velmi pomalý počítač i internet, opakující se problém

[Sonya]

Dobrý den,
prosím o kontrolu logu níže. Počítač je extrémně pomalý, a není to poprvé. Sice se žádná havěť nikdy nenašla (jednou byl problém způsobem toolbary a chybějící aktualizaci), ale nějak se mi to nezdá. Problém se zpomalováním se totiž vždy vrátí cca po měsíci od vyčištění (postupně se zpomaluje).
Jedná se o počítač mámy, nejsem u něho pravidelně. Prý nedávno vyskakovalo nějaké okno, ale neví, jaké, a co se v něm psalo.
RSIT log přikládám.

Předem děkuji za pomoc!

Logfile of random's system information tool 1.09 (written by random/random)
Run by Natálie Sikorská at 2014-02-20 00:47:17
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 218 GB (74%) free of 295 GB
Total RAM: 2038 MB (31% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:48:07, on 20.2.2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16533)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\mobsync.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Users\Natálie Sikorská\AppData\Local\MediaGet2\mediaget.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Zrychleni Pocitace\PCSUNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Windows\system32\conime.exe
C:\Program Files\Defraggler\Defraggler.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Natálie Sikorská\Downloads\RSIT (1).exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\trend micro\Natálie Sikorská.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mail.ru/cnt/7227
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://cs.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://cs.intl.acer.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: CrossriderApp0045362 - {11111111-1111-1111-1111-110411531162} - C:\Program Files\DiscountFrenzy\DiscountFrenzy-bho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files\BS.Player ControlBar\BSToolbar.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [NMSSupport] "C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" /startup
O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MediaGet2] C:\Users\Natálie Sikorská\AppData\Local\MediaGet2\mediaget.exe --minimized
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [PCSpeedUp] C:\Program Files\Zrychleni Pocitace\PCSUNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Acer TV Share Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer TV Share\Kernel\DMSTV\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) DHTrace Controller (DHTRACE) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: All History Cleaner Service (HSService) - Unknown owner - C:\Program Files\All History Cleaner\HSService.exe
O23 - Service: IntelDHSvcConf - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Intel(R) NMSCore (NMSCore) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe
O23 - Service: PC Speed Up Service (PCSUService) - Unknown owner - C:\Program Files\Zrychleni Pocitace\PCSUService.exe
O23 - Service: Intel(R) Quality Manager (QualityManager) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 12477 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\DiscountFrenzy-chromeinstaller.job
C:\Windows\tasks\DiscountFrenzy-codedownloader.job
C:\Windows\tasks\DiscountFrenzy-enabler.job
C:\Windows\tasks\DiscountFrenzy-firefoxinstaller.job
C:\Windows\tasks\DiscountFrenzy-updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\PC SpeedUp Service Deactivator.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Natálie Sikorská\AppData\Roaming\Mozilla\Firefox\Profiles\7gjjl8fp.default

prefs.js - "browser.search.useDBForOrder" - false
prefs.js - "browser.startup.homepage" - "https://www.google.cz"
prefs.js - "keyword.URL" - "http://go.mail.ru/search?fr=fftb&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"siteranker@siteranker.com"=C:\Program Files\SiteRanker\firefox\
"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF
"smartwebprinting@hp.com"=C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.44 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt
nsRLCT4Player.xpt

C:\Program Files\Mozilla Firefox\plugins\
CrazyTalk4Native.dll
ctdomemhelper.dll
ctframeplayerobject.dll
ctplayerobject.dll
imagickrt.dll
np-mswmp.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npRLCT4Player.dll
QuickTimePlugin.class
rlcontentclass.dll
RLMusicPacker.dll
RLMusicUnpacker.dll
RLVoicePacker.dll
RLVoiceUnpacker.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Natálie Sikorská\AppData\Roaming\Mozilla\Firefox\Profiles\7gjjl8fp.default\extensions\
c4d22aeb-96c2-4873-91c1-95a7a726b342@4ef9d624-79c8-42e0-b8a9-8fd3126fefc8.com
yasearch@yandex.ru
{20a82645-c095-46ed-80e3-08825760534b}
{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}

C:\Users\Natálie Sikorská\AppData\Roaming\Mozilla\Firefox\Profiles\7gjjl8fp.default\searchplugins\
bsplayer-search.xml
firmy.cz-221434.xml
inbox-hledn.xml
mailru---.xml
mapy.cz-221434.xml
seznam.cz-221434.xml
videa.seznam.cz-221434.xml
zbozi.cz-221434.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411531162}]
DiscountFrenzy - C:\Program Files\DiscountFrenzy\DiscountFrenzy-bho.dll [2014-01-20 637440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-08 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2014-01-25 1143168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-03-04 142896]
{2C688203-7EB3-4327-9995-1CB417BA23F9} - BS.Player ControlBar - C:\Program Files\BS.Player ControlBar\BSToolbar.dll [2008-10-08 859592]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2014-01-25 1143168]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-06-20 4493312]
"Acer Empowering Technology Monitor"=C:\Acer\Empowering Technology\SysMonitor.exe [2008-01-09 326176]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [2008-03-04 526896]
"NMSSupport"=C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe [2007-04-06 439768]
"CCUTRAYICON"=FactoryMode []
"WarReg_PopUp"=C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-11-05 57344]
"eRecoveryService"= []
"PCMMediaSharing"=C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe [2008-05-20 204908]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2008-08-04 36352]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-05-30 292136]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2012-10-25 421888]
"Skytel"=C:\Windows\Skytel.exe [2007-06-15 1826816]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-02-11 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-02-11 166424]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-02-11 133656]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2014-01-25 3767096]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2009-11-18 54576]
""= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"MediaGet2"=C:\Users\Natálie Sikorská\AppData\Local\MediaGet2\mediaget.exe [2013-12-28 10183400]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-11-14 20584608]
"PCSpeedUp"=C:\Program Files\Zrychleni Pocitace\PCSUNotifier.exe [2013-07-23 267568]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-02-11 204800]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=L3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"msacm.mkdmp3enc"=C:\PROGRA~1\ACERAR~1\ACERDV~2\Kernel\Burner\MKDMP3Enc.ACM
"msacm.siren"=sirenacm.dll
"msacm.l3codecp"=l3codecp.acm
"vidc.divx"=divx.dll
"vidc.div4"=DivXc32f.dll
"vidc.div3"=DivXc32.dll
"vidc.mp43"=mpg4c32.dll
"msacm.l3radius"=l3codecp.acm
"msacm.divxa"=divxa32.acm
"msacm.vorbis"=Vorbis.acm
"msacm.a3d"=a3d.dll
"msacm.ogg"=ogg.dll
"msacm.vorbisenc"=vorbisenc.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-02-20 00:27:23 ----D---- C:\Program Files\CCleaner
2014-02-14 03:01:10 ----A---- C:\Windows\system32\vbscript.dll
2014-02-14 03:01:10 ----A---- C:\Windows\system32\mshtmled.dll
2014-02-14 03:01:09 ----A---- C:\Windows\system32\jsproxy.dll
2014-02-14 03:01:09 ----A---- C:\Windows\system32\ieui.dll
2014-02-14 03:01:08 ----A---- C:\Windows\system32\msfeeds.dll
2014-02-14 03:01:08 ----A---- C:\Windows\system32\ieUnatt.exe
2014-02-14 03:01:07 ----A---- C:\Windows\system32\wininet.dll
2014-02-14 03:01:06 ----A---- C:\Windows\system32\url.dll
2014-02-14 03:01:06 ----A---- C:\Windows\system32\jscript9.dll
2014-02-14 03:01:06 ----A---- C:\Windows\system32\jscript.dll
2014-02-14 03:01:05 ----A---- C:\Windows\system32\iertutil.dll
2014-02-14 03:01:03 ----A---- C:\Windows\system32\urlmon.dll
2014-02-14 03:01:03 ----A---- C:\Windows\system32\ieframe.dll
2014-02-14 03:01:01 ----A---- C:\Windows\system32\mshtml.dll
2014-02-14 01:05:44 ----A---- C:\Windows\system32\msxml3.dll
2014-02-13 10:06:01 ----D---- C:\Program Files\All History Cleaner
2014-01-29 03:04:40 ----D---- C:\Windows\Migration

