Problém s rozšířením Chrome, které nejde odstranit

[Kajicek82]

Dobrý den,
mám problém s rozšířením Google Chrome, které se jmenuje EXeEechecckuer.

Snažil jsem se toto rozšíření odstranit různými anti malware programy, ale nic nepomohlo.
Poslední věc, kterou jsem zkusil je program ComboFix a také nepomohl.
Přikládám log z tohoto programu a prosím vás o pomoc.

Děkuji
Karel


ComboFix 14-02-16.01 - Karel Salay 18.02.2014 11:59:33.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.16374.14348 [GMT 1:00]
Spuštěný z: h:\05-instalace\Opravy PC\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Karel Salay\AppData\Local\Google\Chrome\User Data\Default\Extensions\mffpelldkmomdcpfnlbmomblamoidlfo
c:\users\Karel Salay\AppData\Local\Google\Chrome\User Data\Default\Extensions\mffpelldkmomdcpfnlbmomblamoidlfo\4.1_0\background.html
c:\users\Karel Salay\AppData\Local\Google\Chrome\User Data\Default\Extensions\mffpelldkmomdcpfnlbmomblamoidlfo\4.1_0\content.js
c:\users\Karel Salay\AppData\Local\Google\Chrome\User Data\Default\Extensions\mffpelldkmomdcpfnlbmomblamoidlfo\4.1_0\lsdb.js
c:\users\Karel Salay\AppData\Local\Google\Chrome\User Data\Default\Extensions\mffpelldkmomdcpfnlbmomblamoidlfo\4.1_0\manifest.json
c:\users\Karel Salay\AppData\Local\Google\Chrome\User Data\Default\Extensions\mffpelldkmomdcpfnlbmomblamoidlfo\4.1_0\xRcLilHG88.js
c:\users\Karel Salay\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mffpelldkmomdcpfnlbmomblamoidlfo_0.localstorage-journal
c:\users\Karel Salay\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mffpelldkmomdcpfnlbmomblamoidlfo_0.localstorage
c:\users\Karel Salay\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\windows\PFRO.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-01-18 do 2014-02-18 )))))))))))))))))))))))))))))))
.
.
2014-02-18 11:03 . 2014-02-18 11:03 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-02-18 11:03 . 2014-02-18 11:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-02-15 22:16 . 2014-02-16 11:35 -------- d-----w- c:\program files (x86)\SmartTweak
2014-02-15 22:16 . 2014-02-15 22:16 -------- d-----w- c:\program files (x86)\StreamTransport
2014-02-12 21:11 . 2014-02-12 21:25 -------- d-----w- C:\AdwCleaner
2014-02-12 15:29 . 2014-02-12 15:29 -------- d-----w- c:\users\Karel Salay\AppData\Roaming\Malwarebytes
2014-02-12 15:29 . 2014-02-12 15:29 -------- d-----w- c:\programdata\Malwarebytes
2014-02-12 15:29 . 2014-02-12 15:29 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2014-02-12 15:29 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-02-12 15:15 . 2013-12-21 09:53 548864 ----a-w- c:\windows\system32\vbscript.dll
2014-02-12 15:15 . 2013-12-21 08:56 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-02-12 15:15 . 2014-02-06 11:30 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-02-12 15:15 . 2014-02-06 10:20 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-02-12 15:15 . 2014-02-06 10:17 195584 ----a-w- c:\windows\system32\msrating.dll
2014-02-12 14:59 . 2014-02-12 14:59 51496 ----a-w- c:\windows\system32\drivers\stflt.sys
2014-02-10 08:11 . 2014-02-10 08:11 -------- d-----w- c:\users\Karel Salay\templates illustrator
2014-02-01 21:28 . 2014-02-01 21:29 -------- d-----w- c:\program files (x86)\il-2 sturmovik cliffs of dover
2014-02-01 21:20 . 2014-02-03 07:57 -------- d-----w- c:\program files (x86)\Common Files\Steam
2014-02-01 19:09 . 2014-02-01 19:09 98304 ----a-w- c:\windows\system32CmdLineExt.dll
2014-02-01 19:00 . 2014-02-01 19:00 -------- d--h--r- c:\users\Karel Salay\AppData\Roaming\SecuROM
2014-01-30 22:56 . 2014-02-12 19:34 -------- d-----w- c:\programdata\EXeEechecckuer
2014-01-30 22:56 . 2014-01-30 22:56 -------- d-----w- c:\programdata\mffpelldkmomdcpfnlbmomblamoidlfo
2014-01-29 02:01 . 2014-01-29 02:01 -------- d-----w- c:\windows\Migration
2014-01-28 13:03 . 2014-01-28 13:06 -------- d-----w- c:\program files (x86)\Activision
2014-01-24 08:12 . 2014-01-24 08:12 -------- d-----w- c:\program files\iPod
2014-01-24 08:12 . 2014-01-24 08:12 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-24 08:12 . 2014-01-24 08:12 -------- d-----w- c:\program files\iTunes
2014-01-24 08:12 . 2014-01-24 08:12 -------- d-----w- c:\program files (x86)\iTunes
2014-01-23 09:00 . 2014-01-23 09:00 -------- d-----w- c:\programdata\McAfee
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-17 00:34 . 2013-08-20 17:52 88567024 ----a-w- c:\windows\system32\MRT.exe
2014-02-05 15:28 . 2013-09-15 14:51 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-05 15:28 . 2013-09-15 14:51 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-01-05 01:35 . 2014-01-05 01:35 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2014-01-05 01:35 . 2014-01-05 01:35 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2014-01-05 01:35 . 2014-01-05 01:35 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2014-01-05 01:35 . 2014-01-05 01:35 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2013-12-29 08:49 . 2013-12-29 08:33 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-12-29 08:49 . 2013-12-29 08:44 282296 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-12-29 08:49 . 2013-12-29 08:33 282296 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-12-29 08:44 . 2013-12-29 08:33 270240 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-12-18 20:09 . 2013-11-12 16:25 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-12-18 08:45 . 2013-08-21 15:10 84720 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-12-18 08:45 . 2013-08-20 21:00 131576 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-12-18 08:45 . 2013-08-20 21:00 108440 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-12-11 02:00 . 2013-12-11 02:00 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-11 02:00 . 2013-12-11 02:00 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-12-11 02:00 . 2013-12-11 02:00 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-12-11 02:00 . 2013-12-11 02:00 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-12-11 02:00 . 2013-12-11 02:00 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-12-11 02:00 . 2013-12-11 02:00 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-12-11 02:00 . 2013-12-11 02:00 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-12-11 02:00 . 2013-12-11 02:00 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-12-11 02:00 . 2013-12-11 02:00 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-12-11 02:00 . 2013-12-11 02:00 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-12-11 02:00 . 2013-12-11 02:00 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-12-11 02:00 . 2013-12-11 02:00 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-12-11 02:00 . 2013-12-11 02:00 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-12-11 02:00 . 2013-12-11 02:00 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-12-11 02:00 . 2013-12-11 02:00 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-12-11 02:00 . 2013-12-11 02:00 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-12-11 02:00 . 2013-12-11 02:00 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-12-11 02:00 . 2013-12-11 02:00 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-12-11 02:00 . 2013-12-11 02:00 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-12-11 02:00 . 2013-12-11 02:00 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-12-11 02:00 . 2013-12-11 02:00 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-12-11 02:00 . 2013-12-11 02:00 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-12-11 02:00 . 2013-12-11 02:00 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-12-11 02:00 . 2013-12-11 02:00 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-12-11 02:00 . 2013-12-11 02:00 81408 ----a-w- c:\windows\system32\icardie.dll
2013-12-11 02:00 . 2013-12-11 02:00 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-12-11 02:00 . 2013-12-11 02:00 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-12-11 02:00 . 2013-12-11 02:00 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-12-11 02:00 . 2013-12-11 02:00 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-12-11 02:00 . 2013-12-11 02:00 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-12-11 02:00 . 2013-12-11 02:00 413696 ----a-w- c:\windows\system32\html.iec
2013-12-11 02:00 . 2013-12-11 02:00 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-11 02:00 . 2013-12-11 02:00 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-12-11 02:00 . 2013-12-11 02:00 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-12-11 02:00 . 2013-12-11 02:00 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-12-11 02:00 . 2013-12-11 02:00 247808 ----a-w- c:\windows\system32\msls31.dll
2013-12-11 02:00 . 2013-12-11 02:00 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-12-11 02:00 . 2013-12-11 02:00 235520 ----a-w- c:\windows\system32\url.dll
2013-12-11 02:00 . 2013-12-11 02:00 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-12-11 02:00 . 2013-12-11 02:00 143872 ----a-w- c:\windows\system32\wextract.exe
2013-12-11 02:00 . 2013-12-11 02:00 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-12-11 02:00 . 2013-12-11 02:00 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-12-11 02:00 . 2013-12-11 02:00 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-12-11 02:00 . 2013-12-11 02:00 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-12-11 02:00 . 2013-12-11 02:00 101376 ----a-w- c:\windows\system32\inseng.dll
2013-12-11 02:00 . 2013-12-11 02:00 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-12-11 02:00 . 2013-12-11 02:00 774144 ----a-w- c:\windows\system32\jscript.dll
2013-12-11 02:00 . 2013-12-11 02:00 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-12-11 02:00 . 2013-12-11 02:00 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-12-11 02:00 . 2013-12-11 02:00 147968 ----a-w- c:\windows\system32\occache.dll
2013-12-11 02:00 . 2013-12-11 02:00 13824 ----a-w- c:\windows\system32\mshta.exe
2013-12-11 02:00 . 2013-12-11 02:00 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-12-03 21:11 . 2013-12-03 14:12 45056 ----a-w- c:\windows\NCUNINST.EXE
2013-11-27 01:41 . 2014-01-14 22:13 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-11-27 01:41 . 2014-01-14 22:13 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-11-27 01:41 . 2014-01-14 22:13 53248 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-11-27 01:41 . 2014-01-14 22:13 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-11-27 01:41 . 2014-01-14 22:13 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-11-27 01:41 . 2014-01-14 22:13 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-11-27 01:41 . 2014-01-14 22:13 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-11-26 11:40 . 2014-01-14 22:13 376768 ----a-w- c:\windows\system32\drivers\netio.sys
2013-11-26 10:32 . 2014-01-14 22:13 3156480 ----a-w- c:\windows\system32\win32k.sys
2013-11-23 18:26 . 2013-12-12 03:16 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-12 03:16 465920 ----a-w- c:\windows\system32\WMPhoto.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Karel Salay\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Karel Salay\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Karel Salay\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-11-14 20584608]
"cz.seznam.software.autoupdate"="c:\users\Karel Salay\AppData\Roaming\Seznam.cz\szninstall.exe" [2013-05-16 1062472]
"cz.seznam.software.szndesktop"="c:\users\Karel Salay\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [2013-04-12 92664]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2013-11-20 59720]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Popup"="c:\program files (x86)\MegaRAID Storage Manager\MegaPopup\Popup.exe" [2009-03-25 102400]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2013-04-25 1075296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-12-18 684600]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-01-20 43848]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"ControlCenter4"="c:\program files (x86)\ControlCenter4\BrCcBoot.exe" [2012-09-06 143360]
"BrStsMon00"="c:\program files (x86)\Browny02\Brother\BrStMonW.exe" [2012-06-06 3076096]
"M-Audio Taskbar Icon"="c:\program files (x86)\Common Files\M-Audio\Legacy\TaskBarIcon\M-AudioTaskBarIcon.exe" [2013-02-28 876544]
"Contour Shuttle Device Helper"="c:\program files (x86)\Contour Shuttle\ShuttleHelper.exe" [2013-08-26 128000]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-01-20 152392]
.
c:\users\Karel Salay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Karel Salay\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-1-3 30714328]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer7"=wdmaud.drv
.
R2 AenService;AenService;c:\users\KARELS~1\AppData\Local\Temp\PORTAB~1\WINDOW~1\image\pmc\bin\AenDaemon.exe;c:\users\KARELS~1\AppData\Local\Temp\PORTAB~1\WINDOW~1\image\pmc\bin\AenDaemon.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MAUSBPRODUCER;Service for M-Audio Producer USB;c:\windows\system32\DRIVERS\M-AudioProducerUSB.sys;c:\windows\SYSNATIVE\DRIVERS\M-AudioProducerUSB.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 BrYNSvc;BrYNSvc;c:\program files (x86)\Browny02\BrYNSvc.exe;c:\program files (x86)\Browny02\BrYNSvc.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-02-12 19:46 1211720 ----a-w- c:\program files (x86)\Google\Chrome\Application\32.0.1700.107\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-02-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-15 15:28]
.
2014-02-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-20 17:11]
.
2014-02-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-20 17:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Karel Salay\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Karel Salay\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Karel Salay\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Karel Salay\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/?clid=13415
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKLM-Run-mobilegeni daemon - c:\program files (x86)\Mobogenie\DaemonProcess.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{15B26AEF-87F1-7A39-520E-9403BCBB56AF} - c:\programdata\EXeEechecckuer\hD2jZKg_.x64.dll
BHO-{9315B505-738E-119D-6FBC-6901EF8AA248} - c:\programdata\topdeal\uGcxzf.x64.dll
BHO-{EA29B3C8-A59F-56D9-1D6B-FC9B90DED17C} - c:\programdata\FlexiibLEShoPper\Kt0p.x64.dll
WebBrowser-{41564952-412D-5637-00A7-7A786E7484D7} - (no file)
HKLM-Run-SpywareTerminatorShield - c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM-Run-SpywareTerminatorUpdater - c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-3107176569-212954167-4138412272-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:d1,10,99,bf,33,98,03,3a,fb,64,34,28,34,0f,a2,fa,31,7a,3e,4d,7a,82,bf,
c5,e1,f0,37,0a,16,69,35,c2,3c,e9,9f,c4,2a,e9,e5,e9,38,e7,b1,1a,e3,e9,fd,c6,\
"??"=hex:35,e1,b2,b1,91,ca,41,61,a3,6a,22,bf,c9,75,c8,be
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-02-18 12:05:00
ComboFix-quarantined-files.txt 2014-02-18 11:05
.
Před spuštěním: Volných bajtů: 17 803 517 952
Po spuštění: Volných bajtů: 19 093 188 608
.
- - End Of File - - 94F52F30D2157AC5B8FCA7259A48A7E0
A36C5E4F47E84449FF07ED3517B43A31

