not found.
"C:\Program Files\Spyware Terminator" => File/Directory not found.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Aware Browsing Protection" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorShield" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdater" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

==== End of Fixlog ====

#8 Příspěvek od **vyosek** » 17 led 2014 06:18

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel èistiè

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

Hamil · #9 Příspěvek od **Hamil** » 17 led 2014 17:15

Dobrý den,
bohužel jsme opět na začátku. Provedl jsem všechny procedury úklidu dle seznamu. Pak jsem spustil Avast a opět hlásí:
* Zpracovávám úlohu 'Hlavní test'
* Spuštěna 17. leden 2014 15:17:41
* VPS: 140117-0, 17.01.2014
*
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\r681\unins000.exe_{960b08c2-7f80-11e3-b9c4-f5a54dec8508}\C\Users\Ing. Radek Houda\AppData\Local\Temp\_iu14D2N.tmp [L] Rootkit: hidden file (0)
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\Users\Ing. Radek Houda\AppData\Local\Temp\CRX_DF399A9B283A\ChromeRecovery.exe [L] Rootkit: hidden file (0)
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\Users\Ing. Radek Houda\AppData\Local\Temp\CRX_DF399A9B283A\GoogleUpdateSetup.exe [L] Rootkit: hidden file (0)
Infikované soubory: 3
Počet nalezených souborů: 583131
Počet složek: 31003
Testovaná data: 234,6 GB

Ten unins000.exe je myslím odinstalační soubor prográmku pro převod videa AVICh. Ten program jsem dnes odinstaloval a při tom se to Avast snažil blokovat.

Přikládám aktuální výsledek skenu:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 17-01-2014 02
Ran by Ing. Radek Houda (administrator) on HOUDA on 17-01-2014 16:53:07
Running from C:\Users\Ing. Radek Houda\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
(Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Prolific Technology Inc.) C:\Program Files\Nero\Nero BackItUp 4\IoctlSvc.exe
(Sony Corporation) C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Users\Ing. Radek Houda\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Google Inc.) C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Mediaresearch a.s.) C:\Program Files\SimStream client\UI\Mediaresearch.SimStream.Client.Win.UI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google Inc.) C:\Users\Ing. Radek Houda\AppData\Local\Google\Update\GoogleUpdate.exe
(forum.viry.cz) C:\Users\Ing. Radek Houda\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-06] (AVAST Software)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [SkyDrive] - C:\Users\Ing. Radek Houda\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136 2013-08-14] (Microsoft Corporation)
HKCU\...\Run: [GoogleChromeAutoLaunch_81C94577406AFE2423AB30497B98317B] - C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\Application\chrome.exe [866584 2014-01-11] (Google Inc.)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-01-18] (Google Inc.)

==================== Internet (Whitelisted) ====================

SearchScopes: HKCU - DefaultScope {52BB61EF-2325-4602-A19C-7741E9DB71E7} URL = http://www.google.cz/search?q={searchTe ... NI_csCZ519
SearchScopes: HKCU - {52BB61EF-2325-4602-A19C-7741E9DB71E7} URL = http://www.google.cz/search?q={searchTe ... NI_csCZ519
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Winsock: Catalog9 02 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Winsock: Catalog9 03 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Winsock: Catalog9 04 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Winsock: Catalog9 05 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Winsock: Catalog9 06 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Winsock: Catalog9 17 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Winsock: Catalog9 18 C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll [268832] (NVIDIA)
Tcpip\Parameters: [DhcpNameServer] 10.4.188.1 88.83.187.1

FireFox:
========
FF ProfilePath: C:\Users\Ing. Radek Houda\AppData\Roaming\Mozilla\Firefox\Profiles\2yblxzbl.default
FF NewTab: about:blank
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF Homepage: https://www.google.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Ing. Radek Houda\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Ing. Radek Houda\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Ing. Radek Houda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdjvu.dll (Caminova, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Seznam lištička - C:\Users\Ing. Radek Houda\AppData\Roaming\Mozilla\Firefox\Profiles\2yblxzbl.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2013-03-29]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-20]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-20]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-05-04]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