======List of files/folders modified in the last 1 month======

2014-02-20 00:48:07 ----D---- C:\Program Files\trend micro
2014-02-20 00:47:14 ----D---- C:\Windows\Temp
2014-02-20 00:28:53 ----D---- C:\Users\Natálie Sikorská\AppData\Roaming\Winamp
2014-02-20 00:28:53 ----D---- C:\Users\Natálie Sikorská\AppData\Roaming\uTorrent
2014-02-20 00:28:41 ----D---- C:\Windows\Panther
2014-02-20 00:28:41 ----D---- C:\Windows\Logs
2014-02-20 00:28:41 ----D---- C:\Windows\inf
2014-02-20 00:28:40 ----D---- C:\Windows\Debug
2014-02-20 00:28:40 ----D---- C:\Windows
2014-02-20 00:27:44 ----D---- C:\Windows\system32\Tasks
2014-02-20 00:27:23 ----RD---- C:\Program Files
2014-02-20 00:27:06 ----D---- C:\Users\Natálie Sikorská\AppData\Roaming\Skype
2014-02-20 00:10:47 ----D---- C:\Program Files\Zrychleni Pocitace
2014-02-19 22:04:30 ----D---- C:\Windows\Prefetch
2014-02-19 18:53:28 ----HD---- C:\Config.Msi
2014-02-19 18:50:50 ----SHD---- C:\Windows\Installer
2014-02-19 18:50:41 ----D---- C:\Windows\System32
2014-02-19 18:50:41 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-02-19 18:48:20 ----SHD---- C:\System Volume Information
2014-02-14 04:38:19 ----D---- C:\Windows\Microsoft.NET
2014-02-14 04:36:45 ----RSD---- C:\Windows\assembly
2014-02-14 04:01:53 ----D---- C:\Windows\system32\migration
2014-02-14 04:01:53 ----D---- C:\Program Files\Internet Explorer
2014-02-14 03:08:39 ----D---- C:\Windows\winsxs
2014-02-14 03:08:20 ----D---- C:\Windows\system32\MRT
2014-02-14 03:06:13 ----A---- C:\Windows\system32\mrt.exe
2014-02-14 03:03:59 ----D---- C:\Windows\system32\catroot
2014-02-14 03:01:39 ----D---- C:\Windows\system32\catroot2
2014-02-10 21:27:02 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-02-09 21:02:23 ----D---- C:\Program Files\Mozilla Thunderbird
2014-02-08 22:36:06 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-01-29 03:05:15 ----D---- C:\Windows\system32\en-US
2014-01-29 03:04:40 ----SD---- C:\ProgramData\Microsoft
2014-01-25 18:55:45 ----A---- C:\Windows\system32\aswBoot.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-10-21 49944]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-01-04 180248]
R0 PSDFilter;PSDFilter; C:\Windows\system32\DRIVERS\psdfilter.sys [2008-03-04 18992]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2013-05-09 21576]
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr.sys [2014-01-25 54832]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2014-01-25 775952]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2014-01-25 410784]
R1 aswTdi;aswTdi; \??\C:\Windows\system32\drivers\aswTdi.sys [2014-01-25 57672]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2014-01-25 67824]
R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2007-07-03 15392]
R2 nmsunidr;UniDriver for NMS; C:\Windows\system32\DRIVERS\nmsunidr.sys [2007-02-18 5376]
R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-03-04 16944]
R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-03-04 60464]
R2 tvicport;tvicport; \??\C:\Windows\system32\drivers\tvicport.sys [2007-11-06 14544]
R2 zntport;zntport; \??\C:\Windows\system32\drivers\zntport.sys [2007-11-06 6080]
R3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
R3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2007-04-13 228224]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-06-22 1788056]
R3 IntelDH;IntelDH Driver; C:\Windows\System32\Drivers\IntelDH.sys [2008-12-19 5504]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-04-22 6144]
R3 OmniTV;Cx2388x AvStream Video Capture; C:\Windows\system32\DRIVERS\OmniTV.sys [2007-04-25 221184]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-21 9216]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-01-10 538112]
S3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-01-10 538112]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-22 39272]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 TSHWMDTCP;TSHWMDTCP; \??\C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys [2007-04-06 14808]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-05-29 39424]
S3 winusb;Ovladač WinUsb; C:\Windows\system32\DRIVERS\winusb.sys [2009-07-14 34944]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-09-10 611664]
R2 Acer TV Share Service;Acer TV Share Service; C:\Program Files\Acer Arcade Live\Acer TV Share\Kernel\DMSTV\CLMSServer.exe [2008-07-22 270426]
R2 AcerMemUsageCheckService;ePerformance Service; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [2007-10-17 28672]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AlertService;Intel(R) Alert Service; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [2007-04-06 223704]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-05-29 144712]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2014-01-25 50344]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 DQLWinService;DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [2007-02-12 208896]
R2 eDataSecurity Service;eDataSecurity Service; C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-03-04 500784]
R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-09-10 57344]
R2 eSettingsService;eSettings Service; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-12-19 24576]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 HSService;All History Cleaner Service; C:\Program Files\All History Cleaner\HSService.exe [2013-05-03 295184]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 PCSUService;PC Speed Up Service; C:\Program Files\Zrychleni Pocitace\PCSUService.exe [2013-07-23 413488]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2008-06-13 241734]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-05-30 541992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-06-07 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-08 257928]
S3 DHTRACE;Intel(R) DHTrace Controller; C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe [2007-04-06 39896]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-06-07 116648]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-07-31 136120]
S3 IntelDHSvcConf;IntelDHSvcConf; C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe [2007-04-06 36312]
S3 ISSM;Intel(R) Software Services Manager; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [2007-04-06 59352]
S3 M1 Server;Intel(R) Viiv(TM) Media Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [2007-04-06 256472]
S3 MCLServiceATL;Intel(R) Application Tracker; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [2007-04-06 158168]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-02-09 119408]
S3 NMSCore;Intel(R) NMSCore; C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe [2007-04-06 313816]
S3 QualityManager;Intel(R) Quality Manager; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe [2007-04-06 272856]
S3 Remote UI Service;Intel(R) Remoting Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [2007-04-06 449496]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[vyosek]

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

[Sonya]

Taky zdravím Log z AdwCleaner níže

# AdwCleaner v3.019 - Report created 20/02/2014 at 09:59:55
# Updated 17/02/2014 by Xplode
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Username : Natálie Sikorská - NATALI-PC
# Running from : C:\Users\Natálie Sikorská\Downloads\adwcleaner (1).exe
# Option : Clean

***** [ Services ] *****

Service Deleted : pcsuservice

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\DiscountFrenzy
Folder Deleted : C:\Users\Natálie Sikorská\AppData\Local\Yandex
Folder Deleted : C:\Users\Natálie Sikorská\AppData\LocalLow\Yandex
Folder Deleted : C:\Users\Natálie Sikorská\AppData\Roaming\Yandex
Folder Deleted : C:\Users\Natálie Sikorská\Documents\PCSpeedUp
Folder Deleted : C:\Users\Tetiana Sikorská\AppData\LocalLow\Yandex
Folder Deleted : C:\Users\Tetiana Sikorská\AppData\Roaming\Yandex
Folder Deleted : C:\Users\Natálie Sikorská\AppData\Roaming\Mozilla\Firefox\Profiles\7gjjl8fp.default\ICQToolbarData
Folder Deleted : C:\Users\Natálie Sikorská\AppData\Roaming\Mozilla\Firefox\Profiles\7gjjl8fp.default\Extensions\c4d22aeb-96c2-4873-91c1-95a7a726b342@4ef9d624-79c8-42e0-b8a9-8fd3126fefc8.com
Folder Deleted : C:\Users\Natálie Sikorská\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijlahccmdmhcnkhclomggcjibmhoffnh
File Deleted : C:\Windows\Tasks\PC SpeedUp Service Deactivator.job
File Deleted : C:\Windows\System32\Tasks\PC SpeedUp Service Deactivator
File Deleted : C:\Windows\Tasks\DiscountFrenzy-chromeinstaller.job
File Deleted : C:\Windows\System32\Tasks\DiscountFrenzy-chromeinstaller
File Deleted : C:\Windows\Tasks\DiscountFrenzy-codedownloader.job
File Deleted : C:\Windows\System32\Tasks\DiscountFrenzy-codedownloader
File Deleted : C:\Windows\Tasks\DiscountFrenzy-enabler.job
File Deleted : C:\Windows\System32\Tasks\DiscountFrenzy-enabler
File Deleted : C:\Windows\Tasks\DiscountFrenzy-firefoxinstaller.job
File Deleted : C:\Windows\System32\Tasks\DiscountFrenzy-firefoxinstaller
File Deleted : C:\Windows\Tasks\DiscountFrenzy-updater.job
File Deleted : C:\Windows\System32\Tasks\DiscountFrenzy-updater

***** [ Shortcuts ] *****


***** [ Registry ] *****

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{20578C94-9649-42D2-9828-9EA89DAC1036}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{20578C94-9649-42D2-9828-9EA89DAC1036}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DE568678-1D88-4BE4-9501-72ECF99A87A7}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE568678-1D88-4BE4-9501-72ECF99A87A7}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{781ED28D-5CFD-4A00-8A46-A54563B0FB9F}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{781ED28D-5CFD-4A00-8A46-A54563B0FB9F}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0B0CB01C-3852-42D7-A68D-2ACB4E808221}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B0CB01C-3852-42D7-A68D-2ACB4E808221}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FC43920F-E0E4-4CE1-A0D7-2F102FC7647C}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FC43920F-E0E4-4CE1-A0D7-2F102FC7647C}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9AC51B19-BD2A-43B2-8705-AF805BB9D4C2}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9AC51B19-BD2A-43B2-8705-AF805BB9D4C2}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [pcspeedup]
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0045362.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0045362.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0045362.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0045362.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B89F5C49-51DB-4974-AB5A-E25901AA339C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E9B5B0D2-D08A-49FC-8B5C-159B60BAA268}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411531162}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422532262}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455535562}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466536662}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444534462}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411531162}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{03f248ba-f0af-4078-a1c8-4b61c93e0c10}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28d3acb5-ccc0-4732-820a-4c9fed7fe3ab}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7a0393d0-8b0f-4e99-9c56-e9b8fff585f2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{b5056e5f-0835-477a-917c-2bad1d792af0}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\installedbrowserextensions
Key Deleted : HKCU\Software\Speedchecker Limited
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\DiscountFrenzy
Key Deleted : HKLM\Software\Speedchecker Limited
Key Deleted : HKLM\Software\DiscountFrenzy
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DiscountFrenzy
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16533