[vyosek]

Zdravim

:arrow:Co se tyce ComboFixu, ktery jste pouzil, tak na zaklade licence a pravidel fora ptam, umite s nim pracovat (spusteni, rozlusteni logu, napsani skriptu)?

Licencni podminky ComboFixu hovori jasne "Nikdy by nemel byt pouzit v prostredi bez dozoru zkusene osoby"


Nebezpeci CFka

• Je urcen primarne pro radce - jeho svevolnym pouzitim ztracite narok na podporu
• Maze stopy po haveti, takze v logu z RSIT neni nic videt
• Jeho log je treba dolustit, jelikoz neumi smazat vse - to ovsem tezko zvladnete pokud k tomu nejste vyskolen
• CF muze mit bug = sunda Vam system, pokud nevite kam co uklada, jak co obnovit, mate system v kytkam a ceka Vas reinstal
• CF taky bohuzel prozatim nekontroluje nektere dulezite knihovny (napr. hal.dll) - ty treba mazou nektere typy haveti (napr. angela) - smaze Vam po restartu hal.dll = nenajede Vam system a jste o radek vyse = reinstal

[Kajicek82]

Dobrý den,
No jak bych to řekl, provedl jsem již všechno možné, ale nic mi nepomohlo, tak mi známý doporučil tento program.
Pročetl jsem si návod a odsouhlasil podmínky, známeho jsem měl v případě potřeby přes druhé PC online k dospozici.

Program provedl své procesy a vytvořil log, který jsem zveřejnil zde, jak mne návod k programu nabádá.
Toť vše.

Udělal jsem snad něco špatně, v PC mi vše funguje jak má, jenom závada setrvává.

[vyosek]

Navod, beru ten jediny a oficialni (http://www.bleepingcomputer.com/combofi ... t-combofix ) predevsim ale hovori, aby jste se nejdrive poradil jestli CF pouzit

Nepoužívejte ComboFix, aniž by vás o to požádal zkušený rádce. Nesnažte se jednat na vlastní pěst, pečlivě postupujte podle pokynů v tomto návodu a respektujte rady osoby, která byla s možnostmi ComboFixu náležitě obeznámena a která vám s odvirováváním počítače pomáhá. ComboFix je mocný nástroj, jehož nesprávné užití může vést k problémům s fungováním vašeho počítače.

Pokud potřebujete asistenci při odvirovávání počítače, úplně nejdříve si založte vlastní téma na některém z internetových fór uvedených ke konci tohoto návodu a na něm požádejte o pomoc. Na každém z těchto fór platí rozdílná pravidla a skutečnosti, jimiž je třeba se řídit, proto si vždy pročtěte tamější důležité informace a oznámení, abyste věděli, jak přesně máte postupovat.

Tento návod je jediným oficiálním návodem k použití ComboFixu a nesmí být kopírován ani jinak šířen bez souhlasu BleepingComputer.com a sUBse.

Pokud tedy je vas znamy zkuseny a znaly v pouzivani CF (takto hovori licence, kterou jste odsouhlasil), tak proc Vam pres CF to rozsireni neodstranil - je tam krasne videt a jde smazat

Navic jste CF spustil ze spatneho umisteni, navod hovori o spousteni z plochy

Spuštěný z: h:\05-instalace\Opravy PC\ComboFix.exe

Pokud priste pouzijete CF bez naseho doporuceni a prijdete zadat o pomoc, tak bude odmitnuta

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

[Kajicek82]

Tak to se omlouvám, známý mi měl asi vysvětlit co vše mi hrozí a že s tím neumí pracovat, sprdnu ho.