Chrome:
=======
CHR HomePage: hxxp://www.google.cz/
CHR Plugin: (Shockwave Flash) - C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\Application\32.0.1700.76\pdf.dll ()
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (DjVu Plugin Viewer) - C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\Application\plugins\npdjvu.dll (Caminova, Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U45) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Nokia Suite Enabler Plugin) - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll No File
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll No File
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll No File
CHR Plugin: (RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll No File
CHR Plugin: (RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll No File
CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll No File
CHR Plugin: (Unity Player) - C:\Users\Ing. Radek Houda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Google Update) - C:\Users\Ing. Radek Houda\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.110.21) - C:\Windows\system32\npDeployJava1.dll No File
CHR Extension: (HP Product Detection Plugin) - C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelbknmfcacjffmgnoaaonhgoghlmlkp [2012-10-02]
CHR Extension: (Dokumenty Google) - C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2012-12-02]
CHR Extension: (Disk Google) - C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-02]
CHR Extension: (Seznam Li\u0161ti\u010Dka - Email) - C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2013-03-08]
CHR Extension: (YouTube) - C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-18]
CHR Extension: (Vyhled\u00E1v\u00E1n\u00ED Google) - C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-18]
CHR Extension: (PageRank Fast) - C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\User Data\Default\Extensions\imboecihmboiphcjjnnbganojpoeeemh [2013-02-24]
CHR Extension: (Tag Assistant (by Google)) - C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\User Data\Default\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2013-07-17]
CHR Extension: (Pen\u011B\u017Eenka Google) - C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Collabim) - C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\User Data\Default\Extensions\oinjknlpcckmnnjpodcifmifeghabelo [2013-07-18]
CHR Extension: (Seznam Li\u0161ti\u010Dka - Rychl\u00E1 volba) - C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2013-01-22]
CHR Extension: (Google Publisher Toolbar) - C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\User Data\Default\Extensions\omioeahgfecgfpfldejlnideemfidnkc [2013-10-29]
CHR Extension: (Gmail) - C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-18]
CHR HKLM\...\Chrome\Extension: [ggagiiobgjmfpdadhecbofeoelcpidec] - C:\Users\Ing. Radek Houda\AppData\Local\CRE\ggagiiobgjmfpdadhecbofeoelcpidec.crx [2012-12-01]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
CHR HKCU\...\Chrome\Extension: [ggagiiobgjmfpdadhecbofeoelcpidec] - C:\Users\Ing. Radek Houda\AppData\Local\CRE\ggagiiobgjmfpdadhecbofeoelcpidec.crx [2012-12-01]
CHR StartMenuInternet: Google Chrome - C:\Users\Ing. Radek Houda\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-06] (AVAST Software)
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [387616 2009-07-23] ()
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [178720 2009-07-23] ()
R2 PLFlash DeviceIoControl Service; C:\Program Files\Nero\Nero BackItUp 4\IoctlSvc.exe [81920 2008-12-05] (Prolific Technology Inc.)

==================== Drivers (Whitelisted) ====================

R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21576 2013-05-02] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-01-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [79720 2013-11-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2013-11-26] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2014-01-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410528 2014-01-06] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [64168 2014-01-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [180248 2014-01-06] ()
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [34592 2013-05-04] (AVG Technologies)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [13560 2013-05-03] (GFI Software)
R3 nuviocir; C:\Windows\System32\DRIVERS\nuviocir_win7_x86.sys [29696 2009-06-26] (Nuvoton Technology Corp.)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [461824 2009-04-28] (PixArt Imaging Inc.)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [25984 2009-12-12] (The OpenVPN Project)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] ()