-\\ Mozilla Firefox v24.0 (cs)

[ File : C:\Users\Natálie Sikorská\AppData\Roaming\Mozilla\Firefox\Profiles\7gjjl8fp.default\prefs.js ]


-\\ Google Chrome v32.0.1700.107

[ File : C:\Users\Natálie Sikorská\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [15099 octets] - [01/10/2013 10:29:28]
AdwCleaner[R1].txt - [7243 octets] - [20/02/2014 09:58:17]
AdwCleaner[S0].txt - [15114 octets] - [01/10/2013 10:30:25]
AdwCleaner[S1].txt - [6894 octets] - [20/02/2014 09:59:55]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [6954 octets] ##########

[Sonya]

musím odjet a bohužel se k tomuto PC vrátím nejdřív v pondělí. Sama bydlím pár set km daleko. Pokud by to nevadilo, vrátila bych se k tématu v pondělí.
Od sebe sice fórum dokážu zkontrolovat, ale to je asi tak jediné. Máma by podle návodu opravy neudělala, přeci jen už je to starší paní.
Omlouvám se, měla jsem tu zůstat dnes celý den, ale holt okolností jsou silnější, než mé přání

[vyosek]

V pohode, ja tu tez nemuzu sedet cely den

Pak udelejte log dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100

[Sonya]

Dobrý den,
tak po nějaké době se opět vracím k tomuto tématu. Konečně jsem se opět dostala k máminu kompu Děkuji za trpělivost.
Zjistila jsem, že má nainstalovaný nějaký program MediaGet, který vypadá jako něco na stahování. Neví o tom, že by si něco takového instalovala, a přitom když ho otevřu, ukazuje, že včera stáhl nějaké 4-dílné video. Máma s tím prý nemá nic společného a nikdo jiný u tohoto počítače nebývá. Teda včera... Taky měla chybně nastavené datum v počítači (měla zítřejší) - jednou se už něco podobného stalo, měla nastavený rok 2008. Mohla to nechtěně udělat sama (prosím trochu úcty k věku) a ani si to třeba neuvědomila.

FRSTlog níže, Addition.zip v příloze. Budu opět zítra večer

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014 01
Ran by Natálie Sikorská (administrator) on NATALI-PC on 14-03-2014 23:48:08
Running from C:\Users\Natálie Sikorská\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
() C:\Program Files\All History Cleaner\HSService.exe
(Lavasoft) C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(CyberLink) C:\Program Files\Acer Arcade Live\Acer TV Share\Kernel\DMSTV\CLMSServer.exe
() C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
(Egis Incorporated) C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Acer Inc.) C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
() C:\Acer\Empowering Technology\SysMonitor.exe
(Egis Incorporated) C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
(Intel Corporation) C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
() C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
() C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(MediaGet LLC) C:\Users\Natálie Sikorská\AppData\Local\MediaGet2\mediaget.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(The Document Foundation) C:\Program Files\LibreOffice 4\program\soffice.exe
(The Document Foundation) C:\Program Files\LibreOffice 4\program\soffice.bin
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\setup\instup.exe
(forum.viry.cz) C:\Users\Natálie Sikorská\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4493312 2007-06-20] (Realtek Semiconductor)
HKLM\...\Run: [Acer Empowering Technology Monitor] - C:\Acer\Empowering Technology\SysMonitor.exe [326176 2008-01-09] ()
HKLM\...\Run: [eDataSecurity Loader] - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [526896 2008-03-04] (Egis Incorporated)
HKLM\...\Run: [NMSSupport] - C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe [439768 2007-04-06] (Intel Corporation)
HKLM\...\Run: [CCUTRAYICON] - FactoryMode
HKLM\...\Run: [WarReg_PopUp] - C:\Acer\WR_PopUp\WarReg_PopUp.exe [57344 2006-11-05] (Acer Inc.)
HKLM\...\Run: [eRecoveryService] - [X]
HKLM\...\Run: [PCMMediaSharing] - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe [204908 2008-05-20] ()
HKLM\...\Run: [WinampAgent] - C:\Program Files\Winamp\winampa.exe [36352 2008-08-04] ()
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [292136 2009-05-30] (Apple Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM\...\Run: [Skytel] - C:\Windows\Skytel.exe [1826816 2007-06-15] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3767096 2014-01-25] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54576 2009-11-18] (Hewlett-Packard)
HKLM\...\Run: [] - [X]
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-66699393-427050290-1704786421-1002\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-66699393-427050290-1704786421-1002\...\Run: [MediaGet2] - C:\Users\Natálie Sikorská\AppData\Local\MediaGet2\mediaget.exe [11789032 2014-03-14] (MediaGet LLC)
HKU\S-1-5-21-66699393-427050290-1704786421-1002\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-66699393-427050290-1704786421-1002\...\MountPoints2: H - H:\LaunchU3.exe -a
HKU\S-1-5-21-66699393-427050290-1704786421-1002\...\MountPoints2: {004a0529-d50c-11de-b3bf-001c25e7b8e3} - H:\LaunchU3.exe -a

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mail.ru/cnt/7227
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://cs.intl.acer.yahoo.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://cs.intl.acer.yahoo.com
HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - firmy.cz-221433 URL = http://www.firmy.cz/phr/{searchTerms}
SearchScopes: HKCU - mapy.cz-221433 URL = http://www.mapy.cz/?sourceid=quicksearc ... earchTerms}
SearchScopes: HKCU - seznam.cz-221433 URL = http://search.conduit.com/ResultsExt.as ... =CT2786678
SearchScopes: HKCU - videa.seznam.cz-221433 URL = http://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKCU - zbozi.cz-221433 URL = http://www.zbozi.cz/?sourceid=quicksear ... earchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... :{language}
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
Toolbar: HKLM - BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files\BS.Player ControlBar\BSToolbar.dll ()
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files\BS.Player ControlBar\BSToolbar.dll ()
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
Toolbar: HKCU - No Name - {09900DE8-1DCA-443F-9243-26FF581438AF} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Natálie Sikorská\AppData\Roaming\Mozilla\Firefox\Profiles\7gjjl8fp.default
FF Homepage: https://www.google.cz
FF Keyword.URL: hxxp://go.mail.ru/search?fr=fftb&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\CrazyTalk4Native.dll (C3D)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ctdomemhelper.dll (Reallusion Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ctframeplayerobject.dll (Reallusion Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ctplayerobject.dll (Reallusion Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\imagickrt.dll (BEXTech)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npRLCT4Player.dll ( )
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\rlcontentclass.dll (Reallusion Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\RLMusicPacker.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\RLMusicUnpacker.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\RLVoicePacker.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\RLVoiceUnpacker.dll ()
FF SearchPlugin: C:\Users\Natálie Sikorská\AppData\Roaming\Mozilla\Firefox\Profiles\7gjjl8fp.default\searchplugins\bsplayer-search.xml
FF SearchPlugin: C:\Users\Natálie Sikorská\AppData\Roaming\Mozilla\Firefox\Profiles\7gjjl8fp.default\searchplugins\firmy.cz-221434.xml
FF SearchPlugin: C:\Users\Natálie Sikorská\AppData\Roaming\Mozilla\Firefox\Profiles\7gjjl8fp.default\searchplugins\inbox-hledn.xml
FF SearchPlugin: C:\Users\Natálie Sikorská\AppData\Roaming\Mozilla\Firefox\Profiles\7gjjl8fp.default\searchplugins\mailru---.xml
FF SearchPlugin: C:\Users\Natálie Sikorská\AppData\Roaming\Mozilla\Firefox\Profiles\7gjjl8fp.default\searchplugins\mapy.cz-221434.xml
FF SearchPlugin: C:\Users\Natálie Sikorská\AppData\Roaming\Mozilla\Firefox\Profiles\7gjjl8fp.default\searchplugins\seznam.cz-221434.xml
FF SearchPlugin: C:\Users\Natálie Sikorská\AppData\Roaming\Mozilla\Firefox\Profiles\7gjjl8fp.default\searchplugins\videa.seznam.cz-221434.xml
FF SearchPlugin: C:\Users\Natálie Sikorská\AppData\Roaming\Mozilla\Firefox\Profiles\7gjjl8fp.default\searchplugins\zbozi.cz-221434.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Yandex.Bar - C:\Users\Natálie Sikorská\AppData\Roaming\Mozilla\Firefox\Profiles\7gjjl8fp.default\Extensions\yasearch@yandex.ru [2012-11-19]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Natálie Sikorská\AppData\Roaming\Mozilla\Firefox\Profiles\7gjjl8fp.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-08-01]
FF Extension: Спутник @Mail.Ru - C:\Users\Natálie Sikorská\AppData\Roaming\Mozilla\Firefox\Profiles\7gjjl8fp.default\Extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D} [2013-07-30]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [siteranker@siteranker.com] - C:\Program Files\SiteRanker\firefox\
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2013-03-10]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-01-06]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-01-06]