Každopádně jsem provedl to co jste mi řekl, tohle je výsledek:

# AdwCleaner v3.019 - Report created 18/02/2014 at 15:31:13
# Updated 17/02/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Karel Salay - IBM
# Running from : C:\Users\Karel Salay\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Google Chrome v32.0.1700.107

[ File : C:\Users\Karel Salay\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R5].txt - [774 octets] - [18/02/2014 15:30:46]
AdwCleaner[S4].txt - [696 octets] - [18/02/2014 15:31:13]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [755 octets] ##########

[Kajicek82]

Dobrý den,
omlouvám se, že otravuji, ale vyčtete z předchozího příspěvku kde je problém?

Děkuji za odpověď
Karel Salay

[vyosek]

Zdravim,

ja mel nejake studenstke povinnosti (my jsme tu vsichni ve svem volnem case)

Dejte log z FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

[Kajicek82]

Addition.zip

soubor addition

(6.77 KiB) Staženo 28 x

Addition.zip

soubor addition

(6.77 KiB) Staženo 28 x

Addition.zip

soubor addition

(6.77 KiB) Staženo 28 x

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2014
Ran by Karel Salay (administrator) on IBM on 19-02-2014 20:49:00
Running from C:\Users\Karel Salay\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Adaptec Incorporated) C:\Program Files\Adaptec\Adaptec Storage Manager\StorServ.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\32.0.1700.98\remoting_host.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\32.0.1700.98\remoting_host.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Contour Design, Inc.) C:\Program Files (x86)\Contour Shuttle\ShuttleEngine.exe
() C:\Program Files (x86)\MegaRAID Storage Manager\Framework\VivaldiFramework.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\MegaRAID Storage Manager\JRE\bin\javaw.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Spigot, Inc.) C:\Users\Karel Salay\AppData\Roaming\Search Protection\SearchProtection.exe
(Dropbox, Inc.) C:\Users\Karel Salay\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Users\Karel Salay\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Karel Salay\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(LSI) C:\Program Files (x86)\MegaRAID Storage Manager\MegaPopup\popup.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(M-Audio / inMusic Brands, Inc.) C:\Program Files (x86)\Common Files\M-Audio\Legacy\TaskBarIcon\M-AudioTaskBarIcon.exe
(Contour Design, Inc.) C:\Program Files (x86)\Contour Shuttle\ShuttleHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AIMP DevTeam) C:\Program Files (x86)\AIMP3\AIMP3.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\LogTransport2.exe
(forum.viry.cz) C:\Users\Karel Salay\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [SpywareTerminatorShield] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM-x32\...\Run: [Popup] - C:\Program Files (x86)\MegaRAID Storage Manager\MegaPopup\Popup.exe [102400 2009-03-25] (LSI)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [ControlCenter4] - C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] - C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [M-Audio Taskbar Icon] - C:\Program Files (x86)\Common Files\M-Audio\Legacy\TaskBarIcon\M-AudioTaskBarIcon.exe [876544 2013-02-28] (M-Audio / inMusic Brands, Inc.)
HKLM-x32\...\Run: [Contour Shuttle Device Helper] - C:\Program Files (x86)\Contour Shuttle\ShuttleHelper.exe [128000 2013-08-26] (Contour Design, Inc.)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [seznam-listicka-distribuce] - C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKU\S-1-5-21-3107176569-212954167-4138412272-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-3107176569-212954167-4138412272-1000\...\Run: [cz.seznam.software.autoupdate] - C:\Users\Karel Salay\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3107176569-212954167-4138412272-1000\...\Run: [cz.seznam.software.szndesktop] - C:\Users\Karel Salay\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-3107176569-212954167-4138412272-1000\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3107176569-212954167-4138412272-1000\...\Run: [SearchProtection] - C:\Users\Karel Salay\AppData\Roaming\Search Protection\SearchProtection.EXE [840552 2014-02-05] (Spigot, Inc.)
Startup: C:\Users\Karel Salay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Karel Salay\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13415
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {B8F418E6-5CA1-4BD5-8C0B-FB1773E53CD3} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
SearchScopes: HKCU - {35F994FE-BCD8-4A5A-8875-7F994CDAE2A8} URL = http://www.novinky.cz/hledej?w={searchT ... arch_13415
SearchScopes: HKCU - {39714DA4-36BE-4D0C-B41D-52A805966368} URL = http://encyklopedie.seznam.cz/search?q= ... arch_13415
SearchScopes: HKCU - {4BF77569-060F-4109-96C4-24154F2C1360} URL = http://search.seznam.cz/?q={searchTerms ... arch_13415
SearchScopes: HKCU - {5B2A2FB3-4A69-4168-924B-7309242265B9} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKCU - {79D29263-9B57-496C-A4FF-F480F37BF988} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
SearchScopes: HKCU - {B301494B-F7FD-4BC1-98BD-09EE0989038B} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415
SearchScopes: HKCU - {B8F418E6-5CA1-4BD5-8C0B-FB1773E53CD3} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
SearchScopes: HKCU - {BF2AE424-DD58-4A81-81F7-24CAF5540F6A} URL = http://www.mapy.cz/?query={searchTerms} ... arch_13415
SearchScopes: HKCU - {C0787458-9AAC-4803-9BF1-F7F59B551746} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKCU - {DAE475F3-FE26-4956-9B53-8A853C514789} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_13415
BHO: EXeEechecckuer - {15B26AEF-87F1-7A39-520E-9403BCBB56AF} - C:\ProgramData\EXeEechecckuer\hD2jZKg_.x64.dll No File
BHO: topdeal - {9315B505-738E-119D-6FBC-6901EF8AA248} - C:\ProgramData\topdeal\uGcxzf.x64.dll No File
BHO: FlexiibLEShoPper - {EA29B3C8-A59F-56D9-1D6B-FC9B90DED17C} - C:\ProgramData\FlexiibLEShoPper\Kt0p.x64.dll No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Chrome:
=======
CHR DefaultSearchKeyword: yahoo.com search
CHR DefaultSearchProvider: Yahoo
CHR DefaultSearchURL: http://search.yahoo.com/search?fr=chr-g ... earchTerms}
CHR DefaultNewTabURL:
CHR Extension: (Dokumenty Google) - C:\Users\Karel Salay\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-12]
CHR Extension: (Disk Google) - C:\Users\Karel Salay\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-12]
CHR Extension: (YouTube) - C:\Users\Karel Salay\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-12]
CHR Extension: (Vyhledávání Google) - C:\Users\Karel Salay\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-12]
CHR Extension: (EXeEechecckuer) - C:\Users\Karel Salay\AppData\Local\Google\Chrome\User Data\Default\Extensions\mffpelldkmomdcpfnlbmomblamoidlfo [2014-02-18]
CHR Extension: (Peněženka Google) - C:\Users\Karel Salay\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-12]
CHR Extension: (Gmail) - C:\Users\Karel Salay\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-12]
CHR Extension: (topdeal) - C:\ProgramData\namfgojjkkiaccmebngeccnifbejgpkh [2013-12-24]
CHR HKCU\...\Chrome\Extension: [cflheckfmhopnialghigdlggahiomebp] - C:\Users\Karel Salay\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx [2013-12-28]
CHR HKLM-x32\...\Chrome\Extension: [cflheckfmhopnialghigdlggahiomebp] - C:\Users\Karel Salay\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx [2013-12-28]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AdaptecStorageManagerAgent; C:\Program Files\Adaptec\Adaptec Storage Manager\StorServ.exe [119296 2010-08-03] (Adaptec Incorporated)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-19] (Avira Operations GmbH & Co. KG)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\32.0.1700.98\remoting_host.exe [50456 2014-01-13] (Google Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S2 MegaMonitorSrv; C:\Program Files (x86)\MegaRAID Storage Manager\MegaMonitor\mrmonitor.exe [487424 2009-08-20] ()
R2 MSMFramework; C:\Program Files (x86)\MegaRAID Storage Manager\Framework\VivaldiFramework.exe [72760 2009-05-20] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-12-29] ()
R2 ShuttleEngine; C:\Program Files (x86)\Contour Shuttle\ShuttleEngine.exe [99840 2013-08-26] (Contour Design, Inc.)
S2 AenService; C:\Users\KARELS~1\AppData\Local\Temp\PORTAB~1\WINDOW~1\image\pmc\bin\AenDaemon.exe [X]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-19] (Avira Operations GmbH & Co. KG)
R3 e1qexpress; C:\Windows\System32\DRIVERS\e1q60x64.sys [244736 2009-06-10] (Intel Corporation)
S3 MAUSBPRODUCER; C:\Windows\System32\DRIVERS\M-AudioProducerUSB.sys [192512 2013-02-28] (M-Audio)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-19 20:49 - 2014-02-19 20:49 - 00016251 _____ () C:\Users\Karel Salay\Desktop\FRST.txt
2014-02-19 20:48 - 2014-02-19 20:49 - 00000000 ____D () C:\FRST
2014-02-19 20:45 - 2014-02-19 20:45 - 00112640 _____ (forum.viry.cz) C:\Users\Karel Salay\Downloads\Nepotvrzeno 245007.crdownload
2014-02-19 20:45 - 2014-02-19 20:45 - 00112640 _____ (forum.viry.cz) C:\Users\Karel Salay\Desktop\FRSTLauncher.exe
2014-02-19 20:44 - 2014-02-19 20:44 - 00112640 _____ (forum.viry.cz) C:\Users\Karel Salay\Downloads\Nepotvrzeno 989492.crdownload
2014-02-19 20:44 - 2014-02-19 20:44 - 00112640 _____ (forum.viry.cz) C:\Users\Karel Salay\Downloads\Nepotvrzeno 576916.crdownload
2014-02-19 20:44 - 2014-02-19 20:44 - 00000000 _____ () C:\Users\Karel Salay\Downloads\FRSTLauncher.exe.g541kuw.partial
2014-02-19 20:43 - 2014-02-19 20:43 - 02153472 _____ (Farbar) C:\Users\Karel Salay\Desktop\FRST64.exe
2014-02-18 22:03 - 2014-02-18 22:03 - 00000000 ____D () C:\Users\Karel Salay\AppData\Roaming\Search Protection
2014-02-18 22:02 - 2014-02-18 22:02 - 00000000 ____D () C:\Program Files (x86)\GreenTree Applications
2014-02-18 15:20 - 2014-02-18 15:20 - 01241834 _____ () C:\Users\Karel Salay\Desktop\adwcleaner.exe
2014-02-18 12:10 - 2014-02-18 12:10 - 00000552 _____ () C:\Windows\PFRO.log