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-01-17 16:53 - 2014-01-17 16:53 - 00022059 _____ C:\Users\Ing. Radek Houda\Desktop\FRST.txt
2014-01-17 16:53 - 2014-01-17 16:53 - 00000000 ____D C:\FRST
2014-01-17 16:50 - 2014-01-17 16:50 - 00112640 _____ (forum.viry.cz) C:\Users\Ing. Radek Houda\Desktop\FRSTLauncher.exe
2014-01-17 16:47 - 2014-01-17 16:48 - 01220096 _____ (Farbar) C:\Users\Ing. Radek Houda\Desktop\FRST.exe
2014-01-17 16:41 - 2014-01-17 16:41 - 00000056 _____ C:\Windows\setupact.log
2014-01-17 16:41 - 2014-01-17 16:41 - 00000000 _____ C:\Windows\setuperr.log
2014-01-17 11:41 - 2014-01-17 11:41 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{6F5A6393-DFD2-4BAB-9002-792EDEF67357}
2014-01-16 21:06 - 2014-01-16 21:06 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{0F7EE49F-5C24-499A-BA78-2CCAB75437DD}
2014-01-16 19:29 - 2014-01-16 19:29 - 00006477 _____ C:\Users\Ing. Radek Houda\AppData\Local\recently-used.xbel
2014-01-16 15:44 - 2014-01-16 15:43 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-16 15:43 - 2014-01-16 15:43 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-16 15:43 - 2014-01-16 15:43 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-16 15:43 - 2014-01-16 15:43 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-01-16 15:09 - 2014-01-17 16:40 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-16 14:54 - 2014-01-16 14:54 - 00000972 _____ C:\Users\Ing. Radek Houda\Desktop\IrfanView.lnk
2014-01-16 08:59 - 2014-01-16 09:00 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{D69A3706-3376-490F-9717-76BDA55C649A}
2014-01-15 20:59 - 2014-01-15 20:59 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{8901A532-725C-4BB7-995A-388A51E212FC}
2014-01-15 11:45 - 2014-01-17 07:13 - 00000000 ____D C:\Windows\Minidump
2014-01-15 08:58 - 2014-01-15 08:59 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{EF2FD37E-6C9F-4CF6-95FD-2ED39DBF1499}
2014-01-15 07:45 - 2013-11-27 02:14 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 07:45 - 2013-11-27 02:13 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 07:45 - 2013-11-27 02:13 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 07:45 - 2013-11-27 02:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 07:45 - 2013-11-27 02:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 07:45 - 2013-11-27 02:13 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 07:45 - 2013-11-27 02:13 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 07:45 - 2013-11-26 12:11 - 00240576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 07:45 - 2013-11-26 11:10 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-15 07:20 - 2014-01-17 07:09 - 00000000 ____D C:\Program Files\trend micro
2014-01-14 20:58 - 2014-01-14 20:58 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{12F19A0A-0687-4EB3-8B08-E771DA5C8A82}
2014-01-14 08:50 - 2014-01-14 08:51 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{7526E567-73AF-402C-ADB6-1D7832AAC27D}
2014-01-14 01:05 - 2011-06-21 11:24 - 00032768 _____ C:\Windows\system32\Drivers\sp_rsdrv2.sys
2014-01-13 20:50 - 2014-01-13 20:50 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{6E3EAFFF-91DB-4B16-9A8E-A887BE7FEAEE}
2014-01-13 07:05 - 2014-01-13 07:06 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{FF3BD3C8-478C-435C-8914-2C903DB97784}
2014-01-12 14:20 - 2014-01-12 14:20 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{3DB39AA7-DC23-496E-8E0F-5C3012760F6D}
2014-01-11 10:19 - 2014-01-11 10:19 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{4A6DF6BC-34E5-43CD-A9F7-33ACF70C8286}
2014-01-10 21:04 - 2014-01-10 21:04 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{20B50A55-F346-47E4-83B0-986EDE85B4F4}
2014-01-10 08:55 - 2014-01-10 08:55 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{061C115E-C27A-40E2-95B5-A4AA16E1D25D}
2014-01-09 20:54 - 2014-01-09 20:55 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{F5E57E77-B526-4452-B328-2C19915B8D11}
2014-01-09 07:09 - 2014-01-09 07:09 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{827E0A96-FECB-4395-813C-D8178290C3C7}
2014-01-08 08:36 - 2014-01-08 08:36 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{38076CE0-F7F3-46E4-AAED-8DB7074A5CE5}
2014-01-07 20:36 - 2014-01-07 20:36 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{14BEBE9B-AE08-4CF5-84AC-2BE0CF554632}
2014-01-07 07:29 - 2014-01-07 07:30 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{4FBB7B8F-166D-4696-A3CD-9FFF3710A243}
2014-01-06 19:29 - 2014-01-06 19:29 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{A0C16DC0-2733-4BEF-B94E-E91B23AE1928}
2014-01-06 18:36 - 2014-01-06 18:36 - 00064168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-06 07:21 - 2014-01-06 07:21 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{94CD095C-22A9-484C-9A08-DCA2A0B5C6B8}
2014-01-05 09:34 - 2014-01-05 09:34 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{BC2A0211-B43A-4265-B0B8-057FF1E7A98F}
2014-01-04 16:07 - 2014-01-04 16:08 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{E8C59E55-0EC5-4E69-81C4-C062575F0685}
2014-01-03 21:09 - 2014-01-03 21:09 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{90334D3C-DBA5-42D1-B9C1-4BDE054D1313}
2014-01-03 08:56 - 2014-01-03 08:56 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{82A3899F-8492-4D0A-9C9E-C2B474E79C9C}
2014-01-02 20:56 - 2014-01-02 20:56 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{4ED7DCCA-D108-4911-8313-5B99C04D687D}
2014-01-02 08:17 - 2014-01-02 08:17 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{303F29C8-2D90-4038-8447-6B78DA4DBBBA}
2014-01-01 16:49 - 2014-01-01 16:49 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{3DB611B3-A6DC-4EB9-870C-1C315A80EB6D}
2013-12-31 08:51 - 2013-12-31 08:51 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{54CA3384-B6DE-478C-9E5C-9CA24C20DD6F}
2013-12-30 09:17 - 2013-12-30 09:17 - 00000996 _____ C:\Users\Ing. Radek Houda\Desktop\PSPad Editor.lnk
2013-12-30 07:42 - 2013-12-30 07:42 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{2E1D2472-94CC-4B01-9AB9-916F8CCF37C1}
2013-12-29 07:27 - 2013-12-29 07:27 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{FEF9097F-B700-494B-AEB9-3E145CBC5ED4}
2013-12-28 10:00 - 2013-12-28 10:00 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{8E46FF70-DAD3-492C-ACD9-844D4D94E4E6}
2013-12-27 08:36 - 2013-12-27 08:36 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{F8782F56-3E48-44DD-BE6D-4AF30DDCCCB6}
2013-12-26 21:11 - 2013-12-26 21:11 - 00000000 ____D C:\LG_VDR
2013-12-26 20:35 - 2013-12-26 20:35 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{93124A42-7566-447D-9ED6-D6189FA9629E}
2013-12-26 08:17 - 2013-12-26 08:17 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{1E395A1D-C99A-4E78-9FB0-0D5AB24A2A59}
2013-12-25 11:38 - 2013-12-25 11:39 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{B7E74B19-8581-4C10-AE1C-94652BDD7BB0}
2013-12-24 11:19 - 2013-12-24 11:19 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{A6C9BD3D-0225-4654-9E06-05C28D87C8B7}
2013-12-23 21:21 - 2013-12-23 21:21 - 00001013 _____ C:\Users\Ing. Radek Houda\Desktop\tipy-pro-podnikani-na-internetu.pdf – zástupce.lnk
2013-12-23 21:04 - 2013-12-23 21:05 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{C0A59794-FCF8-479C-8116-F3A96B707E52}
2013-12-22 21:39 - 2013-12-22 21:39 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{F9CAED9E-BD1B-4C12-A21D-E2930DC6AE26}
2013-12-21 20:29 - 2013-12-21 20:29 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{0770066C-0B3A-466E-83B0-625B44F65A69}
2013-12-20 19:11 - 2013-12-20 19:12 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{BB8476B9-C106-4B15-90FF-0022E8C7B1F1}
2013-12-20 15:45 - 2013-12-20 15:45 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-20 07:11 - 2013-12-20 07:11 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{5F6CF49B-7525-4436-8443-7CB8573464C0}
2013-12-19 19:10 - 2013-12-19 19:10 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{C8C94B8F-6C63-4E3E-B8A2-5143F8109C8B}
2013-12-19 07:09 - 2013-12-19 07:10 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{1B2FD20E-99AC-46E9-8E8F-39F7FE1F07C1}
2013-12-18 19:09 - 2013-12-18 19:09 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{72B533F1-EBA4-4BDF-9CF3-2343FDFF1A38}
2013-12-18 07:08 - 2013-12-18 07:09 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{6093C8BD-8E2D-490D-950F-641DA3FA1D15}