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\33.0.1750.146\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Reallusion CT4Player for Mozilla) - C:\Program Files\Mozilla Firefox\plugins\npRLCT4Player.dll ( )
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Extension: (Dokumenty Google) - C:\Users\Natálie Sikorská\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-07-16]
CHR Extension: (Disk Google) - C:\Users\Natálie Sikorská\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-16]
CHR Extension: (YouTube) - C:\Users\Natálie Sikorská\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-16]
CHR Extension: (Vyhledávání Google) - C:\Users\Natálie Sikorská\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-16]
CHR Extension: (AdBlock) - C:\Users\Natálie Sikorská\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-10-01]
CHR Extension: (avast! Online Security) - C:\Users\Natálie Sikorská\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-10-01]
CHR Extension: (DiscountFrenzy) - C:\Users\Natálie Sikorská\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijlahccmdmhcnkhclomggcjibmhoffnh [2014-01-20]
CHR Extension: (Peněženka Google) - C:\Users\Natálie Sikorská\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Gmail) - C:\Users\Natálie Sikorská\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-16]

========================== Services (Whitelisted) =================

R2 aawservice; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [611664 2008-09-10] (Lavasoft)
R2 Acer TV Share Service; C:\Program Files\Acer Arcade Live\Acer TV Share\Kernel\DMSTV\CLMSServer.exe [270426 2008-07-22] (CyberLink)
R2 AcerMemUsageCheckService; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [28672 2007-10-17] ()
R2 AlertService; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [223704 2007-04-06] (Intel(R) Corporation)
R2 Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [144712 2009-05-29] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2014-01-25] (AVAST Software)
S3 DHTRACE; C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe [39896 2007-04-06] (Intel(R) Corporation)
R2 DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [208896 2007-02-12] ()
R2 eDataSecurity Service; C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [500784 2008-03-04] (Egis Incorporated)
R2 eRecoveryService; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [57344 2007-09-10] (Acer Inc.)
R2 eSettingsService; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [24576 2007-12-19] ()
R2 HSService; C:\Program Files\All History Cleaner\HSService.exe [295184 2013-05-03] ()
S3 IntelDHSvcConf; C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe [36312 2007-04-06] (Intel(R) Corporation)
S3 ISSM; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [59352 2007-04-06] (Intel(R) Corporation)
S3 M1 Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [256472 2007-04-06] ()
S3 MCLServiceATL; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [158168 2007-04-06] (Intel(R) Corporation)
S3 NMSCore; C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe [313816 2007-04-06] (Intel(R) Corporation)
S3 QualityManager; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe [272856 2007-04-06] (Intel(R) Corporation)
S3 Remote UI Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [449496 2007-04-06] (Intel(R) Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [241734 2008-06-13] ()

==================== Drivers (Whitelisted) ====================

R1 aswKbd; C:\Windows\system32\Drivers\aswKbd.sys [21576 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-01-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2014-01-25] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2013-10-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2014-01-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410784 2014-01-25] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2014-01-25] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180248 2014-01-04] ()
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
R2 int15; C:\Acer\Empowering Technology\eRecovery\int15.sys [15392 2007-07-03] (Acer, Inc.)
R3 IntelDH; C:\Windows\System32\Drivers\IntelDH.sys [5504 2008-12-19] (Intel Corporation)
R2 nmsunidr; C:\Windows\System32\DRIVERS\nmsunidr.sys [5376 2007-02-18] (Gteko Ltd.)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R3 OmniTV; C:\Windows\System32\DRIVERS\OmniTV.sys [221184 2007-04-25] (YUAN High-Tech Development Co. Ltd.)
S3 TSHWMDTCP; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys [14808 2007-04-06] ()
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-14 23:48 - 2014-03-14 23:48 - 00025709 _____ () C:\Users\Natálie Sikorská\Desktop\FRST.txt
2014-03-14 23:47 - 2014-03-14 23:48 - 00000000 ____D () C:\FRST
2014-03-14 23:46 - 2014-03-14 23:46 - 00112640 _____ (forum.viry.cz) C:\Users\Natálie Sikorská\Desktop\FRSTLauncher.exe
2014-03-14 23:44 - 2014-03-14 23:44 - 00112640 _____ (forum.viry.cz) C:\Users\Natálie Sikorská\Downloads\Nepotvrzeno 910013.crdownload
2014-03-14 23:42 - 2014-03-14 23:42 - 01145856 _____ (Farbar) C:\Users\Natálie Sikorská\Desktop\FRST.exe
2014-03-14 13:10 - 2014-03-14 13:11 - 00000000 ____D () C:\Users\Natálie Sikorská\Documents\СИНДРОМ ШАХМАТИСТА
2014-03-14 13:10 - 2014-03-14 13:10 - 00000913 _____ () C:\Users\Natálie Sikorská\Desktop\MediaGet.lnk
2014-03-14 11:29 - 2014-03-14 11:41 - 155867148 _____ () C:\Users\Natálie Sikorská\Downloads\berlin_f.exe
2014-03-14 11:28 - 2014-03-14 11:30 - 14746925 _____ () C:\Users\Natálie Sikorská\Downloads\berlin.exe
2014-03-14 06:13 - 2014-03-14 06:13 - 00000000 ____D () C:\Users\Natálie Sikorská\AppData\Local\Skype
2014-03-14 06:12 - 2014-03-14 06:12 - 00001896 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-14 06:12 - 2014-03-14 06:12 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-03-14 03:02 - 2014-02-23 06:50 - 12347904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-14 03:02 - 2014-02-23 06:47 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-14 03:02 - 2014-02-23 06:43 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-14 03:02 - 2014-02-23 06:41 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-14 03:02 - 2014-02-23 06:40 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-14 03:02 - 2014-02-23 06:39 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-14 03:02 - 2014-02-23 06:38 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-14 03:02 - 2014-02-23 06:38 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-14 03:02 - 2014-02-23 06:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-14 03:02 - 2014-02-23 06:37 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-14 03:02 - 2014-02-23 06:37 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-14 03:02 - 2014-02-23 06:37 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-14 03:02 - 2014-02-23 06:37 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-14 03:02 - 2014-02-23 06:36 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-14 03:02 - 2014-02-23 06:36 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-14 03:02 - 2014-02-23 06:35 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-14 00:39 - 2014-02-07 11:38 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-14 00:19 - 2014-02-03 11:37 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-14 00:13 - 2014-01-30 08:46 - 00876032 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-14 00:13 - 2013-11-13 01:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-03-11 21:57 - 2014-03-11 21:57 - 00008192 _____ () C:\Users\Natálie Sikorská\Documents\vova_eucet-201301-776373022-souhrnny-ucet.xls
2014-03-11 09:57 - 2014-03-11 09:57 - 00001952 _____ () C:\Users\Natálie Sikorská\Downloads\eucet-201301-776373022-souhrnny-ucet-xls.zip
2014-03-07 13:10 - 2014-03-07 13:10 - 00000165 _____ () C:\Users\Natálie Sikorská\Downloads\RB_movements_20140306131112.csv
2014-03-03 10:39 - 2014-03-03 11:03 - 00028160 _____ () C:\Users\Natálie Sikorská\Documents\skolni_jizdni_rad_dpkv.xls
2014-02-21 18:28 - 2014-02-21 18:28 - 00000076 _____ () C:\Users\Natálie Sikorská\Downloads\RU021024-11.rm
2014-02-20 10:32 - 2014-02-20 10:32 - 00005134 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log
2014-02-20 10:32 - 2013-12-18 21:10 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-02-20 10:32 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-02-20 10:32 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-02-20 10:32 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-02-20 10:04 - 2014-03-15 17:49 - 00303916 _____ () C:\Windows\PFRO.log
2014-02-20 09:57 - 2014-02-20 09:58 - 01241834 _____ () C:\Users\Natálie Sikorská\Downloads\adwcleaner (1).exe
2014-02-20 09:23 - 2014-02-20 11:54 - 00011264 _____ () C:\Users\Natálie Sikorská\Documents\Terma_Odmeny pruvodcum pro rok 2013.xls
2014-02-20 00:44 - 2014-02-20 00:45 - 00781383 _____ () C:\Users\Natálie Sikorská\Downloads\RSIT (1).exe
2014-02-20 00:29 - 2014-02-20 00:29 - 00037752 _____ () C:\Users\Natálie Sikorská\Documents\cc_20140220_002927.reg
2014-02-20 00:27 - 2014-02-20 00:27 - 00000808 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-20 00:27 - 2014-02-20 00:27 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-20 00:20 - 2014-02-20 00:26 - 04721920 _____ (Piriform Ltd) C:\Users\Natálie Sikorská\Downloads\ccsetup410.exe
2014-02-19 21:55 - 2014-02-19 21:56 - 02727336 _____ (Safe Download Ltd ) C:\Users\Natálie Sikorská\Downloads\allhistorycleaner_ee6823e5e7e54052a5dced6e79bb0f67_ (6).exe
2014-02-19 21:48 - 2014-02-19 21:49 - 02727336 _____ (Safe Download Ltd ) C:\Users\Natálie Sikorská\Downloads\allhistorycleaner_ee6823e5e7e54052a5dced6e79bb0f67_ (5).exe
2014-02-19 21:47 - 2014-02-19 21:47 - 02727336 _____ (Safe Download Ltd ) C:\Users\Natálie Sikorská\Downloads\allhistorycleaner_ee6823e5e7e54052a5dced6e79bb0f67_ (4).exe
2014-02-19 21:21 - 2014-02-19 21:21 - 02727336 _____ (Safe Download Ltd ) C:\Users\Natálie Sikorská\Downloads\allhistorycleaner_ee6823e5e7e54052a5dced6e79bb0f67_ (3).exe
2014-02-14 01:05 - 2013-12-05 03:12 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 10:16 - 2014-02-13 10:16 - 05483968 _____ (Speedchecker Limited ) C:\Users\Natálie Sikorská\Downloads\pcspeedup_144d16c62d254e5582c5246abceaa267_.exe
2014-02-13 10:16 - 2014-02-13 10:16 - 05483968 _____ (Speedchecker Limited ) C:\Users\Natálie Sikorská\Downloads\pcspeedup_144d16c62d254e5582c5246abceaa267_ (1).exe
2014-02-13 10:13 - 2014-02-13 10:16 - 02727336 _____ (Safe Download Ltd ) C:\Users\Natálie Sikorská\Downloads\allhistorycleaner_ee6823e5e7e54052a5dced6e79bb0f67_ (2).exe
2014-02-13 10:06 - 2014-03-15 17:51 - 00000000 ____D () C:\Program Files\All History Cleaner
2014-02-13 10:06 - 2014-02-19 22:04 - 00000895 _____ () C:\Users\Natálie Sikorská\Desktop\All History Cleaner.lnk
2014-02-13 10:06 - 2014-02-13 10:06 - 00000000 ____D () C:\Users\Natálie Sikorská\Documents\AllHistoryCleaner
2014-02-13 10:04 - 2014-02-13 10:05 - 02727336 _____ (Safe Download Ltd ) C:\Users\Natálie Sikorská\Downloads\allhistorycleaner_ee6823e5e7e54052a5dced6e79bb0f67_ (1).exe
2014-02-13 10:02 - 2014-02-13 10:03 - 02727336 _____ (Safe Download Ltd ) C:\Users\Natálie Sikorská\Downloads\allhistorycleaner_ee6823e5e7e54052a5dced6e79bb0f67_.exe

