Prosim o kontrolu logu

[PreludeZ]

Ahoj,
prosim o kontrolu logu, ntb mi prijde posledni dobou pomaly, nekdy kdyz pisu tak vynechava pismenka jako by pres prilisnou vytizenost neregistroval zmacknuti klavesy a musim psat velmi pomalu, atd.

diky za rady

zde je log RSIT:

Logfile of random's system information tool 1.08 (written by random/random)
Run by Eda at 2014-02-25 20:24:17
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 31 GB (26%) free of 119 GB
Total RAM: 4061 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:24:27, on 25.2.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16518)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\Cyberlink\Power2Go\CLMLSvc.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\Eda.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.honda-club.cz/forum/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} (CSEQueryObject Object) - http://www.myheritage.cz/Genoogle/Compo ... eQuery.dll
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://juniper.net/dana-cached/sc/Juni ... Client.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: COMODO Internet Security Helper Service (cmdagent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11208 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE 0x2c0
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
WLIDSvcM.exe 1948
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
taskeng.exe {F35C5480-729E-4045-A66F-1F12C07FF11C}
C:\Windows\Explorer.EXE
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
"C:\Windows\System32\hkcmd.exe"
Atouch64.exe
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
C:\Windows\system32\wbem\wmiprvse.exe
ATKOSD.exe
KBFiltr.exe
WDC.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3376.86dc200.761785851 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 3376 "\\.\pipe\gecko-crash-server-pipe.3376" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe" --proxy-stub-channel=Flash3488.020CC768.19570 --host-broker-channel=Flash3488.020CC768.7171 --host-pid=3488 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe" --channel=3872.0038F22C.858094226 --proxy-stub-channel=Flash3488.020CC768.19570 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll" --host-npapi-version=27 --type=renderer
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe"
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe"
"C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe"
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\Cyberlink\Power2Go\CLMLSvc.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\totalcmd\TOTALCMD.EXE"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3376.17fb7b00.657669436 "C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 3376 "\\.\pipe\gecko-crash-server-pipe.3376" plugin
"C:\Windows\system32\wuauclt.exe"
"D:\firefox downolad\Nová složka (7)\PAT a MAT\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
DVDVideoSoft WebPageAdjuster Class - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2013-03-20 339104]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files (x86)\uTorrentBar\tbuTor.dll [2010-12-09 3911776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
DVDVideoSoft WebPageAdjuster Class - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2013-03-20 280224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2010-03-25 1548096]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files (x86)\uTorrentBar\tbuTor.dll [2010-12-09 3911776]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 415256]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-08-12 323072]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-07-30 617856]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2012-11-08 9577680]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2013-05-08 41056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]
C:\Windows\AsScrProlog.exe [2009-10-23 72248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2009-10-23 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\Cyberlink\Power2Go\CLMLSvc.exe [2008-07-19 104936]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\Windows\system32\guard64.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-25 271360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2014-02-25 20:24:18 ----D---- C:\Program Files\trend micro
2014-02-25 20:24:17 ----D---- C:\rsit
2014-02-15 13:30:53 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-02-14 17:34:16 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-02-14 17:34:16 ----A---- C:\Windows\system32\vbscript.dll
2014-02-14 17:32:35 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-02-14 17:32:35 ----A---- C:\Windows\system32\msrating.dll
2014-02-14 17:32:34 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-02-14 17:32:33 ----A---- C:\Windows\system32\ieui.dll
2014-02-14 17:32:32 ----A---- C:\Windows\system32\iernonce.dll
2014-02-14 17:32:32 ----A---- C:\Windows\system32\ie4uinit.exe
2014-02-14 17:32:31 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-02-14 17:32:30 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-02-14 17:32:30 ----A---- C:\Windows\system32\jsproxy.dll
2014-02-14 17:32:29 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-02-14 17:32:29 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-02-14 17:32:29 ----A---- C:\Windows\system32\msfeeds.dll
2014-02-14 17:32:28 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-02-14 17:32:28 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-02-14 17:32:28 ----A---- C:\Windows\system32\ieUnatt.exe
2014-02-14 17:32:28 ----A---- C:\Windows\system32\iesetup.dll
2014-02-14 17:32:27 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-02-14 17:32:27 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-02-14 17:32:27 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-02-14 17:32:25 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-02-14 17:32:25 ----A---- C:\Windows\system32\mshtml.dll
2014-02-14 17:32:25 ----A---- C:\Windows\system32\jscript9diag.dll
2014-02-14 17:32:24 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-02-14 17:32:24 ----A---- C:\Windows\system32\ieapfltr.dll
2014-02-14 17:32:23 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-02-14 17:32:22 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-02-14 17:32:22 ----A---- C:\Windows\system32\iertutil.dll
2014-02-14 17:32:21 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-02-14 17:32:21 ----A---- C:\Windows\system32\wininet.dll
2014-02-14 17:32:20 ----A---- C:\Windows\system32\urlmon.dll
2014-02-14 17:32:18 ----A---- C:\Windows\system32\ieframe.dll