==================== One Month Modified Files and Folders =======

2014-01-17 16:53 - 2014-01-17 16:53 - 00022059 _____ C:\Users\Ing. Radek Houda\Desktop\FRST.txt
2014-01-17 16:53 - 2014-01-17 16:53 - 00000000 ____D C:\FRST
2014-01-17 16:50 - 2014-01-17 16:50 - 00112640 _____ (forum.viry.cz) C:\Users\Ing. Radek Houda\Desktop\FRSTLauncher.exe
2014-01-17 16:49 - 2009-07-14 05:34 - 00018432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-17 16:49 - 2009-07-14 05:34 - 00018432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-17 16:48 - 2014-01-17 16:47 - 01220096 _____ (Farbar) C:\Users\Ing. Radek Houda\Desktop\FRST.exe
2014-01-17 16:46 - 2010-07-07 19:47 - 01705917 _____ C:\Windows\WindowsUpdate.log
2014-01-17 16:42 - 2012-12-12 08:42 - 00000000 ___RD C:\Users\Ing. Radek Houda\SkyDrive
2014-01-17 16:41 - 2014-01-17 16:41 - 00000056 _____ C:\Windows\setupact.log
2014-01-17 16:41 - 2014-01-17 16:41 - 00000000 _____ C:\Windows\setuperr.log
2014-01-17 16:41 - 2010-07-07 15:06 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-17 16:41 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-17 16:40 - 2014-01-16 15:09 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-17 15:12 - 2010-11-13 22:14 - 00000000 ____D C:\Program Files\AviCh
2014-01-17 15:03 - 2013-06-26 16:35 - 00000000 ____D C:\Program Files\Real
2014-01-17 15:03 - 2013-06-26 16:34 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Roaming\Real
2014-01-17 15:03 - 2013-06-26 16:19 - 00000000 ____D C:\ProgramData\Real
2014-01-17 14:36 - 2011-04-10 20:21 - 00000000 ____D C:\Program Files\Google
2014-01-17 14:34 - 2011-04-10 20:21 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\Google
2014-01-17 14:32 - 2010-11-14 19:17 - 00000000 ____D C:\Program Files\DsNET Corp
2014-01-17 14:28 - 2012-11-22 13:20 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Roaming\FileZilla
2014-01-17 14:19 - 2012-05-26 12:23 - 00000000 ___RD C:\Users\Ing. Radek Houda\Google Drive
2014-01-17 11:43 - 2010-07-07 14:57 - 00000000 ____D C:\Users\Ing. Radek Houda
2014-01-17 11:41 - 2014-01-17 11:41 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{6F5A6393-DFD2-4BAB-9002-792EDEF67357}
2014-01-17 07:13 - 2014-01-15 11:45 - 00000000 ____D C:\Windows\Minidump
2014-01-17 07:09 - 2014-01-15 07:20 - 00000000 ____D C:\Program Files\trend micro
2014-01-16 21:06 - 2014-01-16 21:06 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{0F7EE49F-5C24-499A-BA78-2CCAB75437DD}
2014-01-16 19:32 - 2012-04-15 17:36 - 00000000 ____D C:\Users\Ing. Radek Houda\.gimp-2.8
2014-01-16 19:29 - 2014-01-16 19:29 - 00006477 _____ C:\Users\Ing. Radek Houda\AppData\Local\recently-used.xbel
2014-01-16 16:20 - 2012-04-21 19:09 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-01-16 16:20 - 2011-05-15 17:55 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-01-16 16:17 - 2010-07-11 13:47 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\Adobe
2014-01-16 15:47 - 2013-11-07 15:19 - 00000000 ____D C:\ProgramData\Oracle
2014-01-16 15:43 - 2014-01-16 15:44 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-16 15:43 - 2014-01-16 15:43 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-16 15:43 - 2014-01-16 15:43 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-16 15:43 - 2014-01-16 15:43 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-01-16 14:58 - 2012-10-19 14:37 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2014-01-16 14:54 - 2014-01-16 14:54 - 00000972 _____ C:\Users\Ing. Radek Houda\Desktop\IrfanView.lnk
2014-01-16 14:54 - 2012-06-03 12:10 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2014-01-16 14:39 - 2011-07-04 19:37 - 00000000 ____D C:\Users\Ing. Radek Houda\Documents\Moje naskenované obrázky
2014-01-16 09:00 - 2014-01-16 08:59 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{D69A3706-3376-490F-9717-76BDA55C649A}
2014-01-15 20:59 - 2014-01-15 20:59 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{8901A532-725C-4BB7-995A-388A51E212FC}
2014-01-15 08:59 - 2014-01-15 08:58 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{EF2FD37E-6C9F-4CF6-95FD-2ED39DBF1499}
2014-01-15 08:10 - 2009-07-14 05:33 - 00341944 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-15 08:06 - 2013-07-16 06:28 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 07:46 - 2010-07-07 15:29 - 83425928 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-14 20:58 - 2014-01-14 20:58 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{12F19A0A-0687-4EB3-8B08-E771DA5C8A82}
2014-01-14 08:51 - 2014-01-14 08:50 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{7526E567-73AF-402C-ADB6-1D7832AAC27D}
2014-01-14 01:05 - 2009-07-14 05:53 - 00032622 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-13 20:50 - 2014-01-13 20:50 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{6E3EAFFF-91DB-4B16-9A8E-A887BE7FEAEE}
2014-01-13 07:06 - 2014-01-13 07:05 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{FF3BD3C8-478C-435C-8914-2C903DB97784}
2014-01-12 14:20 - 2014-01-12 14:20 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{3DB39AA7-DC23-496E-8E0F-5C3012760F6D}
2014-01-11 21:55 - 2013-01-24 15:24 - 00001083 _____ C:\Users\Public\Desktop\FreeFileSync.lnk
2014-01-11 18:12 - 2010-10-23 16:55 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\Windows Live
2014-01-11 10:19 - 2014-01-11 10:19 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{4A6DF6BC-34E5-43CD-A9F7-33ACF70C8286}
2014-01-10 21:04 - 2014-01-10 21:04 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{20B50A55-F346-47E4-83B0-986EDE85B4F4}
2014-01-10 14:09 - 2010-07-10 14:27 - 00065544 _____ C:\Users\Ing. Radek Houda\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-10 08:55 - 2014-01-10 08:55 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{061C115E-C27A-40E2-95B5-A4AA16E1D25D}
2014-01-09 20:55 - 2014-01-09 20:54 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{F5E57E77-B526-4452-B328-2C19915B8D11}
2014-01-09 09:18 - 2011-08-21 17:31 - 00000969 _____ C:\Users\Public\Desktop\CCleaner.lnk
2014-01-09 09:18 - 2011-08-21 17:31 - 00000000 ____D C:\Program Files\CCleaner