==================== One Month Modified Files and Folders =======

2014-03-15 23:38 - 2013-06-07 16:02 - 00000960 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-15 23:35 - 2013-07-05 11:53 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-15 23:34 - 2008-12-25 00:50 - 00000000 ____D () C:\Users\Natálie Sikorská\AppData\Roaming\Skype
2014-03-15 23:25 - 2013-06-07 16:02 - 00000956 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-15 23:15 - 2012-12-12 20:50 - 00000000 ____D () C:\Users\Natálie Sikorská\Documents\REGENSB
2014-03-15 23:12 - 2008-12-19 11:50 - 01932792 _____ () C:\Windows\WindowsUpdate.log
2014-03-15 23:11 - 2006-11-02 13:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-15 23:11 - 2006-11-02 13:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-15 17:51 - 2014-02-13 10:06 - 00000000 ____D () C:\Program Files\All History Cleaner
2014-03-15 17:49 - 2014-02-20 10:04 - 00303916 _____ () C:\Windows\PFRO.log
2014-03-15 17:49 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-15 17:04 - 2006-11-02 14:01 - 00032530 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-15 16:37 - 2012-11-07 22:15 - 00000000 ____D () C:\Users\Natálie Sikorská\AppData\Roaming\Media Get LLC
2014-03-15 16:37 - 2012-11-07 22:15 - 00000000 ____D () C:\ProgramData\Media Get LLC
2014-03-14 23:48 - 2014-03-14 23:48 - 00025709 _____ () C:\Users\Natálie Sikorská\Desktop\FRST.txt
2014-03-14 23:48 - 2014-03-14 23:47 - 00000000 ____D () C:\FRST
2014-03-14 23:46 - 2014-03-14 23:46 - 00112640 _____ (forum.viry.cz) C:\Users\Natálie Sikorská\Desktop\FRSTLauncher.exe
2014-03-14 23:44 - 2014-03-14 23:44 - 00112640 _____ (forum.viry.cz) C:\Users\Natálie Sikorská\Downloads\Nepotvrzeno 910013.crdownload
2014-03-14 23:42 - 2014-03-14 23:42 - 01145856 _____ (Farbar) C:\Users\Natálie Sikorská\Desktop\FRST.exe
2014-03-14 13:11 - 2014-03-14 13:10 - 00000000 ____D () C:\Users\Natálie Sikorská\Documents\СИНДРОМ ШАХМАТИСТА
2014-03-14 13:11 - 2012-11-07 22:12 - 00000000 ____D () C:\Users\Natálie Sikorská\AppData\Local\MediaGet2
2014-03-14 13:10 - 2014-03-14 13:10 - 00000913 _____ () C:\Users\Natálie Sikorská\Desktop\MediaGet.lnk
2014-03-14 13:10 - 2012-11-07 22:14 - 00000921 _____ () C:\Users\Natálie Sikorská\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaGet.lnk
2014-03-14 11:41 - 2014-03-14 11:29 - 155867148 _____ () C:\Users\Natálie Sikorská\Downloads\berlin_f.exe
2014-03-14 11:30 - 2014-03-14 11:28 - 14746925 _____ () C:\Users\Natálie Sikorská\Downloads\berlin.exe
2014-03-14 11:13 - 2013-12-21 13:00 - 00000022 _____ () C:\Users\Natálie Sikorská\Downloads\berlin_demo.zip
2014-03-14 11:09 - 2013-12-27 14:28 - 00000000 ____D () C:\Users\Natálie Sikorská\berlin_d
2014-03-14 06:13 - 2014-03-14 06:13 - 00000000 ____D () C:\Users\Natálie Sikorská\AppData\Local\Skype
2014-03-14 06:12 - 2014-03-14 06:12 - 00001896 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-14 06:12 - 2014-03-14 06:12 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-03-14 06:12 - 2010-07-25 21:19 - 00000000 ___RD () C:\Program Files\Skype
2014-03-14 06:12 - 2008-12-25 00:50 - 00000000 ____D () C:\ProgramData\Skype
2014-03-14 03:38 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\rescache
2014-03-14 03:22 - 2006-11-02 13:47 - 00351176 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-14 03:21 - 2010-01-30 06:57 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-14 01:13 - 2013-10-17 10:00 - 00000000 ____D () C:\Users\Natálie Sikorská\Documents\RB
2014-03-14 01:12 - 2008-12-25 21:58 - 00000000 ____D () C:\Users\Natálie Sikorská\Documents\vi
2014-03-14 01:11 - 2009-11-24 10:37 - 00000000 ____D () C:\Users\Natálie Sikorská\Documents\VLADIMIR
2014-03-13 11:35 - 2012-07-06 20:58 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-03-13 11:35 - 2012-07-06 20:58 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-03-11 21:57 - 2014-03-11 21:57 - 00008192 _____ () C:\Users\Natálie Sikorská\Documents\vova_eucet-201301-776373022-souhrnny-ucet.xls
2014-03-11 09:57 - 2014-03-11 09:57 - 00001952 _____ () C:\Users\Natálie Sikorská\Downloads\eucet-201301-776373022-souhrnny-ucet-xls.zip
2014-03-07 13:10 - 2014-03-07 13:10 - 00000165 _____ () C:\Users\Natálie Sikorská\Downloads\RB_movements_20140306131112.csv
2014-03-05 19:07 - 2013-10-03 11:07 - 00001975 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-05 19:01 - 2008-12-25 21:58 - 00100864 _____ () C:\Users\Natálie Sikorská\Documents\telefony mobil.xls
2014-03-03 11:03 - 2014-03-03 10:39 - 00028160 _____ () C:\Users\Natálie Sikorská\Documents\skolni_jizdni_rad_dpkv.xls
2014-02-25 22:50 - 2008-12-25 21:56 - 00000000 ____D () C:\Users\Natálie Sikorská\Desktop\KARLOVY VARY
2014-02-25 22:26 - 2008-12-25 21:56 - 00000000 ____D () C:\Users\Natálie Sikorská\Documents\DR
2014-02-23 06:50 - 2014-03-14 03:02 - 12347904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-23 06:47 - 2014-03-14 03:02 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-23 06:43 - 2014-03-14 03:02 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-23 06:41 - 2014-03-14 03:02 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-23 06:40 - 2014-03-14 03:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-23 06:39 - 2014-03-14 03:02 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-23 06:38 - 2014-03-14 03:02 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-23 06:38 - 2014-03-14 03:02 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-23 06:38 - 2014-03-14 03:02 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-23 06:37 - 2014-03-14 03:02 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-23 06:37 - 2014-03-14 03:02 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-23 06:37 - 2014-03-14 03:02 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-23 06:37 - 2014-03-14 03:02 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-23 06:36 - 2014-03-14 03:02 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-23 06:36 - 2014-03-14 03:02 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-23 06:35 - 2014-03-14 03:02 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-21 18:28 - 2014-02-21 18:28 - 00000076 _____ () C:\Users\Natálie Sikorská\Downloads\RU021024-11.rm
2014-02-21 13:33 - 2009-02-25 14:46 - 00000000 ____D () C:\Users\Natálie Sikorská\Documents\bamberg
2014-02-21 13:22 - 2009-03-05 19:25 - 00000000 ____D () C:\Users\Natálie Sikorská\Documents\NORM
2014-02-21 11:11 - 2008-12-25 21:56 - 00000000 ____D () C:\Users\Natálie Sikorská\Documents\MN
2014-02-20 11:54 - 2014-02-20 09:23 - 00011264 _____ () C:\Users\Natálie Sikorská\Documents\Terma_Odmeny pruvodcum pro rok 2013.xls
2014-02-20 10:32 - 2014-02-20 10:32 - 00005134 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log
2014-02-20 10:32 - 2014-01-06 08:51 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-20 10:32 - 2013-10-03 10:59 - 00000000 ____D () C:\Program Files\Java
2014-02-20 10:00 - 2013-10-01 10:29 - 00000000 ____D () C:\AdwCleaner
2014-02-20 09:58 - 2014-02-20 09:57 - 01241834 _____ () C:\Users\Natálie Sikorská\Downloads\adwcleaner (1).exe
2014-02-20 00:48 - 2013-10-01 09:48 - 00000000 ____D () C:\Program Files\trend micro
2014-02-20 00:45 - 2014-02-20 00:44 - 00781383 _____ () C:\Users\Natálie Sikorská\Downloads\RSIT (1).exe
2014-02-20 00:29 - 2014-02-20 00:29 - 00037752 _____ () C:\Users\Natálie Sikorská\Documents\cc_20140220_002927.reg
2014-02-20 00:28 - 2009-02-14 17:04 - 00000000 ____D () C:\Users\Natálie Sikorská\AppData\Roaming\Winamp
2014-02-20 00:28 - 2009-02-14 15:55 - 00000000 ____D () C:\Users\Natálie Sikorská\AppData\Roaming\uTorrent
2014-02-20 00:28 - 2008-04-23 04:46 - 00000000 ____D () C:\Windows\Panther
2014-02-20 00:27 - 2014-02-20 00:27 - 00000808 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-20 00:27 - 2014-02-20 00:27 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-20 00:26 - 2014-02-20 00:20 - 04721920 _____ (Piriform Ltd) C:\Users\Natálie Sikorská\Downloads\ccsetup410.exe
2014-02-20 00:10 - 2014-01-20 10:40 - 00000000 ____D () C:\Program Files\Zrychleni Pocitace
2014-02-19 22:04 - 2014-02-13 10:06 - 00000895 _____ () C:\Users\Natálie Sikorská\Desktop\All History Cleaner.lnk
2014-02-19 21:56 - 2014-02-19 21:55 - 02727336 _____ (Safe Download Ltd ) C:\Users\Natálie Sikorská\Downloads\allhistorycleaner_ee6823e5e7e54052a5dced6e79bb0f67_ (6).exe
2014-02-19 21:49 - 2014-02-19 21:48 - 02727336 _____ (Safe Download Ltd ) C:\Users\Natálie Sikorská\Downloads\allhistorycleaner_ee6823e5e7e54052a5dced6e79bb0f67_ (5).exe
2014-02-19 21:47 - 2014-02-19 21:47 - 02727336 _____ (Safe Download Ltd ) C:\Users\Natálie Sikorská\Downloads\allhistorycleaner_ee6823e5e7e54052a5dced6e79bb0f67_ (4).exe
2014-02-19 21:21 - 2014-02-19 21:21 - 02727336 _____ (Safe Download Ltd ) C:\Users\Natálie Sikorská\Downloads\allhistorycleaner_ee6823e5e7e54052a5dced6e79bb0f67_ (3).exe
2014-02-19 18:50 - 2008-01-21 07:47 - 01507390 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-14 04:38 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-02-14 03:08 - 2013-08-16 02:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-14 03:06 - 2006-11-02 11:24 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-02-13 10:16 - 2014-02-13 10:16 - 05483968 _____ (Speedchecker Limited ) C:\Users\Natálie Sikorská\Downloads\pcspeedup_144d16c62d254e5582c5246abceaa267_.exe
2014-02-13 10:16 - 2014-02-13 10:16 - 05483968 _____ (Speedchecker Limited ) C:\Users\Natálie Sikorská\Downloads\pcspeedup_144d16c62d254e5582c5246abceaa267_ (1).exe
2014-02-13 10:16 - 2014-02-13 10:13 - 02727336 _____ (Safe Download Ltd ) C:\Users\Natálie Sikorská\Downloads\allhistorycleaner_ee6823e5e7e54052a5dced6e79bb0f67_ (2).exe
2014-02-13 10:06 - 2014-02-13 10:06 - 00000000 ____D () C:\Users\Natálie Sikorská\Documents\AllHistoryCleaner
2014-02-13 10:05 - 2014-02-13 10:04 - 02727336 _____ (Safe Download Ltd ) C:\Users\Natálie Sikorská\Downloads\allhistorycleaner_ee6823e5e7e54052a5dced6e79bb0f67_ (1).exe
2014-02-13 10:03 - 2014-02-13 10:02 - 02727336 _____ (Safe Download Ltd ) C:\Users\Natálie Sikorská\Downloads\allhistorycleaner_ee6823e5e7e54052a5dced6e79bb0f67_.exe
2014-02-13 09:49 - 2014-01-06 09:34 - 00178550 _____ () C:\Windows\hpoins44.dat
2014-02-13 09:49 - 2010-01-29 15:12 - 00005847 _____ () C:\ProgramData\hpzinstall.log