2014-02-18 12:05 - 2014-02-18 12:05 - 00028525 _____ () C:\ComboFix.txt
2014-02-18 11:58 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-02-18 11:58 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-02-18 11:58 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-02-18 11:58 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-02-18 11:58 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-02-18 11:58 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-02-18 11:58 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-02-18 11:58 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-02-18 11:56 - 2014-02-18 12:05 - 00000000 ____D () C:\Qoobox
2014-02-18 11:56 - 2014-02-18 12:03 - 00000000 ____D () C:\Windows\erdnt
2014-02-17 16:11 - 2014-02-17 16:11 - 00029828 _____ () C:\Users\Karel Salay\Downloads\Broadway+BT+Regular.zip
2014-02-16 23:36 - 2014-02-16 23:37 - 00482506 _____ () C:\Users\Karel Salay\Downloads\596063.zip
2014-02-15 23:52 - 2014-02-15 23:52 - 00000000 ____D () C:\Users\Karel Salay\Documents\StreamTransport
2014-02-15 23:16 - 2014-02-16 12:35 - 00000000 ____D () C:\Program Files (x86)\SmartTweak
2014-02-15 23:16 - 2014-02-15 23:16 - 00001266 _____ () C:\Users\Karel Salay\Desktop\SpeedUpMyComputer.lnk
2014-02-15 23:16 - 2014-02-15 23:16 - 00001097 _____ () C:\Users\Public\Desktop\StreamTransport.lnk
2014-02-15 23:16 - 2014-02-15 23:16 - 00000000 ____D () C:\Users\Karel Salay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
2014-02-15 23:16 - 2014-02-15 23:16 - 00000000 ____D () C:\Program Files (x86)\StreamTransport
2014-02-15 23:15 - 2014-02-15 23:15 - 01951328 _____ (http://www.streamtransport.com/ ) C:\Users\Karel Salay\Downloads\streamtransport_setup.exe
2014-02-12 22:11 - 2014-02-18 15:31 - 00000000 ____D () C:\AdwCleaner
2014-02-12 20:46 - 2014-02-12 20:46 - 00002315 _____ () C:\Users\Karel Salay\Desktop\Spouštěč aplikací Chrome.lnk
2014-02-12 20:46 - 2014-02-12 20:46 - 00002261 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-12 20:46 - 2014-02-12 20:46 - 00000000 ____D () C:\Users\Karel Salay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-02-12 16:29 - 2014-02-12 16:29 - 00001115 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-12 16:29 - 2014-02-12 16:29 - 00000000 ____D () C:\Users\Karel Salay\AppData\Roaming\Malwarebytes
2014-02-12 16:29 - 2014-02-12 16:29 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-12 16:29 - 2014-02-12 16:29 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-12 16:29 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-12 16:28 - 2014-02-12 16:28 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Karel Salay\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-12 16:15 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-12 16:15 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-12 16:15 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-12 16:15 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-12 16:15 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-12 16:15 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-12 16:14 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-12 16:14 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-12 16:14 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-12 16:14 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-12 16:14 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-12 16:14 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-12 16:14 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-12 16:14 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-12 16:14 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-12 16:14 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-12 16:14 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-12 16:14 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-12 16:14 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-12 16:14 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-12 16:14 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-12 16:14 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-12 16:14 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-12 16:14 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-12 16:14 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-12 16:14 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-12 16:14 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-12 16:14 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-12 16:14 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-12 16:14 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-12 16:14 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-12 16:14 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-12 16:14 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-12 16:14 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-12 16:14 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-12 16:14 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-12 16:14 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-12 16:14 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-12 16:14 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-12 16:14 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-12 16:14 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-12 15:59 - 2014-02-12 15:59 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-02-12 15:58 - 2014-02-12 15:58 - 00937208 _____ (Crawler.com ) C:\Users\Karel Salay\Downloads\SpywareTerminatorSetup.exe
2014-02-12 07:50 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-12 07:50 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 07:50 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 07:50 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 07:50 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 07:50 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 07:50 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 07:50 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-12 07:50 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 07:50 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 07:50 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 07:50 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 07:50 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 07:50 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 07:50 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 07:50 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 07:50 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 07:50 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-12 07:50 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-12 07:50 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 07:50 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-12 07:50 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 07:50 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-12 07:50 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-12 07:50 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 07:50 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 07:50 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 07:50 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-10 09:11 - 2014-02-10 09:11 - 00000000 ____D () C:\Users\Karel Salay\templates illustrator
2014-02-07 09:29 - 2014-02-07 09:29 - 00000000 ____D () C:\Users\Karel Salay\Documents\Playlisty
2014-02-01 23:39 - 2014-02-01 23:39 - 00035638 _____ () C:\Users\Karel Salay\Downloads\[CzT]Take_on_Helicopters.torrent
2014-02-01 22:34 - 2014-02-01 22:34 - 00000000 ____D () C:\Users\Karel Salay\Documents\1C SoftClub
2014-02-01 22:28 - 2014-02-01 22:29 - 00000000 ____D () C:\Program Files (x86)\il-2 sturmovik cliffs of dover
2014-02-01 20:09 - 2014-02-01 20:09 - 00098304 _____ (Sony DADC Austria AG.) C:\Windows\system32CmdLineExt.dll
2014-02-01 20:00 - 2014-02-01 20:00 - 00003034 _____ () C:\Windows\System32\Tasks\{49698210-AD2B-4789-940E-89A109BE8C7F}
2014-02-01 20:00 - 2014-02-01 20:00 - 00000000 __RHD () C:\Users\Karel Salay\AppData\Roaming\SecuROM
2014-02-01 15:04 - 2014-02-01 15:04 - 00023113 _____ () C:\Users\Karel Salay\Downloads\[CzT]IL_2_Sturmovik_Cliffs_of_Dover.torrent
2014-01-30 23:56 - 2014-02-12 20:34 - 00000000 ____D () C:\ProgramData\EXeEechecckuer
2014-01-30 23:56 - 2014-01-30 23:56 - 00000270 __RSH () C:\ProgramData\ntuser.pol
2014-01-30 23:56 - 2014-01-30 23:56 - 00000000 ____D () C:\ProgramData\mffpelldkmomdcpfnlbmomblamoidlfo
2014-01-30 18:45 - 2014-01-30 18:45 - 00000132 _____ () C:\Users\Karel Salay\AppData\Roaming\Adobe GIF Format CS6 Prefs
2014-01-28 18:18 - 2014-02-01 21:16 - 00000015 _____ () C:\Users\Karel Salay\AppData\Local\X-Plane_drm.prf
2014-01-28 18:17 - 2014-01-28 18:17 - 00000025 _____ () C:\Users\Karel Salay\AppData\Local\x-plane_install_10.txt
2014-01-28 14:03 - 2014-01-28 14:06 - 00000000 ____D () C:\Program Files (x86)\Activision
2014-01-25 23:21 - 2014-01-25 23:21 - 00000000 _____ () C:\Users\Karel Salay\Desktop\Nový textový dokument.txt
2014-01-24 09:12 - 2014-01-24 09:12 - 00001789 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-01-24 09:12 - 2014-01-24 09:12 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-24 09:12 - 2014-01-24 09:12 - 00000000 ____D () C:\Program Files\iTunes
2014-01-24 09:12 - 2014-01-24 09:12 - 00000000 ____D () C:\Program Files\iPod
2014-01-24 09:12 - 2014-01-24 09:12 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-01-23 10:04 - 2014-01-23 10:04 - 00005250 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-23 10:00 - 2014-01-23 10:00 - 00000000 ____D () C:\ProgramData\McAfee
2014-01-21 11:07 - 2014-01-21 11:07 - 00000000 ____D () C:\Users\Karel Salay\Desktop\záloha
2014-01-20 19:39 - 2014-01-20 19:40 - 00007280 _____ () C:\Users\Karel Salay\Downloads\fio_2100444871_20140120_ (1).gpc
2014-01-20 19:15 - 2014-01-20 19:15 - 00007280 _____ () C:\Users\Karel Salay\Downloads\fio_2100444871_20140120_.gpc
2014-01-20 15:22 - 2014-01-20 15:22 - 03819015 _____ () C:\Users\Karel Salay\Downloads\world-national-flag-vectors.zip
2014-01-20 15:18 - 2014-01-20 15:18 - 00920435 _____ () C:\Users\Karel Salay\Downloads\FreeVector-Paris-Vectors.zip

==================== One Month Modified Files and Folders =======

2014-02-19 20:49 - 2014-02-19 20:49 - 00016251 _____ () C:\Users\Karel Salay\Desktop\FRST.txt
2014-02-19 20:49 - 2014-02-19 20:48 - 00000000 ____D () C:\FRST
2014-02-19 20:47 - 2013-09-09 14:26 - 00000000 ____D () C:\Users\Karel Salay\AppData\Roaming\Skype
2014-02-19 20:47 - 2013-08-20 21:21 - 00000000 ____D () C:\Users\Karel Salay\AppData\Roaming\eM Client
2014-02-19 20:45 - 2014-02-19 20:45 - 00112640 _____ (forum.viry.cz) C:\Users\Karel Salay\Downloads\Nepotvrzeno 245007.crdownload
2014-02-19 20:45 - 2014-02-19 20:45 - 00112640 _____ (forum.viry.cz) C:\Users\Karel Salay\Desktop\FRSTLauncher.exe
2014-02-19 20:44 - 2014-02-19 20:44 - 00112640 _____ (forum.viry.cz) C:\Users\Karel Salay\Downloads\Nepotvrzeno 989492.crdownload
2014-02-19 20:44 - 2014-02-19 20:44 - 00112640 _____ (forum.viry.cz) C:\Users\Karel Salay\Downloads\Nepotvrzeno 576916.crdownload
2014-02-19 20:44 - 2014-02-19 20:44 - 00000000 _____ () C:\Users\Karel Salay\Downloads\FRSTLauncher.exe.g541kuw.partial
2014-02-19 20:43 - 2014-02-19 20:43 - 02153472 _____ (Farbar) C:\Users\Karel Salay\Desktop\FRST64.exe
2014-02-19 20:27 - 2013-09-15 15:51 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-19 20:27 - 2013-08-20 18:11 - 00000962 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-19 20:02 - 2013-08-31 11:36 - 00000000 ____D () C:\Users\Karel Salay\AppData\Roaming\AIMP3
2014-02-19 18:32 - 2013-08-20 18:05 - 01199383 _____ () C:\Windows\WindowsUpdate.log
2014-02-19 11:27 - 2013-08-20 18:11 - 00000958 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-19 09:53 - 2009-07-14 05:45 - 00022080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-19 09:53 - 2009-07-14 05:45 - 00022080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-19 09:50 - 2013-10-30 21:35 - 00000000 ____D () C:\Users\Karel Salay\AppData\Roaming\Seznam.cz
2014-02-19 09:49 - 2011-04-12 09:34 - 00668866 _____ () C:\Windows\system32\perfh005.dat
2014-02-19 09:49 - 2011-04-12 09:34 - 00141526 _____ () C:\Windows\system32\perfc005.dat
2014-02-19 09:49 - 2009-07-14 06:13 - 01584554 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-19 09:45 - 2013-10-10 09:06 - 00000000 ___RD () C:\Users\Karel Salay\Dropbox
2014-02-19 09:45 - 2013-10-10 09:03 - 00000000 ____D () C:\Users\Karel Salay\AppData\Roaming\Dropbox
2014-02-19 09:45 - 2013-08-20 18:21 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-19 09:45 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-19 09:45 - 2009-07-14 05:51 - 00045630 _____ () C:\Windows\setupact.log
2014-02-19 02:00 - 2013-08-20 20:33 - 00000000 ____D () C:\Users\Karel Salay\AppData\Local\Adobe
2014-02-19 00:25 - 2013-08-21 21:37 - 00000132 _____ () C:\Users\Karel Salay\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-02-19 00:16 - 2013-08-20 21:38 - 00000000 ____D () C:\Users\Karel Salay\AppData\Roaming\vlc
2014-02-18 22:03 - 2014-02-18 22:03 - 00000000 ____D () C:\Users\Karel Salay\AppData\Roaming\Search Protection
2014-02-18 22:02 - 2014-02-18 22:02 - 00000000 ____D () C:\Program Files (x86)\GreenTree Applications
2014-02-18 22:02 - 2013-09-25 12:38 - 00001295 _____ () C:\Users\Public\Desktop\YTD Video Downloader.lnk
2014-02-18 15:31 - 2014-02-12 22:11 - 00000000 ____D () C:\AdwCleaner
2014-02-18 15:20 - 2014-02-18 15:20 - 01241834 _____ () C:\Users\Karel Salay\Desktop\adwcleaner.exe
2014-02-18 12:11 - 2009-07-14 05:45 - 05460160 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-18 12:10 - 2014-02-18 12:10 - 00000552 _____ () C:\Windows\PFRO.log
2014-02-18 12:05 - 2014-02-18 12:05 - 00028525 _____ () C:\ComboFix.txt
2014-02-18 12:05 - 2014-02-18 11:56 - 00000000 ____D () C:\Qoobox
2014-02-18 12:05 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-02-18 12:03 - 2014-02-18 11:56 - 00000000 ____D () C:\Windows\erdnt
2014-02-18 12:03 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-02-17 16:12 - 2013-08-20 18:11 - 00166072 _____ () C:\Users\Karel Salay\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-17 16:11 - 2014-02-17 16:11 - 00029828 _____ () C:\Users\Karel Salay\Downloads\Broadway+BT+Regular.zip
2014-02-17 01:35 - 2013-08-20 18:52 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-17 01:34 - 2013-08-20 18:52 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-16 23:37 - 2014-02-16 23:36 - 00482506 _____ () C:\Users\Karel Salay\Downloads\596063.zip
2014-02-16 12:35 - 2014-02-15 23:16 - 00000000 ____D () C:\Program Files (x86)\SmartTweak
2014-02-16 12:33 - 2013-09-25 12:38 - 00000000 ____D () C:\ProgramData\YTD Video Downloader
2014-02-15 23:52 - 2014-02-15 23:52 - 00000000 ____D () C:\Users\Karel Salay\Documents\StreamTransport
2014-02-15 23:16 - 2014-02-15 23:16 - 00001266 _____ () C:\Users\Karel Salay\Desktop\SpeedUpMyComputer.lnk
2014-02-15 23:16 - 2014-02-15 23:16 - 00001097 _____ () C:\Users\Public\Desktop\StreamTransport.lnk
2014-02-15 23:16 - 2014-02-15 23:16 - 00000000 ____D () C:\Users\Karel Salay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
2014-02-15 23:16 - 2014-02-15 23:16 - 00000000 ____D () C:\Program Files (x86)\StreamTransport
2014-02-15 23:15 - 2014-02-15 23:15 - 01951328 _____ (http://www.streamtransport.com/ ) C:\Users\Karel Salay\Downloads\streamtransport_setup.exe
2014-02-14 12:37 - 2013-12-24 01:53 - 00000000 ____D () C:\ProgramData\topdeal
2014-02-13 04:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-12 22:14 - 2013-08-22 20:53 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-12 22:07 - 2013-10-24 11:35 - 00000000 ____D () C:\Program Files (x86)\Boris FX, Inc
2014-02-12 22:06 - 2013-10-24 14:57 - 00000000 ____D () C:\Program Files (x86)\NewBlue
2014-02-12 22:06 - 2013-08-20 18:06 - 00000000 ____D () C:\Users\Karel Salay
2014-02-12 22:05 - 2013-11-04 16:30 - 00039482 _____ () C:\Windows\DPINST.LOG
2014-02-12 22:05 - 2013-10-30 21:34 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-02-12 21:57 - 2013-10-24 11:40 - 00000000 ____D () C:\Users\Karel Salay\AppData\Roaming\Ulead Systems
2014-02-12 21:55 - 2013-11-12 10:18 - 00000000 ____D () C:\Users\Karel Salay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAZ 3D
2014-02-12 21:55 - 2013-11-12 10:18 - 00000000 ____D () C:\Program Files\DAZ 3D
2014-02-12 21:55 - 2013-11-12 10:18 - 00000000 ____D () C:\Program Files (x86)\DAZ 3D
2014-02-12 21:54 - 2013-12-29 09:37 - 00000000 ____D () C:\Users\Karel Salay\Documents\Battlefield Heroes
2014-02-12 21:54 - 2013-11-12 10:46 - 00000000 ____D () C:\Program Files\Blender Foundation
2014-02-12 20:46 - 2014-02-12 20:46 - 00002315 _____ () C:\Users\Karel Salay\Desktop\Spouštěč aplikací Chrome.lnk
2014-02-12 20:46 - 2014-02-12 20:46 - 00002261 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-12 20:46 - 2014-02-12 20:46 - 00000000 ____D () C:\Users\Karel Salay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-02-12 20:38 - 2013-12-28 20:01 - 00013583 _____ () C:\Users\Karel Salay\daemonprocess.txt
2014-02-12 20:34 - 2014-01-30 23:56 - 00000000 ____D () C:\ProgramData\EXeEechecckuer
2014-02-12 19:53 - 2013-08-20 21:38 - 00001072 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-02-12 19:24 - 2013-12-24 01:53 - 00000000 ____D () C:\ProgramData\FlexiibLEShoPper
2014-02-12 19:24 - 2013-08-22 20:29 - 00000000 ____D () C:\Users\Karel Salay\Desktop\vše
2014-02-12 16:29 - 2014-02-12 16:29 - 00001115 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-12 16:29 - 2014-02-12 16:29 - 00000000 ____D () C:\Users\Karel Salay\AppData\Roaming\Malwarebytes
2014-02-12 16:29 - 2014-02-12 16:29 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-12 16:29 - 2014-02-12 16:29 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-12 16:28 - 2014-02-12 16:28 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Karel Salay\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-12 16:16 - 2013-08-20 21:46 - 01559268 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-12 15:59 - 2014-02-12 15:59 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-02-12 15:58 - 2014-02-12 15:58 - 00937208 _____ (Crawler.com ) C:\Users\Karel Salay\Downloads\SpywareTerminatorSetup.exe
2014-02-10 09:11 - 2014-02-10 09:11 - 00000000 ____D () C:\Users\Karel Salay\templates illustrator
2014-02-07 12:40 - 2013-08-20 21:54 - 00000000 ____D () C:\ProgramData\Google
2014-02-07 12:40 - 2013-08-20 18:11 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-07 09:46 - 2013-08-21 18:02 - 00001456 _____ () C:\Users\Karel Salay\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-02-07 09:29 - 2014-02-07 09:29 - 00000000 ____D () C:\Users\Karel Salay\Documents\Playlisty
2014-02-06 13:16 - 2014-02-12 16:14 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-12 16:15 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-12 16:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-12 16:14 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-12 16:14 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-12 16:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-12 16:14 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-12 16:14 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-12 16:14 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-12 16:14 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-12 16:14 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-12 16:14 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-12 16:14 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-12 16:14 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-12 16:15 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-12 16:15 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-12 16:14 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-12 16:14 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-12 16:14 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-12 16:14 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-12 16:14 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-12 16:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-12 16:14 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-12 16:14 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-12 16:14 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-12 16:14 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-12 16:14 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-12 16:15 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:25 - 2014-02-12 16:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:24 - 2014-02-12 16:14 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-12 16:14 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-12 16:14 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-12 16:14 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-12 16:14 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-12 16:14 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-12 16:14 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-12 16:14 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-12 16:14 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-12 16:14 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-05 16:28 - 2013-09-15 15:51 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 16:28 - 2013-09-15 15:51 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-05 16:28 - 2013-09-15 15:51 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-03 00:07 - 2013-12-28 19:59 - 00000000 ____D () C:\Users\Karel Salay\AppData\Roaming\uTorrent
2014-02-02 11:52 - 2013-08-20 21:44 - 00132389 _____ () C:\Windows\DirectX.log
2014-02-01 23:39 - 2014-02-01 23:39 - 00035638 _____ () C:\Users\Karel Salay\Downloads\[CzT]Take_on_Helicopters.torrent
2014-02-01 22:34 - 2014-02-01 22:34 - 00000000 ____D () C:\Users\Karel Salay\Documents\1C SoftClub
2014-02-01 22:29 - 2014-02-01 22:28 - 00000000 ____D () C:\Program Files (x86)\il-2 sturmovik cliffs of dover
2014-02-01 21:16 - 2014-01-28 18:18 - 00000015 _____ () C:\Users\Karel Salay\AppData\Local\X-Plane_drm.prf
2014-02-01 20:09 - 2014-02-01 20:09 - 00098304 _____ (Sony DADC Austria AG.) C:\Windows\system32CmdLineExt.dll
2014-02-01 20:00 - 2014-02-01 20:00 - 00003034 _____ () C:\Windows\System32\Tasks\{49698210-AD2B-4789-940E-89A109BE8C7F}
2014-02-01 20:00 - 2014-02-01 20:00 - 00000000 __RHD () C:\Users\Karel Salay\AppData\Roaming\SecuROM
2014-02-01 15:04 - 2014-02-01 15:04 - 00023113 _____ () C:\Users\Karel Salay\Downloads\[CzT]IL_2_Sturmovik_Cliffs_of_Dover.torrent
2014-01-30 23:56 - 2014-01-30 23:56 - 00000270 __RSH () C:\ProgramData\ntuser.pol
2014-01-30 23:56 - 2014-01-30 23:56 - 00000000 ____D () C:\ProgramData\mffpelldkmomdcpfnlbmomblamoidlfo
2014-01-30 23:56 - 2013-12-24 01:53 - 00000000 ____D () C:\ProgramData\af30f38ce605074a
2014-01-30 23:56 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-01-30 23:56 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-01-30 18:45 - 2014-01-30 18:45 - 00000132 _____ () C:\Users\Karel Salay\AppData\Roaming\Adobe GIF Format CS6 Prefs
2014-01-29 14:24 - 2013-08-31 11:36 - 00000911 _____ () C:\Users\Public\Desktop\AIMP3.lnk
2014-01-29 14:24 - 2013-08-31 11:36 - 00000000 ____D () C:\Program Files (x86)\AIMP3
2014-01-28 18:17 - 2014-01-28 18:17 - 00000025 _____ () C:\Users\Karel Salay\AppData\Local\x-plane_install_10.txt
2014-01-28 14:06 - 2014-01-28 14:03 - 00000000 ____D () C:\Program Files (x86)\Activision
2014-01-28 13:28 - 2013-08-20 21:48 - 00000000 ____D () C:\Program Files\Solid Edge ST5
2014-01-25 23:21 - 2014-01-25 23:21 - 00000000 _____ () C:\Users\Karel Salay\Desktop\Nový textový dokument.txt
2014-01-24 18:19 - 2013-08-20 18:06 - 00000000 ___RD () C:\Users\Karel Salay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-24 09:12 - 2014-01-24 09:12 - 00001789 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-01-24 09:12 - 2014-01-24 09:12 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-24 09:12 - 2014-01-24 09:12 - 00000000 ____D () C:\Program Files\iTunes
2014-01-24 09:12 - 2014-01-24 09:12 - 00000000 ____D () C:\Program Files\iPod
2014-01-24 09:12 - 2014-01-24 09:12 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-01-24 09:11 - 2013-08-20 22:08 - 00000000 ____D () C:\ProgramData\Apple
2014-01-23 10:38 - 2013-11-12 17:25 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-23 10:04 - 2014-01-23 10:04 - 00005250 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-23 10:04 - 2013-08-20 18:20 - 00000000 ____D () C:\Program Files (x86)\Java
2014-01-23 10:00 - 2014-01-23 10:00 - 00000000 ____D () C:\ProgramData\McAfee
2014-01-21 11:07 - 2014-01-21 11:07 - 00000000 ____D () C:\Users\Karel Salay\Desktop\záloha
2014-01-20 19:40 - 2014-01-20 19:39 - 00007280 _____ () C:\Users\Karel Salay\Downloads\fio_2100444871_20140120_ (1).gpc
2014-01-20 19:15 - 2014-01-20 19:15 - 00007280 _____ () C:\Users\Karel Salay\Downloads\fio_2100444871_20140120_.gpc
2014-01-20 15:22 - 2014-01-20 15:22 - 03819015 _____ () C:\Users\Karel Salay\Downloads\world-national-flag-vectors.zip
2014-01-20 15:18 - 2014-01-20 15:18 - 00920435 _____ () C:\Users\Karel Salay\Downloads\FreeVector-Paris-Vectors.zip
2014-01-20 13:49 - 2013-10-10 09:06 - 00001038 _____ () C:\Users\Karel Salay\Desktop\Dropbox.lnk
2014-01-20 13:49 - 2013-10-10 09:03 - 00000000 ____D () C:\Users\Karel Salay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

Some content of TEMP:
====================
C:\Users\Karel Salay\AppData\Local\Temp\avgnt.exe
C:\Users\Karel Salay\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-18 12:28




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (System) (Fixed) (Total:111.79 GB) (Free:19.05 GB) NTFS
Drive d: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (Black) (Fixed) (Total:931.41 GB) (Free:899.08 GB) NTFS
Drive g: (Starý) (Fixed) (Total:931.41 GB) (Free:88.96 GB) NTFS
Drive h: (Zrcadlo) (Fixed) (Total:1859.99 GB) (Free:940.69 GB) NTFS
Drive k: (EOS_DIGITAL) (Removable) (Total:14.91 GB) (Free:12.87 GB) FAT32

Available physical RAM: 13174.14 MB
Total physical RAM: 16373.76 MB
Percentage of memory in use: 19%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 0007338C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 8B85CB0E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 8B85CB76)
Partition 1: (Not Active) - (Size=112 GB) - (Type=07 NTFS)
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 1860 GB) (Disk ID: BDE88915)
Partition 1: (Not Active) - (Size=-201877094400) - (Type=07 NTFS)
Disk: 4 (Size: 15 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=15 GB) - (Type=0C)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Users\Karel Salay\AppData\Local\mpZNCEnV:RNOXwYUFtV8HHF1W51RhtUefm
AlternateDataStreams: C:\Users\Karel Salay\AppData\Local\Temporary Internet Files:92nJ5Z6WgoMsW0WzzyN2grMy
AlternateDataStreams: C:\Users\Karel Salay\AppData\Local\Temporary Internet Files:uSqQo2Ndwe467KnB85oR0V4VC

==================== Security Center ==================

AV: Avira Desktop (Disabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Disabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Karel Salay\Desktop" je 3724 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[vyosek]

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
  HKLM\...\Run: [SpywareTerminatorShield] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
  HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
  HKLM-x32\...\Run: [Popup] - C:\Program Files (x86)\MegaRAID Storage Manager\MegaPopup\Popup.exe [102400 2009-03-25] (LSI)
  HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
  HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
  HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
  HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
  HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
  HKLM-x32\...\Run: [] - [X]
  HKLM-x32\...\Run: [seznam-listicka-distribuce] - C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
  HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
  HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
  HKU\S-1-5-21-3107176569-212954167-4138412272-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
  HKU\S-1-5-21-3107176569-212954167-4138412272-1000\...\Run: [cz.seznam.software.autoupdate] - C:\Users\Karel Salay\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
  HKU\S-1-5-21-3107176569-212954167-4138412272-1000\...\Run: [cz.seznam.software.szndesktop] - C:\Users\Karel Salay\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
  HKU\S-1-5-21-3107176569-212954167-4138412272-1000\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
  HKU\S-1-5-21-3107176569-212954167-4138412272-1000\...\Run: [SearchProtection] - C:\Users\Karel Salay\AppData\Roaming\Search Protection\SearchProtection.EXE [840552 2014-02-05] (Spigot, Inc.)
  GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
  
  SearchScopes: HKCU - DefaultScope {B8F418E6-5CA1-4BD5-8C0B-FB1773E53CD3} URL = http://search.yahoo.com/search?fr=chr-g ... =501549&p={searchTerms}
  HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
  BHO: EXeEechecckuer - {15B26AEF-87F1-7A39-520E-9403BCBB56AF} - C:\ProgramData\EXeEechecckuer\hD2jZKg_.x64.dll No File
  BHO: topdeal - {9315B505-738E-119D-6FBC-6901EF8AA248} - C:\ProgramData\topdeal\uGcxzf.x64.dll No File
  BHO: FlexiibLEShoPper - {EA29B3C8-A59F-56D9-1D6B-FC9B90DED17C} - C:\ProgramData\FlexiibLEShoPper\Kt0p.x64.dll No File
  
  Toolbar: HKCU - No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File
  
  CHR DefaultSearchKeyword: yahoo.com search
  CHR DefaultSearchProvider: Yahoo
  CHR DefaultSearchURL: http://search.yahoo.com/search?fr=chr-g ... =501549&p={searchTerms}
  CHR DefaultNewTabURL: 
  CHR Extension: (EXeEechecckuer) - C:\Users\Karel Salay\AppData\Local\Google\Chrome\User Data\Default\Extensions\mffpelldkmomdcpfnlbmomblamoidlfo [2014-02-18]
  CHR Extension: (topdeal) - C:\ProgramData\namfgojjkkiaccmebngeccnifbejgpkh [2013-12-24]
  CHR HKCU\...\Chrome\Extension: [cflheckfmhopnialghigdlggahiomebp] - C:\Users\Karel Salay\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx [2013-12-28]
  CHR HKLM-x32\...\Chrome\Extension: [cflheckfmhopnialghigdlggahiomebp] - C:\Users\Karel Salay\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx [2013-12-28]
  CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
  
  S2 AenService; C:\Users\KARELS~1\AppData\Local\Temp\PORTAB~1\WINDOW~1\image\pmc\bin\AenDaemon.exe [X]
  S3 catchme; \??\C:\ComboFix\catchme.sys [X]
  S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
  
  C:\Users\Karel Salay\AppData\Roaming\Search Protection
  C:\ProgramData\EXeEechecckuer
  C:\ProgramData\topdeal
  C:\ProgramData\FlexiibLEShoPper
  014-02-19 20:45 - 2014-02-19 20:45 - 00112640 _____ (forum.viry.cz) C:\Users\Karel Salay\Downloads\Nepotvrzeno 245007.crdownload
  2014-02-19 20:45 - 2014-02-19 20:45 - 00112640 _____ (forum.viry.cz) C:\Users\Karel Salay\Desktop\FRSTLauncher.exe
  2014-02-19 20:44 - 2014-02-19 20:44 - 00112640 _____ (forum.viry.cz) C:\Users\Karel Salay\Downloads\Nepotvrzeno 989492.crdownload
  2014-02-19 20:44 - 2014-02-19 20:44 - 00112640 _____ (forum.viry.cz) C:\Users\Karel Salay\Downloads\Nepotvrzeno 576916.crdownload
  2014-02-19 20:44 - 2014-02-19 20:44 - 00000000 _____ () C:\Users\Karel Salay\Downloads\FRSTLauncher.exe.g541kuw.partial
  2014-02-18 15:20 - 2014-02-18 15:20 - 01241834 _____ () C:\Users\Karel Salay\Desktop\adwcleaner.exe
  2014-02-15 23:16 - 2014-02-15 23:16 - 00000000 ____D () C:\Users\Karel Salay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
  2014-02-15 23:16 - 2014-02-16 12:35 - 00000000 ____D () C:\Program Files (x86)\SmartTweak
  2014-02-15 23:16 - 2014-02-15 23:16 - 00001266 _____ () C:\Users\Karel Salay\Desktop\SpeedUpMyComputer.lnk
  2014-01-30 23:56 - 2014-01-30 23:56 - 00000000 ____D () C:\ProgramData\mffpelldkmomdcpfnlbmomblamoidlfo
  
  Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  
  AlternateDataStreams: C:\Users\Karel Salay\AppData\Local\mpZNCEnV:RNOXwYUFtV8HHF1W51RhtUefm
  AlternateDataStreams: C:\Users\Karel Salay\AppData\Local\Temporary Internet Files:92nJ5Z6WgoMsW0WzzyN2grMy
  AlternateDataStreams: C:\Users\Karel Salay\AppData\Local\Temporary Internet Files:uSqQo2Ndwe467KnB85oR0V4VC
  
  Hosts:
  CMD: shutdown /r /f /t 2
  
  End

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[Kajicek82]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 18-02-2014
Ran by Karel Salay at 2014-02-20 17:46:19 Run:1
Running from C:\Users\Karel Salay\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [SpywareTerminatorShield] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM-x32\...\Run: [Popup] - C:\Program Files (x86)\MegaRAID Storage Manager\MegaPopup\Popup.exe [102400 2009-03-25] (LSI)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [seznam-listicka-distribuce] - C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKU\S-1-5-21-3107176569-212954167-4138412272-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-3107176569-212954167-4138412272-1000\...\Run: [cz.seznam.software.autoupdate] - C:\Users\Karel Salay\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3107176569-212954167-4138412272-1000\...\Run: [cz.seznam.software.szndesktop] - C:\Users\Karel Salay\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-3107176569-212954167-4138412272-1000\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3107176569-212954167-4138412272-1000\...\Run: [SearchProtection] - C:\Users\Karel Salay\AppData\Roaming\Search Protection\SearchProtection.EXE [840552 2014-02-05] (Spigot, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

SearchScopes: HKCU - DefaultScope {B8F418E6-5CA1-4BD5-8C0B-FB1773E53CD3} URL = http://search.yahoo.com/search?fr=chr-g ... =501549&p={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
BHO: EXeEechecckuer - {15B26AEF-87F1-7A39-520E-9403BCBB56AF} - C:\ProgramData\EXeEechecckuer\hD2jZKg_.x64.dll No File
BHO: topdeal - {9315B505-738E-119D-6FBC-6901EF8AA248} - C:\ProgramData\topdeal\uGcxzf.x64.dll No File
BHO: FlexiibLEShoPper - {EA29B3C8-A59F-56D9-1D6B-FC9B90DED17C} - C:\ProgramData\FlexiibLEShoPper\Kt0p.x64.dll No File

Toolbar: HKCU - No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File

CHR DefaultSearchKeyword: yahoo.com search
CHR DefaultSearchProvider: Yahoo
CHR DefaultSearchURL: http://search.yahoo.com/search?fr=chr-g ... =501549&p={searchTerms}
CHR DefaultNewTabURL:
CHR Extension: (EXeEechecckuer) - C:\Users\Karel Salay\AppData\Local\Google\Chrome\User Data\Default\Extensions\mffpelldkmomdcpfnlbmomblamoidlfo [2014-02-18]
CHR Extension: (topdeal) - C:\ProgramData\namfgojjkkiaccmebngeccnifbejgpkh [2013-12-24]
CHR HKCU\...\Chrome\Extension: [cflheckfmhopnialghigdlggahiomebp] - C:\Users\Karel Salay\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx [2013-12-28]
CHR HKLM-x32\...\Chrome\Extension: [cflheckfmhopnialghigdlggahiomebp] - C:\Users\Karel Salay\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx [2013-12-28]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

S2 AenService; C:\Users\KARELS~1\AppData\Local\Temp\PORTAB~1\WINDOW~1\image\pmc\bin\AenDaemon.exe [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]

C:\Users\Karel Salay\AppData\Roaming\Search Protection
C:\ProgramData\EXeEechecckuer
C:\ProgramData\topdeal
C:\ProgramData\FlexiibLEShoPper
014-02-19 20:45 - 2014-02-19 20:45 - 00112640 _____ (forum.viry.cz) C:\Users\Karel Salay\Downloads\Nepotvrzeno 245007.crdownload
2014-02-19 20:45 - 2014-02-19 20:45 - 00112640 _____ (forum.viry.cz) C:\Users\Karel Salay\Desktop\FRSTLauncher.exe
2014-02-19 20:44 - 2014-02-19 20:44 - 00112640 _____ (forum.viry.cz) C:\Users\Karel Salay\Downloads\Nepotvrzeno 989492.crdownload
2014-02-19 20:44 - 2014-02-19 20:44 - 00112640 _____ (forum.viry.cz) C:\Users\Karel Salay\Downloads\Nepotvrzeno 576916.crdownload
2014-02-19 20:44 - 2014-02-19 20:44 - 00000000 _____ () C:\Users\Karel Salay\Downloads\FRSTLauncher.exe.g541kuw.partial
2014-02-18 15:20 - 2014-02-18 15:20 - 01241834 _____ () C:\Users\Karel Salay\Desktop\adwcleaner.exe
2014-02-15 23:16 - 2014-02-15 23:16 - 00000000 ____D () C:\Users\Karel Salay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
2014-02-15 23:16 - 2014-02-16 12:35 - 00000000 ____D () C:\Program Files (x86)\SmartTweak
2014-02-15 23:16 - 2014-02-15 23:16 - 00001266 _____ () C:\Users\Karel Salay\Desktop\SpeedUpMyComputer.lnk
2014-01-30 23:56 - 2014-01-30 23:56 - 00000000 ____D () C:\ProgramData\mffpelldkmomdcpfnlbmomblamoidlfo

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\Users\Karel Salay\AppData\Local\mpZNCEnV:RNOXwYUFtV8HHF1W51RhtUefm
AlternateDataStreams: C:\Users\Karel Salay\AppData\Local\Temporary Internet Files:92nJ5Z6WgoMsW0WzzyN2grMy
AlternateDataStreams: C:\Users\Karel Salay\AppData\Local\Temporary Internet Files:uSqQo2Ndwe467KnB85oR0V4VC

Hosts:
CMD: shutdown /r /f /t 2

End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminatorShield => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminatorUpdater => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Popup => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS6ServiceManager => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper => Value deleted successfully.
HKU\S-1-5-21-3107176569-212954167-4138412272-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => Value deleted successfully.
HKU\S-1-5-21-3107176569-212954167-4138412272-1000\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => Value deleted successfully.
HKU\S-1-5-21-3107176569-212954167-4138412272-1000\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => Value deleted successfully.
HKU\S-1-5-21-3107176569-212954167-4138412272-1000\Software\Microsoft\Windows\CurrentVersion\Run\\iCloudServices => Value deleted successfully.
HKU\S-1-5-21-3107176569-212954167-4138412272-1000\Software\Microsoft\Windows\CurrentVersion\Run\\SearchProtection => Value deleted successfully.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{15B26AEF-87F1-7A39-520E-9403BCBB56AF} => Key deleted successfully.
HKCR\CLSID\{15B26AEF-87F1-7A39-520E-9403BCBB56AF} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9315B505-738E-119D-6FBC-6901EF8AA248} => Key deleted successfully.
HKCR\CLSID\{9315B505-738E-119D-6FBC-6901EF8AA248} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA29B3C8-A59F-56D9-1D6B-FC9B90DED17C} => Key deleted successfully.
HKCR\CLSID\{EA29B3C8-A59F-56D9-1D6B-FC9B90DED17C} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{41564952-412D-5637-00A7-7A786E7484D7} => Value deleted successfully.
HKCR\CLSID\{41564952-412D-5637-00A7-7A786E7484D7} => Key not found.
CHR DefaultSearchKeyword: yahoo.com search ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchProvider: Yahoo ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchURL: http://search.yahoo.com/search?fr=chr-g ... =501549&p={searchTerms} ==> The Chrome "Settings" can be used to fix the entry.
C:\Users\Karel Salay\AppData\Local\Google\Chrome\User Data\Default\Extensions\mffpelldkmomdcpfnlbmomblamoidlfo => Moved successfully.
CHR Extension: (topdeal) - C:\ProgramData\namfgojjkkiaccmebngeccnifbejgpkh [2013-12-24] directory not found.
HKCU\SOFTWARE\Google\Chrome\Extensions\cflheckfmhopnialghigdlggahiomebp => Key deleted successfully.
C:\Users\Karel Salay\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cflheckfmhopnialghigdlggahiomebp => Key deleted successfully.
"C:\Users\Karel Salay\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx" => File/Directory not found.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
AenService => Service deleted successfully.
catchme => Service deleted successfully.
DgiVecp => Service deleted successfully.
C:\Users\Karel Salay\AppData\Roaming\Search Protection => Moved successfully.
C:\ProgramData\EXeEechecckuer => Moved successfully.
C:\ProgramData\topdeal => Moved successfully.
C:\ProgramData\FlexiibLEShoPper => Moved successfully.
C:\Users\Karel Salay\Desktop\FRSTLauncher.exe => Moved successfully.
"C:\Users\Karel Salay\Downloads\Nepotvrzeno 989492.crdownload" => File/Directory not found.
"C:\Users\Karel Salay\Downloads\Nepotvrzeno 576916.crdownload" => File/Directory not found.
C:\Users\Karel Salay\Downloads\FRSTLauncher.exe.g541kuw.partial => Moved successfully.
C:\Users\Karel Salay\Desktop\adwcleaner.exe => Moved successfully.
C:\Users\Karel Salay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software => Moved successfully.
C:\Program Files (x86)\SmartTweak => Moved successfully.
C:\Users\Karel Salay\Desktop\SpeedUpMyComputer.lnk => Moved successfully.
C:\ProgramData\mffpelldkmomdcpfnlbmomblamoidlfo => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Users\Karel Salay\AppData\Local\mpZNCEnV => ":RNOXwYUFtV8HHF1W51RhtUefm" ADS removed successfully.
"C:\Users\Karel Salay\AppData\Local\Temporary Internet Files" => ":92nJ5Z6WgoMsW0WzzyN2grMy" ADS not found.
"C:\Users\Karel Salay\AppData\Local\Temporary Internet Files" => ":uSqQo2Ndwe467KnB85oR0V4VC" ADS not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========


========= End of CMD: =========



The system needs a manual reboot.

==== End of Fixlog ====

[vyosek]

Jak se chova PC??

[Kajicek82]

Vypadá to, že jste mne zachránil!!!
Chrome je čistý!!

Děkuji moc,
pošlu Vám malé poděkování i na účet, vážím si Vaší pomoci a držím Vám palce ať se Vám v oboru daří, výborná práce.

[vyosek]

Tak jeste uklidime

Odinstalujte Combofix

• Prejmenujte ComboFix na Uninstall
• Spustte jej
• Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Za podporu fora jmenem celeho tymu dekuji

A pokud nejsou problemy ci dotazy, je to z me strany vse

[Kajicek82]

Dobrý den,
moc děkuji za pomoc, vše jsem provedl dle instrukcí.

Poslal jsem malé poděkování...

mějte se
Karel Salay

[vyosek]

Nemate zac, rad jsem pomohl Zase nekdy

Za podporu fora jmenem celeho tymu dekuji

A na zaklade Pravidla o zamykani temat