2014-01-09 07:09 - 2014-01-09 07:09 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{827E0A96-FECB-4395-813C-D8178290C3C7}
2014-01-08 08:36 - 2014-01-08 08:36 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{38076CE0-F7F3-46E4-AAED-8DB7074A5CE5}
2014-01-07 20:36 - 2014-01-07 20:36 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{14BEBE9B-AE08-4CF5-84AC-2BE0CF554632}
2014-01-07 17:37 - 2012-03-13 21:12 - 00000000 ____D C:\Users\UpdatusUser.Houda
2014-01-07 07:30 - 2014-01-07 07:29 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{4FBB7B8F-166D-4696-A3CD-9FFF3710A243}
2014-01-06 19:29 - 2014-01-06 19:29 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{A0C16DC0-2733-4BEF-B94E-E91B23AE1928}
2014-01-06 18:36 - 2014-01-06 18:36 - 00064168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-06 18:36 - 2013-11-26 18:09 - 00002047 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-01-06 18:35 - 2013-05-04 16:39 - 00775952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-06 18:35 - 2013-05-04 16:39 - 00410528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-01-06 18:35 - 2013-05-04 16:39 - 00270240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-06 18:35 - 2013-05-04 16:39 - 00180248 _____ C:\Windows\system32\Drivers\aswVmm.sys
2014-01-06 18:35 - 2013-05-04 16:39 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-06 18:35 - 2013-05-04 16:38 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-06 07:21 - 2014-01-06 07:21 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{94CD095C-22A9-484C-9A08-DCA2A0B5C6B8}
2014-01-05 09:34 - 2014-01-05 09:34 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{BC2A0211-B43A-4265-B0B8-057FF1E7A98F}
2014-01-04 16:08 - 2014-01-04 16:07 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{E8C59E55-0EC5-4E69-81C4-C062575F0685}
2014-01-03 21:09 - 2014-01-03 21:09 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{90334D3C-DBA5-42D1-B9C1-4BDE054D1313}
2014-01-03 08:56 - 2014-01-03 08:56 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{82A3899F-8492-4D0A-9C9E-C2B474E79C9C}
2014-01-02 20:56 - 2014-01-02 20:56 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{4ED7DCCA-D108-4911-8313-5B99C04D687D}
2014-01-02 08:34 - 2012-10-18 13:00 - 00002083 _____ C:\Users\Public\Desktop\S3 Kasa.lnk
2014-01-02 08:34 - 2012-10-18 13:00 - 00002078 _____ C:\Users\Public\Desktop\Money S3.lnk
2014-01-02 08:17 - 2014-01-02 08:17 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{303F29C8-2D90-4038-8447-6B78DA4DBBBA}
2014-01-01 20:38 - 2010-07-07 15:04 - 01608676 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-01 16:49 - 2014-01-01 16:49 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{3DB611B3-A6DC-4EB9-870C-1C315A80EB6D}
2013-12-31 09:21 - 2013-09-01 08:12 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Roaming\doublecmd
2013-12-31 08:51 - 2013-12-31 08:51 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{54CA3384-B6DE-478C-9E5C-9CA24C20DD6F}
2013-12-30 09:17 - 2013-12-30 09:17 - 00000996 _____ C:\Users\Ing. Radek Houda\Desktop\PSPad Editor.lnk
2013-12-30 07:42 - 2013-12-30 07:42 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{2E1D2472-94CC-4B01-9AB9-916F8CCF37C1}
2013-12-29 07:27 - 2013-12-29 07:27 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{FEF9097F-B700-494B-AEB9-3E145CBC5ED4}
2013-12-28 17:33 - 2010-08-22 14:02 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Roaming\Mp3tag
2013-12-28 17:26 - 2010-08-22 14:02 - 00000941 _____ C:\Users\Public\Desktop\Mp3tag.lnk
2013-12-28 17:26 - 2010-08-22 14:01 - 00000000 ____D C:\Program Files\Mp3tag
2013-12-28 10:00 - 2013-12-28 10:00 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{8E46FF70-DAD3-492C-ACD9-844D4D94E4E6}
2013-12-27 08:36 - 2013-12-27 08:36 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{F8782F56-3E48-44DD-BE6D-4AF30DDCCCB6}
2013-12-26 21:11 - 2013-12-26 21:11 - 00000000 ____D C:\LG_VDR
2013-12-26 21:10 - 2010-08-22 12:04 - 00000000 ____D C:\ProgramData\DVD Shrink
2013-12-26 20:35 - 2013-12-26 20:35 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{93124A42-7566-447D-9ED6-D6189FA9629E}
2013-12-26 08:17 - 2013-12-26 08:17 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{1E395A1D-C99A-4E78-9FB0-0D5AB24A2A59}
2013-12-26 08:16 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2013-12-25 11:39 - 2013-12-25 11:38 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{B7E74B19-8581-4C10-AE1C-94652BDD7BB0}
2013-12-24 11:19 - 2013-12-24 11:19 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{A6C9BD3D-0225-4654-9E06-05C28D87C8B7}
2013-12-23 21:21 - 2013-12-23 21:21 - 00001013 _____ C:\Users\Ing. Radek Houda\Desktop\tipy-pro-podnikani-na-internetu.pdf – zástupce.lnk
2013-12-23 21:05 - 2013-12-23 21:04 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{C0A59794-FCF8-479C-8116-F3A96B707E52}
2013-12-22 21:39 - 2013-12-22 21:39 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{F9CAED9E-BD1B-4C12-A21D-E2930DC6AE26}
2013-12-21 20:29 - 2013-12-21 20:29 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{0770066C-0B3A-466E-83B0-625B44F65A69}
2013-12-21 19:04 - 2013-01-07 15:36 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-20 19:12 - 2013-12-20 19:11 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{BB8476B9-C106-4B15-90FF-0022E8C7B1F1}
2013-12-20 15:45 - 2013-12-20 15:45 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-20 07:11 - 2013-12-20 07:11 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{5F6CF49B-7525-4436-8443-7CB8573464C0}
2013-12-19 19:10 - 2013-12-19 19:10 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{C8C94B8F-6C63-4E3E-B8A2-5143F8109C8B}
2013-12-19 07:10 - 2013-12-19 07:09 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{1B2FD20E-99AC-46E9-8E8F-39F7FE1F07C1}
2013-12-18 19:09 - 2013-12-18 19:09 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{72B533F1-EBA4-4BDF-9CF3-2343FDFF1A38}
2013-12-18 07:23 - 2009-07-14 05:52 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-12-18 07:09 - 2013-12-18 07:08 - 00000000 ____D C:\Users\Ing. Radek Houda\AppData\Local\{6093C8BD-8E2D-490D-950F-641DA3FA1D15}