Some content of TEMP:
====================
C:\Users\Natálie Sikorská\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Natálie Sikorská\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\TEMP:193426B4
AlternateDataStreams: C:\ProgramData\TEMP:8AB6C1D7

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Nat�lie Sikorsk�\Desktop" je 45 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[vyosek]

Zdravim


Odinstalujte LavasoftAd-Aware

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKLM\...\Run: [WinampAgent] - C:\Program Files\Winamp\winampa.exe [36352 2008-08-04] ()
  HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [292136 2009-05-30] (Apple Inc.)
  HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
  HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
  HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
  HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54576 2009-11-18] (Hewlett-Packard)
  HKLM\...\Run: [] - [X]
  HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
  HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
  HKU\S-1-5-21-66699393-427050290-1704786421-1002\...\Run: [MediaGet2] - C:\Users\Natálie Sikorská\AppData\Local\MediaGet2\mediaget.exe [11789032 2014-03-14] (MediaGet LLC)
  HKU\S-1-5-21-66699393-427050290-1704786421-1002\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
  HKU\S-1-5-21-66699393-427050290-1704786421-1002\...\MountPoints2: H - H:\LaunchU3.exe -a
  HKU\S-1-5-21-66699393-427050290-1704786421-1002\...\MountPoints2: {004a0529-d50c-11de-b3bf-001c25e7b8e3} - H:\LaunchU3.exe -a
  
  KCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mail.ru/cnt/7227
  HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com
  HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
  HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://cs.intl.acer.yahoo.com
  HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://cs.intl.acer.yahoo.com
  HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
  HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
  SearchScopes: HKLM - DefaultScope value is missing.
  SearchScopes: HKCU - firmy.cz-221433 URL = http://www.firmy.cz/phr/{searchTerms}
  SearchScopes: HKCU - mapy.cz-221433 URL = http://www.mapy.cz/?sourceid=quicksearch_6826&query={searchTerms}
  SearchScopes: HKCU - seznam.cz-221433 URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
  SearchScopes: HKCU - videa.seznam.cz-221433 URL = http://videa.seznam.cz/?q={searchTerms}
  SearchScopes: HKCU - zbozi.cz-221433 URL = http://www.zbozi.cz/?sourceid=quicksearch_6826&q={searchTerms}
  SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}
  Toolbar: HKLM - BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files\BS.Player ControlBar\BSToolbar.dll ()
  Toolbar: HKCU - BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files\BS.Player ControlBar\BSToolbar.dll ()
  Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
  Toolbar: HKCU - No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
  Toolbar: HKCU - No Name - {09900DE8-1DCA-443F-9243-26FF581438AF} - No File
  
  FF Keyword.URL: hxxp://go.mail.ru/search?fr=fftb&q=
  FF SearchPlugin: C:\Users\Natálie Sikorská\AppData\Roaming\Mozilla\Firefox\Profiles\7gjjl8fp.default\searchplugins\bsplayer-search.xml
  FF SearchPlugin: C:\Users\Natálie Sikorská\AppData\Roaming\Mozilla\Firefox\Profiles\7gjjl8fp.default\searchplugins\firmy.cz-221434.xml
  FF SearchPlugin: C:\Users\Natálie Sikorská\AppData\Roaming\Mozilla\Firefox\Profiles\7gjjl8fp.default\searchplugins\inbox-hledn.xml
  FF SearchPlugin: C:\Users\Natálie Sikorská\AppData\Roaming\Mozilla\Firefox\Profiles\7gjjl8fp.default\searchplugins\mailru---.xml
  FF Extension: Yandex.Bar - C:\Users\Natálie Sikorská\AppData\Roaming\Mozilla\Firefox\Profiles\7gjjl8fp.default\Extensions\yasearch@yandex.ru [2012-11-19]
  FF Extension: Спутник @Mail.Ru - C:\Users\Natálie Sikorská\AppData\Roaming\Mozilla\Firefox\Profiles\7gjjl8fp.default\Extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D} [2013-07-30]
  FF HKLM\...\Firefox\Extensions: [siteranker@siteranker.com] - C:\Program Files\SiteRanker\firefox\
  
  CHR Plugin: (McAfee Security Scanner +) - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll No File
  