2014-02-14 17:32:16 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-02-14 17:32:14 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-02-14 17:32:13 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-02-14 17:32:12 ----A---- C:\Windows\system32\jscript9.dll
2014-02-13 10:19:04 ----A---- C:\Windows\system32\msxml3.dll
2014-02-13 10:19:03 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-02-13 10:19:01 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-02-13 10:19:01 ----A---- C:\Windows\system32\msxml3r.dll
2014-02-13 10:18:47 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2014-02-13 10:18:47 ----A---- C:\Windows\system32\RMActivate_isv.exe
2014-02-13 10:18:47 ----A---- C:\Windows\system32\RMActivate.exe
2014-02-13 10:18:46 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2014-02-13 10:18:46 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2014-02-13 10:18:46 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2014-02-13 10:18:46 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2014-02-13 10:18:46 ----A---- C:\Windows\system32\secproc_isv.dll
2014-02-13 10:18:46 ----A---- C:\Windows\system32\secproc.dll
2014-02-13 10:18:46 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-13 10:18:46 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2014-02-13 10:18:46 ----A---- C:\Windows\system32\msdrm.dll
2014-02-13 10:18:45 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2014-02-13 10:18:45 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2014-02-13 10:18:45 ----A---- C:\Windows\SYSWOW64\secproc.dll
2014-02-13 10:18:45 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2014-02-13 10:18:45 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2014-02-13 10:18:45 ----A---- C:\Windows\system32\secproc_ssp.dll
2014-02-13 10:18:41 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-02-13 10:18:41 ----A---- C:\Windows\system32\d3d10warp.dll
2014-02-13 10:18:40 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2014-02-13 10:18:40 ----A---- C:\Windows\system32\d2d1.dll
2014-02-03 22:47:21 ----D---- C:\Program Files (x86)\Google

======List of files/folders modified in the last 1 months======

2014-02-25 20:24:19 ----D---- C:\Windows\Temp
2014-02-25 20:24:18 ----RD---- C:\Program Files
2014-02-25 13:25:42 ----D---- C:\Windows\system32\Tasks
2014-02-25 10:52:18 ----D---- C:\Windows\system32\config
2014-02-25 10:41:49 ----SHD---- C:\System Volume Information
2014-02-24 14:58:48 ----D---- C:\Windows\System32
2014-02-24 14:58:48 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-02-24 14:58:47 ----D---- C:\Windows\inf
2014-02-23 21:38:37 ----D---- C:\Windows\Minidump
2014-02-23 21:38:32 ----D---- C:\Windows
2014-02-23 10:11:22 ----D---- C:\Windows\system32\catroot2
2014-02-22 17:42:49 ----D---- C:\Windows\Microsoft.NET
2014-02-22 17:42:46 ----RSD---- C:\Windows\assembly
2014-02-22 11:02:45 ----D---- C:\Windows\SysWOW64
2014-02-22 11:02:41 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-02-21 18:22:54 ----D---- C:\Windows\system32\NDF
2014-02-21 10:58:05 ----SHD---- C:\Windows\Installer
2014-02-21 10:53:39 ----RD---- C:\Program Files (x86)
2014-02-16 14:06:49 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-16 11:55:53 ----D---- C:\Windows\system32\MRT
2014-02-16 11:55:47 ----A---- C:\Windows\system32\MRT.exe
2014-02-14 18:49:45 ----D---- C:\Users\Eda\AppData\Roaming\Skype
2014-02-14 18:07:54 ----D---- C:\Windows\winsxs
2014-02-14 18:06:01 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-02-14 18:06:01 ----D---- C:\Windows\system32\cs-CZ
2014-02-14 18:05:59 ----D---- C:\Program Files (x86)\Internet Explorer
2014-02-14 18:05:58 ----D---- C:\Program Files\Internet Explorer
2014-02-14 17:46:35 ----D---- C:\Windows\system32\catroot
2014-02-11 21:59:39 ----D---- C:\Users\Eda\AppData\Roaming\uTorrent
2014-02-10 20:50:53 ----D---- C:\Users\Eda\AppData\Roaming\Dropbox
2014-02-04 07:53:56 ----A---- C:\Windows\system32\ServiceFilter.ini
2014-02-03 22:47:25 ----D---- C:\Windows\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2009-10-23 35384]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 408600]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-02-03 834544]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2012-11-08 584056]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2012-11-08 38144]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2012-11-08 94288]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2012-07-19 126944]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-07-09 140800]
R3 GUCI_AVS;ASUS USB2.0 UVC VGA WebCam; C:\Windows\system32\DRIVERS\GUCI_AVS.sys [2009-06-23 693248]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-08-23 56320]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]
S1 SBRE;SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys []
S3 acnbio4y;acnbio4y; C:\Windows\system32\drivers\acnbio4y.sys []
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-08-12 40448]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-02-28 96296]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-02-28 134184]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2008-12-22 36392]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-02-28 21160]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]
S3 PcaSp60;Rawether NDIS 6.X SPR Protocol Driver; C:\Windows\system32\DRIVERS\PcaSp60.sys [2010-09-07 38912]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-09-15 359552]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-03-01 844328]
R2 cmdagent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2012-11-08 2828408]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
R3 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [2009-04-15 271760]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-03 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-22 257928]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-06-12 1030600]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-03 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-02-06 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-02-15 118896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-07 1255736]

-----------------EOF-----------------

[vyosek]

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

[PreludeZ]

zde jsou logy, to vynechavani pismenek pri psani URL ve FF zatim pretrvava. "viry.cz" jsem psal na 3x... mam ale takove podezreni jestli to nemuze delat LastPass ktery ted stale otravuje vysouvaci listou ze se nepodarilo pripojit k prihlasovacimu serveru a ze je pouze v offline modu...