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Ing. Radek Houda\Desktop" je 4 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Ing. Radek Houda^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Ing. Radek Houda^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.lnk
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [x]

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#10 Příspěvek od **vyosek** » 17 led 2014 21:09

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-01-18] (Google Inc.)
HKCU\...\Run: [Google Update] - C:\Users\Ing. Radek Houda\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-06-08] (Google Inc.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4D11669D4320CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
URLSearchHook: HKLM - (No Name) - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - No File
URLSearchHook: HKCU - (No Name) - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {52BB61EF-2325-4602-A19C-7741E9DB71E7} URL = http://www.google.cz/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}&rlz=1I7GGNI_csCZ519
SearchScopes: HKCU - {33F54BC3-9695-42C6-ABDB-4CEBCDC7ABCF} URL = http://search.yahoo.com/search?fr=chr-g ... =302398&p={searchTerms}
SearchScopes: HKCU - {52BB61EF-2325-4602-A19C-7741E9DB71E7} URL = http://www.google.cz/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}&rlz=1I7GGNI_csCZ519

Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {124D001A-BDCB-472F-AA59-BBE7E4BC3204} - No File

FF SearchPlugin: C:\Users\Ing. Radek Houda\AppData\Roaming\Mozilla\Firefox\Profiles\2yblxzbl.default\searchplugins\ashampoo-us-customized-web-search.xml

CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

S2 vToolbarUpdater15.1.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.1.0\ToolbarUpdater.exe [x]

2014-01-15 16:47 - 2014-01-15 16:47 - 00112640 _____ (forum.viry.cz) C:\Users\Ing. Radek Houda\Desktop\FRSTLauncher.exe
2014-01-15 14:31 - 2014-01-15 14:31 - 00002468 _____ C:\Users\Ing. Radek Houda\Desktop\aswMBR.txt
2014-01-15 14:31 - 2014-01-15 14:31 - 00000512 _____ C:\Users\Ing. Radek Houda\Desktop\MBR.dat
2014-01-15 11:37 - 2014-01-15 11:36 - 04745728 _____ (AVAST Software) C:\Users\Ing. Radek Houda\Desktop\aswMBR.exe
2014-01-15 11:28 - 2014-01-15 11:25 - 01236282 _____ C:\Users\Ing. Radek Houda\Desktop\adwcleaner.exe
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Hosts:

End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Hamil · #11 Příspěvek od **Hamil** » 17 led 2014 21:24

Log vytvořen:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 17-01-2014 02
Ran by Ing. Radek Houda at 2014-01-17 21:20:23 Run:1
Running from C:\Users\Ing. Radek Houda\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-01-18] (Google Inc.)
HKCU\...\Run: [Google Update] - C:\Users\Ing. Radek Houda\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-06-08] (Google Inc.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4D11669D4320CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
URLSearchHook: HKLM - (No Name) - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - No File
URLSearchHook: HKCU - (No Name) - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {52BB61EF-2325-4602-A19C-7741E9DB71E7} URL = http://www.google.cz/search?q={searchTe ... NI_csCZ519
SearchScopes: HKCU - {33F54BC3-9695-42C6-ABDB-4CEBCDC7ABCF} URL = http://search.yahoo.com/search?fr=chr-g ... =302398&p={searchTerms}
SearchScopes: HKCU - {52BB61EF-2325-4602-A19C-7741E9DB71E7} URL = http://www.google.cz/search?q={searchTe ... NI_csCZ519

Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {124D001A-BDCB-472F-AA59-BBE7E4BC3204} - No File

FF SearchPlugin: C:\Users\Ing. Radek Houda\AppData\Roaming\Mozilla\Firefox\Profiles\2yblxzbl.default\searchplugins\ashampoo-us-customized-web-search.xml

CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

S2 vToolbarUpdater15.1.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.1.0\ToolbarUpdater.exe [x]

2014-01-15 16:47 - 2014-01-15 16:47 - 00112640 _____ (forum.viry.cz) C:\Users\Ing. Radek Houda\Desktop\FRSTLauncher.exe
2014-01-15 14:31 - 2014-01-15 14:31 - 00002468 _____ C:\Users\Ing. Radek Houda\Desktop\aswMBR.txt
2014-01-15 14:31 - 2014-01-15 14:31 - 00000512 _____ C:\Users\Ing. Radek Houda\Desktop\MBR.dat
2014-01-15 11:37 - 2014-01-15 11:36 - 04745728 _____ (AVAST Software) C:\Users\Ing. Radek Houda\Desktop\aswMBR.exe
2014-01-15 11:28 - 2014-01-15 11:25 - 01236282 _____ C:\Users\Ing. Radek Houda\Desktop\adwcleaner.exe
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Hosts:

End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\swg => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => Value not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP => Value not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Bar => Value not found.
HKLM\Software\Microsoft\Internet Explorer\URLSearchHooks\\{124d001a-bdcb-472f-aa59-bbe7e4bc3204} => Value not found.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{124d001a-bdcb-472f-aa59-bbe7e4bc3204} => Value not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33F54BC3-9695-42C6-ABDB-4CEBCDC7ABCF} => Key not found.
HKCR\Wow6432Node\CLSID\{33F54BC3-9695-42C6-ABDB-4CEBCDC7ABCF} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{52BB61EF-2325-4602-A19C-7741E9DB71E7} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{52BB61EF-2325-4602-A19C-7741E9DB71E7} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Value not found.
HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{124D001A-BDCB-472F-AA59-BBE7E4BC3204} => Value not found.
HKCR\CLSID\{124D001A-BDCB-472F-AA59-BBE7E4BC3204} => Key not found.
"C:\Users\Ing. Radek Houda\AppData\Roaming\Mozilla\Firefox\Profiles\2yblxzbl.default\searchplugins\ashampoo-us-customized-web-search.xml" => not found.
HKCU\SOFTWARE\Policies\Google => Key not found.
vToolbarUpdater15.1.0 => Service not found.
C:\Users\Ing. Radek Houda\Desktop\FRSTLauncher.exe => Moved successfully.
"C:\Users\Ing. Radek Houda\Desktop\aswMBR.txt" => File/Directory not found.
"C:\Users\Ing. Radek Houda\Desktop\MBR.dat" => File/Directory not found.
"C:\Users\Ing. Radek Houda\Desktop\aswMBR.exe" => File/Directory not found.
"C:\Users\Ing. Radek Houda\Desktop\adwcleaner.exe" => File/Directory not found.

"C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000" directory move:

C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\snx_fs.dat => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\Windows\Prefetch\CTFMON.EXE-9450846B.pf => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\Windows\Prefetch\GOOGLEUPDATE.EXE-28A4DC93.pf => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\Windows\Prefetch\NOTEPAD.EXE-D8414F97.pf => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\Windows\Prefetch\SAFEZONEBROWSER.EXE-EA1E6E17.pf => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\Users\Ing. Radek Houda\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d8b393b9387fc13c.customDestinations-ms => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\Users\Ing. Radek Houda\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\04AFA8793E5CDC4A81C6CD4554A30707 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\Users\Ing. Radek Houda\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\49514950C94E8026A2B06312597DFF49_33A0493B3756EC93EB52782457685E27 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\Users\Ing. Radek Houda\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6AA3321A15A787985201D7A6820782F0_0AB46376AFB6F40B0426680E3025D384 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\Users\Ing. Radek Houda\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BD8A14C7C024625432CC03FE72E47EF0_11406F8796374E5646D0BA4BDC397CD0 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\Users\Ing. Radek Houda\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\04AFA8793E5CDC4A81C6CD4554A30707 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\Users\Ing. Radek Houda\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\49514950C94E8026A2B06312597DFF49_33A0493B3756EC93EB52782457685E27 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\Users\Ing. Radek Houda\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6AA3321A15A787985201D7A6820782F0_0AB46376AFB6F40B0426680E3025D384 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\Users\Ing. Radek Houda\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BD8A14C7C024625432CC03FE72E47EF0_11406F8796374E5646D0BA4BDC397CD0 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\Users\Ing. Radek Houda\AppData\Local\Temp\CRX_DF399A9B283A\ChromeRecovery.exe => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\Users\Ing. Radek Houda\AppData\Local\Temp\CRX_DF399A9B283A\GoogleUpdateSetup.exe => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\Users\Ing. Radek Houda\AppData\Local\Temp\CRX_DF399A9B283A\manifest.json => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\chrome_shutdown_ms.txt => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\cs-CZ-1-2.bdic => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Local State => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Safe Browsing Bloom => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Safe Browsing Bloom Filter 2 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Safe Browsing Csd Whitelist => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Safe Browsing Download => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Safe Browsing Download Whitelist => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Archived History => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Bookmarks => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Bookmarks.bak => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cookies => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Current Session => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Current Tabs => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Favicons => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\History => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\History Index 2013-05 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\History Provider Cache => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Last Session => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Last Tabs => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Network Action Predictor => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Preferences => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Shortcuts => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Top Sites => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Visited Links => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Web Data => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\User StyleSheets\Custom.css => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Local Storage\http_www.google.cz_0.localstorage => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\JumpListIconsOld\B671.tmp => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\JumpListIconsOld\B681.tmp => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\JumpListIcons\16E6.tmp => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\JumpListIcons\16F7.tmp => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\JumpListIcons\1717.tmp => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\JumpListIcons\1728.tmp => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\data_0 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\data_1 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\data_2 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\data_3 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000002 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000003 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000004 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000005 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000006 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000007 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_00000d => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_00000f => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000010 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_00001b => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_00001d => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_00001e => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_00001f => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000020 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000021 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000022 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000023 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000024 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000026 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000027 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000028 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000029 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_00002a => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_00002c => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000036 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000037 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000038 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000039 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_00003d => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_00003e => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000041 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000042 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000046 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_00004a => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_00004c => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_00004d => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_00004f => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000050 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000053 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000054 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000055 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000056 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000057 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_00005c => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_00005d => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000060 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000061 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000062 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000063 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000065 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000066 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_00006a => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_00006b => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_00006c => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_00006e => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000070 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000071 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000072 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000073 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000074 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000075 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000076 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000077 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\f_000078 => Moved successfully.
C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000\sfzone\C\sfzone_profile\Default\Cache\index => Moved successfully.
Could not move "C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000" directory. => Scheduled to move on reboot.

C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-01-17 21:23:00)<=

"C:\avast! sandbox\S-1-5-21-1101881980-2868113236-2782137678-1000" => Directory could not move.

==== End of Fixlog ====

#12 Příspěvek od **vyosek** » 17 led 2014 22:02

Jak se chova PC

Hamil · #13 Příspěvek od **Hamil** » 17 led 2014 22:06

Počítač se chová standardně. Nezpomaluje se, netuhne ani se samovolně nerestartuje.

#14 Příspěvek od **vyosek** » 17 led 2014 23:13

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel èistiè

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

Hamil · #15 Příspěvek od **Hamil** » 18 led 2014 11:05

Zadal jsem dotaz na podporu Avastu. Dnes ráno přišla odpověď, která mne trochu překvapila

:

Dobrý den,
děkujeme za kontaktování podpory Avast Software.

Ne každý rootkit je vir. Složka sandbox obsahuje pro svoji funkčnost i rootkity. Zkuste vynechat tuto avastí složku z testovaných, avast nemůže vymazat svoje potřebné soubory.
Vše je v pořádku.

S pozdravem,

Lukas Havel
Technical Support Specialist

http://www.avast.com

Podrobnosti o požadavku

--------------------------------------------------------------------------------
ID požadavku: IUZ-790-31804
Oddělení: Virus and FP reports
Typ: Communication
Stav: On Hold
Priorita: Normal

Support Center: https://support.avast.com/index.php?

K tomu dodávám, že by v tom případě neměl Avast uživatele znepokojovat hlášením nálezů havěti.
Tak, nyní provedu úklid dle doporučení, nastavím Avast a spustím test. Doufám, že už bude vše v pořádku.
Děkuji a omlouvám se, že jsem Vás připravil o tolik času, ale tohle jsem netušil.

VIRY.CZ

avast!Free opakovaně hlásí rootkity

avast!Free opakovaně hlásí rootkity

Re: avast!Free opakovaně hlásí rootkity

Re: avast!Free opakovaně hlásí rootkity

Re: avast!Free opakovaně hlásí rootkity

Re: avast!Free opakovaně hlásí rootkity

Re: avast!Free opakovaně hlásí rootkity

Re: avast!Free opakovaně hlásí rootkity

Re: avast!Free opakovaně hlásí rootkity

Re: avast!Free opakovaně hlásí rootkity

Re: avast!Free opakovaně hlásí rootkity

Re: avast!Free opakovaně hlásí rootkity

Re: avast!Free opakovaně hlásí rootkity

Re: avast!Free opakovaně hlásí rootkity

Re: avast!Free opakovaně hlásí rootkity

Re: avast!Free opakovaně hlásí rootkity