  DisableService: RichVideo
  
  2014-03-14 13:10 - 2014-03-14 13:11 - 00000000 ____D () C:\Users\Natálie Sikorská\Documents\СИНДРОМ ШАХМАТИСТА
  2014-03-14 13:10 - 2014-03-14 13:10 - 00000913 _____ () C:\Users\Natálie Sikorská\Desktop\MediaGet.lnk
  2014-03-14 23:46 - 2014-03-14 23:46 - 00112640 _____ (forum.viry.cz) C:\Users\Natálie Sikorská\Desktop\FRSTLauncher.exe
  2014-03-14 23:44 - 2014-03-14 23:44 - 00112640 _____ (forum.viry.cz) C:\Users\Natálie Sikorská\Downloads\Nepotvrzeno 910013.crdownload
  2014-02-20 09:57 - 2014-02-20 09:58 - 01241834 _____ () C:\Users\Natálie Sikorská\Downloads\adwcleaner (1).exe
  2014-02-13 10:04 - 2014-02-13 10:05 - 02727336 _____ (Safe Download Ltd ) C:\Users\Natálie Sikorská\Downloads\allhistorycleaner_ee6823e5e7e54052a5dced6e79bb0f67_ (1).exe
  2014-02-13 10:02 - 2014-02-13 10:03 - 02727336 _____ (Safe Download Ltd ) C:\Users\Natálie Sikorská\Downloads\allhistorycleaner_ee6823e5e7e54052a5dced6e79bb0f67_.exe2014-02-13 10:16 - 2014-02-13 10:16 - 05483968 _____ (Speedchecker Limited ) C:\Users\Natálie Sikorská\Downloads\pcspeedup_144d16c62d254e5582c5246abceaa267_.exe
  2014-02-13 10:16 - 2014-02-13 10:16 - 05483968 _____ (Speedchecker Limited ) C:\Users\Natálie Sikorská\Downloads\pcspeedup_144d16c62d254e5582c5246abceaa267_ (1).exe
  2014-02-13 10:13 - 2014-02-13 10:16 - 02727336 _____ (Safe Download Ltd ) C:\Users\Natálie Sikorská\Downloads\allhistorycleaner_ee6823e5e7e54052a5dced6e79bb0f67_ (2).exe
  2014-02-19 21:55 - 2014-02-19 21:56 - 02727336 _____ (Safe Download Ltd ) C:\Users\Natálie Sikorská\Downloads\allhistorycleaner_ee6823e5e7e54052a5dced6e79bb0f67_ (6).exe
  2014-02-19 21:48 - 2014-02-19 21:49 - 02727336 _____ (Safe Download Ltd ) C:\Users\Natálie Sikorská\Downloads\allhistorycleaner_ee6823e5e7e54052a5dced6e79bb0f67_ (5).exe
  2014-02-19 21:47 - 2014-02-19 21:47 - 02727336 _____ (Safe Download Ltd ) C:\Users\Natálie Sikorská\Downloads\allhistorycleaner_ee6823e5e7e54052a5dced6e79bb0f67_ (4).exe
  2014-02-19 21:21 - 2014-02-19 21:21 - 02727336 _____ (Safe Download Ltd ) C:\Users\Natálie Sikorská\Downloads\allhistorycleaner_ee6823e5e7e54052a5dced6e79bb0f67_ (3).exe
  2014-02-20 00:45 - 2014-02-20 00:44 - 00781383 _____ () C:\Users\Natálie Sikorská\Downloads\RSIT (1).exe
  2014-02-20 00:26 - 2014-02-20 00:20 - 04721920 _____ (Piriform Ltd) C:\Users\Natálie Sikorská\Downloads\ccsetup410.exe
  2014-02-20 00:10 - 2014-01-20 10:40 - 00000000 ____D () C:\Program Files\Zrychleni Pocitace
  2014-02-19 22:04 - 2014-02-13 10:06 - 00000895 _____ () C:\Users\Natálie Sikorská\Desktop\All History Cleaner.lnk
  C:\Users\Natálie Sikorská\AppData\Local\MediaGet2
  
  Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  
  AlternateDataStreams: C:\ProgramData\TEMP:193426B4
  AlternateDataStreams: C:\ProgramData\TEMP:8AB6C1D7
  
  Hosts:
  CMD: shutdown /r /f /t 2
  
  End

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[Sonya]

Dobrý večer
Níže fixlog.


Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 13-03-2014 01
Ran by Natálie Sikorská at 2014-03-15 21:44:12 Run:1
Running from C:\Users\Natálie Sikorská\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [WinampAgent] - C:\Program Files\Winamp\winampa.exe [36352 2008-08-04] ()
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [292136 2009-05-30] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54576 2009-11-18] (Hewlett-Packard)
HKLM\...\Run: [] - [X]
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-66699393-427050290-1704786421-1002\...\Run: [MediaGet2] - C:\Users\Natálie Sikorská\AppData\Local\MediaGet2\mediaget.exe [11789032 2014-03-14] (MediaGet LLC)
HKU\S-1-5-21-66699393-427050290-1704786421-1002\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-66699393-427050290-1704786421-1002\...\MountPoints2: H - H:\LaunchU3.exe -a
HKU\S-1-5-21-66699393-427050290-1704786421-1002\...\MountPoints2: {004a0529-d50c-11de-b3bf-001c25e7b8e3} - H:\LaunchU3.exe -a

KCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mail.ru/cnt/7227
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://cs.intl.acer.yahoo.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://cs.intl.acer.yahoo.com
HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - firmy.cz-221433 URL = http://www.firmy.cz/phr/{searchTerms}
SearchScopes: HKCU - mapy.cz-221433 URL = http://www.mapy.cz/?sourceid=quicksearc ... earchTerms}
SearchScopes: HKCU - seznam.cz-221433 URL = http://search.conduit.com/ResultsExt.as ... =CT2786678
SearchScopes: HKCU - videa.seznam.cz-221433 URL = http://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKCU - zbozi.cz-221433 URL = http://www.zbozi.cz/?sourceid=quicksear ... earchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... :{language}
Toolbar: HKLM - BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files\BS.Player ControlBar\BSToolbar.dll ()
Toolbar: HKCU - BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files\BS.Player ControlBar\BSToolbar.dll ()
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
Toolbar: HKCU - No Name - {09900DE8-1DCA-443F-9243-26FF581438AF} - No File

FF Keyword.URL: hxxp://go.mail.ru/search?fr=fftb&q=
FF SearchPlugin: C:\Users\Natálie Sikorská\AppData\Roaming\Mozilla\Firefox\Profiles\7gjjl8fp.default\searchplugins\bsplayer-search.xml
FF SearchPlugin: C:\Users\Natálie Sikorská\AppData\Roaming\Mozilla\Firefox\Profiles\7gjjl8fp.default\searchplugins\firmy.cz-221434.xml
FF SearchPlugin: C:\Users\Natálie Sikorská\AppData\Roaming\Mozilla\Firefox\Profiles\7gjjl8fp.default\searchplugins\inbox-hledn.xml
FF SearchPlugin: C:\Users\Natálie Sikorská\AppData\Roaming\Mozilla\Firefox\Profiles\7gjjl8fp.default\searchplugins\mailru---.xml
FF Extension: Yandex.Bar - C:\Users\Natálie Sikorská\AppData\Roaming\Mozilla\Firefox\Profiles\7gjjl8fp.default\Extensions\yasearch@yandex.ru [2012-11-19]
FF Extension: Спутник @Mail.Ru - C:\Users\Natálie Sikorská\AppData\Roaming\Mozilla\Firefox\Profiles\7gjjl8fp.default\Extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D} [2013-07-30]
FF HKLM\...\Firefox\Extensions: [siteranker@siteranker.com] - C:\Program Files\SiteRanker\firefox\

CHR Plugin: (McAfee Security Scanner +) - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll No File