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Professional x64
Ran by Eda on Łt 25.02.2014 at 22:01:04,98
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\pricegong
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\utorrentbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\conduit.engine
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dttoolbar.toolbandobj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dttoolbar.toolbandobj.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2786678
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Eda\AppData\Roaming\dvdvideosoftiehelpers"
Successfully deleted: [Folder] "C:\Users\Eda\AppData\Roaming\goforfiles"
Successfully deleted: [Folder] "C:\Users\Eda\AppData\Roaming\thinstall"
Successfully deleted: [Folder] "C:\Users\Eda\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\Eda\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Users\Eda\appdata\locallow\utorrentbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\daemon tools toolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\goforfiles"
Successfully deleted: [Folder] "C:\Program Files (x86)\utorrentbar"



~~~ FireFox

Successfully deleted: [Folder] C:\Users\Eda\AppData\Roaming\mozilla\firefox\profiles\g8kferza.default\extensions\staged
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{acaa314b-eeba-48e4-ad47-84e31c44796c}
Emptied folder: C:\Users\Eda\AppData\Roaming\mozilla\firefox\profiles\g8kferza.default\minidumps [340 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 25.02.2014 at 22:35:57,47
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



# AdwCleaner v3.019 - Report created 25/02/2014 at 22:42:01
# Updated 17/02/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Eda - ASUSNTB
# Running from : C:\Users\Eda\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Folder Deleted : C:\Users\Eda\AppData\Local\Temp\FoxTab
Folder Deleted : C:\Users\Eda\AppData\Roaming\Mozilla\Firefox\Profiles\g8kferza.default\FoxTab
File Deleted : C:\Windows\Uninstall.exe
File Deleted : C:\Users\Eda\AppData\Roaming\Mozilla\Firefox\Profiles\g8kferza.default\searchplugins\daemon-search.xml

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASMANCS
Key Deleted : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2B898CA5-6EFA-4CDD-9507-40019DD75579}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2B898CA5-6EFA-4CDD-9507-40019DD75579}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2B898CA5-6EFA-4CDD-9507-40019DD75579}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{02600A3F-3C67-43D8-AF3C-4ADE6CA82C9F}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Key Deleted : HKCU\Software\GoforFiles
Key Deleted : HKLM\Software\GoforFiles
Key Deleted : HKLM\Software\uTorrentBar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar Toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Mozilla Firefox v27.0.1 (en-US)

[ File : C:\Users\Eda\AppData\Roaming\Mozilla\Firefox\Profiles\g8kferza.default\prefs.js ]


-\\ Google Chrome v33.0.1750.117

[ File : C:\Users\Eda\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [6026 octets] - [30/11/2013 15:47:44]
AdwCleaner[R1].txt - [4691 octets] - [25/02/2014 22:39:03]
AdwCleaner[S0].txt - [4638 octets] - [25/02/2014 22:42:01]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4698 octets] ##########

[PreludeZ]

tak jsem ted jeste zkoumal to vypadavani pismen a opravdu to zpusoboval jeden add-on ve FF a konkretne FOXTAB 1.4.9. takze tim se uz nemusime zabyvat

[vyosek]

Ja tam vidim jeste hodne bordelu, takze jestli chcete, tak dejte log z FRST http://forum.viry.cz/viewtopic.php?f=30&t=133101

[PreludeZ]

urcite bych rad pokracoval, zde je log + addition


Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-02-2014 01
Ran by Eda (administrator) on ASUSNTB on 26-02-2014 21:22:26
Running from C:\Users\Eda\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(ASUSTeK Computer Inc.) C:\Windows\system32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
() C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
() C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
(Microsoft Corporation) C:\Windows\system32\presentationsettings.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
() C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\Cyberlink\Power2Go\CLMLSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE
(Microsoft Corporation) C:\Windows\system32\taskmgr.exe
(forum.viry.cz) C:\Users\Eda\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323072 2009-08-12] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [617856 2009-07-30] (ELAN Microelectronic Corp.)
HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [9577680 2012-11-08] (COMODO)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1488044059-1706043965-1968784473-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)
HKU\S-1-5-21-1488044059-1706043965-1968784473-1000\...\MountPoints2: {f8100efd-10bf-11df-80ea-90e6ba8b753c} - F:\SETUP.EXE
AppInit_DLLs: C:\Windows\system32\guard64.dll => C:\Windows\system32\guard64.dll [390392 2012-11-08] (COMODO)
AppInit_DLLs-x32: C:\Windows\SysWOW64\guard32.dll => C:\Windows\SysWOW64\guard32.dll [301264 2012-11-08] (COMODO)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.honda-club.cz/forum/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
DPF: HKLM-x32 {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} http://www.myheritage.cz/Genoogle/Compo ... eQuery.dll
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/Juni ... Client.cab
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Eda\AppData\Roaming\Mozilla\Firefox\Profiles\g8kferza.default
FF Homepage: hxxp://www.honda-club.cz/forum/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @real.com/nppl3260;version=6.0.11.2852 - C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.46 - C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.1662 - C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.46 - C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF SearchPlugin: C:\Users\Eda\AppData\Roaming\Mozilla\Firefox\Profiles\g8kferza.default\searchplugins\ixquick-https.xml
FF Extension: Xmarks - C:\Users\Eda\AppData\Roaming\Mozilla\Firefox\Profiles\g8kferza.default\Extensions\foxmarks@kei.com [2014-01-12]
