Pomalý internet a počítač

Zpráva

chrudos10 · #1 Příspěvek od **chrudos10** » 04 bře 2014 11:45

Prosím o kontrolu logu,Seká se mi internet a je pomalý počítač (zamrzá).log FRST:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-03-2014
Ran by Tomáš at 2014-03-04 11:56:04
Running from C:\Users\Tomáš\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.7.700.224 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.7.700.224 - Adobe Systems Incorporated)
Adobe Reader X (10.1.0) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)
AMD APP SDK Runtime (Version: 2.4.650.9 - Advanced Micro Devices Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.60524.2309 - ATI Technologies Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2011.0524.2352.41027 - Název společnosti:) Hidden
Anno 1404 (x32 Version: 1.00.0000 - Ubisoft) Hidden
Atf Profi (HKLM-x32\...\Atf) (Version: - )
Atheros Driver Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{3605D89A-BD66-F5C5-779B-BE9110B41077}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 8.0.1497.0 - AVAST Software)
BlazeHDTV 6.0 (HKLM-x32\...\BlazeHDTV 6.0_is1) (Version: - )
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.96 - Atheros Communications)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0524.2352.41027 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0524.2352.41027 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0524.2352.41027 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help English (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help French (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help German (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Turkish (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
ccc-utility64 (Version: 2011.0524.2352.41027 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.19 - Piriform)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.0.4235 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.0.4235 - Cisco Systems, Inc.) Hidden
Codec Pack - All In 1 6.0.3.0 (HKLM-x32\...\Cool's_Codec_pack_4.12) (Version: - )
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.8.50 - Conexant)
Čarovný_Minecraft (HKCU\...\Čarovný_Minecraft) (Version: - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
Google Drive (HKLM-x32\...\{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}) (Version: 1.14.6059.644 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.146 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
HijackThis 2.0.2 (HKLM-x32\...\HijackThis) (Version: 2.0.2 - TrendMicro)
Java 7 Update 10 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417010FF}) (Version: 7.0.100 - Oracle)
Java 7 Update 7 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217007FF}) (Version: 7.0.70 - Oracle)
Malwarebytes Anti-Malware verze 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proof (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2007 (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 (HKLM-x32\...\{f9024a51-ab45-4a46-b597-ce12f74963c7}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 27.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 cs)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
ProFact 3.0 Free (HKLM-x32\...\ProFact 3.0 Free_is1) (Version: - eXmind)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.6 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Sběratelská edice Heroes of Might and Magic V (HKLM-x32\...\{F68563C0-2CCD-4799-A014-017A370D627B}) (Version: - )
Terraria-v1.1.2.-s-nvodem-na-instalaci-a-programy-FUNKN,-ODZKOUENO version for Windows (HKLM-x32\...\{802D9C4B-8832-5946-9AC9-25F5BCB6DA84}_is1) (Version: for Windows - )
THE SETTLERS - Rise of an Empire (HKLM-x32\...\{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}) (Version: 1.00.0000 - Ubisoft)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.0 - Ghisler Software GmbH)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Windows Movie Maker (HKLM\...\Windows Movie Maker) (Version: 6.0.6002.18005 - Microsoft Corporation)
WinRAR 4.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
Yontoo 2.051 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 2.051 - Yontoo LLC) <==== ATTENTION
Zoner Photo Studio 15 (HKLM\...\ZonerPhotoStudio15_CZ_is1) (Version: 15.0.1.3 - ZONER software)
ZTE Handset USB Driver (HKLM\...\{01D42BF0-ED08-463f-8A28-99EB6FEE962B}) (Version: - ZTE Corporation)
ZTE Handset USB Driver (HKLM\...\{D2D77DC2-8299-11D1-8949-444553540000}_is1) (Version: 5.2066.1.A11B02 - ZTE Corporation)

==================== Restore Points =========================

30-01-2014 13:48:18 Windows Update
10-02-2014 13:47:00 Naplánovaný kontrolní bod
15-02-2014 19:47:34 Windows Update
16-02-2014 20:25:11 Windows Update
27-02-2014 16:26:51 Naplánovaný kontrolní bod
04-03-2014 09:56:07 Removed Staničář 2.2.2.2

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1F7B9F29-5038-43D2-B506-06DFF6621B09} - System32\Tasks\{B84D0897-781C-4149-B225-756166E8567A} => C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe
Task: {1FCF1DC9-F3C5-413E-8B8A-4A40FB98A603} - System32\Tasks\{76D0C4F0-8CF1-4DA7-8A72-D083318EE796} => C:\Users\Tomáš\Downloads\grafikon.exe
Task: {2078D369-E208-4363-9643-185111F3AF88} - System32\Tasks\{F0B70089-25C1-40DE-B2E8-115E5D140A8F} => C:\Users\Tomáš\Downloads\grafikon.exe
Task: {3460A8D0-3954-4FEE-89DF-F8D75083D885} - System32\Tasks\{D4398886-B6F1-416A-8C6D-7779251AAC32} => C:\Users\Tomáš\Downloads\grafikon.exe
Task: {497ABC90-2509-465E-A3AD-8201829509CF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-02] (Google Inc.)
Task: {4FAEAC6F-64EF-4CD8-A129-B371D097374A} - System32\Tasks\{2055F692-14A8-4693-9D88-3BE6DD941F97} => C:\Users\Tomáš\Downloads\grafikon.exe
Task: {57D03143-A07E-44CB-A184-7D70EF223B21} - System32\Tasks\GoforFilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ATTENTION
Task: {93BC5150-41D6-4034-B487-43990B094779} - System32\Tasks\{2DB83339-6101-4F7D-9B25-AC94AAF315B0} => C:\Users\Tomáš\Downloads\grafikon.exe
Task: {A4442A71-6099-43D0-9CFC-0E6B46410AD2} - System32\Tasks\{C4EDCCA4-CCD2-4602-9A03-F9F7A127FAC9} => C:\Users\Tomáš\Downloads\grafikon.exe
Task: {A7A4EF9A-EF70-4C6E-B003-B2A1EB89C950} - System32\Tasks\{472BD3E1-69E4-4A4B-B803-8F67D557EFFC} => C:\Program Files (x86)\Wandering Willows\Wandering Willows.exe
Task: {BF92911A-8AB2-4776-A06E-688D9E17D1AE} - System32\Tasks\{06B3943F-4E69-48DF-B9CA-1BC42E0131EC} => C:\Users\Tomáš\Downloads\grafikon.exe
Task: {C69CB4A0-BE61-408D-A621-A83FFBC2B062} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: {DB2C04C3-CB03-46BF-AD20-E83A80237091} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2046303120-218891254-975205269-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-07-27] (RealNetworks, Inc.)
Task: {DB5CA4EF-8A43-4026-9F9D-E0F4FC7E400A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-02] (Google Inc.)
Task: {F61C6535-F5C7-4596-9860-AEFA850BC0FE} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2046303120-218891254-975205269-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-07-27] (RealNetworks, Inc.)
Task: {F6860250-DFAC-4BF7-AFC1-F306511E1F45} - System32\Tasks\{2FD3570E-D8A2-4AB7-B95C-F861F2BF4A3F} => C:\Program Files (x86)\Wandering Willows\Wandering Willows.exe
Task: {F950A798-471B-4EBC-921A-818785434CA2} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-08-30] (AVAST Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-05-02 19:21 - 2012-02-17 19:55 - 00193536 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2013-12-02 13:01 - 2012-09-18 15:27 - 00192512 _____ () C:\Windows\System32\zlhp1020.dll
2013-12-02 13:01 - 2012-09-18 15:27 - 00065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\pphp1020.dll
2013-12-02 13:01 - 2012-09-18 15:27 - 03162624 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\suhp1020.dll
2013-12-02 13:01 - 2012-09-18 15:27 - 01236992 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\gchp1020.dll
2011-05-24 22:50 - 2011-05-24 22:50 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-03-22 09:17 - 2011-03-22 09:17 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2014-03-04 11:43 - 2014-03-03 21:41 - 00786136 _____ () C:\Program Files (x86)\Google\Update\Install\{EB127EFD-FD05-4443-8809-F8EE402C5285}\33.0.1750.146_33.0.1750.117_chrome_updater.exe
2014-03-03 06:08 - 2014-03-02 20:04 - 02275840 _____ () C:\Program Files\AVAST Software\Avast\defs\14030201\algo.dll
2012-06-08 14:09 - 2011-01-10 15:35 - 00032768 _____ () C:\Program Files (x86)\BlazeVideo\BlazeHDTV 6.0\MMKeyboardHook.dll
2012-06-08 14:09 - 2011-11-22 09:48 - 00073728 _____ () C:\Program Files (x86)\BlazeVideo\BlazeHDTV 6.0\VersionInfo.dll
2012-06-08 14:09 - 2011-01-10 15:35 - 00106496 _____ () C:\Program Files (x86)\BlazeVideo\BlazeHDTV 6.0\mlutil.dll
2012-06-08 14:09 - 2011-10-31 14:38 - 00024576 _____ () C:\Program Files (x86)\BlazeVideo\BlazeHDTV 6.0\RemoteControl\AF9100EXRC.dll
2013-04-30 22:01 - 2014-02-25 20:40 - 00013600 _____ () C:\Users\Tomáš\AppData\Roaming\Yontoo\dat\Desktop.OS.Plugin.dll
2012-05-03 15:53 - 2012-05-03 15:53 - 09268224 _____ () C:\Users\Tomáš\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_rdlang32.cze
2011-06-06 20:55 - 2011-06-06 20:55 - 00249232 _____ () C:\Program Files (x86)\Adobe\Reader 10.0\Reader\sqlite.dll
2012-05-03 15:55 - 2012-05-03 15:55 - 00013824 _____ () C:\Users\Tomáš\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_Updater.CZE
2014-02-15 18:01 - 2014-02-15 18:02 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-02-25 20:41 - 2014-02-25 20:41 - 00949248 _____ () C:\Users\Tomáš\AppData\Roaming\Yontoo\dat\hk.dll
2013-06-11 21:15 - 2013-06-11 21:15 - 16033160 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:4F636E25
AlternateDataStreams: C:\ProgramData\TEMP:5425B7F5
AlternateDataStreams: C:\ProgramData\TEMP:5E358F67
AlternateDataStreams: C:\ProgramData\TEMP:6D4F7F2B
AlternateDataStreams: C:\ProgramData\TEMP:71F96743
AlternateDataStreams: C:\ProgramData\TEMP:A5264343
AlternateDataStreams: C:\ProgramData\TEMP:ADE16379
AlternateDataStreams: C:\ProgramData\TEMP:BFBB0142

==================== Safe Mode (whitelisted) ===================

==================== Disabled items from MSCONFIG ==============

==================== Faulty Device Manager Devices =============

Name: Síťový adaptér Ethernet
Description: Síťový adaptér Ethernet
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (03/04/2014 11:35:57 AM) (Source: Application Hang) (User: )
Description: Program firefox.exe verze 27.0.1.5156 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: d88

Čas spuštění: 01cf377efa371266

Čas ukončení: 98

Cesta k aplikaci: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

ID hlášení: c01a295e-a388-11e3-af72-e038fbe408e3

Error: (03/04/2014 11:30:05 AM) (Source: Application Hang) (User: )
Description: Program RSITx64.exe verze 3.3.6.1 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 2e8

Čas spuštění: 01cf3792d43251f9

Čas ukončení: 47

Cesta k aplikaci: C:\Users\Tomáš\Downloads\RSITx64.exe

ID hlášení:

Error: (03/01/2014 09:28:22 AM) (Source: Application Error) (User: )
Description: Název chybující aplikace: googledrivesync.exe, verze: 1.14.6059.644, časové razítko: 0x509418e4
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.18247, časové razítko: 0x521ea8e7
Kód výjimky: 0xc0000005
Posun chyby: 0x0002e3be
ID chybujícího procesu: 0xc4c
Čas spuštění chybující aplikace: 0xgoogledrivesync.exe0
Cesta k chybující aplikaci: googledrivesync.exe1
Cesta k chybujícímu modulu: googledrivesync.exe2
ID zprávy: googledrivesync.exe3

Error: (02/03/2014 06:07:07 PM) (Source: Application Error) (User: )
Description: Název chybující aplikace: Stronghold Crusader.exe, verze: 0.0.0.0, časové razítko: 0x3d6b922b
Název chybujícího modulu: Stronghold Crusader.exe, verze: 0.0.0.0, časové razítko: 0x3d6b922b
Kód výjimky: 0xc0000005
Posun chyby: 0x000fd001
ID chybujícího procesu: 0x1b7c
Čas spuštění chybující aplikace: 0xStronghold Crusader.exe0
Cesta k chybující aplikaci: Stronghold Crusader.exe1
Cesta k chybujícímu modulu: Stronghold Crusader.exe2
ID zprávy: Stronghold Crusader.exe3

Error: (02/03/2014 07:31:36 AM) (Source: Application Error) (User: )
Description: Název chybující aplikace: googledrivesync.exe, verze: 1.13.5782.599, časové razítko: 0x509418e4
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.18247, časové razítko: 0x521ea8e7
Kód výjimky: 0xc0000005
Posun chyby: 0x0002dfe4
ID chybujícího procesu: 0x880
Čas spuštění chybující aplikace: 0xgoogledrivesync.exe0
Cesta k chybující aplikaci: googledrivesync.exe1
Cesta k chybujícímu modulu: googledrivesync.exe2
ID zprávy: googledrivesync.exe3

Error: (01/30/2014 06:01:12 PM) (Source: Application Error) (User: )
Description: Název chybující aplikace: Stronghold Crusader.exe, verze: 0.0.0.0, časové razítko: 0x3d6b922b
Název chybujícího modulu: Stronghold Crusader.exe, verze: 0.0.0.0, časové razítko: 0x3d6b922b
Kód výjimky: 0xc0000005
Posun chyby: 0x000f335c
ID chybujícího procesu: 0x6b4
Čas spuštění chybující aplikace: 0xStronghold Crusader.exe0
Cesta k chybující aplikaci: Stronghold Crusader.exe1
Cesta k chybujícímu modulu: Stronghold Crusader.exe2
ID zprávy: Stronghold Crusader.exe3

Error: (01/22/2014 10:22:49 PM) (Source: Application Error) (User: )
Description: Název chybující aplikace: firefox.exe, verze: 26.0.0.5087, časové razítko: 0x52a0d273
Název chybujícího modulu: xul.dll, verze: 26.0.0.5087, časové razítko: 0x52a0d20a
Kód výjimky: 0xc0000005
Posun chyby: 0x0014e1a8
ID chybujícího procesu: 0x1114
Čas spuštění chybující aplikace: 0xfirefox.exe0
Cesta k chybující aplikaci: firefox.exe1
Cesta k chybujícímu modulu: firefox.exe2
ID zprávy: firefox.exe3

Error: (01/20/2014 10:50:58 AM) (Source: Application Error) (User: )
Description: Název chybující aplikace: WINWORD.EXE, verze: 12.0.4518.1014, časové razítko: 0x45428028
Název chybujícího modulu: wwlib.dll, verze: 12.0.4518.1014, časové razítko: 0x454285fb
Kód výjimky: 0xc0000005
Posun chyby: 0x00040c43
ID chybujícího procesu: 0xef0
Čas spuštění chybující aplikace: 0xWINWORD.EXE0
Cesta k chybující aplikaci: WINWORD.EXE1
Cesta k chybujícímu modulu: WINWORD.EXE2
ID zprávy: WINWORD.EXE3

Error: (01/20/2014 10:45:52 AM) (Source: Application Error) (User: )
Description: Název chybující aplikace: WINWORD.EXE, verze: 12.0.4518.1014, časové razítko: 0x45428028
Název chybujícího modulu: wwlib.dll, verze: 12.0.4518.1014, časové razítko: 0x454285fb
Kód výjimky: 0xc0000005
Posun chyby: 0x00040c43
ID chybujícího procesu: 0x12d4
Čas spuštění chybující aplikace: 0xWINWORD.EXE0
Cesta k chybující aplikaci: WINWORD.EXE1
Cesta k chybujícímu modulu: WINWORD.EXE2
ID zprávy: WINWORD.EXE3

Error: (01/18/2014 10:19:39 PM) (Source: Application Hang) (User: )
Description: Program WINWORD.EXE verze 12.0.4518.1014 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1b30

Čas spuštění: 01cf148f606a6dfa

Čas ukončení: 40

Cesta k aplikaci: C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE

ID hlášení: 35a13652-8086-11e3-8a2b-fe6ba613b520

System errors:
=============
Error: (03/03/2014 04:44:52 PM) (Source: BROWSER) (User: )
Description: Službě Browser se při přenosu \Device\NetBT_Tcpip_{EDBB9F84-D2F2-402A-8BB1-BA5B71EE2CB4} příliš často nezdařilo načíst záložní seznam.
Záložní prohledávač bude ukončen.

Error: (03/03/2014 08:56:09 AM) (Source: Service Control Manager) (User: )
Description: Při čekání na odezvu transakce služby Netman bylo dosaženo časového limitu (30000 ms).

Error: (03/01/2014 00:49:22 PM) (Source: BROWSER) (User: )
Description: Službě Browser se při přenosu \Device\NetBT_Tcpip_{EDBB9F84-D2F2-402A-8BB1-BA5B71EE2CB4} příliš často nezdařilo načíst záložní seznam.
Záložní prohledávač bude ukončen.

Error: (03/01/2014 09:31:19 AM) (Source: BROWSER) (User: )
Description: Službě Browser se při přenosu \Device\NetBT_Tcpip_{EDBB9F84-D2F2-402A-8BB1-BA5B71EE2CB4} příliš často nezdařilo načíst záložní seznam.
Záložní prohledávač bude ukončen.

Error: (03/01/2014 00:11:29 AM) (Source: BROWSER) (User: )
Description: Službě Browser se při přenosu \Device\NetBT_Tcpip_{EDBB9F84-D2F2-402A-8BB1-BA5B71EE2CB4} příliš často nezdařilo načíst záložní seznam.
Záložní prohledávač bude ukončen.

Error: (03/01/2014 00:07:19 AM) (Source: bowser) (User: )
Description: Hlavní prohledávač přijal oznámení serveru od počítače JELÍNKOVI-PC,
který se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{EDBB9F84-D2F2-402A-8BB1-BA5B71EE2CB4}.
Hlavní prohledávač bude ukončen nebo bude vyvolána volba.

Error: (02/25/2014 08:39:34 PM) (Source: Service Control Manager) (User: )
Description: Při čekání na odezvu transakce služby vpnagent bylo dosaženo časového limitu (30000 ms).

Error: (02/25/2014 08:39:08 PM) (Source: Service Control Manager) (User: )
Description: Služba atksgt neuspěla při spuštění v důsledku následující chyby:
%%1275

Error: (02/25/2014 08:39:08 PM) (Source: Application Popup) (User: )
Description: Načtení ovladače atksgt.sys je blokováno.

Error: (02/25/2014 08:39:08 PM) (Source: Service Control Manager) (User: )
Description: Služba Adobe Flash Player Update Service neuspěla při spuštění v důsledku následující chyby:
%%2

Microsoft Office Sessions:
=========================
Error: (01/20/2014 10:50:57 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 13 seconds with 0 seconds of active time. This session ended with a crash.

Error: (01/20/2014 10:45:51 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 17 seconds with 0 seconds of active time. This session ended with a crash.

Error: (03/24/2013 06:52:34 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 23910 seconds with 60 seconds of active time. This session ended with a crash.

CodeIntegrity Errors:
===================================
Date: 2012-06-08 09:06:45.371
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\IT9135BDA.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-06-08 09:06:45.151
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\IT9135BDA.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-06-08 09:04:03.632
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\IT9135BDA.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-06-08 09:04:03.362
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\IT9135BDA.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-06-08 07:49:10.628
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\IT9135BDA.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-06-08 07:49:10.408
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\IT9135BDA.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-06-07 21:44:52.135
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\IT9135BDA.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-06-07 21:44:51.850
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\IT9135BDA.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-06-07 21:38:26.483
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\IT9135BDA.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-06-07 21:38:26.226
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\IT9135BDA.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Percentage of memory in use: 46%
Total physical RAM: 3818.9 MB
Available physical RAM: 2025.5 MB
Total Pagefile: 7635.98 MB
Available Pagefile: 5557.98 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:43.95 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 000E4534)

Partition: GPT Partition Type.

==================== End Of Log ============================

#2 Příspěvek od **vyosek** » 04 bře 2014 13:54

Zdravim

Dejte mi sem prosim i log FRST.txt

chrudos10 · #3 Příspěvek od **chrudos10** » 04 bře 2014 14:38

Dobrej

tady je

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-03-2014
Ran by Tomáš (administrator) on TOMÁŠ-PC on 04-03-2014 12:45:39
Running from C:\Users\Tomáš\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Conexant Systems Inc.) C:\Windows\system32\CxAudMsg64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(BlazeVideo Company) C:\Program Files (x86)\BlazeVideo\BlazeHDTV 6.0\MediaDetector.exe
(Yontoo LLC) C:\Users\Tomáš\AppData\Roaming\Yontoo\YontooDesktop.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft) C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [976032 2011-09-16] (Atheros Communications)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [799904 2011-09-16] (Atheros Commnucations)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [523216 2011-09-09] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [296096 2012-09-26] (RealNetworks, Inc.)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-05-02] (Microsoft Corporation)
HKU\S-1-5-21-2046303120-218891254-975205269-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKU\S-1-5-21-2046303120-218891254-975205269-1000\...\Run: [BlazeServoTool] - C:\Program Files (x86)\BlazeVideo\BlazeHDTV 6.0\MediaDetector.exe [286720 2011-12-21] (BlazeVideo Company)
HKU\S-1-5-21-2046303120-218891254-975205269-1000\...\Run: [Yontoo Desktop] - C:\Users\Tomáš\AppData\Roaming\Yontoo\YontooDesktop.exe [42784 2013-03-23] (Yontoo LLC)
HKU\S-1-5-21-2046303120-218891254-975205269-1000\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [21822128 2014-01-30] (Google)
HKU\S-1-5-21-2046303120-218891254-975205269-1000\...\Run: [Zoner Photo Studio Autoupdate] - C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [752736 2012-10-18] (ZONER software)
HKU\S-1-5-21-2046303120-218891254-975205269-1000\...\MountPoints2: {0fcd08d2-2587-11e2-a0b6-98aaeec327e7} - D:\LaunchU3.exe -a
HKU\S-1-5-21-2046303120-218891254-975205269-1000\...\MountPoints2: {b304ba7c-99a3-11e1-a7d7-9cb70da2507a} - F:\PcOptions.exe
HKU\S-1-5-21-2046303120-218891254-975205269-1000\...\MountPoints2: {b304ba84-99a3-11e1-a7d7-9cb70da2507a} - F:\PcOptions.exe
HKU\S-1-5-21-2046303120-218891254-975205269-1000\...\MountPoints2: {b304baeb-99a3-11e1-a7d7-8f4f0e61a8dd} - F:\PcOptions.exe
HKU\S-1-5-21-2046303120-218891254-975205269-1000\...\MountPoints2: {c3ea08dc-bb75-11e1-8c15-9cb70da2507a} - F:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A11B02 PID_0083
HKU\S-1-5-21-2046303120-218891254-975205269-1000\...\MountPoints2: {d3d697ab-952d-11e1-9b34-b7e6810bb9ed} - E:\autorun.exe
AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll => c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll File Not Found

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=119994 ... B70DA2507A
SearchScopes: HKLM-x32 - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT2528058
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT2528058
SearchScopes: HKCU - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT2528058
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTer ... B70DA2507A
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT2528058
SearchScopes: HKCU - {E08A9998-D98F-476f-8F5C-37C80FE0A4DA} URL = http://search.conduit.com/?SearchSource ... =CT2528058
BHO: avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll No File
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Tcpip\Parameters: [DhcpNameServer] 10.192.2.2

FireFox:
========
FF ProfilePath: C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\ke9zz6s4.default-1367515060052
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.10.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.10.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @real.com/nppl3260;version=15.0.6.14 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.6.14 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Tomáš\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\ke9zz6s4.default-1367515060052\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\ke9zz6s4.default-1367515060052\searchplugins\BrowserProtect.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-05-02]
FF HKLM-x32\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-09-26]

Chrome:
=======
CHR HomePage: hxxp://search.babylon.com/?affID=119994&tt=190313_wctrl&babsrc=HP_ss_din2g&mntrId=2880BEB70DA2507A
CHR RestoreOnStartup: "hxxp://search.babylon.com/?affID=119994&tt=190313_wctrl&babsrc=HP_ss_din2g&mntrId=2880BEB70DA2507A",
"hxxp://www.delta-search.com/?affID=119994&tt=1 ... B70DA2507A"
CHR DefaultSearchKeyword: babylon.com
CHR DefaultSearchProvider: Babylon
CHR DefaultSearchURL: http://search.babylon.com/?q={searchTer ... B70DA2507A
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Tom00E10161\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Extension: (YouTube) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-05-02]
CHR Extension: (Google Search) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-05-02]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-12-23]
CHR Extension: (Chrome In-App Payments service) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-12]
CHR Extension: (Gmail) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-05-02]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\TOM~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-01-19]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-09-26]
CHR HKLM-x32\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Program Files (x86)\Yontoo\YontooLayers.crx [2012-09-26]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S2 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [X]
R2 Yontoo Desktop Updater; "C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe" "C:\Users\TomßÜ\AppData\Roaming\Yontoo\YontooDesktop.exe"

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [28504 2012-03-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310984 2013-06-28] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-05-03] (DT Soft Ltd)
S3 E100B; C:\Windows\System32\DRIVERS\efe5b32e.sys [192256 2009-06-10] (Intel Corporation)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [113280 2010-02-03] (ITE )
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2012-05-10] ()
S3 massfilter_hs; C:\Windows\system32\drivers\massfilter_hs.sys [18456 2011-07-07] (HandSet Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 zghsmdm; C:\Windows\System32\DRIVERS\zghsmdm.sys [129432 2011-09-13] (ZTE Incorporated)
S3 androidusb; System32\Drivers\smhwadb.sys [X]
S3 smhwdev; system32\DRIVERS\smhwdev.sys [X]
S3 smhwser; system32\DRIVERS\smhwser.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-03-04 11:56 - 2014-03-04 12:01 - 00033570 _____ () C:\Users\Tomáš\Desktop\Addition.txt
2014-03-04 11:53 - 2014-03-04 12:46 - 00018004 _____ () C:\Users\Tomáš\Desktop\FRST.txt
2014-03-04 11:53 - 2014-03-04 12:45 - 00000000 ____D () C:\FRST
2014-03-04 11:51 - 2014-03-04 11:52 - 02156544 _____ (Farbar) C:\Users\Tomáš\Desktop\FRST64.exe
2014-03-04 11:44 - 2014-03-04 11:44 - 00010796 _____ () C:\Users\Tomáš\Desktop\hijackthis.log
2014-03-04 11:41 - 2014-03-04 11:41 - 00401720 _____ (Trend Micro Inc.) C:\Users\Tomáš\Desktop\HijackThis.exe
2014-03-04 11:16 - 2014-03-04 11:17 - 00000000 ____D () C:\rsit
2014-03-04 11:16 - 2014-03-04 11:17 - 00000000 ____D () C:\Program Files\trend micro
2014-03-04 11:15 - 2014-03-04 11:16 - 00935175 _____ () C:\Users\Tomáš\Desktop\RSITx64.exe
2014-02-24 16:38 - 2014-02-24 16:39 - 12191626 _____ () C:\Users\Tomáš\Downloads\ConvertPDFtoWordDesktopSoftware_Setup.zip
2014-02-17 07:31 - 2014-02-25 20:39 - 00003340 _____ () C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2046303120-218891254-975205269-1000
2014-02-16 21:48 - 2013-12-21 10:39 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-16 21:48 - 2013-12-21 08:56 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-16 21:44 - 2014-02-01 10:20 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-16 21:44 - 2014-02-01 10:18 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-16 21:44 - 2014-02-01 10:18 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-16 21:44 - 2014-02-01 10:18 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-16 21:44 - 2014-02-01 10:18 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-02-16 21:44 - 2014-02-01 10:18 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-16 21:44 - 2014-02-01 10:18 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-16 21:44 - 2014-02-01 08:57 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-16 21:44 - 2014-02-01 08:57 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-16 21:44 - 2014-02-01 08:57 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-16 21:44 - 2014-02-01 08:57 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-02-16 21:44 - 2014-02-01 08:57 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-16 21:44 - 2014-02-01 08:57 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-16 21:44 - 2014-02-01 08:40 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-16 21:44 - 2014-02-01 08:34 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-16 21:44 - 2014-02-01 07:45 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-02-16 21:44 - 2014-02-01 07:38 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-02-16 21:43 - 2014-02-01 10:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-16 21:43 - 2014-02-01 10:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-16 21:43 - 2014-02-01 10:18 - 19274240 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-16 21:43 - 2014-02-01 10:18 - 15403520 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-16 21:43 - 2014-02-01 10:18 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-16 21:43 - 2014-02-01 10:18 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-16 21:43 - 2014-02-01 10:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-16 21:43 - 2014-02-01 10:18 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-16 21:43 - 2014-02-01 08:58 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-16 21:43 - 2014-02-01 08:58 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-16 21:43 - 2014-02-01 08:57 - 14359040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-16 21:43 - 2014-02-01 08:57 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-16 21:43 - 2014-02-01 08:57 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-16 21:43 - 2014-02-01 08:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-02-16 21:43 - 2014-02-01 08:57 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-16 21:43 - 2014-02-01 08:57 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-15 18:01 - 2014-02-15 18:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-13 07:00 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-13 07:00 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-13 07:00 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-13 07:00 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-13 07:00 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 07:00 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-13 07:00 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-13 07:00 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-13 07:00 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-13 07:00 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-13 07:00 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-13 07:00 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-13 07:00 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-13 07:00 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-13 07:00 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-13 07:00 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-13 07:00 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-13 07:00 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-13 07:00 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-13 07:00 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-13 07:00 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-13 07:00 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-13 07:00 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-13 07:00 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-13 07:00 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-13 07:00 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-13 07:00 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-13 07:00 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll

==================== One Month Modified Files and Folders =======

2014-03-04 12:46 - 2014-03-04 11:53 - 00018004 _____ () C:\Users\Tomáš\Desktop\FRST.txt
2014-03-04 12:45 - 2014-03-04 11:53 - 00000000 ____D () C:\FRST
2014-03-04 12:42 - 2012-05-02 19:50 - 00000950 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-04 12:15 - 2012-05-02 21:57 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-04 12:04 - 2013-03-29 19:16 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\Yontoo
2014-03-04 12:01 - 2014-03-04 11:56 - 00033570 _____ () C:\Users\Tomáš\Desktop\Addition.txt
2014-03-04 11:54 - 2012-05-02 19:56 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-04 11:52 - 2014-03-04 11:51 - 02156544 _____ (Farbar) C:\Users\Tomáš\Desktop\FRST64.exe
2014-03-04 11:44 - 2014-03-04 11:44 - 00010796 _____ () C:\Users\Tomáš\Desktop\hijackthis.log
2014-03-04 11:41 - 2014-03-04 11:41 - 00401720 _____ (Trend Micro Inc.) C:\Users\Tomáš\Desktop\HijackThis.exe
2014-03-04 11:20 - 2009-07-14 05:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-04 11:20 - 2009-07-14 05:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-04 11:17 - 2014-03-04 11:16 - 00000000 ____D () C:\rsit
2014-03-04 11:17 - 2014-03-04 11:16 - 00000000 ____D () C:\Program Files\trend micro
2014-03-04 11:16 - 2014-03-04 11:15 - 00935175 _____ () C:\Users\Tomáš\Desktop\RSITx64.exe
2014-03-04 09:33 - 2012-05-02 18:20 - 01702922 _____ () C:\Windows\WindowsUpdate.log
2014-03-04 06:14 - 2012-05-02 19:50 - 00000946 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-03 18:18 - 2012-11-10 21:50 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\.minecraft
2014-03-02 08:13 - 2012-07-29 19:25 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-03-01 09:28 - 2012-05-22 08:58 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\CrashDumps
2014-02-26 19:15 - 2012-10-15 21:09 - 00000000 ___RD () C:\Users\Tomáš\Disk Google
2014-02-25 20:39 - 2014-02-17 07:31 - 00003340 _____ () C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2046303120-218891254-975205269-1000
2014-02-25 20:39 - 2014-01-07 19:32 - 00003206 _____ () C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2046303120-218891254-975205269-1000
2014-02-25 20:39 - 2013-09-28 06:17 - 00030242 _____ () C:\Windows\setupact.log
2014-02-25 20:39 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-24 16:39 - 2014-02-24 16:38 - 12191626 _____ () C:\Users\Tomáš\Downloads\ConvertPDFtoWordDesktopSoftware_Setup.zip
2014-02-21 09:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-21 05:37 - 2012-05-02 19:50 - 00003946 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-21 05:37 - 2012-05-02 19:50 - 00003694 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-20 20:06 - 2014-01-19 18:39 - 00002042 _____ () C:\Users\Public\Desktop\Google Slides.lnk
2014-02-20 20:06 - 2014-01-19 18:39 - 00002040 _____ () C:\Users\Public\Desktop\Google Sheets.lnk
2014-02-20 20:06 - 2014-01-19 18:39 - 00002030 _____ () C:\Users\Public\Desktop\Google Docs.lnk
2014-02-16 22:08 - 2009-07-14 16:18 - 00631526 _____ () C:\Windows\system32\perfh005.dat
2014-02-16 22:08 - 2009-07-14 16:18 - 00122148 _____ () C:\Windows\system32\perfc005.dat
2014-02-16 22:08 - 2009-07-14 06:13 - 01490796 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-16 22:02 - 2013-07-22 21:26 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-16 21:58 - 2012-05-10 21:41 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-15 20:16 - 2012-05-02 19:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-15 18:02 - 2014-02-15 18:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

Some content of TEMP:
====================
C:\Users\Tomáš\AppData\Local\Temp\i4jdel0.exe
C:\Users\Tomáš\AppData\Local\Temp\i4jdel1.exe
C:\Users\Tomáš\AppData\Local\Temp\i4jdel2.exe
C:\Users\Tomáš\AppData\Local\Temp\i4jdel3.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-02-28 11:03

==================== End Of Log ============================

#4 Příspěvek od **vyosek** » 05 bře 2014 08:27

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

chrudos10 · #5 Příspěvek od **chrudos10** » 05 bře 2014 17:46

tady jsou logy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Home Premium x64
Ran by Tom ç on st 05.03.2014 at 17:05:07,86
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2046303120-218891254-975205269-1000\Software\sweetim

~~~ Files

~~~ Folders

~~~ FireFox

Emptied folder: C:\Users\Tom ç\AppData\Roaming\mozilla\firefox\profiles\ke9zz6s4.default-1367515060052\minidumps [39 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 05.03.2014 at 17:33:50,80
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v3.020 - Report created 05/03/2014 at 17:00:08
# Updated 27/02/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Tomáš - TOMÁŠ-PC
# Running from : C:\Users\Tomáš\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : Yontoo Desktop Updater

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\Program Files (x86)\Yontoo
Folder Deleted : C:\Users\Tomáš\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Tomáš\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Tomáš\AppData\Roaming\goforfiles
Folder Deleted : C:\Users\Tomáš\AppData\Roaming\Yontoo
Folder Deleted : C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
File Deleted : C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\ke9zz6s4.default-1367515060052\bprotector_extensions.sqlite
File Deleted : C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\ke9zz6s4.default-1367515060052\bprotector_prefs.js
File Deleted : C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\fk0o22fr.default\searchplugins\Babylon.xml
File Deleted : C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\ke9zz6s4.default-1367515060052\searchplugins\Babylon.xml
File Deleted : C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\ke9zz6s4.default-1367515060052\searchplugins\BrowserProtect.xml
File Deleted : C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\fk0o22fr.default\user.js
File Deleted : C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage
File Deleted : C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage-journal
File Deleted : C:\Windows\System32\Tasks\GoforFilesUpdate

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\babylon.com
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Yontoo Desktop]
Key Deleted : HKLM\SOFTWARE\Classes\*\shell\filescout
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASMANCS
Key Deleted : HKCU\Software\59ed6d9e73bec44
Key Deleted : HKLM\SOFTWARE\59ed6d9e73bec44
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2528058
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E08A9998-D98F-476F-8F5C-37C80FE0A4DA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\filescout
Key Deleted : HKCU\Software\GoforFiles
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\caphyon
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\GoforFiles
Key Deleted : HKLM\Software\Trymedia Systems
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16798

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v27.0.1 (cs)

[ File : C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\ke9zz6s4.default-1367515060052\prefs.js ]

-\\ Google Chrome v33.0.1750.146

[ File : C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage
Deleted : icon_url
Deleted : search_url
Deleted : keyword
Deleted : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [7005 octets] - [05/03/2014 16:57:47]
AdwCleaner[S0].txt - [6380 octets] - [05/03/2014 17:00:08]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6440 octets] ##########

#6 Příspěvek od **vyosek** » 06 bře 2014 00:08

Dejte log z FRST http://forum.viry.cz/viewtopic.php?f=24&t=132509

chrudos10 · #7 Příspěvek od **chrudos10** » 06 bře 2014 19:57

tady je:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-03-2014
Ran by Tomáš (administrator) on TOMÁŠ-PC on 06-03-2014 19:57:46
Running from C:\Users\Tomáš\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Conexant Systems Inc.) C:\Windows\system32\CxAudMsg64.exe
(BlazeVideo Company) C:\Program Files (x86)\BlazeVideo\BlazeHDTV 6.0\MediaDetector.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [976032 2011-09-16] (Atheros Communications)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [799904 2011-09-16] (Atheros Commnucations)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [523216 2011-09-09] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [296096 2012-09-26] (RealNetworks, Inc.)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-05-02] (Microsoft Corporation)
HKU\S-1-5-21-2046303120-218891254-975205269-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKU\S-1-5-21-2046303120-218891254-975205269-1000\...\Run: [BlazeServoTool] - C:\Program Files (x86)\BlazeVideo\BlazeHDTV 6.0\MediaDetector.exe [286720 2011-12-21] (BlazeVideo Company)
HKU\S-1-5-21-2046303120-218891254-975205269-1000\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [21822128 2014-01-30] (Google)
HKU\S-1-5-21-2046303120-218891254-975205269-1000\...\Run: [Zoner Photo Studio Autoupdate] - C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [752736 2012-10-18] (ZONER software)
HKU\S-1-5-21-2046303120-218891254-975205269-1000\...\MountPoints2: {0fcd08d2-2587-11e2-a0b6-98aaeec327e7} - D:\LaunchU3.exe -a
HKU\S-1-5-21-2046303120-218891254-975205269-1000\...\MountPoints2: {b304ba7c-99a3-11e1-a7d7-9cb70da2507a} - F:\PcOptions.exe
HKU\S-1-5-21-2046303120-218891254-975205269-1000\...\MountPoints2: {b304ba84-99a3-11e1-a7d7-9cb70da2507a} - F:\PcOptions.exe
HKU\S-1-5-21-2046303120-218891254-975205269-1000\...\MountPoints2: {b304baeb-99a3-11e1-a7d7-8f4f0e61a8dd} - F:\PcOptions.exe
HKU\S-1-5-21-2046303120-218891254-975205269-1000\...\MountPoints2: {c3ea08dc-bb75-11e1-8c15-9cb70da2507a} - F:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A11B02 PID_0083
HKU\S-1-5-21-2046303120-218891254-975205269-1000\...\MountPoints2: {d3d697ab-952d-11e1-9b34-b7e6810bb9ed} - E:\autorun.exe
AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll => c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll File Not Found

==================== Internet (Whitelisted) ====================

BHO: avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Tcpip\Parameters: [DhcpNameServer] 212.24.128.8 81.92.146.5

FireFox:
========
FF ProfilePath: C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\ke9zz6s4.default-1367515060052
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.10.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.10.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @real.com/nppl3260;version=15.0.6.14 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.6.14 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Tomáš\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-05-02]
FF HKLM-x32\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-09-26]

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com",
"hxxp://www.delta-search.com/?affID=119994&tt=1 ... B70DA2507A"
CHR DefaultSearchProvider: Babylon
CHR DefaultSearchURL: http://www.google.com
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Tom00E10161\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Extension: (YouTube) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-05-02]
CHR Extension: (Google Search) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-05-02]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-12-23]
CHR Extension: (Chrome In-App Payments service) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-12]
CHR Extension: (Gmail) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-05-02]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\TOM~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-01-19]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-09-26]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S2 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [X]

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [28504 2012-03-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310984 2013-06-28] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-05-03] (DT Soft Ltd)
S3 E100B; C:\Windows\System32\DRIVERS\efe5b32e.sys [192256 2009-06-10] (Intel Corporation)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [113280 2010-02-03] (ITE )
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2012-05-10] ()
S3 massfilter_hs; C:\Windows\system32\drivers\massfilter_hs.sys [18456 2011-07-07] (HandSet Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 zghsmdm; C:\Windows\System32\DRIVERS\zghsmdm.sys [129432 2011-09-13] (ZTE Incorporated)
S3 androidusb; System32\Drivers\smhwadb.sys [X]
S3 smhwdev; system32\DRIVERS\smhwdev.sys [X]
S3 smhwser; system32\DRIVERS\smhwser.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-03-05 17:33 - 2014-03-05 17:33 - 00001066 _____ () C:\Users\Tomáš\Desktop\JRT.txt
2014-03-05 16:57 - 2014-03-05 17:00 - 00000000 ____D () C:\AdwCleaner
2014-03-05 16:54 - 2014-03-05 16:54 - 00000000 ____D () C:\Windows\ERUNT
2014-03-05 16:51 - 2014-03-05 16:52 - 01244192 _____ () C:\Users\Tomáš\Desktop\adwcleaner.exe
2014-03-05 16:48 - 2014-03-05 16:49 - 01037734 _____ (Thisisu) C:\Users\Tomáš\Desktop\JRT.exe
2014-03-04 11:56 - 2014-03-04 12:54 - 00033347 _____ () C:\Users\Tomáš\Desktop\Addition.txt
2014-03-04 11:53 - 2014-03-06 19:57 - 00015695 _____ () C:\Users\Tomáš\Desktop\FRST.txt
2014-03-04 11:53 - 2014-03-06 19:57 - 00000000 ____D () C:\FRST
2014-03-04 11:51 - 2014-03-04 11:52 - 02156544 _____ (Farbar) C:\Users\Tomáš\Desktop\FRST64.exe
2014-03-04 11:44 - 2014-03-04 11:44 - 00010796 _____ () C:\Users\Tomáš\Desktop\hijackthis.log
2014-03-04 11:41 - 2014-03-04 11:41 - 00401720 _____ (Trend Micro Inc.) C:\Users\Tomáš\Desktop\HijackThis.exe
2014-03-04 11:16 - 2014-03-04 11:17 - 00000000 ____D () C:\rsit
2014-03-04 11:16 - 2014-03-04 11:17 - 00000000 ____D () C:\Program Files\trend micro
2014-03-04 11:15 - 2014-03-04 11:16 - 00935175 _____ () C:\Users\Tomáš\Desktop\RSITx64.exe
2014-02-24 16:38 - 2014-02-24 16:39 - 12191626 _____ () C:\Users\Tomáš\Downloads\ConvertPDFtoWordDesktopSoftware_Setup.zip
2014-02-17 07:31 - 2014-03-04 20:39 - 00003340 _____ () C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2046303120-218891254-975205269-1000
2014-02-16 21:48 - 2013-12-21 10:39 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-16 21:48 - 2013-12-21 08:56 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-16 21:44 - 2014-02-01 10:20 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-16 21:44 - 2014-02-01 10:18 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-16 21:44 - 2014-02-01 10:18 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-16 21:44 - 2014-02-01 10:18 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-16 21:44 - 2014-02-01 10:18 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-02-16 21:44 - 2014-02-01 10:18 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-16 21:44 - 2014-02-01 10:18 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-16 21:44 - 2014-02-01 08:57 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-16 21:44 - 2014-02-01 08:57 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-16 21:44 - 2014-02-01 08:57 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-16 21:44 - 2014-02-01 08:57 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-02-16 21:44 - 2014-02-01 08:57 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-16 21:44 - 2014-02-01 08:57 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-16 21:44 - 2014-02-01 08:40 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-16 21:44 - 2014-02-01 08:34 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-16 21:44 - 2014-02-01 07:45 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-02-16 21:44 - 2014-02-01 07:38 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-02-16 21:43 - 2014-02-01 10:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-16 21:43 - 2014-02-01 10:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-16 21:43 - 2014-02-01 10:18 - 19274240 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-16 21:43 - 2014-02-01 10:18 - 15403520 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-16 21:43 - 2014-02-01 10:18 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-16 21:43 - 2014-02-01 10:18 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-16 21:43 - 2014-02-01 10:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-16 21:43 - 2014-02-01 10:18 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-16 21:43 - 2014-02-01 08:58 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-16 21:43 - 2014-02-01 08:58 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-16 21:43 - 2014-02-01 08:57 - 14359040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-16 21:43 - 2014-02-01 08:57 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-16 21:43 - 2014-02-01 08:57 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-16 21:43 - 2014-02-01 08:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-02-16 21:43 - 2014-02-01 08:57 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-16 21:43 - 2014-02-01 08:57 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-15 18:01 - 2014-02-15 18:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-13 07:00 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-13 07:00 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-13 07:00 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-13 07:00 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-13 07:00 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 07:00 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-13 07:00 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-13 07:00 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-13 07:00 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-13 07:00 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-13 07:00 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-13 07:00 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-13 07:00 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-13 07:00 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-13 07:00 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-13 07:00 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-13 07:00 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-13 07:00 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-13 07:00 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-13 07:00 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-13 07:00 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-13 07:00 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-13 07:00 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-13 07:00 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-13 07:00 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-13 07:00 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-13 07:00 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-13 07:00 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll

==================== One Month Modified Files and Folders =======

2014-03-06 19:58 - 2014-03-04 11:53 - 00015695 _____ () C:\Users\Tomáš\Desktop\FRST.txt
2014-03-06 19:57 - 2014-03-04 11:53 - 00000000 ____D () C:\FRST
2014-03-06 19:56 - 2012-05-02 21:57 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-06 19:56 - 2012-05-02 19:50 - 00000950 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-06 16:19 - 2012-05-02 18:20 - 01744702 _____ () C:\Windows\WindowsUpdate.log
2014-03-06 09:35 - 2012-05-22 08:58 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\CrashDumps
2014-03-06 05:42 - 2012-05-02 19:50 - 00000946 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-05 17:33 - 2014-03-05 17:33 - 00001066 _____ () C:\Users\Tomáš\Desktop\JRT.txt
2014-03-05 17:11 - 2009-07-14 05:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-05 17:11 - 2009-07-14 05:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-05 17:03 - 2012-10-15 21:09 - 00000000 ___RD () C:\Users\Tomáš\Disk Google
2014-03-05 17:03 - 2012-07-29 19:25 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-03-05 17:02 - 2013-09-28 06:17 - 00031086 _____ () C:\Windows\setupact.log
2014-03-05 17:02 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-05 17:00 - 2014-03-05 16:57 - 00000000 ____D () C:\AdwCleaner
2014-03-05 16:54 - 2014-03-05 16:54 - 00000000 ____D () C:\Windows\ERUNT
2014-03-05 16:52 - 2014-03-05 16:51 - 01244192 _____ () C:\Users\Tomáš\Desktop\adwcleaner.exe
2014-03-05 16:49 - 2014-03-05 16:48 - 01037734 _____ (Thisisu) C:\Users\Tomáš\Desktop\JRT.exe
2014-03-05 07:18 - 2009-07-14 16:18 - 00631526 _____ () C:\Windows\system32\perfh005.dat
2014-03-05 07:18 - 2009-07-14 16:18 - 00122148 _____ () C:\Windows\system32\perfc005.dat
2014-03-05 07:18 - 2009-07-14 06:13 - 01470298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-04 20:39 - 2014-02-17 07:31 - 00003340 _____ () C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2046303120-218891254-975205269-1000
2014-03-04 20:39 - 2014-01-07 19:32 - 00003206 _____ () C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2046303120-218891254-975205269-1000
2014-03-04 12:54 - 2014-03-04 11:56 - 00033347 _____ () C:\Users\Tomáš\Desktop\Addition.txt
2014-03-04 11:54 - 2012-05-02 19:56 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-04 11:52 - 2014-03-04 11:51 - 02156544 _____ (Farbar) C:\Users\Tomáš\Desktop\FRST64.exe
2014-03-04 11:44 - 2014-03-04 11:44 - 00010796 _____ () C:\Users\Tomáš\Desktop\hijackthis.log
2014-03-04 11:41 - 2014-03-04 11:41 - 00401720 _____ (Trend Micro Inc.) C:\Users\Tomáš\Desktop\HijackThis.exe
2014-03-04 11:17 - 2014-03-04 11:16 - 00000000 ____D () C:\rsit
2014-03-04 11:17 - 2014-03-04 11:16 - 00000000 ____D () C:\Program Files\trend micro
2014-03-04 11:16 - 2014-03-04 11:15 - 00935175 _____ () C:\Users\Tomáš\Desktop\RSITx64.exe
2014-03-03 18:18 - 2012-11-10 21:50 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\.minecraft
2014-02-24 16:39 - 2014-02-24 16:38 - 12191626 _____ () C:\Users\Tomáš\Downloads\ConvertPDFtoWordDesktopSoftware_Setup.zip
2014-02-21 09:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-21 05:37 - 2012-05-02 19:50 - 00003946 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-21 05:37 - 2012-05-02 19:50 - 00003694 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-20 20:06 - 2014-01-19 18:39 - 00002042 _____ () C:\Users\Public\Desktop\Google Slides.lnk
2014-02-20 20:06 - 2014-01-19 18:39 - 00002040 _____ () C:\Users\Public\Desktop\Google Sheets.lnk
2014-02-20 20:06 - 2014-01-19 18:39 - 00002030 _____ () C:\Users\Public\Desktop\Google Docs.lnk
2014-02-16 22:02 - 2013-07-22 21:26 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-16 21:58 - 2012-05-10 21:41 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-15 20:16 - 2012-05-02 19:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-15 18:02 - 2014-02-15 18:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

Some content of TEMP:
====================
C:\Users\Tomáš\AppData\Local\Temp\i4jdel0.exe
C:\Users\Tomáš\AppData\Local\Temp\i4jdel1.exe
C:\Users\Tomáš\AppData\Local\Temp\i4jdel2.exe
C:\Users\Tomáš\AppData\Local\Temp\i4jdel3.exe
C:\Users\Tomáš\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-02-28 11:03

==================== End Of Log ============================

#8 Příspěvek od **vyosek** » 09 bře 2014 06:44

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [296096 2012-09-26] (RealNetworks, Inc.)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-05-02] (Microsoft Corporation)
HKU\S-1-5-21-2046303120-218891254-975205269-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKU\S-1-5-21-2046303120-218891254-975205269-1000\...\Run: [BlazeServoTool] - C:\Program Files (x86)\BlazeVideo\BlazeHDTV 6.0\MediaDetector.exe [286720 2011-12-21] (BlazeVideo Company)HKU\S-1-5-21-2046303120-218891254-975205269-1000\...\Run: [Zoner Photo Studio Autoupdate] - C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [752736 2012-10-18] (ZONER software)
HKU\S-1-5-21-2046303120-218891254-975205269-1000\...\MountPoints2: {0fcd08d2-2587-11e2-a0b6-98aaeec327e7} - D:\LaunchU3.exe -a
HKU\S-1-5-21-2046303120-218891254-975205269-1000\...\MountPoints2: {b304ba7c-99a3-11e1-a7d7-9cb70da2507a} - F:\PcOptions.exe
HKU\S-1-5-21-2046303120-218891254-975205269-1000\...\MountPoints2: {b304ba84-99a3-11e1-a7d7-9cb70da2507a} - F:\PcOptions.exe
HKU\S-1-5-21-2046303120-218891254-975205269-1000\...\MountPoints2: {b304baeb-99a3-11e1-a7d7-8f4f0e61a8dd} - F:\PcOptions.exe
HKU\S-1-5-21-2046303120-218891254-975205269-1000\...\MountPoints2: {c3ea08dc-bb75-11e1-8c15-9cb70da2507a} - F:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A11B02 PID_0083
HKU\S-1-5-21-2046303120-218891254-975205269-1000\...\MountPoints2: {d3d697ab-952d-11e1-9b34-b7e6810bb9ed} - E:\autorun.exe
AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll => c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll File Not Found

CHR RestoreOnStartup: "hxxp://www.google.com",
"hxxp://www.delta-search.com/?affID=119994&tt=190313_wctrl&babsrc=HP_ss&mntrId=2880BEB70DA2507A"
CHR DefaultSearchProvider: Babylon
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-09-26]

2014-03-05 16:51 - 2014-03-05 16:52 - 01244192 _____ () C:\Users\Tomáš\Desktop\adwcleaner.exe
2014-03-05 16:48 - 2014-03-05 16:49 - 01037734 _____ (Thisisu) C:\Users\Tomáš\Desktop\JRT.exe
2014-03-04 11:56 - 2014-03-04 12:54 - 00033347 _____ () C:\Users\Tomáš\Desktop\Addition.txt
2014-03-04 11:53 - 2014-03-06 19:57 - 00015695 _____ () C:\Users\Tomáš\Desktop\FRST.txt
2014-03-04 11:41 - 2014-03-04 11:41 - 00401720 _____ (Trend Micro Inc.) C:\Users\Tomáš\Desktop\HijackThis.exe
C:\Users\Tomáš\AppData\Local\Temp\i4jdel0.exe
C:\Users\Tomáš\AppData\Local\Temp\i4jdel1.exe
C:\Users\Tomáš\AppData\Local\Temp\i4jdel2.exe
C:\Users\Tomáš\AppData\Local\Temp\i4jdel3.exe
C:\Users\Tomáš\AppData\Local\Temp\Quarantine.exe

Hosts:
CMD: shutdown /r /f /t 2

End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

VIRY.CZ

Pomalý internet a počítač

Pomalý internet a počítač

Re: Pomalý internet a počítač

Re: Pomalý internet a počítač

Re: Pomalý internet a počítač

Re: Pomalý internet a počítač

Re: Pomalý internet a počítač

Re: Pomalý internet a počítač

Re: Pomalý internet a počítač