DisableService: RichVideo

2014-03-14 13:10 - 2014-03-14 13:11 - 00000000 ____D () C:\Users\Natálie Sikorská\Documents\СИНДРОМ ШАХМАТИСТА
2014-03-14 13:10 - 2014-03-14 13:10 - 00000913 _____ () C:\Users\Natálie Sikorská\Desktop\MediaGet.lnk
2014-03-14 23:46 - 2014-03-14 23:46 - 00112640 _____ (forum.viry.cz) C:\Users\Natálie Sikorská\Desktop\FRSTLauncher.exe
2014-03-14 23:44 - 2014-03-14 23:44 - 00112640 _____ (forum.viry.cz) C:\Users\Natálie Sikorská\Downloads\Nepotvrzeno 910013.crdownload
2014-02-20 09:57 - 2014-02-20 09:58 - 01241834 _____ () C:\Users\Natálie Sikorská\Downloads\adwcleaner (1).exe
2014-02-13 10:04 - 2014-02-13 10:05 - 02727336 _____ (Safe Download Ltd ) C:\Users\Natálie Sikorská\Downloads\allhistorycleaner_ee6823e5e7e54052a5dced6e79bb0f67_ (1).exe
2014-02-13 10:02 - 2014-02-13 10:03 - 02727336 _____ (Safe Download Ltd ) C:\Users\Natálie Sikorská\Downloads\allhistorycleaner_ee6823e5e7e54052a5dced6e79bb0f67_.exe2014-02-13 10:16 - 2014-02-13 10:16 - 05483968 _____ (Speedchecker Limited ) C:\Users\Natálie Sikorská\Downloads\pcspeedup_144d16c62d254e5582c5246abceaa267_.exe
2014-02-13 10:16 - 2014-02-13 10:16 - 05483968 _____ (Speedchecker Limited ) C:\Users\Natálie Sikorská\Downloads\pcspeedup_144d16c62d254e5582c5246abceaa267_ (1).exe
2014-02-13 10:13 - 2014-02-13 10:16 - 02727336 _____ (Safe Download Ltd ) C:\Users\Natálie Sikorská\Downloads\allhistorycleaner_ee6823e5e7e54052a5dced6e79bb0f67_ (2).exe
2014-02-19 21:55 - 2014-02-19 21:56 - 02727336 _____ (Safe Download Ltd ) C:\Users\Natálie Sikorská\Downloads\allhistorycleaner_ee6823e5e7e54052a5dced6e79bb0f67_ (6).exe
2014-02-19 21:48 - 2014-02-19 21:49 - 02727336 _____ (Safe Download Ltd ) C:\Users\Natálie Sikorská\Downloads\allhistorycleaner_ee6823e5e7e54052a5dced6e79bb0f67_ (5).exe
2014-02-19 21:47 - 2014-02-19 21:47 - 02727336 _____ (Safe Download Ltd ) C:\Users\Natálie Sikorská\Downloads\allhistorycleaner_ee6823e5e7e54052a5dced6e79bb0f67_ (4).exe
2014-02-19 21:21 - 2014-02-19 21:21 - 02727336 _____ (Safe Download Ltd ) C:\Users\Natálie Sikorská\Downloads\allhistorycleaner_ee6823e5e7e54052a5dced6e79bb0f67_ (3).exe
2014-02-20 00:45 - 2014-02-20 00:44 - 00781383 _____ () C:\Users\Natálie Sikorská\Downloads\RSIT (1).exe
2014-02-20 00:26 - 2014-02-20 00:20 - 04721920 _____ (Piriform Ltd) C:\Users\Natálie Sikorská\Downloads\ccsetup410.exe
2014-02-20 00:10 - 2014-01-20 10:40 - 00000000 ____D () C:\Program Files\Zrychleni Pocitace
2014-02-19 22:04 - 2014-02-13 10:06 - 00000895 _____ () C:\Users\Natálie Sikorská\Desktop\All History Cleaner.lnk
C:\Users\Natálie Sikorská\AppData\Local\MediaGet2

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\ProgramData\TEMP:193426B4
AlternateDataStreams: C:\ProgramData\TEMP:8AB6C1D7

Hosts:
CMD: shutdown /r /f /t 2

End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\WinampAgent => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run\\WindowsWelcomeCenter => Value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run\\WindowsWelcomeCenter => Value deleted successfully.
HKU\S-1-5-21-66699393-427050290-1704786421-1002\Software\Microsoft\Windows\CurrentVersion\Run\\MediaGet2 => Value deleted successfully.
HKU\S-1-5-21-66699393-427050290-1704786421-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => Value deleted successfully.
HKU\S-1-5-21-66699393-427050290-1704786421-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-66699393-427050290-1704786421-1002 => Key not found.
HKU\S-1-5-21-66699393-427050290-1704786421-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{004a0529-d50c-11de-b3bf-001c25e7b8e3} => Key deleted successfully.
HKCR\CLSID\{004a0529-d50c-11de-b3bf-001c25e7b8e3} => Key not found.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\SearchAssistant => Value deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\CustomizeSearch => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\firmy.cz-221433 => Key deleted successfully.
HKCR\Wow6432Node\CLSID\firmy.cz-221433 => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\mapy.cz-221433 => Key deleted successfully.
HKCR\Wow6432Node\CLSID\mapy.cz-221433 => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\seznam.cz-221433 => Key deleted successfully.
HKCR\Wow6432Node\CLSID\seznam.cz-221433 => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\videa.seznam.cz-221433 => Key deleted successfully.
HKCR\Wow6432Node\CLSID\videa.seznam.cz-221433 => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\zbozi.cz-221433 => Key deleted successfully.
HKCR\Wow6432Node\CLSID\zbozi.cz-221433 => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2C688203-7EB3-4327-9995-1CB417BA23F9} => Value deleted successfully.
HKCR\CLSID\{2C688203-7EB3-4327-9995-1CB417BA23F9} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2C688203-7EB3-4327-9995-1CB417BA23F9} => Value deleted successfully.
HKCR\CLSID\{2C688203-7EB3-4327-9995-1CB417BA23F9} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Value deleted successfully.
HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} => Value deleted successfully.
HKCR\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{09900DE8-1DCA-443F-9243-26FF581438AF} => Value deleted successfully.
HKCR\CLSID\{09900DE8-1DCA-443F-9243-26FF581438AF} => Key not found.
Firefox Keyword.URL deleted successfully.
C:\Users\Natálie Sikorská\AppData\Roaming\Mozilla\Firefox\Profiles\7gjjl8fp.default\searchplugins\bsplayer-search.xml => Moved successfully.
C:\Users\Natálie Sikorská\AppData\Roaming\Mozilla\Firefox\Profiles\7gjjl8fp.default\searchplugins\firmy.cz-221434.xml => Moved successfully.
C:\Users\Natálie Sikorská\AppData\Roaming\Mozilla\Firefox\Profiles\7gjjl8fp.default\searchplugins\inbox-hledn.xml => Moved successfully.
C:\Users\Natálie Sikorská\AppData\Roaming\Mozilla\Firefox\Profiles\7gjjl8fp.default\searchplugins\mailru---.xml => Moved successfully.
C:\Users\Natálie Sikorská\AppData\Roaming\Mozilla\Firefox\Profiles\7gjjl8fp.default\Extensions\yasearch@yandex.ru => Moved successfully.
C:\Users\Natálie Sikorská\AppData\Roaming\Mozilla\Firefox\Profiles\7gjjl8fp.default\Extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D} => Moved successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\siteranker@siteranker.com => Value deleted successfully.
C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll not found.
RichVideo service was disabled

"C:\Users\Natálie Sikorská\Documents\СИНДРОМ ШАХМАТИСТА" directory move:

C:\Users\Natálie Sikorská\Documents\??????? ??????????\1 ?????.avi not found.
C:\Users\Natálie Sikorská\Documents\??????? ??????????\2 ?????.avi not found.
C:\Users\Natálie Sikorská\Documents\??????? ??????????\3 ?????.avi not found.
C:\Users\Natálie Sikorská\Documents\??????? ??????????\4 ?????.avi not found.
Could not move "C:\Users\Natálie Sikorská\Documents\СИНДРОМ ШАХМАТИСТА" directory. => Scheduled to move on reboot.

C:\Users\Natálie Sikorská\Desktop\MediaGet.lnk => Moved successfully.
C:\Users\Natálie Sikorská\Desktop\FRSTLauncher.exe => Moved successfully.
"C:\Users\Natálie Sikorská\Downloads\Nepotvrzeno 910013.crdownload" => File/Directory not found.
C:\Users\Natálie Sikorská\Downloads\adwcleaner (1).exe => Moved successfully.
C:\Users\Natálie Sikorská\Downloads\allhistorycleaner_ee6823e5e7e54052a5dced6e79bb0f67_ (1).exe => Moved successfully.
C:\Users\Natálie Sikorská\Downloads\pcspeedup_144d16c62d254e5582c5246abceaa267_.exe => Moved successfully.
C:\Users\Natálie Sikorská\Downloads\pcspeedup_144d16c62d254e5582c5246abceaa267_ (1).exe => Moved successfully.
C:\Users\Natálie Sikorská\Downloads\allhistorycleaner_ee6823e5e7e54052a5dced6e79bb0f67_ (2).exe => Moved successfully.
C:\Users\Natálie Sikorská\Downloads\allhistorycleaner_ee6823e5e7e54052a5dced6e79bb0f67_ (6).exe => Moved successfully.
C:\Users\Natálie Sikorská\Downloads\allhistorycleaner_ee6823e5e7e54052a5dced6e79bb0f67_ (5).exe => Moved successfully.
C:\Users\Natálie Sikorská\Downloads\allhistorycleaner_ee6823e5e7e54052a5dced6e79bb0f67_ (4).exe => Moved successfully.
C:\Users\Natálie Sikorská\Downloads\allhistorycleaner_ee6823e5e7e54052a5dced6e79bb0f67_ (3).exe => Moved successfully.
C:\Users\Natálie Sikorská\Downloads\RSIT (1).exe => Moved successfully.
C:\Users\Natálie Sikorská\Downloads\ccsetup410.exe => Moved successfully.
C:\Program Files\Zrychleni Pocitace => Moved successfully.
C:\Users\Natálie Sikorská\Desktop\All History Cleaner.lnk => Moved successfully.
C:\Users\Natálie Sikorská\AppData\Local\MediaGet2 => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\ProgramData\TEMP => ":193426B4" ADS removed successfully.
C:\ProgramData\TEMP => ":8AB6C1D7" ADS removed successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========


========= End of CMD: =========


=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-03-15 21:46:40)<=

C:\Users\Natálie Sikorská\Documents\СИНДРОМ ШАХМАТИСТА => Moved successfully.

==== End of Fixlog ====

[vyosek]

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

[Sonya]

Moc dekuji za pomoc! Udelam vsechno dle navodu a pokud by byly jeste nejake potize, ozvu se. Fin.podpora samozrejme pujde Krasny den

[vyosek]

Nemate zac, rad jsem pomohl Zase nekdy

Za podporu fora jmenem celeho tymu dekuji

A na zaklade Pravidla o zamykani temat