FF Extension: LastPass - C:\Users\Eda\AppData\Roaming\Mozilla\Firefox\Profiles\g8kferza.default\Extensions\support@lastpass.com [2014-02-19]
FF Extension: FireGestures - C:\Users\Eda\AppData\Roaming\Mozilla\Firefox\Profiles\g8kferza.default\Extensions\firegestures@xuldev.org.xpi [2011-05-03]
FF Extension: Youtube Downloader - Media Downloader - C:\Users\Eda\AppData\Roaming\Mozilla\Firefox\Profiles\g8kferza.default\Extensions\paulsaintuzb@gmail.com.xpi [2013-12-28]
FF Extension: Best Video Downloader 2 - C:\Users\Eda\AppData\Roaming\Mozilla\Firefox\Profiles\g8kferza.default\Extensions\{170503FA-3349-4F17-BC86-001888A5C8E2}.xpi [2013-12-28]
FF Extension: Adblock Plus - C:\Users\Eda\AppData\Roaming\Mozilla\Firefox\Profiles\g8kferza.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-05-22]
FF Extension: DownThemAll! - C:\Users\Eda\AppData\Roaming\Mozilla\Firefox\Profiles\g8kferza.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2011-05-22]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-02-15]

Chrome:
=======
CHR Extension: (Dokumenty Google) - C:\Users\Eda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-03]
CHR Extension: (Disk Google) - C:\Users\Eda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-03]
CHR Extension: (YouTube) - C:\Users\Eda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-03]
CHR Extension: (Vyhledávání Google) - C:\Users\Eda\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-03]
CHR Extension: (Peněženka Google) - C:\Users\Eda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-03]
CHR Extension: (Gmail) - C:\Users\Eda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-03]

==================== Services (Whitelisted) =================

R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] ()
R2 cmdagent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2828408 2012-11-08] (COMODO)
R3 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [271760 2009-04-15] ()

==================== Drivers (Whitelisted) ====================

R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [584056 2012-11-08] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [38144 2012-11-08] (COMODO)
R3 GUCI_AVS; C:\Windows\System32\DRIVERS\GUCI_AVS.sys [693248 2009-06-23] (PixArt Imaging Incorporation)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [94288 2012-11-08] (COMODO)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 PcaSp60; C:\Windows\SysWOW64\DRIVERS\PcaSp60.sys [38912 2010-09-07] (Printing Communications Assoc., Inc. (PCAUSA))
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-02-03] ()
U3 ajstj290; C:\Windows\System32\Drivers\ajstj290.sys [0 ] (Microsoft Corporation)
S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [X]
U3 tmlwf;
U3 tmwfp;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-26 21:22 - 2014-02-26 21:22 - 00013894 _____ () C:\Users\Eda\Desktop\FRST.txt
2014-02-26 21:19 - 2014-02-26 21:22 - 00000000 ____D () C:\FRST
2014-02-26 21:16 - 2013-12-05 16:07 - 00112640 _____ (forum.viry.cz) C:\Users\Eda\Desktop\FRSTLauncher.exe
2014-02-26 21:14 - 2014-02-26 15:05 - 02155008 _____ (Farbar) C:\Users\Eda\Desktop\FRST64.exe
2014-02-26 20:38 - 2014-02-26 20:38 - 00003468 _____ () C:\Windows\System32\Tasks\PresentationSettingsTurnOff_ASUSNTB_Eda
2014-02-25 22:53 - 2014-02-25 22:53 - 00004794 _____ () C:\Users\Eda\Desktop\AdwCleaner[S0].txt
2014-02-25 22:38 - 2014-02-25 22:36 - 01241834 _____ () C:\Users\Eda\Desktop\adwcleaner.exe
2014-02-25 22:35 - 2014-02-25 22:35 - 00003701 _____ () C:\Users\Eda\Desktop\JRT.txt
2014-02-25 22:00 - 2014-02-25 22:00 - 00000000 ____D () C:\Windows\ERUNT
2014-02-25 21:58 - 2014-02-20 07:33 - 01037734 _____ (Thisisu) C:\Users\Eda\Desktop\JRT.exe
2014-02-25 20:24 - 2014-02-25 20:24 - 00000000 ____D () C:\rsit
2014-02-25 20:24 - 2014-02-25 20:24 - 00000000 ____D () C:\Program Files\trend micro
2014-02-23 21:38 - 2014-02-23 21:38 - 00277608 _____ () C:\Windows\Minidump\022314-26410-01.dmp
2014-02-15 13:30 - 2014-02-15 13:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-14 17:34 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-14 17:34 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-14 17:32 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-14 17:32 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-14 17:32 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-14 17:32 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-14 17:32 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-14 17:32 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-14 17:32 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-14 17:32 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-14 17:32 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-14 17:32 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-14 17:32 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-14 17:32 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-14 17:32 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-14 17:32 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-14 17:32 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-14 17:32 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-14 17:32 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-14 17:32 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-14 17:32 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-14 17:32 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-14 17:32 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-14 17:32 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-14 17:32 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-14 17:32 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-14 17:32 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-14 17:32 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-14 17:32 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-14 17:32 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-14 17:32 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-14 17:32 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-14 17:32 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-14 17:32 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-14 17:32 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-14 17:32 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-14 17:32 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-14 17:32 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-14 17:32 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-14 17:32 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-14 17:32 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-13 10:19 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-13 10:19 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-13 10:19 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 10:19 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-13 10:19 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-13 10:19 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-13 10:18 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-13 10:18 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-13 10:18 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-13 10:18 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-13 10:18 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-13 10:18 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-13 10:18 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-13 10:18 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-13 10:18 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-13 10:18 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-13 10:18 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-13 10:18 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-13 10:18 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-13 10:18 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-13 10:18 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-13 10:18 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-13 10:18 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-13 10:18 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-13 10:18 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-13 10:18 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-13 10:18 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-13 10:18 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-12 15:37 - 2014-02-26 20:39 - 00003164 _____ () C:\Windows\System32\Tasks\P4GIntlCtrl
2014-02-11 00:40 - 2014-02-11 00:40 - 00007597 _____ () C:\Users\Eda\AppData\Local\Resmon.ResmonCfg
2014-02-03 22:48 - 2014-02-21 11:11 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-03 22:47 - 2014-02-26 20:58 - 00000946 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-03 22:47 - 2014-02-26 20:38 - 00000942 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-03 22:47 - 2014-02-21 10:53 - 00003942 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-03 22:47 - 2014-02-21 10:53 - 00003690 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-03 22:47 - 2014-02-03 22:48 - 00000000 ____D () C:\Users\Eda\AppData\Local\Google
2014-02-03 22:47 - 2014-02-03 22:47 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-03 11:31 - 2014-02-03 11:31 - 00003288 ____N () C:\bootsqm.dat

==================== One Month Modified Files and Folders =======

2014-02-26 21:22 - 2014-02-26 21:22 - 00013894 _____ () C:\Users\Eda\Desktop\FRST.txt
2014-02-26 21:22 - 2014-02-26 21:19 - 00000000 ____D () C:\FRST
2014-02-26 21:02 - 2012-12-26 14:24 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-26 20:58 - 2014-02-03 22:47 - 00000946 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-26 20:46 - 2009-07-14 05:45 - 00010256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-26 20:46 - 2009-07-14 05:45 - 00010256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-26 20:44 - 2009-10-23 04:56 - 01175113 _____ () C:\Windows\WindowsUpdate.log
2014-02-26 20:44 - 2009-08-03 22:13 - 00672386 _____ () C:\Windows\system32\perfh005.dat
2014-02-26 20:44 - 2009-08-03 22:13 - 00142950 _____ () C:\Windows\system32\perfc005.dat
2014-02-26 20:44 - 2009-07-14 06:13 - 01593150 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-26 20:39 - 2014-02-12 15:37 - 00003164 _____ () C:\Windows\System32\Tasks\P4GIntlCtrl
2014-02-26 20:39 - 2013-12-06 14:48 - 00003100 _____ () C:\Windows\System32\Tasks\P4G Sidebar
2014-02-26 20:38 - 2014-02-26 20:38 - 00003468 _____ () C:\Windows\System32\Tasks\PresentationSettingsTurnOff_ASUSNTB_Eda
2014-02-26 20:38 - 2014-02-03 22:47 - 00000942 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-26 20:38 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-26 20:38 - 2009-07-14 05:51 - 00166210 _____ () C:\Windows\setupact.log
2014-02-26 18:16 - 2010-02-10 09:48 - 01568800 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-26 15:05 - 2014-02-26 21:14 - 02155008 _____ (Farbar) C:\Users\Eda\Desktop\FRST64.exe
2014-02-26 08:38 - 2009-10-23 05:33 - 00331124 _____ () C:\Windows\PFRO.log
2014-02-25 22:53 - 2014-02-25 22:53 - 00004794 _____ () C:\Users\Eda\Desktop\AdwCleaner[S0].txt
2014-02-25 22:49 - 2013-11-30 15:47 - 00000000 ____D () C:\AdwCleaner
2014-02-25 22:36 - 2014-02-25 22:38 - 01241834 _____ () C:\Users\Eda\Desktop\adwcleaner.exe
2014-02-25 22:35 - 2014-02-25 22:35 - 00003701 _____ () C:\Users\Eda\Desktop\JRT.txt
2014-02-25 22:11 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-02-25 22:00 - 2014-02-25 22:00 - 00000000 ____D () C:\Windows\ERUNT
2014-02-25 20:24 - 2014-02-25 20:24 - 00000000 ____D () C:\rsit
2014-02-25 20:24 - 2014-02-25 20:24 - 00000000 ____D () C:\Program Files\trend micro
2014-02-23 21:38 - 2014-02-23 21:38 - 00277608 _____ () C:\Windows\Minidump\022314-26410-01.dmp
2014-02-23 21:38 - 2011-03-24 08:47 - 424854055 _____ () C:\Windows\MEMORY.DMP
2014-02-23 21:38 - 2011-03-24 08:47 - 00000000 ____D () C:\Windows\Minidump
2014-02-22 11:02 - 2012-12-26 14:24 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-22 11:02 - 2012-05-03 22:57 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-22 11:02 - 2011-05-25 19:59 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-21 18:22 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-21 11:11 - 2014-02-03 22:48 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-21 10:53 - 2014-02-03 22:47 - 00003942 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-21 10:53 - 2014-02-03 22:47 - 00003690 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-20 07:33 - 2014-02-25 21:58 - 01037734 _____ (Thisisu) C:\Users\Eda\Desktop\JRT.exe
2014-02-16 14:06 - 2012-05-06 21:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-16 12:00 - 2013-08-25 21:45 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-16 11:55 - 2010-02-11 21:26 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-15 13:31 - 2014-02-15 13:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-14 18:49 - 2010-02-07 17:22 - 00000000 ____D () C:\Users\Eda\AppData\Roaming\Skype
2014-02-11 21:59 - 2011-01-25 19:39 - 00000000 ____D () C:\Users\Eda\AppData\Roaming\uTorrent
2014-02-11 00:40 - 2014-02-11 00:40 - 00007597 _____ () C:\Users\Eda\AppData\Local\Resmon.ResmonCfg
2014-02-10 20:50 - 2013-12-11 15:51 - 00000000 ____D () C:\Users\Eda\AppData\Roaming\Dropbox
2014-02-10 20:50 - 2010-01-25 23:34 - 00000000 ___RD () C:\Users\Eda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-06 13:16 - 2014-02-14 17:32 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-14 17:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-14 17:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-14 17:32 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-14 17:32 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-14 17:32 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-14 17:32 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-14 17:32 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-14 17:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-14 17:32 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-14 17:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-14 17:32 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-14 17:32 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-14 17:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-14 17:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-14 17:32 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-14 17:32 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-14 17:32 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-14 17:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-14 17:32 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-14 17:32 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-14 17:32 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-14 17:32 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-14 17:32 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-14 17:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-14 17:32 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-14 17:32 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-14 17:32 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-14 17:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-14 17:32 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-14 17:32 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-14 17:32 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-14 17:32 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-14 17:32 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-14 17:32 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-14 17:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-14 17:32 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-14 17:32 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-14 17:32 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-04 07:53 - 2009-10-23 05:41 - 00001497 _____ () C:\Windows\system32\ServiceFilter.ini
2014-02-03 22:48 - 2014-02-03 22:47 - 00000000 ____D () C:\Users\Eda\AppData\Local\Google
2014-02-03 22:47 - 2014-02-03 22:47 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-03 11:31 - 2014-02-03 11:31 - 00003288 ____N () C:\bootsqm.dat

Some content of TEMP:
====================
C:\Users\Eda\AppData\Local\Temp\0.5460668987495487.exe
C:\Users\Eda\AppData\Local\Temp\AcDeltree.exe
C:\Users\Eda\AppData\Local\Temp\atl80.dll
C:\Users\Eda\AppData\Local\Temp\AVG.exe
C:\Users\Eda\AppData\Local\Temp\binkw32.dll
C:\Users\Eda\AppData\Local\Temp\c5f7a57d-b96a-4fca-88ed-13392791381e.dll
C:\Users\Eda\AppData\Local\Temp\chkupdate.exe
C:\Users\Eda\AppData\Local\Temp\ConduitEngine.dll
C:\Users\Eda\AppData\Local\Temp\d2l_Install.exe
C:\Users\Eda\AppData\Local\Temp\d2l_PlayD2.exe
C:\Users\Eda\AppData\Local\Temp\dsHostCheckerSetup.exe
C:\Users\Eda\AppData\Local\Temp\fsa251929.exe
C:\Users\Eda\AppData\Local\Temp\GLF27AA.tmp.ConduitEngineSetup.exe
C:\Users\Eda\AppData\Local\Temp\htmlayout.dll
C:\Users\Eda\AppData\Local\Temp\ietD522.tmp.exe
C:\Users\Eda\AppData\Local\Temp\jag51414.exe
C:\Users\Eda\AppData\Local\Temp\jre-1.6.0_20-windows-i586-iftw.exe_90744722.exe
C:\Users\Eda\AppData\Local\Temp\jre-6u20-windows-i586-jinstall_uac.exe
C:\Users\Eda\AppData\Local\Temp\jre-6u21-windows-i586-iftw-rv.exe
C:\Users\Eda\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe
C:\Users\Eda\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\Eda\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\Eda\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Eda\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Eda\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Eda\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Eda\AppData\Local\Temp\mfc80.dll
C:\Users\Eda\AppData\Local\Temp\mfc80u.dll
C:\Users\Eda\AppData\Local\Temp\mfcm80.dll
C:\Users\Eda\AppData\Local\Temp\mfcm80u.dll
C:\Users\Eda\AppData\Local\Temp\msvcm80.dll
C:\Users\Eda\AppData\Local\Temp\msvcp80.dll
C:\Users\Eda\AppData\Local\Temp\msvcr80.dll
C:\Users\Eda\AppData\Local\Temp\Quarantine.exe
C:\Users\Eda\AppData\Local\Temp\SIntf16.dll
C:\Users\Eda\AppData\Local\Temp\SIntf32.dll
C:\Users\Eda\AppData\Local\Temp\SIntfNT.dll
C:\Users\Eda\AppData\Local\Temp\TmDbg32.dll
C:\Users\Eda\AppData\Local\Temp\TmDbg64.dll
C:\Users\Eda\AppData\Local\Temp\uninstall37700356.exe
C:\Users\Eda\AppData\Local\Temp\uninstall37700371.exe
C:\Users\Eda\AppData\Local\Temp\utt4517.tmp.exe
C:\Users\Eda\AppData\Local\Temp\utt71D5.tmp.exe
C:\Users\Eda\AppData\Local\Temp\uttD418.tmp.exe
C:\Users\Eda\AppData\Local\Temp\uttE5D7.tmp.exe
C:\Users\Eda\AppData\Local\Temp\uttF178.tmp.exe
C:\Users\Eda\AppData\Local\Temp\war3_Install.exe
C:\Users\Eda\AppData\Local\Temp\xau74zlx.dll
C:\Users\Eda\AppData\Local\Temp\_is6156.exe
C:\Users\Eda\AppData\Local\Temp\_is7B2.exe
C:\Users\Eda\AppData\Local\Temp\_isE0C2.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: COMODO Defense+ (Enabled - Up to date) {FEEA52D5-051E-08DD-07EF-2F009097607D}
FW: COMODO Firewall (Enabled) {7DB03214-694B-060B-1600-BD4715C36DBB}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Eda\Desktop" je 4 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver
C:\Windows\AsScrProlog.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector
C:\Windows\AsScrPro.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer
"C:\Program Files (x86)\Cyberlink\Power2Go\CLMLSvc.exe"


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[vyosek]

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  U3 tmlwf;
  U3 tmwfp; 
  
  DisableService: RichVideo
  
  FF SearchPlugin: C:\Users\Eda\AppData\Roaming\Mozilla\Firefox\Profiles\g8kferza.default\searchplugins\ixquick-https.xml
  FF Extension: Xmarks - C:\Users\Eda\AppData\Roaming\Mozilla\Firefox\Profiles\g8kferza.default\Extensions\foxmarks@kei.com [2014-01-12]
  FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
  
  Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
  Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
  DPF: HKLM-x32 {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} http://www.myheritage.cz/Genoogle/Compo ... eQuery.dll
  
  HKU\S-1-5-21-1488044059-1706043965-1968784473-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)
  
  
  2014-02-25 22:35 - 2014-02-25 22:35 - 00003701 _____ () C:\Users\Eda\Desktop\JRT.txt
  2014-02-25 22:53 - 2014-02-25 22:53 - 00004794 _____ () C:\Users\Eda\Desktop\AdwCleaner[S0].txt
  2014-02-25 22:36 - 2014-02-25 22:38 - 01241834 _____ () C:\Users\Eda\Desktop\adwcleaner.exe
  2014-02-26 21:16 - 2013-12-05 16:07 - 00112640 _____ (forum.viry.cz) C:\Users\Eda\Desktop\FRSTLauncher.exe
  C:\Users\Eda\AppData\Local\Temp\0.5460668987495487.exe
  C:\Users\Eda\AppData\Local\Temp\AcDeltree.exe
  C:\Users\Eda\AppData\Local\Temp\atl80.dll
  C:\Users\Eda\AppData\Local\Temp\AVG.exe
  C:\Users\Eda\AppData\Local\Temp\binkw32.dll
  C:\Users\Eda\AppData\Local\Temp\c5f7a57d-b96a-4fca-88ed-13392791381e.dll
  C:\Users\Eda\AppData\Local\Temp\chkupdate.exe
  C:\Users\Eda\AppData\Local\Temp\ConduitEngine.dll
  C:\Users\Eda\AppData\Local\Temp\d2l_Install.exe
  C:\Users\Eda\AppData\Local\Temp\d2l_PlayD2.exe
  C:\Users\Eda\AppData\Local\Temp\dsHostCheckerSetup.exe
  C:\Users\Eda\AppData\Local\Temp\fsa251929.exe
  C:\Users\Eda\AppData\Local\Temp\GLF27AA.tmp.ConduitEngineSetup.exe
  C:\Users\Eda\AppData\Local\Temp\htmlayout.dll
  C:\Users\Eda\AppData\Local\Temp\ietD522.tmp.exe
  C:\Users\Eda\AppData\Local\Temp\jag51414.exe
  C:\Users\Eda\AppData\Local\Temp\jre-1.6.0_20-windows-i586-iftw.exe_90744722.exe
  C:\Users\Eda\AppData\Local\Temp\jre-6u20-windows-i586-jinstall_uac.exe
  C:\Users\Eda\AppData\Local\Temp\jre-6u21-windows-i586-iftw-rv.exe
  C:\Users\Eda\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe
  C:\Users\Eda\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
  C:\Users\Eda\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
  C:\Users\Eda\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
  C:\Users\Eda\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
  C:\Users\Eda\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
  C:\Users\Eda\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
  C:\Users\Eda\AppData\Local\Temp\mfc80.dll
  C:\Users\Eda\AppData\Local\Temp\mfc80u.dll
  C:\Users\Eda\AppData\Local\Temp\mfcm80.dll
  C:\Users\Eda\AppData\Local\Temp\mfcm80u.dll
  C:\Users\Eda\AppData\Local\Temp\msvcm80.dll
  C:\Users\Eda\AppData\Local\Temp\msvcp80.dll
  C:\Users\Eda\AppData\Local\Temp\msvcr80.dll
  C:\Users\Eda\AppData\Local\Temp\Quarantine.exe
  C:\Users\Eda\AppData\Local\Temp\SIntf16.dll
  C:\Users\Eda\AppData\Local\Temp\SIntf32.dll
  C:\Users\Eda\AppData\Local\Temp\SIntfNT.dll
  C:\Users\Eda\AppData\Local\Temp\TmDbg32.dll
  C:\Users\Eda\AppData\Local\Temp\TmDbg64.dll
  C:\Users\Eda\AppData\Local\Temp\uninstall37700356.exe
  C:\Users\Eda\AppData\Local\Temp\uninstall37700371.exe
  C:\Users\Eda\AppData\Local\Temp\utt4517.tmp.exe
  C:\Users\Eda\AppData\Local\Temp\utt71D5.tmp.exe
  C:\Users\Eda\AppData\Local\Temp\uttD418.tmp.exe
  C:\Users\Eda\AppData\Local\Temp\uttE5D7.tmp.exe
  C:\Users\Eda\AppData\Local\Temp\uttF178.tmp.exe
  C:\Users\Eda\AppData\Local\Temp\war3_Install.exe
  C:\Users\Eda\AppData\Local\Temp\xau74zlx.dll
  C:\Users\Eda\AppData\Local\Temp\_is6156.exe
  C:\Users\Eda\AppData\Local\Temp\_is7B2.exe
  C:\Users\Eda\AppData\Local\Temp\_isE0C2.exe
  
  Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher" /f
  
  Hosts:
  CMD: shutdown /r /f /t 2
  
  End

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[PreludeZ]

provedeno dle pokynu, zde je log

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 26-02-2014 01
Ran by Eda at 2014-02-26 23:17:38 Run:1
Running from C:\Users\Eda\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
U3 tmlwf;
U3 tmwfp;

DisableService: RichVideo

FF SearchPlugin: C:\Users\Eda\AppData\Roaming\Mozilla\Firefox\Profiles\g8kferza.default\searchplugins\ixquick-https.xml
FF Extension: Xmarks - C:\Users\Eda\AppData\Roaming\Mozilla\Firefox\Profiles\g8kferza.default\Extensions\foxmarks@kei.com [2014-01-12]
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
DPF: HKLM-x32 {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} http://www.myheritage.cz/Genoogle/Compo ... eQuery.dll

HKU\S-1-5-21-1488044059-1706043965-1968784473-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)


2014-02-25 22:35 - 2014-02-25 22:35 - 00003701 _____ () C:\Users\Eda\Desktop\JRT.txt
2014-02-25 22:53 - 2014-02-25 22:53 - 00004794 _____ () C:\Users\Eda\Desktop\AdwCleaner[S0].txt
2014-02-25 22:36 - 2014-02-25 22:38 - 01241834 _____ () C:\Users\Eda\Desktop\adwcleaner.exe
2014-02-26 21:16 - 2013-12-05 16:07 - 00112640 _____ (forum.viry.cz) C:\Users\Eda\Desktop\FRSTLauncher.exe
C:\Users\Eda\AppData\Local\Temp\0.5460668987495487.exe
C:\Users\Eda\AppData\Local\Temp\AcDeltree.exe
C:\Users\Eda\AppData\Local\Temp\atl80.dll
C:\Users\Eda\AppData\Local\Temp\AVG.exe
C:\Users\Eda\AppData\Local\Temp\binkw32.dll
C:\Users\Eda\AppData\Local\Temp\c5f7a57d-b96a-4fca-88ed-13392791381e.dll
C:\Users\Eda\AppData\Local\Temp\chkupdate.exe
C:\Users\Eda\AppData\Local\Temp\ConduitEngine.dll
C:\Users\Eda\AppData\Local\Temp\d2l_Install.exe
C:\Users\Eda\AppData\Local\Temp\d2l_PlayD2.exe
C:\Users\Eda\AppData\Local\Temp\dsHostCheckerSetup.exe
C:\Users\Eda\AppData\Local\Temp\fsa251929.exe
C:\Users\Eda\AppData\Local\Temp\GLF27AA.tmp.ConduitEngineSetup.exe
C:\Users\Eda\AppData\Local\Temp\htmlayout.dll
C:\Users\Eda\AppData\Local\Temp\ietD522.tmp.exe
C:\Users\Eda\AppData\Local\Temp\jag51414.exe
C:\Users\Eda\AppData\Local\Temp\jre-1.6.0_20-windows-i586-iftw.exe_90744722.exe
C:\Users\Eda\AppData\Local\Temp\jre-6u20-windows-i586-jinstall_uac.exe
C:\Users\Eda\AppData\Local\Temp\jre-6u21-windows-i586-iftw-rv.exe
C:\Users\Eda\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe
C:\Users\Eda\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\Eda\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\Eda\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Eda\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Eda\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Eda\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Eda\AppData\Local\Temp\mfc80.dll
C:\Users\Eda\AppData\Local\Temp\mfc80u.dll
C:\Users\Eda\AppData\Local\Temp\mfcm80.dll
C:\Users\Eda\AppData\Local\Temp\mfcm80u.dll
C:\Users\Eda\AppData\Local\Temp\msvcm80.dll
C:\Users\Eda\AppData\Local\Temp\msvcp80.dll
C:\Users\Eda\AppData\Local\Temp\msvcr80.dll
C:\Users\Eda\AppData\Local\Temp\Quarantine.exe
C:\Users\Eda\AppData\Local\Temp\SIntf16.dll
C:\Users\Eda\AppData\Local\Temp\SIntf32.dll
C:\Users\Eda\AppData\Local\Temp\SIntfNT.dll
C:\Users\Eda\AppData\Local\Temp\TmDbg32.dll
C:\Users\Eda\AppData\Local\Temp\TmDbg64.dll
C:\Users\Eda\AppData\Local\Temp\uninstall37700356.exe
C:\Users\Eda\AppData\Local\Temp\uninstall37700371.exe
C:\Users\Eda\AppData\Local\Temp\utt4517.tmp.exe
C:\Users\Eda\AppData\Local\Temp\utt71D5.tmp.exe
C:\Users\Eda\AppData\Local\Temp\uttD418.tmp.exe
C:\Users\Eda\AppData\Local\Temp\uttE5D7.tmp.exe
C:\Users\Eda\AppData\Local\Temp\uttF178.tmp.exe
C:\Users\Eda\AppData\Local\Temp\war3_Install.exe
C:\Users\Eda\AppData\Local\Temp\xau74zlx.dll
C:\Users\Eda\AppData\Local\Temp\_is6156.exe
C:\Users\Eda\AppData\Local\Temp\_is7B2.exe
C:\Users\Eda\AppData\Local\Temp\_isE0C2.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher" /f

Hosts:
CMD: shutdown /r /f /t 2

End
*****************

tmlwf => Service deleted successfully.
tmwfp => Service deleted successfully.
RichVideo service was disabled
C:\Users\Eda\AppData\Roaming\Mozilla\Firefox\Profiles\g8kferza.default\searchplugins\ixquick-https.xml => Moved successfully.
C:\Users\Eda\AppData\Roaming\Mozilla\Firefox\Profiles\g8kferza.default\Extensions\foxmarks@kei.com => Moved successfully.
HKLM\Software\Wow6432Node\MozillaPlugins\FF Plugin-x32: @microsoft.com/GENUINE - disabled No File => Key not found.
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File not found.
HKCR\PROTOCOLS\Filter\text/xml => Key deleted successfully.
HKCR\CLSID\{807553E5-5146-11D5-A672-00B0D022E945} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Value deleted successfully.
HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} => Key deleted successfully.
HKU\S-1-5-21-1488044059-1706043965-1968784473-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
C:\Users\Eda\Desktop\JRT.txt => Moved successfully.
C:\Users\Eda\Desktop\AdwCleaner[S0].txt => Moved successfully.
C:\Users\Eda\Desktop\adwcleaner.exe => Moved successfully.
C:\Users\Eda\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\0.5460668987495487.exe => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\AcDeltree.exe => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\atl80.dll => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\AVG.exe => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\binkw32.dll => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\c5f7a57d-b96a-4fca-88ed-13392791381e.dll => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\chkupdate.exe => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\ConduitEngine.dll => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\d2l_Install.exe => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\d2l_PlayD2.exe => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\dsHostCheckerSetup.exe => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\fsa251929.exe => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\GLF27AA.tmp.ConduitEngineSetup.exe => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\htmlayout.dll => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\ietD522.tmp.exe => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\jag51414.exe => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\jre-1.6.0_20-windows-i586-iftw.exe_90744722.exe => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\jre-6u20-windows-i586-jinstall_uac.exe => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\jre-6u21-windows-i586-iftw-rv.exe => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\mfc80.dll => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\mfc80u.dll => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\mfcm80.dll => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\mfcm80u.dll => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\msvcm80.dll => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\msvcp80.dll => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\msvcr80.dll => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\SIntf16.dll => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\SIntf32.dll => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\SIntfNT.dll => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\TmDbg32.dll => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\TmDbg64.dll => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\uninstall37700356.exe => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\uninstall37700371.exe => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\utt4517.tmp.exe => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\utt71D5.tmp.exe => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\uttD418.tmp.exe => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\uttE5D7.tmp.exe => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\uttF178.tmp.exe => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\war3_Install.exe => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\xau74zlx.dll => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\_is6156.exe => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\_is7B2.exe => Moved successfully.
C:\Users\Eda\AppData\Local\Temp\_isE0C2.exe => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========


========= End of CMD: =========


==== End of Fixlog ====

[vyosek]

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel èistiè

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse