Speed up my computer - FIXmyRegistry

Zpráva

kubekr · #1 Příspěvek od **kubekr** » 09 bře 2014 10:21

Ahojte,

prosím o radu s odinstalací programu SpeedMyComputer.

"Sám od sebe" se mi nainstaloval program SpeedMyComputer. Když ho odinstaluju, tak se automaticky naistaluje FixMyRegistry. Když odinstaluju Fix..., tak se naistaluje Spedd... A tak pořád dokola.

Mám LENOVO Ideapad(4 GB RAM, CPU 1.9 GHz) WIN8 64 bit. Půl roku šlapal jako hodinky, rychlý náběh po spuštění rychle spuštění programů atd. Teď vše trvá. Antivir používám Essential, k tomu CC a spyBot.

Mimo to, že je počítač hodně zabrzděný, občas zablbne tak, že se třeba levé tlačítko touchpadu chová, jak bych ke kliknutí nestále držel ctrl.

Prosím o radu s těmi programy výše a pokud to půjde, tak co udělat ať PC zrychlím.

Děkuji, Jakub.

LOG:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-03-2014 01
Ran by Jakub (administrator) on KUBEK on 09-03-2014 10:22:57
Running from C:\Users\Jakub\Desktop
Windows 8 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\windows\system32\WLANExt.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(APN LLC.) C:\Users\Jakub\AppData\Local\VNT\vntldr.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(ZONER software) C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
(Naturpic Software) C:\Program Files (x86)\High Quality Photo Resizer\Resizer.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Jakub\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynLenovoGestureMgr] - C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [665400 2012-08-27] (Synaptics)
HKLM\...\Run: [RtsFT] - C:\windows\RTFTrack.exe [6334096 2012-08-27] (Realtek semiconductor)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [11577216 2012-08-27] (Motorola Solutions, Inc.)
HKLM\...\Run: [Energy Management] - C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17080376 2013-02-17] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] - C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191544 2013-02-17] (Lenovo(beijing) Limited)
HKLM\...\Run: [MouseDriver] - C:\windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM-x32\...\Run: [YouCam Mirage] - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] - C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [ApnTBMon] - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1757648 2014-02-08] (APN)
HKLM-x32\...\Run: [VNT] - C:\Program Files (x86)\VNT\vntldr.exe [195536 2014-02-08] (APN LLC.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1590769430-2290388610-2074737809-1001\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1590769430-2290388610-2074737809-1001\...\Run: [NextLive] - C:\windows\SysWOW64\rundll32.exe "C:\Users\Jakub\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\S-1-5-21-1590769430-2290388610-2074737809-1001\...\Run: [FixMyRegistry] - C:\Program Files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe [1886840 2013-07-22] ()
HKU\S-1-5-21-1590769430-2290388610-2074737809-1001\...\Run: [SpybotSD TeaTimer] - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2144088 2009-01-26] (Safer Networking Limited)
HKU\S-1-5-21-1590769430-2290388610-2074737809-1001\...\Run: [Zoner Photo Studio Autoupdate] - C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [773728 2012-12-04] (ZONER software)
HKU\S-1-5-21-1590769430-2290388610-2074737809-1001\...\MountPoints2: {88731706-41a3-11e3-be77-6036ddeb1a76} - "E:\unlock.exe" autoplay=true
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1750559
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
SearchScopes: HKLM - DefaultScope {21653EF1-C077-4F23-9F37-EA89E6570913} URL = http://www.bing.com/search?q={searchTer ... &pc=MALNJS
SearchScopes: HKLM - {21653EF1-C077-4F23-9F37-EA89E6570913} URL = http://www.bing.com/search?q={searchTer ... &pc=MALNJS
SearchScopes: HKLM-x32 - DefaultScope {9B1E40BC-8AD5-47E1-A020-1F95400EED14} URL =
SearchScopes: HKLM-x32 - {21653EF1-C077-4F23-9F37-EA89E6570913} URL = http://www.bing.com/search?q={searchTer ... &pc=MALNJS
SearchScopes: HKCU - DefaultScope {9B1E40BC-8AD5-47E1-A020-1F95400EED14} URL = http://search.conduit.com/ResultsExt.as ... 71131&UM=1
SearchScopes: HKCU - {21653EF1-C077-4F23-9F37-EA89E6570913} URL =
SearchScopes: HKCU - {9B1E40BC-8AD5-47E1-A020-1F95400EED14} URL = http://search.conduit.com/ResultsExt.as ... 71131&UM=1
BHO: Ask Toolbar - {5054562D-5247-006A-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\PTV-RG\Passport_x64.dll (APN LLC.)
BHO-x32: Ask Toolbar - {5054562D-5247-006A-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\PTV-RG\Passport.dll (APN LLC.)
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
Toolbar: HKLM - Ask Toolbar - {5054562D-5247-006A-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\PTV-RG\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - Ask Toolbar - {5054562D-5247-006A-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\PTV-RG\Passport.dll (APN LLC.)
Toolbar: HKCU - Ask Toolbar - {5054562D-5247-006A-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\PTV-RG\Passport_x64.dll (APN LLC.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha1984.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1984\ff
FF Extension: Media View - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1984\ff [2014-02-28]

Chrome:
=======
CHR HomePage: hxxp://www.seznam.cz/?clid=13415
CHR Extension: (Disk Google) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-30]
CHR Extension: (YouTube) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-30]
CHR Extension: (Chrome YouTube Downloader) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbdjiinahkdjdcdlgfimlcolkjpbooja [2014-01-28]
CHR Extension: (VyhledÃÂ¡vÃÂ¡nÃÂ Google) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-30]
CHR Extension: (Media View) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\iglfdakmigkmaemiccbhbjemmcppaldi [2014-02-28]
CHR Extension: (PenÃÂÃÂ¾enka Google) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-30]
CHR Extension: (Gmail) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-30]
CHR HKLM-x32\...\Chrome\Extension: [aaaahnibljmklpljnbpgfobmfpfhplch] - C:\ProgramData\AskPartnerNetwork\Toolbar\PTV-RG\CRX\ToolbarCR.crx [2014-02-08]
CHR HKLM-x32\...\Chrome\Extension: [iglfdakmigkmaemiccbhbjemmcppaldi] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1984\ch\MediaViewV1alpha1984.crx [2014-02-26]

==================== Services (Whitelisted) =================

R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-08] (APN LLC.)
R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-30] (Diskeeper Corporation)
R2 irstrtsv; C:\windows\SysWOW64\irstrtsv.exe [193576 2012-07-20] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [121728 2012-08-27] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [857472 2012-08-29] (Motorola Solutions, Inc.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2013-10-30] (Disc Soft Ltd)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-30] (Diskeeper Corporation)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [95024 2012-03-30] (Diskeeper Corporation)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-20] (Intel Corporation)
R3 LAD; C:\Windows\System32\drivers\LAD.sys [8704 2012-06-08] (TODO: <Company name>)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-10-08] (Intel Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8227216 2012-08-27] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-27] (Synaptics Incorporated)
S3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-11-30] (Windows (R) Win 7 DDK provider)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-11-30] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-03-09 10:22 - 2014-03-09 10:23 - 00014863 _____ () C:\Users\Jakub\Desktop\FRST.txt
2014-03-09 10:22 - 2014-03-09 10:22 - 00000000 ____D () C:\FRST
2014-03-09 10:20 - 2014-03-09 10:20 - 00112640 _____ (forum.viry.cz) C:\Users\Jakub\Desktop\FRSTLauncher.exe
2014-03-09 10:19 - 2014-03-09 10:19 - 00112640 _____ (forum.viry.cz) C:\Users\Jakub\Downloads\Nepotvrzeno 362992.crdownload
2014-03-09 10:19 - 2014-03-09 10:19 - 00112640 _____ (forum.viry.cz) C:\Users\Jakub\Desktop\Nepotvrzeno 825596.crdownload
2014-03-09 10:16 - 2014-03-09 10:16 - 00112640 _____ (forum.viry.cz) C:\Users\Jakub\Downloads\Nepotvrzeno 540688.crdownload
2014-03-09 10:15 - 2014-03-09 10:15 - 02156544 _____ (Farbar) C:\Users\Jakub\Desktop\FRST64.exe
2014-03-08 15:52 - 2014-03-08 16:39 - 1662502912 _____ () C:\Users\Jakub\Downloads\Kurs sebeovládání.avi
2014-03-08 15:51 - 2014-03-08 16:01 - 740252236 _____ () C:\Users\Jakub\Downloads\Kurz sebeovládání.mp4
2014-03-08 15:51 - 2014-03-08 15:51 - 00016408 _____ () C:\Users\Jakub\Downloads\[CzT]Kurs_sebeovladani_Anger_Management_2003_.torrent
2014-03-08 15:49 - 2014-03-08 15:49 - 00014666 _____ () C:\Users\Jakub\Downloads\[CzT]Kurz_sebeovladani_Anger_Management.torrent
2014-03-06 14:41 - 2014-03-06 14:48 - 00000000 ____D () C:\Users\Jakub\Desktop\Nová složka
2014-03-06 14:37 - 2014-03-06 14:37 - 00000788 _____ () C:\windows\setupact.log
2014-03-06 14:37 - 2014-03-06 14:37 - 00000000 _____ () C:\windows\setuperr.log
2014-03-05 21:23 - 2014-03-09 09:51 - 00453193 _____ () C:\windows\WindowsUpdate.log
2014-03-05 17:48 - 2014-03-05 17:48 - 00002772 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-03-05 17:47 - 2014-03-05 17:48 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-05 17:45 - 2014-03-05 17:45 - 00001227 _____ () C:\Users\Jakub\Desktop\FixMyRegistry.lnk
2014-03-05 17:39 - 2014-03-05 17:40 - 11183515 _____ () C:\Users\Jakub\Downloads\cc-setup (1).exe
2014-03-02 13:30 - 2014-03-03 11:40 - 00000000 ____D () C:\Users\Jakub\Desktop\cvic
2014-02-28 11:31 - 2014-02-28 11:31 - 00000000 ____D () C:\Program Files (x86)\MediaViewV1
2014-02-28 10:29 - 2014-02-28 10:29 - 00000110 ____H () C:\Users\Jakub\Desktop\ryb1.jpg.uid-zps
2014-02-26 13:38 - 2014-02-26 13:38 - 00001780 _____ () C:\Users\Jakub\Downloads\Schéma trasy DSO - 0100250413.zip
2014-02-26 10:26 - 2014-03-05 17:52 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-02-26 10:26 - 2014-02-26 10:26 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-02-26 10:25 - 2014-02-26 10:26 - 11140364 _____ () C:\Users\Jakub\Downloads\cc-setup.exe
2014-02-26 10:24 - 2014-02-26 10:25 - 16409960 _____ (Safer Networking Limited ) C:\Users\Jakub\Downloads\spybotsd162.exe
2014-02-26 10:13 - 2014-02-26 10:13 - 00000000 ____D () C:\Users\Jakub\AppData\Local\AskPartnerNetwork
2014-02-24 11:31 - 2014-02-26 10:20 - 00000000 ____D () C:\Program Files (x86)\MediaViewerV1
2014-02-19 14:46 - 2014-02-19 14:47 - 39042128 _____ (Microsoft Corporation) C:\Users\Jakub\Downloads\FileFormatConverters.exe
2014-02-19 14:46 - 2014-02-19 14:47 - 24793312 _____ (Microsoft Corporation) C:\Users\Jakub\Downloads\Windows-KB890830-V5.9.exe
2014-02-19 14:46 - 2014-02-19 14:46 - 00961736 _____ (Microsoft Corporation) C:\Users\Jakub\Downloads\SaveAsPDFandXPS.exe
2014-02-17 11:19 - 2014-02-17 11:19 - 00000000 ____D () C:\ProgramData\RegClean
2014-02-13 23:29 - 2013-12-05 00:43 - 00583680 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll
2014-02-13 23:29 - 2013-12-05 00:37 - 00451072 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdrm.dll
2014-02-13 16:31 - 2014-02-13 16:31 - 00000110 ____H () C:\Users\Jakub\Desktop\skotnica.jpg.uid-zps
2014-02-13 12:18 - 2014-02-01 10:20 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-02-13 12:18 - 2014-02-01 10:19 - 02241536 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-02-13 12:18 - 2014-02-01 10:19 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-02-13 12:18 - 2014-02-01 10:19 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-02-13 12:18 - 2014-02-01 10:19 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-02-13 12:18 - 2014-02-01 10:18 - 19274240 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-02-13 12:18 - 2014-02-01 10:18 - 15403520 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-02-13 12:18 - 2014-02-01 10:18 - 03960320 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-02-13 12:18 - 2014-02-01 10:18 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-02-13 12:18 - 2014-02-01 10:18 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-02-13 12:18 - 2014-02-01 10:18 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-02-13 12:18 - 2014-02-01 10:18 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-02-13 12:18 - 2014-02-01 10:18 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-02-13 12:18 - 2014-02-01 10:18 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-02-13 12:18 - 2014-02-01 10:18 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-02-13 12:18 - 2014-02-01 10:18 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-02-13 12:18 - 2014-02-01 08:58 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-02-13 12:18 - 2014-02-01 08:58 - 01140736 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-02-13 12:18 - 2014-02-01 08:58 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-02-13 12:18 - 2014-02-01 08:57 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-02-13 12:18 - 2014-02-01 08:57 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-02-13 12:18 - 2014-02-01 08:57 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-02-13 12:18 - 2014-02-01 08:57 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-02-13 12:18 - 2014-02-01 08:57 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-02-13 12:18 - 2014-02-01 08:57 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-02-13 12:18 - 2014-02-01 08:57 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-02-13 12:18 - 2014-02-01 08:40 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-02-13 12:18 - 2014-02-01 08:34 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-02-13 12:18 - 2014-02-01 06:08 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-02-13 12:18 - 2013-12-09 01:45 - 00523776 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-02-13 12:18 - 2013-12-09 00:59 - 00600064 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-02-13 12:18 - 2013-12-05 00:43 - 01845248 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-02-13 12:18 - 2013-12-05 00:37 - 01419264 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-02-13 12:18 - 2013-11-27 01:19 - 00385614 _____ () C:\windows\system32\ApnDatabase.xml
2014-02-13 12:18 - 2013-11-26 00:17 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2014-02-13 12:18 - 2013-11-01 06:53 - 02232664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-02-13 12:17 - 2014-02-01 08:57 - 14359040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-02-13 12:17 - 2014-02-01 08:57 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-02-13 12:17 - 2014-02-01 08:57 - 02049024 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-02-13 12:17 - 2014-02-01 08:57 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-02-13 12:17 - 2014-01-13 00:30 - 02238976 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-02-13 12:17 - 2014-01-13 00:30 - 02032640 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-02-13 12:17 - 2013-11-20 01:15 - 03842560 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2014-02-13 12:17 - 2013-11-20 00:57 - 03288576 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll
2014-02-10 22:00 - 2014-03-02 11:52 - 00022683 _____ () C:\Users\Jakub\Desktop\Seznam_kontaktu-Jakub_Roman.xlsx

==================== One Month Modified Files and Folders =======

2014-03-09 10:23 - 2014-03-09 10:22 - 00014863 _____ () C:\Users\Jakub\Desktop\FRST.txt
2014-03-09 10:22 - 2014-03-09 10:22 - 00000000 ____D () C:\FRST
2014-03-09 10:20 - 2014-03-09 10:20 - 00112640 _____ (forum.viry.cz) C:\Users\Jakub\Desktop\FRSTLauncher.exe
2014-03-09 10:19 - 2014-03-09 10:19 - 00112640 _____ (forum.viry.cz) C:\Users\Jakub\Downloads\Nepotvrzeno 362992.crdownload
2014-03-09 10:19 - 2014-03-09 10:19 - 00112640 _____ (forum.viry.cz) C:\Users\Jakub\Desktop\Nepotvrzeno 825596.crdownload
2014-03-09 10:16 - 2014-03-09 10:16 - 00112640 _____ (forum.viry.cz) C:\Users\Jakub\Downloads\Nepotvrzeno 540688.crdownload
2014-03-09 10:15 - 2014-03-09 10:15 - 02156544 _____ (Farbar) C:\Users\Jakub\Desktop\FRST64.exe
2014-03-09 10:10 - 2013-10-30 21:55 - 00000962 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-09 09:51 - 2014-03-05 21:23 - 00453193 _____ () C:\windows\WindowsUpdate.log
2014-03-09 09:40 - 2013-02-17 08:18 - 00727488 _____ () C:\windows\system32\perfh005.dat
2014-03-09 09:40 - 2013-02-17 08:18 - 00148006 _____ () C:\windows\system32\perfc005.dat
2014-03-09 09:40 - 2012-07-26 08:28 - 01714430 _____ () C:\windows\system32\PerfStringBackup.INI
2014-03-09 09:38 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\system32\sru
2014-03-08 23:10 - 2013-10-30 21:55 - 00000958 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-08 17:17 - 2013-11-11 09:38 - 00000000 ____D () C:\Users\Jakub\AppData\Roaming\uTorrent
2014-03-08 16:39 - 2014-03-08 15:52 - 1662502912 _____ () C:\Users\Jakub\Downloads\Kurs sebeovládání.avi
2014-03-08 16:31 - 2014-01-03 19:28 - 00000356 _____ () C:\windows\Tasks\AmiUpdXp.job
2014-03-08 16:01 - 2014-03-08 15:51 - 740252236 _____ () C:\Users\Jakub\Downloads\Kurz sebeovládání.mp4
2014-03-08 15:51 - 2014-03-08 15:51 - 00016408 _____ () C:\Users\Jakub\Downloads\[CzT]Kurs_sebeovladani_Anger_Management_2003_.torrent
2014-03-08 15:49 - 2014-03-08 15:49 - 00014666 _____ () C:\Users\Jakub\Downloads\[CzT]Kurz_sebeovladani_Anger_Management.torrent
2014-03-06 16:18 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-03-06 14:48 - 2014-03-06 14:41 - 00000000 ____D () C:\Users\Jakub\Desktop\Nová složka
2014-03-06 14:37 - 2014-03-06 14:37 - 00000788 _____ () C:\windows\setupact.log
2014-03-06 14:37 - 2014-03-06 14:37 - 00000000 _____ () C:\windows\setuperr.log
2014-03-05 17:53 - 2013-10-30 21:50 - 00000000 ____D () C:\Data
2014-03-05 17:52 - 2014-02-26 10:26 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-03-05 17:52 - 2013-12-21 12:38 - 00000000 ____D () C:\windows\Minidump
2014-03-05 17:52 - 2013-11-21 15:49 - 00000000 ____D () C:\Users\Jakub\AppData\Local\CrashDumps
2014-03-05 17:52 - 2013-10-30 22:03 - 00000000 ____D () C:\Users\Jakub\AppData\Roaming\DAEMON Tools Lite
2014-03-05 17:52 - 2012-10-10 01:08 - 00000000 ____D () C:\windows\Panther
2014-03-05 17:48 - 2014-03-05 17:48 - 00002772 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-03-05 17:48 - 2014-03-05 17:47 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-05 17:45 - 2014-03-05 17:45 - 00001227 _____ () C:\Users\Jakub\Desktop\FixMyRegistry.lnk
2014-03-05 17:45 - 2014-02-05 16:41 - 00000000 ____D () C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
2014-03-05 17:45 - 2014-02-05 16:40 - 00000000 ____D () C:\Program Files (x86)\SmartTweak
2014-03-05 17:40 - 2014-03-05 17:39 - 11183515 _____ () C:\Users\Jakub\Downloads\cc-setup (1).exe
2014-03-05 17:37 - 2014-01-03 19:28 - 00000000 ____D () C:\Users\Jakub\AppData\Roaming\newnext.me
2014-03-05 17:35 - 2012-07-26 08:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-03-03 11:40 - 2014-03-02 13:30 - 00000000 ____D () C:\Users\Jakub\Desktop\cvic
2014-03-02 11:52 - 2014-02-10 22:00 - 00022683 _____ () C:\Users\Jakub\Desktop\Seznam_kontaktu-Jakub_Roman.xlsx
2014-02-28 11:32 - 2014-01-19 22:52 - 00000311 _____ () C:\extensions.ini
2014-02-28 11:31 - 2014-02-28 11:31 - 00000000 ____D () C:\Program Files (x86)\MediaViewV1
2014-02-28 11:31 - 2014-01-30 11:31 - 00000270 __RSH () C:\ProgramData\ntuser.pol
2014-02-28 10:29 - 2014-02-28 10:29 - 00000110 ____H () C:\Users\Jakub\Desktop\ryb1.jpg.uid-zps
2014-02-26 13:45 - 2013-10-30 21:48 - 00003600 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1590769430-2290388610-2074737809-1001
2014-02-26 13:38 - 2014-02-26 13:38 - 00001780 _____ () C:\Users\Jakub\Downloads\Schéma trasy DSO - 0100250413.zip
2014-02-26 10:26 - 2014-02-26 10:26 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-02-26 10:26 - 2014-02-26 10:25 - 11140364 _____ () C:\Users\Jakub\Downloads\cc-setup.exe
2014-02-26 10:25 - 2014-02-26 10:24 - 16409960 _____ (Safer Networking Limited ) C:\Users\Jakub\Downloads\spybotsd162.exe
2014-02-26 10:21 - 2014-01-23 10:46 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-02-26 10:20 - 2014-02-24 11:31 - 00000000 ____D () C:\Program Files (x86)\MediaViewerV1
2014-02-26 10:15 - 2013-11-18 22:21 - 00000000 ____D () C:\Users\Jakub\AppData\Roaming\BSplayer
2014-02-26 10:15 - 2013-11-18 22:21 - 00000000 ____D () C:\Program Files (x86)\Webteh
2014-02-26 10:13 - 2014-02-26 10:13 - 00000000 ____D () C:\Users\Jakub\AppData\Local\AskPartnerNetwork
2014-02-20 11:00 - 2012-07-26 06:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-02-19 14:47 - 2014-02-19 14:46 - 39042128 _____ (Microsoft Corporation) C:\Users\Jakub\Downloads\FileFormatConverters.exe
2014-02-19 14:47 - 2014-02-19 14:46 - 24793312 _____ (Microsoft Corporation) C:\Users\Jakub\Downloads\Windows-KB890830-V5.9.exe
2014-02-19 14:47 - 2013-10-31 13:29 - 00000000 ____D () C:\Program Files (x86)\MSECache
2014-02-19 14:46 - 2014-02-19 14:46 - 00961736 _____ (Microsoft Corporation) C:\Users\Jakub\Downloads\SaveAsPDFandXPS.exe
2014-02-19 09:15 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\rescache
2014-02-18 14:49 - 2013-11-01 22:52 - 00000000 ____D () C:\windows\system32\MRT
2014-02-18 14:46 - 2013-11-01 22:52 - 88567024 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-02-17 23:03 - 2013-11-16 22:09 - 00694240 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-02-17 23:03 - 2013-11-16 22:09 - 00078304 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-17 11:19 - 2014-02-17 11:19 - 00000000 ____D () C:\ProgramData\RegClean
2014-02-16 22:53 - 2012-07-26 06:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-02-14 21:46 - 2013-10-31 17:05 - 00000000 ____D () C:\filmy
2014-02-14 10:02 - 2013-10-31 12:27 - 00000000 ____D () C:\Users\Jakub\AppData\Local\Microsoft Help
2014-02-13 16:31 - 2014-02-13 16:31 - 00000110 ____H () C:\Users\Jakub\Desktop\skotnica.jpg.uid-zps
2014-02-08 22:23 - 2013-11-10 21:10 - 00000000 ____D () C:\Users\Jakub\AppData\Local\VNT
2014-02-08 22:23 - 2013-11-10 21:10 - 00000000 ____D () C:\Program Files (x86)\VNT
2014-02-07 23:05 - 2013-10-30 21:55 - 00003934 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-07 23:05 - 2013-10-30 21:55 - 00003698 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

High Quality Photo Resizer 6.0 (HKLM-x32\...\High Quality Photo Resizer_is1) (Version: - Naturpic Software)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\windows\Tasks\AmiUpdXp.job => C:\Users\Jakub\AppData\Local\SwvUpdater\Updater.exe <==== ATTENTION
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Jakub\Desktop" je 76 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#2 Příspěvek od **vyosek** » 09 bře 2014 10:27

Zdravim

Odinstalujte Spybot - Search & Destroy - program ma uz nejlepsi leta davno za sebou a posledni cca 3 roky neni schopen celit aktualnim hrozbam

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

kubekr · #3 Příspěvek od **kubekr** » 09 bře 2014 10:55

Log z JUNK

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 8 x64
Ran by Jakub on ne 09. 03. 2014 at 10:39:13,59
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

Failed to stop: [Service] APNMCP

~~~ Registry Values

Failed to delete: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apntbmon
Failed to delete: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\apntbmon
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1590769430-2290388610-2074737809-1001\Software\Microsoft\Internet Explorer\Main\\Start Page
Suspicious HKCU\..\Run entries found. Trojan:JS/Medfos.B?

Value Name Type Value Data
========================================================================================
NextLive REG_SZ C:\windows\SysWOW64\rundll32.exe "C:\Users\Jakub\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l

~~~ Registry Keys

Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bi
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smarttweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\updater.amiupd
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\updater.amiupd.1
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{99c91fc5-db5b-4aa0-bb70-5d89c5a4df96}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{99c91fc5-db5b-4aa0-bb70-5d89c5a4df96}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9B1E40BC-8AD5-47E1-A020-1F95400EED14}
Successfully deleted: [Registry Key] "hkey_current_user\software\askpartnernetwork"
Failed to delete: [Registry Key] "hkey_local_machine\software\askpartnernetwork"
Failed to delete: [Registry Key] "hkey_local_machine\software\classes\clsid\{44cbc005-6243-4502-8a02-3a096a282664}"
Failed to delete: [Registry Key] "hkey_local_machine\software\classes\clsid\{80703783-e415-4ee3-ab60-d36981c5a6f1}"
Failed to delete: [Registry Key] "hkey_local_machine\software\classes\clsid\{d8278076-bc68-4484-9233-6e7f1628b56c}"
Failed to delete: [Registry Key] "hkey_local_machine\software\classes\clsid\{f297534d-7b06-459d-bc19-2dd8ef69297b}"
Failed to delete: [Registry Key] "hkey_local_machine\software\classes\typelib\{9945959c-aad8-4312-8b57-2de11927e770}"
Failed to delete: [Registry Key] "hkey_local_machine\software\microsoft\internet explorer\low rights\elevationpolicy\{6978f29a-3493-40b2-8cdc-9c13a02f85a4}"
Failed to delete: [Registry Key] "hkey_local_machine\software\microsoft\internet explorer\low rights\elevationpolicy\{d7949a66-d936-4028-9552-14f7dc50f38d}"

~~~ Files

Failed to delete: [File] C:\windows\Tasks\amiupdxp.job
Failed to delete: [File] "C:\end"

~~~ Folders

Failed to delete: [Folder] "C:\ProgramData\apn"
Failed to delete: [Folder] "C:\ProgramData\conduit"
Successfully deleted: [Folder] "C:\Users\Jakub\appdata\local\swvupdater"
Successfully deleted: [Folder] "C:\Users\Jakub\appdata\locallow\conduit"
Failed to delete: [Folder] "C:\Program Files (x86)\conduit"
Failed to delete: [Folder] "C:\Program Files (x86)\smarttweak"
Failed to delete: [Folder] "C:\Program Files (x86)\videoplayerv3"
Successfully deleted: [Folder] "C:\Users\Jakub\AppData\Roaming\microsoft\windows\start menu\programs\smarttweak software"
Failed to delete: [Folder] "C:\ProgramData\AskPartnerNetwork"
Failed to delete: [Folder] "C:\Program Files (x86)\askpartnernetwork"

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 09. 03. 2014 at 10:51:15,73
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

LOG z ADW:

# AdwCleaner v3.020 - Report created 09/03/2014 at 10:56:20
# Updated 27/02/2014 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : Jakub - KUBEK
# Running from : C:\Users\Jakub\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : APNMCP

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\ProgramData\Conduit
Folder Deleted : C:\ProgramData\RegClean
Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\MediaPlayerV1
Folder Deleted : C:\Program Files (x86)\SimilarSites
Folder Deleted : C:\Program Files (x86)\VideoPlayerV3
Folder Deleted : C:\Users\Jakub\AppData\Local\AskPartnerNetwork
Folder Deleted : C:\Users\Jakub\AppData\Local\genienext
Folder Deleted : C:\Users\Jakub\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Jakub\AppData\Roaming\newnext.me
Folder Deleted : C:\Users\Jakub\AppData\Roaming\SimilarSites
Folder Deleted : C:\Users\Jakub\Documents\Mobogenie
File Deleted : C:\END
File Deleted : C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\user.js
File Deleted : C:\windows\Tasks\AmiUpdXp.job
File Deleted : C:\windows\System32\Tasks\AmiUpdXp
File Deleted : C:\windows\System32\Tasks\BackgroundContainer Startup Task

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A8E5842E-102B-4289-9D57-3B3F5B5E15D3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Key Deleted : HKLM\Software\AskPartnerNetwork
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : [x64] HKLM\SOFTWARE\AskPartnerNetwork

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16798

-\\ Mozilla Firefox v

[ File : C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\prefs.js ]

-\\ Google Chrome v33.0.1750.146

[ File : C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [4052 octets] - [09/03/2014 10:54:34]
AdwCleaner[S0].txt - [4081 octets] - [09/03/2014 10:56:20]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4141 octets] ##########

#4 Příspěvek od **vyosek** » 09 bře 2014 20:10

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

kubekr · #5 Příspěvek od **kubekr** » 10 bře 2014 19:28

Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by Jakub on po 10. 03. 2014 at 18:59:21,75.
Microsoft Windows 8 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Jakub\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

10. 3. 2014 19:00:13 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1590769430-2290388610-2074737809-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5054562D-5247-006A-76A7-7A786E7484D7} deleted successfully
HKEY_USERS\S-1-5-21-1590769430-2290388610-2074737809-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5054562D-5247-006A-76A7-7A786E7484D7} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{5054562D-5247-006A-76A7-7A786E7484D7} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{5054562D-5247-006A-76A7-7A786E7484D7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5054562D-5247-006A-76A7-7A786E7484D7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5054562D-5247-006A-76A7-7A786E7484D7} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1590769430-2290388610-2074737809-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{5054562D-5247-006A-76A7-7A786E7484D7} deleted successfully
HKEY_USERS\S-1-5-21-1590769430-2290388610-2074737809-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{5054562D-5247-006A-76A7-7A786E7484D7} deleted successfully
HKEY_USERS\S-1-5-21-1590769430-2290388610-2074737809-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} deleted successfully
HKEY_USERS\S-1-5-21-1590769430-2290388610-2074737809-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{814302e0-8e3e-47d2-9844-d61975d35f9f} deleted successfully
HKEY_USERS\S-1-5-21-1590769430-2290388610-2074737809-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{86030d31-3014-4e0c-87e0-2da7b57f4e2c} deleted successfully
HKEY_USERS\S-1-5-21-1590769430-2290388610-2074737809-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{e1340fe7-e4c9-4453-9148-cbff839da640} deleted successfully
HKEY_USERS\S-1-5-21-1590769430-2290388610-2074737809-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{2ff01882-776d-4437-aa4b-007432c86bf7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{5054562D-5247-006A-76A7-7A786E7484D7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{5054562D-5247-006A-76A7-7A786E7484D7} deleted successfully

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\prefs.js:

Added to C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_201410.03._1917_.backup

==== Deleting Files \ Folders ======================

C:\Users\Jakub\daemonprocess.txt deleted
C:\Users\Jakub\.android deleted
C:\PROGRA~2\SmartTweak deleted
C:\PROGRA~2\MediaViewV1 deleted
C:\PROGRA~2\MediaViewerV1 deleted
C:\extensions.sqlite deleted
C:\extensions.ini deleted
C:\PROGRA~3\Package Cache deleted
C:\PROGRA~3\RegClean deleted
C:\Users\Jakub\AppData\Local\cache deleted
"C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\extensions\toolbar_PTV-RG@apn.ask.com.xpi" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"ext@MediaViewV1alpha1984.net"="C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1984\ff" []

==== Firefox Extensions ======================

==== Firefox Plugins ======================

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
aaaahnibljmklpljnbpgfobmfpfhplch - C:\ProgramData\AskPartnerNetwork\Toolbar\PTV-RG\CRX\ToolbarCR.crx[]
iglfdakmigkmaemiccbhbjemmcppaldi - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1984\ch\MediaViewV1alpha1984.crx[]

Chrome YouTube Downloader - Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbdjiinahkdjdcdlgfimlcolkjpbooja
Media View - Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\iglfdakmigkmaemiccbhbjemmcppaldi

==== Chrome Fix ======================

C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\iglfdakmigkmaemiccbhbjemmcppaldi deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{21653EF1-C077-4F23-9F37-EA89E6570913} Unknown Url="Not_Found"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"

==== Reset Google Chrome ======================

C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1590769430-2290388610-2074737809-1001\Software\Microsoft\Internet Explorer\SearchScopes\{21653EF1-C077-4F23-9F37-EA89E6570913} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@MediaViewV1alpha1984.net deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\aaaahnibljmklpljnbpgfobmfpfhplch deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\iglfdakmigkmaemiccbhbjemmcppaldi deleted successfully

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jakub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jakub\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=35 folders=27 91478447 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Jakub\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\Jakub\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on po 10. 03. 2014 at 19:33:13,05 ======================

#6 Příspěvek od **vyosek** » 10 bře 2014 19:30

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

kubekr · #7 Příspěvek od **kubekr** » 10 bře 2014 19:51

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-03-2014
Ran by Jakub at 2014-03-10 19:56:04
Running from C:\Users\Jakub\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.1.0.9 - Absolute Software)
Adobe Reader XI (11.0.06) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft)
Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Ask Toolbar (HKLM-x32\...\{5054562D-5247-006A-76A7-A758B70C0A02}) (Version: 12.10.2.4043 - APN, LLC) <==== ATTENTION
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007 (HKLM-x32\...\{90120000-00B2-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.4 - Lenovo)
Energy Management (x32 Version: 8.0.2.4 - Lenovo) Hidden
ExpressCache (HKLM\...\{2EBEFDA8-F905-4C39-AC1C-D5ABE7B3E0AE}) (Version: 1.0.86 - Diskeeper Corporation)
FixMyRegistry (HKLM-x32\...\FixMyRegistry) (Version: 38.1 - SmartTweak Software) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.146 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
High Quality Photo Resizer 6.0 (HKLM-x32\...\High Quality Photo Resizer_is1) (Version: - Naturpic Software)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) PRO/Wireless Driver (Version: 16.01.5000.0577 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2817 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{E77289CF-12B9-4CAB-A49E-FEAE947F4D95}) (Version: 15.5.4.0423 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{0728A184-F899-4356-B93D-8228674F0DEB}) (Version: 2.6.1209.0268 - Motorola Solutions, Inc.)
Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 2.1.0.1002 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{23D486D4-FBE0-40F3-A245-E4D56D094764}) (Version: 3.5.41.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.01.5000.0269 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.8400.10182 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.0828 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.0828 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3127 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3127 - CyberLink Corp.) Hidden
LenovoDrv_x64 (HKLM\...\{83E68458-AF28-4CA4-8AFC-595A10307290}) (Version: 1.0.00 - Lenovo)
Media View (HKLM-x32\...\MediaViewV1alpha1984) (Version: 1.1 - Media View)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Access MUI (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0405-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Outlook MUI (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proof (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2007 (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Sync Framework 2.0 Core Components (x64) ENU (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
NVIDIA PhysX (HKLM-x32\...\{F9835182-794B-4F24-902A-E2CA9D43380F}) (Version: 9.10.0512 - NVIDIA Corporation)
PDF reDirect (remove only) (HKLM-x32\...\PDF reDirect) (Version: v2.2.8 - EXP Systems LLC)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6772 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39029 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.13 - Synaptics Incorporated)
SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.22298 - TeamViewer)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: - )
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.9 - Lenovo)
UserGuide (x32 Version: 1.0.0.9 - Lenovo) Hidden
Windows Driver Package - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
Windows Driver Package - Lenovo Corporation (LAD) System (06/08/2012 1.0.0.3) (HKLM\...\C48768A2A32F4649238F7DCF737A260911895FDE) (Version: 06/08/2012 1.0.0.3 - Lenovo Corporation)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Zoner Photo Studio 15 (HKLM\...\ZonerPhotoStudio15_CZ_is1) (Version: 15.0.1.4 - ZONER software)

==================== Restore Points =========================

19-02-2014 13:47:39 Nainstalováno: Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007
02-03-2014 12:02:02 Naplánovaný kontrolní bod
10-03-2014 14:05:22 Naplánovaný kontrolní bod

==================== Hosts content: ==========================

2012-07-26 06:26 - 2014-03-10 19:00 - 00000840 ____A C:\windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {001918D7-8821-469D-886D-E9F984643125} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {11BD7E0C-9729-4FC9-B0AC-832420A83AD5} - \BackgroundContainer Startup Task No Task File
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {3821E1AC-7B03-4214-996F-18DDC9A7A471} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-10-29] (Realtek Semiconductor)
Task: {685E99CA-D7F7-47E1-BFCF-F21FD98D58CA} - System32\Tasks\OFFICE2010ACT => C:\ProgramData\Microsoft\Windows\OFFICEICON.vbs [2012-03-08] ()
Task: {73F256C5-BE45-425C-A978-B54430999E91} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {8704E80D-162D-4857-81C1-5D3DDE48D005} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2012-09-01] (Dolby Laboratories Inc.)
Task: {984280CC-4F5A-4084-9180-937F658646A9} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-27] (Synaptics Incorporated)
Task: {9A0C9512-7223-47CB-90E9-DFBB0F5EF240} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-30] (Google Inc.)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {ACB345E2-D70D-4124-ABB2-C8BAB58B7518} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-30] (Google Inc.)
Task: {C516DE9B-01A2-4FD8-8FE4-475A0CB1E558} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {FA452D5A-F390-4AEE-B89F-E220C034A964} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-11-06] (Realtek Semiconductor)
Task: {FCA068E5-2D30-46A0-B118-A045E8208D24} - System32\Tasks\Microsoft\Windows\Setup\Windows Upgrade Notification Task => C:\windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {FCD63D40-89EF-48A3-A582-4FCD4284AE8F} - \AmiUpdXp No Task File
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2008-08-05 07:07 - 2008-08-05 07:07 - 00064704 _____ () C:\windows\System32\PDFreDirectMon64.dll
2012-08-10 02:41 - 2012-07-20 22:16 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-02-17 07:29 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2006-10-26 21:30 - 2006-10-26 21:30 - 00065312 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2006-10-27 15:35 - 2006-10-27 15:35 - 00436512 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2006-10-27 15:16 - 2006-10-27 15:16 - 00138512 _____ () C:\Program Files (x86)\Microsoft Office\Office12\OUTLCTL.DLL
2006-10-26 13:56 - 2006-10-26 13:56 - 00757008 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2014-03-04 09:00 - 2014-03-02 03:35 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\chrome_elf.dll
2014-03-04 09:00 - 2014-03-02 03:35 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\libglesv2.dll
2014-03-04 09:00 - 2014-03-02 03:35 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\libegl.dll
2014-03-04 09:00 - 2014-03-02 03:35 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\pdf.dll
2014-03-04 09:00 - 2014-03-02 03:35 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll
2014-03-04 09:00 - 2014-03-02 03:35 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

==================== Disabled items from MSCONFIG ==============

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (03/09/2014 11:33:46 AM) (Source: Application Error) (User: )
Description: Název chybující aplikace: SynTPEnh.exe, verze: 16.2.10.13, časové razítko: 0x503bab9f
Název chybujícího modulu: SynTPEnh.exe, verze: 16.2.10.13, časové razítko: 0x503bab9f
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000009d6f4
ID chybujícího procesu: 0xb94
Čas spuštění chybující aplikace: 0xSynTPEnh.exe0
Cesta k chybující aplikaci: SynTPEnh.exe1
Cesta k chybujícímu modulu: SynTPEnh.exe2
ID zprávy: SynTPEnh.exe3
Úplný název chybujícího balíčku: SynTPEnh.exe4
ID aplikace související s chybujícím balíčkem: SynTPEnh.exe5

Error: (03/08/2014 05:24:48 PM) (Source: SideBySide) (User: )
Description: Generování kontextu aktivace pro assemblyIdentity1 se nezdařilo. Chyba v souboru manifestu nebo zásady assemblyIdentity2 na řádku assemblyIdentity3.
Hodnota * atributu language v prvku assemblyIdentity je neplatná.

Error: (03/08/2014 05:23:12 PM) (Source: SideBySide) (User: )
Description: Generování kontextu aktivace pro assemblyIdentity1 se nezdařilo. Chyba v souboru manifestu nebo zásady assemblyIdentity2 na řádku assemblyIdentity3.
Hodnota * atributu language v prvku assemblyIdentity je neplatná.

Error: (03/05/2014 05:39:52 PM) (Source: Perflib) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (03/04/2014 09:41:28 AM) (Source: SideBySide) (User: )
Description: Generování kontextu aktivace pro C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2 na řádku C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Součást 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (03/04/2014 09:40:35 AM) (Source: SideBySide) (User: )
Description: Generování kontextu aktivace pro assemblyIdentity1 se nezdařilo. Chyba v souboru manifestu nebo zásady assemblyIdentity2 na řádku assemblyIdentity3.
Hodnota * atributu language v prvku assemblyIdentity je neplatná.

Error: (03/04/2014 09:10:41 AM) (Source: SideBySide) (User: )
Description: Generování kontextu aktivace pro assemblyIdentity1 se nezdařilo. Chyba v souboru manifestu nebo zásady assemblyIdentity2 na řádku assemblyIdentity3.
Hodnota * atributu language v prvku assemblyIdentity je neplatná.

Error: (03/03/2014 09:08:48 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: Kubek)
Description: Aplikaci microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (03/03/2014 09:08:48 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: Kubek)
Description: Aplikaci microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (03/03/2014 09:08:46 AM) (Source: Application Hang) (User: )
Description: Program wwahost.exe verze 6.2.9200.16420 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 524

Čas spuštění: 01cf36b7b3b27f29

Čas ukončení: 4294967295

Cesta k aplikaci: C:\windows\system32\wwahost.exe

ID hlášení: 01e72fe0-a2ab-11e3-be86-6036ddeb1a76

Úplný název chybujícího balíčku: microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe

ID aplikace související s chybujícím balíčkem: Microsoft.WindowsLive.ModernPhotos

System errors:
=============
Error: (03/10/2014 07:17:01 PM) (Source: Service Control Manager) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (03/10/2014 07:17:01 PM) (Source: Service Control Manager) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (03/10/2014 07:17:00 PM) (Source: Service Control Manager) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (03/10/2014 07:17:00 PM) (Source: Service Control Manager) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (03/10/2014 07:16:59 PM) (Source: Service Control Manager) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (03/05/2014 05:35:12 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0x8000002a29\??\C:\Users\Jakub\ntuser.dat

Error: (03/05/2014 05:34:53 PM) (Source: EventLog) (User: )
Description: Předchozí vypnutí systému (17:33:57, ‎5. ‎3. ‎2014) bylo neočekávané.

Error: (02/24/2014 09:21:11 AM) (Source: Service Control Manager) (User: )
Description: Služba Intel(R) Management and Security Application Local Management Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (02/05/2014 04:48:42 PM) (Source: Service Control Manager) (User: )
Description: Služba Update GreyGray byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (02/05/2014 04:48:34 PM) (Source: Service Control Manager) (User: )
Description: Služba Util GreyGray byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Microsoft Office Sessions:
=========================
Error: (02/21/2014 03:08:10 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 3512 seconds with 3000 seconds of active time. This session ended with a crash.

Error: (12/17/2013 09:17:53 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 86635 seconds with 2700 seconds of active time. This session ended with a crash.

Error: (11/11/2013 09:43:04 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 3468 seconds with 720 seconds of active time. This session ended with a crash.

==================== Memory info ===========================

Percentage of memory in use: 61%
Total physical RAM: 3960.24 MB
Available physical RAM: 1505.48 MB
Total Pagefile: 7928.24 MB
Available Pagefile: 5263.5 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:418.43 GB) (Free:110.32 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:24.9 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 22 GB) (Disk ID: 782B804D)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 466 GB) (Disk ID: 782B8074)

Partition: GPT Partition Type.

==================== End Of Log ============================

#8 Příspěvek od **vyosek** » 10 bře 2014 19:55

Jeste dejte log FRST.txt

kubekr · #9 Příspěvek od **kubekr** » 10 bře 2014 20:00

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-03-2014
Ran by Jakub (administrator) on KUBEK on 10-03-2014 19:54:52
Running from C:\Users\Jakub\Desktop
Windows 8 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\windows\system32\WLANExt.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\windows\sysWow64\SearchProtocolHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Jakub\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynLenovoGestureMgr] - C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [665400 2012-08-27] (Synaptics)
HKLM\...\Run: [RtsFT] - C:\windows\RTFTrack.exe [6334096 2012-08-27] (Realtek semiconductor)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [11577216 2012-08-27] (Motorola Solutions, Inc.)
HKLM\...\Run: [Energy Management] - C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17080376 2013-02-17] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] - C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191544 2013-02-17] (Lenovo(beijing) Limited)
HKLM\...\Run: [MouseDriver] - C:\windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM-x32\...\Run: [YouCam Mirage] - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] - C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [VNT] - C:\Program Files (x86)\VNT\vntldr.exe [195536 2014-02-08] (APN LLC.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1590769430-2290388610-2074737809-1001\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1590769430-2290388610-2074737809-1001\...\Run: [FixMyRegistry] - C:\Program Files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe /ot /as /ss
HKU\S-1-5-21-1590769430-2290388610-2074737809-1001\...\Run: [Zoner Photo Studio Autoupdate] - C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [773728 2012-12-04] (ZONER software)
HKU\S-1-5-21-1590769430-2290388610-2074737809-1001\...\MountPoints2: {88731706-41a3-11e3-be77-6036ddeb1a76} - "E:\unlock.exe" autoplay=true
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
SearchScopes: HKLM - DefaultScope {21653EF1-C077-4F23-9F37-EA89E6570913} URL =
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
Tcpip\Parameters: [DhcpNameServer] 94.229.92.40 94.229.92.30

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome:
=======
CHR Extension: (Dokumenty Google) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-10]
CHR Extension: (Disk Google) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-30]
CHR Extension: (YouTube) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-30]
CHR Extension: (Vyhledávání Google) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-30]
CHR Extension: (Peněženka Google) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-30]
CHR Extension: (Gmail) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-30]

==================== Services (Whitelisted) =================

R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-30] (Diskeeper Corporation)
R2 irstrtsv; C:\windows\SysWOW64\irstrtsv.exe [193576 2012-07-20] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [121728 2012-08-27] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [857472 2012-08-29] (Motorola Solutions, Inc.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2013-10-30] (Disc Soft Ltd)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-30] (Diskeeper Corporation)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [95024 2012-03-30] (Diskeeper Corporation)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-20] (Intel Corporation)
R3 LAD; C:\Windows\System32\drivers\LAD.sys [8704 2012-06-08] (TODO: <Company name>)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-10-08] (Intel Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8227216 2012-08-27] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-27] (Synaptics Incorporated)
S3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-11-30] (Windows (R) Win 7 DDK provider)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-11-30] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-03-10 19:54 - 2014-03-10 19:55 - 00010783 _____ () C:\Users\Jakub\Desktop\FRST.txt
2014-03-10 19:54 - 2014-03-10 19:54 - 00000000 ____D () C:\Users\Jakub\Desktop\FRST-OlderVersion
2014-03-10 19:20 - 2014-03-10 18:59 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-03-10 19:00 - 2014-03-10 19:33 - 00010516 _____ () C:\zoek-results.log
2014-03-10 18:59 - 2014-03-10 19:18 - 00000000 ____D () C:\zoek_backup
2014-03-10 18:57 - 2014-03-10 18:58 - 01285120 _____ () C:\Users\Jakub\Desktop\zoek.exe
2014-03-09 10:57 - 2014-03-10 19:32 - 00000904 _____ () C:\windows\PFRO.log
2014-03-09 10:54 - 2014-03-09 10:56 - 00000000 ____D () C:\AdwCleaner
2014-03-09 10:53 - 2014-03-09 10:53 - 01244192 _____ () C:\Users\Jakub\Desktop\adwcleaner.exe
2014-03-09 10:53 - 2014-03-09 10:53 - 00007461 _____ () C:\Users\Jakub\Desktop\JRT2.txt
2014-03-09 10:51 - 2014-03-09 10:51 - 00007461 _____ () C:\Users\Jakub\Desktop\JRT.txt
2014-03-09 10:39 - 2014-03-09 10:39 - 00000000 ____D () C:\windows\ERUNT
2014-03-09 10:38 - 2014-03-09 10:38 - 01037734 _____ (Thisisu) C:\Users\Jakub\Downloads\JRT.exe
2014-03-09 10:27 - 2014-03-09 10:27 - 00093705 _____ () C:\Users\Jakub\Desktop\Desktop.rar
2014-03-09 10:22 - 2014-03-10 19:54 - 00000000 ____D () C:\FRST
2014-03-09 10:15 - 2014-03-10 19:54 - 02157056 _____ (Farbar) C:\Users\Jakub\Desktop\FRST64.exe
2014-03-08 15:52 - 2014-03-08 16:39 - 1662502912 _____ () C:\Users\Jakub\Downloads\Kurs sebeovládání.avi
2014-03-08 15:51 - 2014-03-08 16:01 - 740252236 _____ () C:\Users\Jakub\Downloads\Kurz sebeovládání.mp4
2014-03-08 15:51 - 2014-03-08 15:51 - 00016408 _____ () C:\Users\Jakub\Downloads\[CzT]Kurs_sebeovladani_Anger_Management_2003_.torrent
2014-03-08 15:49 - 2014-03-08 15:49 - 00014666 _____ () C:\Users\Jakub\Downloads\[CzT]Kurz_sebeovladani_Anger_Management.torrent
2014-03-06 14:41 - 2014-03-06 14:48 - 00000000 ____D () C:\Users\Jakub\Desktop\Nová složka
2014-03-06 14:37 - 2014-03-06 14:37 - 00000788 _____ () C:\windows\setupact.log
2014-03-06 14:37 - 2014-03-06 14:37 - 00000000 _____ () C:\windows\setuperr.log
2014-03-05 21:23 - 2014-03-10 17:26 - 00593928 _____ () C:\windows\WindowsUpdate.log
2014-03-05 17:48 - 2014-03-05 17:48 - 00002772 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-03-05 17:47 - 2014-03-05 17:48 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-05 17:45 - 2014-03-05 17:45 - 00001227 _____ () C:\Users\Jakub\Desktop\FixMyRegistry.lnk
2014-03-05 17:39 - 2014-03-05 17:40 - 11183515 _____ () C:\Users\Jakub\Downloads\cc-setup (1).exe
2014-03-02 13:30 - 2014-03-03 11:40 - 00000000 ____D () C:\Users\Jakub\Desktop\cvic
2014-02-28 10:29 - 2014-02-28 10:29 - 00000110 ____H () C:\Users\Jakub\Desktop\ryb1.jpg.uid-zps
2014-02-26 13:38 - 2014-02-26 13:38 - 00001780 _____ () C:\Users\Jakub\Downloads\Schéma trasy DSO - 0100250413.zip
2014-02-26 10:26 - 2014-03-09 10:38 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-02-26 10:26 - 2014-03-09 10:37 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-02-26 10:25 - 2014-02-26 10:26 - 11140364 _____ () C:\Users\Jakub\Downloads\cc-setup.exe
2014-02-26 10:24 - 2014-02-26 10:25 - 16409960 _____ (Safer Networking Limited ) C:\Users\Jakub\Downloads\spybotsd162.exe
2014-02-19 14:46 - 2014-02-19 14:47 - 39042128 _____ (Microsoft Corporation) C:\Users\Jakub\Downloads\FileFormatConverters.exe
2014-02-19 14:46 - 2014-02-19 14:47 - 24793312 _____ (Microsoft Corporation) C:\Users\Jakub\Downloads\Windows-KB890830-V5.9.exe
2014-02-19 14:46 - 2014-02-19 14:46 - 00961736 _____ (Microsoft Corporation) C:\Users\Jakub\Downloads\SaveAsPDFandXPS.exe
2014-02-13 23:29 - 2013-12-05 00:43 - 00583680 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll
2014-02-13 23:29 - 2013-12-05 00:37 - 00451072 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdrm.dll
2014-02-13 16:31 - 2014-02-13 16:31 - 00000110 ____H () C:\Users\Jakub\Desktop\skotnica.jpg.uid-zps
2014-02-13 12:18 - 2014-02-01 10:20 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-02-13 12:18 - 2014-02-01 10:19 - 02241536 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-02-13 12:18 - 2014-02-01 10:19 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-02-13 12:18 - 2014-02-01 10:19 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-02-13 12:18 - 2014-02-01 10:19 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-02-13 12:18 - 2014-02-01 10:18 - 19274240 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-02-13 12:18 - 2014-02-01 10:18 - 15403520 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-02-13 12:18 - 2014-02-01 10:18 - 03960320 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-02-13 12:18 - 2014-02-01 10:18 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-02-13 12:18 - 2014-02-01 10:18 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-02-13 12:18 - 2014-02-01 10:18 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-02-13 12:18 - 2014-02-01 10:18 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-02-13 12:18 - 2014-02-01 10:18 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-02-13 12:18 - 2014-02-01 10:18 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-02-13 12:18 - 2014-02-01 10:18 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-02-13 12:18 - 2014-02-01 10:18 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-02-13 12:18 - 2014-02-01 08:58 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-02-13 12:18 - 2014-02-01 08:58 - 01140736 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-02-13 12:18 - 2014-02-01 08:58 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-02-13 12:18 - 2014-02-01 08:57 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-02-13 12:18 - 2014-02-01 08:57 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-02-13 12:18 - 2014-02-01 08:57 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-02-13 12:18 - 2014-02-01 08:57 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-02-13 12:18 - 2014-02-01 08:57 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-02-13 12:18 - 2014-02-01 08:57 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-02-13 12:18 - 2014-02-01 08:57 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-02-13 12:18 - 2014-02-01 08:40 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-02-13 12:18 - 2014-02-01 08:34 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-02-13 12:18 - 2014-02-01 06:08 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-02-13 12:18 - 2013-12-09 01:45 - 00523776 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-02-13 12:18 - 2013-12-09 00:59 - 00600064 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-02-13 12:18 - 2013-12-05 00:43 - 01845248 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-02-13 12:18 - 2013-12-05 00:37 - 01419264 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-02-13 12:18 - 2013-11-27 01:19 - 00385614 _____ () C:\windows\system32\ApnDatabase.xml
2014-02-13 12:18 - 2013-11-26 00:17 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2014-02-13 12:18 - 2013-11-01 06:53 - 02232664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-02-13 12:17 - 2014-02-01 08:57 - 14359040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-02-13 12:17 - 2014-02-01 08:57 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-02-13 12:17 - 2014-02-01 08:57 - 02049024 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-02-13 12:17 - 2014-02-01 08:57 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-02-13 12:17 - 2014-01-13 00:30 - 02238976 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-02-13 12:17 - 2014-01-13 00:30 - 02032640 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-02-13 12:17 - 2013-11-20 01:15 - 03842560 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2014-02-13 12:17 - 2013-11-20 00:57 - 03288576 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll
2014-02-10 22:00 - 2014-03-02 11:52 - 00022683 _____ () C:\Users\Jakub\Desktop\Seznam_kontaktu-Jakub_Roman.xlsx

==================== One Month Modified Files and Folders =======

2014-03-10 19:55 - 2014-03-10 19:54 - 00010783 _____ () C:\Users\Jakub\Desktop\FRST.txt
2014-03-10 19:54 - 2014-03-10 19:54 - 00000000 ____D () C:\Users\Jakub\Desktop\FRST-OlderVersion
2014-03-10 19:54 - 2014-03-09 10:22 - 00000000 ____D () C:\FRST
2014-03-10 19:54 - 2014-03-09 10:15 - 02157056 _____ (Farbar) C:\Users\Jakub\Desktop\FRST64.exe
2014-03-10 19:33 - 2014-03-10 19:00 - 00010516 _____ () C:\zoek-results.log
2014-03-10 19:33 - 2013-10-30 21:55 - 00000958 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-10 19:32 - 2014-03-09 10:57 - 00000904 _____ () C:\windows\PFRO.log
2014-03-10 19:32 - 2012-07-26 08:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-03-10 19:18 - 2014-03-10 18:59 - 00000000 ____D () C:\zoek_backup
2014-03-10 19:17 - 2013-10-30 21:41 - 00000000 ____D () C:\Users\Jakub
2014-03-10 19:10 - 2013-10-30 21:55 - 00000962 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-10 19:02 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\system32\sru
2014-03-10 18:59 - 2014-03-10 19:20 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-03-10 18:58 - 2014-03-10 18:57 - 01285120 _____ () C:\Users\Jakub\Desktop\zoek.exe
2014-03-10 17:26 - 2014-03-05 21:23 - 00593928 _____ () C:\windows\WindowsUpdate.log
2014-03-10 15:52 - 2013-02-17 08:18 - 00727488 _____ () C:\windows\system32\perfh005.dat
2014-03-10 15:52 - 2013-02-17 08:18 - 00148006 _____ () C:\windows\system32\perfc005.dat
2014-03-10 15:52 - 2012-07-26 08:28 - 01714430 _____ () C:\windows\system32\PerfStringBackup.INI
2014-03-09 11:33 - 2013-11-21 15:49 - 00000000 ____D () C:\Users\Jakub\AppData\Local\CrashDumps
2014-03-09 11:08 - 2013-10-30 21:48 - 00003600 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1590769430-2290388610-2074737809-1001
2014-03-09 10:56 - 2014-03-09 10:54 - 00000000 ____D () C:\AdwCleaner
2014-03-09 10:53 - 2014-03-09 10:53 - 01244192 _____ () C:\Users\Jakub\Desktop\adwcleaner.exe
2014-03-09 10:53 - 2014-03-09 10:53 - 00007461 _____ () C:\Users\Jakub\Desktop\JRT2.txt
2014-03-09 10:51 - 2014-03-09 10:51 - 00007461 _____ () C:\Users\Jakub\Desktop\JRT.txt
2014-03-09 10:39 - 2014-03-09 10:39 - 00000000 ____D () C:\windows\ERUNT
2014-03-09 10:38 - 2014-03-09 10:38 - 01037734 _____ (Thisisu) C:\Users\Jakub\Downloads\JRT.exe
2014-03-09 10:38 - 2014-02-26 10:26 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-03-09 10:37 - 2014-02-26 10:26 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-03-09 10:27 - 2014-03-09 10:27 - 00093705 _____ () C:\Users\Jakub\Desktop\Desktop.rar
2014-03-08 17:17 - 2013-11-11 09:38 - 00000000 ____D () C:\Users\Jakub\AppData\Roaming\uTorrent
2014-03-08 16:39 - 2014-03-08 15:52 - 1662502912 _____ () C:\Users\Jakub\Downloads\Kurs sebeovládání.avi
2014-03-08 16:01 - 2014-03-08 15:51 - 740252236 _____ () C:\Users\Jakub\Downloads\Kurz sebeovládání.mp4
2014-03-08 15:51 - 2014-03-08 15:51 - 00016408 _____ () C:\Users\Jakub\Downloads\[CzT]Kurs_sebeovladani_Anger_Management_2003_.torrent
2014-03-08 15:49 - 2014-03-08 15:49 - 00014666 _____ () C:\Users\Jakub\Downloads\[CzT]Kurz_sebeovladani_Anger_Management.torrent
2014-03-06 16:18 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-03-06 14:48 - 2014-03-06 14:41 - 00000000 ____D () C:\Users\Jakub\Desktop\Nová složka
2014-03-06 14:37 - 2014-03-06 14:37 - 00000788 _____ () C:\windows\setupact.log
2014-03-06 14:37 - 2014-03-06 14:37 - 00000000 _____ () C:\windows\setuperr.log
2014-03-05 17:53 - 2013-10-30 21:50 - 00000000 ____D () C:\Data
2014-03-05 17:52 - 2013-12-21 12:38 - 00000000 ____D () C:\windows\Minidump
2014-03-05 17:52 - 2013-10-30 22:03 - 00000000 ____D () C:\Users\Jakub\AppData\Roaming\DAEMON Tools Lite
2014-03-05 17:52 - 2012-10-10 01:08 - 00000000 ____D () C:\windows\Panther
2014-03-05 17:48 - 2014-03-05 17:48 - 00002772 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-03-05 17:48 - 2014-03-05 17:47 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-05 17:45 - 2014-03-05 17:45 - 00001227 _____ () C:\Users\Jakub\Desktop\FixMyRegistry.lnk
2014-03-05 17:40 - 2014-03-05 17:39 - 11183515 _____ () C:\Users\Jakub\Downloads\cc-setup (1).exe
2014-03-03 11:40 - 2014-03-02 13:30 - 00000000 ____D () C:\Users\Jakub\Desktop\cvic
2014-03-02 11:52 - 2014-02-10 22:00 - 00022683 _____ () C:\Users\Jakub\Desktop\Seznam_kontaktu-Jakub_Roman.xlsx
2014-02-28 11:31 - 2014-01-30 11:31 - 00000270 __RSH () C:\ProgramData\ntuser.pol
2014-02-28 10:29 - 2014-02-28 10:29 - 00000110 ____H () C:\Users\Jakub\Desktop\ryb1.jpg.uid-zps
2014-02-26 13:38 - 2014-02-26 13:38 - 00001780 _____ () C:\Users\Jakub\Downloads\Schéma trasy DSO - 0100250413.zip
2014-02-26 10:26 - 2014-02-26 10:25 - 11140364 _____ () C:\Users\Jakub\Downloads\cc-setup.exe
2014-02-26 10:25 - 2014-02-26 10:24 - 16409960 _____ (Safer Networking Limited ) C:\Users\Jakub\Downloads\spybotsd162.exe
2014-02-26 10:21 - 2014-01-23 10:46 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-02-26 10:15 - 2013-11-18 22:21 - 00000000 ____D () C:\Users\Jakub\AppData\Roaming\BSplayer
2014-02-26 10:15 - 2013-11-18 22:21 - 00000000 ____D () C:\Program Files (x86)\Webteh
2014-02-20 11:00 - 2012-07-26 06:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-02-19 14:47 - 2014-02-19 14:46 - 39042128 _____ (Microsoft Corporation) C:\Users\Jakub\Downloads\FileFormatConverters.exe
2014-02-19 14:47 - 2014-02-19 14:46 - 24793312 _____ (Microsoft Corporation) C:\Users\Jakub\Downloads\Windows-KB890830-V5.9.exe
2014-02-19 14:47 - 2013-10-31 13:29 - 00000000 ____D () C:\Program Files (x86)\MSECache
2014-02-19 14:46 - 2014-02-19 14:46 - 00961736 _____ (Microsoft Corporation) C:\Users\Jakub\Downloads\SaveAsPDFandXPS.exe
2014-02-19 09:15 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\rescache
2014-02-18 14:49 - 2013-11-01 22:52 - 00000000 ____D () C:\windows\system32\MRT
2014-02-18 14:46 - 2013-11-01 22:52 - 88567024 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-02-17 23:03 - 2013-11-16 22:09 - 00694240 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-02-17 23:03 - 2013-11-16 22:09 - 00078304 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-16 22:53 - 2012-07-26 06:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-02-14 21:46 - 2013-10-31 17:05 - 00000000 ____D () C:\filmy
2014-02-14 10:02 - 2013-10-31 12:27 - 00000000 ____D () C:\Users\Jakub\AppData\Local\Microsoft Help
2014-02-13 16:31 - 2014-02-13 16:31 - 00000110 ____H () C:\Users\Jakub\Desktop\skotnica.jpg.uid-zps
2014-02-08 22:23 - 2013-11-10 21:10 - 00000000 ____D () C:\Users\Jakub\AppData\Local\VNT
2014-02-08 22:23 - 2013-11-10 21:10 - 00000000 ____D () C:\Program Files (x86)\VNT

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

High Quality Photo Resizer 6.0 (HKLM-x32\...\High Quality Photo Resizer_is1) (Version: - Naturpic Software)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Jakub\Desktop" je 80 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-03-2014
Ran by Jakub (administrator) on KUBEK on 10-03-2014 20:04:55
Running from C:\Users\Jakub\Desktop
Windows 8 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\windows\system32\WLANExt.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\windows\sysWow64\SearchProtocolHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Jakub\Desktop\FRST-OlderVersion\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynLenovoGestureMgr] - C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [665400 2012-08-27] (Synaptics)
HKLM\...\Run: [RtsFT] - C:\windows\RTFTrack.exe [6334096 2012-08-27] (Realtek semiconductor)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [11577216 2012-08-27] (Motorola Solutions, Inc.)
HKLM\...\Run: [Energy Management] - C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17080376 2013-02-17] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] - C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191544 2013-02-17] (Lenovo(beijing) Limited)
HKLM\...\Run: [MouseDriver] - C:\windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM-x32\...\Run: [YouCam Mirage] - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] - C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [VNT] - C:\Program Files (x86)\VNT\vntldr.exe [195536 2014-02-08] (APN LLC.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1590769430-2290388610-2074737809-1001\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1590769430-2290388610-2074737809-1001\...\Run: [FixMyRegistry] - C:\Program Files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe /ot /as /ss
HKU\S-1-5-21-1590769430-2290388610-2074737809-1001\...\Run: [Zoner Photo Studio Autoupdate] - C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [773728 2012-12-04] (ZONER software)
HKU\S-1-5-21-1590769430-2290388610-2074737809-1001\...\MountPoints2: {88731706-41a3-11e3-be77-6036ddeb1a76} - "E:\unlock.exe" autoplay=true
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
SearchScopes: HKLM - DefaultScope {21653EF1-C077-4F23-9F37-EA89E6570913} URL =
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
Tcpip\Parameters: [DhcpNameServer] 94.229.92.40 94.229.92.30

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome:
=======
CHR Extension: (Dokumenty Google) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-10]
CHR Extension: (Disk Google) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-30]
CHR Extension: (YouTube) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-30]
CHR Extension: (Vyhledávání Google) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-30]
CHR Extension: (Peněženka Google) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-30]
CHR Extension: (Gmail) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-30]

==================== Services (Whitelisted) =================

R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-30] (Diskeeper Corporation)
R2 irstrtsv; C:\windows\SysWOW64\irstrtsv.exe [193576 2012-07-20] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [121728 2012-08-27] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [857472 2012-08-29] (Motorola Solutions, Inc.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2013-10-30] (Disc Soft Ltd)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-30] (Diskeeper Corporation)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [95024 2012-03-30] (Diskeeper Corporation)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-20] (Intel Corporation)
R3 LAD; C:\Windows\System32\drivers\LAD.sys [8704 2012-06-08] (TODO: <Company name>)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-10-08] (Intel Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8227216 2012-08-27] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-27] (Synaptics Incorporated)
S3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-11-30] (Windows (R) Win 7 DDK provider)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-11-30] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-03-10 20:04 - 2014-03-10 20:05 - 00011018 _____ () C:\Users\Jakub\Desktop\FRST.txt
2014-03-10 19:56 - 2014-03-10 19:56 - 00029882 _____ () C:\Users\Jakub\Desktop\FRST3.txt
2014-03-10 19:54 - 2014-03-10 20:04 - 00000000 ____D () C:\Users\Jakub\Desktop\FRST-OlderVersion
2014-03-10 19:20 - 2014-03-10 18:59 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-03-10 19:00 - 2014-03-10 19:33 - 00010516 _____ () C:\zoek-results.log
2014-03-10 18:59 - 2014-03-10 19:18 - 00000000 ____D () C:\zoek_backup
2014-03-10 18:57 - 2014-03-10 18:58 - 01285120 _____ () C:\Users\Jakub\Desktop\zoek.exe
2014-03-09 10:57 - 2014-03-10 19:32 - 00000904 _____ () C:\windows\PFRO.log
2014-03-09 10:54 - 2014-03-09 10:56 - 00000000 ____D () C:\AdwCleaner
2014-03-09 10:53 - 2014-03-09 10:53 - 01244192 _____ () C:\Users\Jakub\Desktop\adwcleaner.exe
2014-03-09 10:39 - 2014-03-09 10:39 - 00000000 ____D () C:\windows\ERUNT
2014-03-09 10:38 - 2014-03-09 10:38 - 01037734 _____ (Thisisu) C:\Users\Jakub\Downloads\JRT.exe
2014-03-09 10:27 - 2014-03-09 10:27 - 00093705 _____ () C:\Users\Jakub\Desktop\Desktop.rar
2014-03-09 10:22 - 2014-03-10 20:04 - 00000000 ____D () C:\FRST
2014-03-09 10:15 - 2014-03-10 19:54 - 02157056 _____ (Farbar) C:\Users\Jakub\Desktop\FRST64.exe
2014-03-08 15:52 - 2014-03-08 16:39 - 1662502912 _____ () C:\Users\Jakub\Downloads\Kurs sebeovládání.avi
2014-03-08 15:51 - 2014-03-08 16:01 - 740252236 _____ () C:\Users\Jakub\Downloads\Kurz sebeovládání.mp4
2014-03-08 15:51 - 2014-03-08 15:51 - 00016408 _____ () C:\Users\Jakub\Downloads\[CzT]Kurs_sebeovladani_Anger_Management_2003_.torrent
2014-03-08 15:49 - 2014-03-08 15:49 - 00014666 _____ () C:\Users\Jakub\Downloads\[CzT]Kurz_sebeovladani_Anger_Management.torrent
2014-03-06 14:41 - 2014-03-06 14:48 - 00000000 ____D () C:\Users\Jakub\Desktop\Nová složka
2014-03-06 14:37 - 2014-03-06 14:37 - 00000788 _____ () C:\windows\setupact.log
2014-03-06 14:37 - 2014-03-06 14:37 - 00000000 _____ () C:\windows\setuperr.log
2014-03-05 21:23 - 2014-03-10 17:26 - 00593928 _____ () C:\windows\WindowsUpdate.log
2014-03-05 17:48 - 2014-03-05 17:48 - 00002772 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-03-05 17:47 - 2014-03-05 17:48 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-05 17:45 - 2014-03-05 17:45 - 00001227 _____ () C:\Users\Jakub\Desktop\FixMyRegistry.lnk
2014-03-05 17:39 - 2014-03-05 17:40 - 11183515 _____ () C:\Users\Jakub\Downloads\cc-setup (1).exe
2014-03-02 13:30 - 2014-03-03 11:40 - 00000000 ____D () C:\Users\Jakub\Desktop\cvic
2014-02-28 10:29 - 2014-02-28 10:29 - 00000110 ____H () C:\Users\Jakub\Desktop\ryb1.jpg.uid-zps
2014-02-26 13:38 - 2014-02-26 13:38 - 00001780 _____ () C:\Users\Jakub\Downloads\Schéma trasy DSO - 0100250413.zip
2014-02-26 10:26 - 2014-03-09 10:38 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-02-26 10:26 - 2014-03-09 10:37 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-02-26 10:25 - 2014-02-26 10:26 - 11140364 _____ () C:\Users\Jakub\Downloads\cc-setup.exe
2014-02-26 10:24 - 2014-02-26 10:25 - 16409960 _____ (Safer Networking Limited ) C:\Users\Jakub\Downloads\spybotsd162.exe
2014-02-19 14:46 - 2014-02-19 14:47 - 39042128 _____ (Microsoft Corporation) C:\Users\Jakub\Downloads\FileFormatConverters.exe
2014-02-19 14:46 - 2014-02-19 14:47 - 24793312 _____ (Microsoft Corporation) C:\Users\Jakub\Downloads\Windows-KB890830-V5.9.exe
2014-02-19 14:46 - 2014-02-19 14:46 - 00961736 _____ (Microsoft Corporation) C:\Users\Jakub\Downloads\SaveAsPDFandXPS.exe
2014-02-13 23:29 - 2013-12-05 00:43 - 00583680 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll
2014-02-13 23:29 - 2013-12-05 00:37 - 00451072 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdrm.dll
2014-02-13 16:31 - 2014-02-13 16:31 - 00000110 ____H () C:\Users\Jakub\Desktop\skotnica.jpg.uid-zps
2014-02-13 12:18 - 2014-02-01 10:20 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-02-13 12:18 - 2014-02-01 10:19 - 02241536 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-02-13 12:18 - 2014-02-01 10:19 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-02-13 12:18 - 2014-02-01 10:19 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-02-13 12:18 - 2014-02-01 10:19 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-02-13 12:18 - 2014-02-01 10:18 - 19274240 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-02-13 12:18 - 2014-02-01 10:18 - 15403520 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-02-13 12:18 - 2014-02-01 10:18 - 03960320 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-02-13 12:18 - 2014-02-01 10:18 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-02-13 12:18 - 2014-02-01 10:18 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-02-13 12:18 - 2014-02-01 10:18 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-02-13 12:18 - 2014-02-01 10:18 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-02-13 12:18 - 2014-02-01 10:18 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-02-13 12:18 - 2014-02-01 10:18 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-02-13 12:18 - 2014-02-01 10:18 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-02-13 12:18 - 2014-02-01 10:18 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-02-13 12:18 - 2014-02-01 08:58 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-02-13 12:18 - 2014-02-01 08:58 - 01140736 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-02-13 12:18 - 2014-02-01 08:58 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-02-13 12:18 - 2014-02-01 08:57 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-02-13 12:18 - 2014-02-01 08:57 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-02-13 12:18 - 2014-02-01 08:57 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-02-13 12:18 - 2014-02-01 08:57 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-02-13 12:18 - 2014-02-01 08:57 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-02-13 12:18 - 2014-02-01 08:57 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-02-13 12:18 - 2014-02-01 08:57 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-02-13 12:18 - 2014-02-01 08:40 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-02-13 12:18 - 2014-02-01 08:34 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-02-13 12:18 - 2014-02-01 06:08 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-02-13 12:18 - 2013-12-09 01:45 - 00523776 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-02-13 12:18 - 2013-12-09 00:59 - 00600064 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-02-13 12:18 - 2013-12-05 00:43 - 01845248 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-02-13 12:18 - 2013-12-05 00:37 - 01419264 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-02-13 12:18 - 2013-11-27 01:19 - 00385614 _____ () C:\windows\system32\ApnDatabase.xml
2014-02-13 12:18 - 2013-11-26 00:17 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2014-02-13 12:18 - 2013-11-01 06:53 - 02232664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-02-13 12:17 - 2014-02-01 08:57 - 14359040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-02-13 12:17 - 2014-02-01 08:57 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-02-13 12:17 - 2014-02-01 08:57 - 02049024 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-02-13 12:17 - 2014-02-01 08:57 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-02-13 12:17 - 2014-01-13 00:30 - 02238976 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-02-13 12:17 - 2014-01-13 00:30 - 02032640 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-02-13 12:17 - 2013-11-20 01:15 - 03842560 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2014-02-13 12:17 - 2013-11-20 00:57 - 03288576 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll
2014-02-10 22:00 - 2014-03-02 11:52 - 00022683 _____ () C:\Users\Jakub\Desktop\Seznam_kontaktu-Jakub_Roman.xlsx

==================== One Month Modified Files and Folders =======

2014-03-10 20:05 - 2014-03-10 20:04 - 00011018 _____ () C:\Users\Jakub\Desktop\FRST.txt
2014-03-10 20:04 - 2014-03-10 19:54 - 00000000 ____D () C:\Users\Jakub\Desktop\FRST-OlderVersion
2014-03-10 20:04 - 2014-03-09 10:22 - 00000000 ____D () C:\FRST
2014-03-10 20:02 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\system32\sru
2014-03-10 19:56 - 2014-03-10 19:56 - 00029882 _____ () C:\Users\Jakub\Desktop\FRST3.txt
2014-03-10 19:54 - 2014-03-09 10:15 - 02157056 _____ (Farbar) C:\Users\Jakub\Desktop\FRST64.exe
2014-03-10 19:33 - 2014-03-10 19:00 - 00010516 _____ () C:\zoek-results.log
2014-03-10 19:33 - 2013-10-30 21:55 - 00000958 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-10 19:32 - 2014-03-09 10:57 - 00000904 _____ () C:\windows\PFRO.log
2014-03-10 19:32 - 2012-07-26 08:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-03-10 19:18 - 2014-03-10 18:59 - 00000000 ____D () C:\zoek_backup
2014-03-10 19:17 - 2013-10-30 21:41 - 00000000 ____D () C:\Users\Jakub
2014-03-10 19:10 - 2013-10-30 21:55 - 00000962 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-10 18:59 - 2014-03-10 19:20 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-03-10 18:58 - 2014-03-10 18:57 - 01285120 _____ () C:\Users\Jakub\Desktop\zoek.exe
2014-03-10 17:26 - 2014-03-05 21:23 - 00593928 _____ () C:\windows\WindowsUpdate.log
2014-03-10 15:52 - 2013-02-17 08:18 - 00727488 _____ () C:\windows\system32\perfh005.dat
2014-03-10 15:52 - 2013-02-17 08:18 - 00148006 _____ () C:\windows\system32\perfc005.dat
2014-03-10 15:52 - 2012-07-26 08:28 - 01714430 _____ () C:\windows\system32\PerfStringBackup.INI
2014-03-09 11:33 - 2013-11-21 15:49 - 00000000 ____D () C:\Users\Jakub\AppData\Local\CrashDumps
2014-03-09 11:08 - 2013-10-30 21:48 - 00003600 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1590769430-2290388610-2074737809-1001
2014-03-09 10:56 - 2014-03-09 10:54 - 00000000 ____D () C:\AdwCleaner
2014-03-09 10:53 - 2014-03-09 10:53 - 01244192 _____ () C:\Users\Jakub\Desktop\adwcleaner.exe
2014-03-09 10:39 - 2014-03-09 10:39 - 00000000 ____D () C:\windows\ERUNT
2014-03-09 10:38 - 2014-03-09 10:38 - 01037734 _____ (Thisisu) C:\Users\Jakub\Downloads\JRT.exe
2014-03-09 10:38 - 2014-02-26 10:26 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-03-09 10:37 - 2014-02-26 10:26 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-03-09 10:27 - 2014-03-09 10:27 - 00093705 _____ () C:\Users\Jakub\Desktop\Desktop.rar
2014-03-08 17:17 - 2013-11-11 09:38 - 00000000 ____D () C:\Users\Jakub\AppData\Roaming\uTorrent
2014-03-08 16:39 - 2014-03-08 15:52 - 1662502912 _____ () C:\Users\Jakub\Downloads\Kurs sebeovládání.avi
2014-03-08 16:01 - 2014-03-08 15:51 - 740252236 _____ () C:\Users\Jakub\Downloads\Kurz sebeovládání.mp4
2014-03-08 15:51 - 2014-03-08 15:51 - 00016408 _____ () C:\Users\Jakub\Downloads\[CzT]Kurs_sebeovladani_Anger_Management_2003_.torrent
2014-03-08 15:49 - 2014-03-08 15:49 - 00014666 _____ () C:\Users\Jakub\Downloads\[CzT]Kurz_sebeovladani_Anger_Management.torrent
2014-03-06 16:18 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-03-06 14:48 - 2014-03-06 14:41 - 00000000 ____D () C:\Users\Jakub\Desktop\Nová složka
2014-03-06 14:37 - 2014-03-06 14:37 - 00000788 _____ () C:\windows\setupact.log
2014-03-06 14:37 - 2014-03-06 14:37 - 00000000 _____ () C:\windows\setuperr.log
2014-03-05 17:53 - 2013-10-30 21:50 - 00000000 ____D () C:\Data
2014-03-05 17:52 - 2013-12-21 12:38 - 00000000 ____D () C:\windows\Minidump
2014-03-05 17:52 - 2013-10-30 22:03 - 00000000 ____D () C:\Users\Jakub\AppData\Roaming\DAEMON Tools Lite
2014-03-05 17:52 - 2012-10-10 01:08 - 00000000 ____D () C:\windows\Panther
2014-03-05 17:48 - 2014-03-05 17:48 - 00002772 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-03-05 17:48 - 2014-03-05 17:47 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-05 17:45 - 2014-03-05 17:45 - 00001227 _____ () C:\Users\Jakub\Desktop\FixMyRegistry.lnk
2014-03-05 17:40 - 2014-03-05 17:39 - 11183515 _____ () C:\Users\Jakub\Downloads\cc-setup (1).exe
2014-03-03 11:40 - 2014-03-02 13:30 - 00000000 ____D () C:\Users\Jakub\Desktop\cvic
2014-03-02 11:52 - 2014-02-10 22:00 - 00022683 _____ () C:\Users\Jakub\Desktop\Seznam_kontaktu-Jakub_Roman.xlsx
2014-02-28 11:31 - 2014-01-30 11:31 - 00000270 __RSH () C:\ProgramData\ntuser.pol
2014-02-28 10:29 - 2014-02-28 10:29 - 00000110 ____H () C:\Users\Jakub\Desktop\ryb1.jpg.uid-zps
2014-02-26 13:38 - 2014-02-26 13:38 - 00001780 _____ () C:\Users\Jakub\Downloads\Schéma trasy DSO - 0100250413.zip
2014-02-26 10:26 - 2014-02-26 10:25 - 11140364 _____ () C:\Users\Jakub\Downloads\cc-setup.exe
2014-02-26 10:25 - 2014-02-26 10:24 - 16409960 _____ (Safer Networking Limited ) C:\Users\Jakub\Downloads\spybotsd162.exe
2014-02-26 10:21 - 2014-01-23 10:46 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-02-26 10:15 - 2013-11-18 22:21 - 00000000 ____D () C:\Users\Jakub\AppData\Roaming\BSplayer
2014-02-26 10:15 - 2013-11-18 22:21 - 00000000 ____D () C:\Program Files (x86)\Webteh
2014-02-20 11:00 - 2012-07-26 06:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-02-19 14:47 - 2014-02-19 14:46 - 39042128 _____ (Microsoft Corporation) C:\Users\Jakub\Downloads\FileFormatConverters.exe
2014-02-19 14:47 - 2014-02-19 14:46 - 24793312 _____ (Microsoft Corporation) C:\Users\Jakub\Downloads\Windows-KB890830-V5.9.exe
2014-02-19 14:47 - 2013-10-31 13:29 - 00000000 ____D () C:\Program Files (x86)\MSECache
2014-02-19 14:46 - 2014-02-19 14:46 - 00961736 _____ (Microsoft Corporation) C:\Users\Jakub\Downloads\SaveAsPDFandXPS.exe
2014-02-19 09:15 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\rescache
2014-02-18 14:49 - 2013-11-01 22:52 - 00000000 ____D () C:\windows\system32\MRT
2014-02-18 14:46 - 2013-11-01 22:52 - 88567024 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-02-17 23:03 - 2013-11-16 22:09 - 00694240 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-02-17 23:03 - 2013-11-16 22:09 - 00078304 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-16 22:53 - 2012-07-26 06:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-02-14 21:46 - 2013-10-31 17:05 - 00000000 ____D () C:\filmy
2014-02-14 10:02 - 2013-10-31 12:27 - 00000000 ____D () C:\Users\Jakub\AppData\Local\Microsoft Help
2014-02-13 16:31 - 2014-02-13 16:31 - 00000110 ____H () C:\Users\Jakub\Desktop\skotnica.jpg.uid-zps
2014-02-08 22:23 - 2013-11-10 21:10 - 00000000 ____D () C:\Users\Jakub\AppData\Local\VNT
2014-02-08 22:23 - 2013-11-10 21:10 - 00000000 ____D () C:\Program Files (x86)\VNT

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

High Quality Photo Resizer 6.0 (HKLM-x32\...\High Quality Photo Resizer_is1) (Version: - Naturpic Software)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Jakub\Desktop" je 80 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#10 Příspěvek od **vyosek** » 10 bře 2014 20:03

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1590769430-2290388610-2074737809-1001\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1590769430-2290388610-2074737809-1001\...\Run: [FixMyRegistry] - C:\Program Files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe /ot /as /ss
HKU\S-1-5-21-1590769430-2290388610-2074737809-1001\...\Run: [Zoner Photo Studio Autoupdate] - C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [773728 2012-12-04] (ZONER software)
HKU\S-1-5-21-1590769430-2290388610-2074737809-1001\...\MountPoints2: {88731706-41a3-11e3-be77-6036ddeb1a76} - "E:\unlock.exe" autoplay=true
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

SearchScopes: HKLM - DefaultScope {21653EF1-C077-4F23-9F37-EA89E6570913} URL =
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}

C:\Program Files (x86)\SmartTweak
2014-03-10 19:54 - 2014-03-10 19:54 - 00000000 ____D () C:\Users\Jakub\Desktop\FRST-OlderVersion
2014-03-10 19:20 - 2014-03-10 18:59 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-03-10 19:00 - 2014-03-10 19:33 - 00010516 _____ () C:\zoek-results.log
2014-03-10 18:59 - 2014-03-10 19:18 - 00000000 ____D () C:\zoek_backup
2014-03-10 18:57 - 2014-03-10 18:58 - 01285120 _____ () C:\Users\Jakub\Desktop\zoek.exe
2014-03-09 10:53 - 2014-03-09 10:53 - 01244192 _____ () C:\Users\Jakub\Desktop\adwcleaner.exe
2014-03-09 10:53 - 2014-03-09 10:53 - 00007461 _____ () C:\Users\Jakub\Desktop\JRT2.txt
2014-03-09 10:51 - 2014-03-09 10:51 - 00007461 _____ () C:\Users\Jakub\Desktop\JRT.txt
2014-03-09 10:38 - 2014-03-09 10:38 - 01037734 _____ (Thisisu) C:\Users\Jakub\Downloads\JRT.exe
2014-03-09 10:27 - 2014-03-09 10:27 - 00093705 _____ () C:\Users\Jakub\Desktop\Desktop.rar
2014-02-26 10:26 - 2014-03-09 10:38 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-02-26 10:26 - 2014-03-09 10:37 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-02-26 10:25 - 2014-02-26 10:26 - 11140364 _____ () C:\Users\Jakub\Downloads\cc-setup.exe
2014-02-26 10:24 - 2014-02-26 10:25 - 16409960 _____ (Safer Networking Limited ) C:\Users\Jakub\Downloads\spybotsd162.exe

Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
CMD: shutdown /r /f /t 2

End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

kubekr · #11 Příspěvek od **kubekr** » 10 bře 2014 20:14

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-03-2014
Ran by Jakub at 2014-03-10 20:18:00 Run:1
Running from C:\Users\Jakub\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1590769430-2290388610-2074737809-1001\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1590769430-2290388610-2074737809-1001\...\Run: [FixMyRegistry] - C:\Program Files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe /ot /as /ss
HKU\S-1-5-21-1590769430-2290388610-2074737809-1001\...\Run: [Zoner Photo Studio Autoupdate] - C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [773728 2012-12-04] (ZONER software)
HKU\S-1-5-21-1590769430-2290388610-2074737809-1001\...\MountPoints2: {88731706-41a3-11e3-be77-6036ddeb1a76} - "E:\unlock.exe" autoplay=true
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

SearchScopes: HKLM - DefaultScope {21653EF1-C077-4F23-9F37-EA89E6570913} URL =
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}

C:\Program Files (x86)\SmartTweak
2014-03-10 19:54 - 2014-03-10 19:54 - 00000000 ____D () C:\Users\Jakub\Desktop\FRST-OlderVersion
2014-03-10 19:20 - 2014-03-10 18:59 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-03-10 19:00 - 2014-03-10 19:33 - 00010516 _____ () C:\zoek-results.log
2014-03-10 18:59 - 2014-03-10 19:18 - 00000000 ____D () C:\zoek_backup
2014-03-10 18:57 - 2014-03-10 18:58 - 01285120 _____ () C:\Users\Jakub\Desktop\zoek.exe
2014-03-09 10:53 - 2014-03-09 10:53 - 01244192 _____ () C:\Users\Jakub\Desktop\adwcleaner.exe
2014-03-09 10:53 - 2014-03-09 10:53 - 00007461 _____ () C:\Users\Jakub\Desktop\JRT2.txt
2014-03-09 10:51 - 2014-03-09 10:51 - 00007461 _____ () C:\Users\Jakub\Desktop\JRT.txt
2014-03-09 10:38 - 2014-03-09 10:38 - 01037734 _____ (Thisisu) C:\Users\Jakub\Downloads\JRT.exe
2014-03-09 10:27 - 2014-03-09 10:27 - 00093705 _____ () C:\Users\Jakub\Desktop\Desktop.rar
2014-02-26 10:26 - 2014-03-09 10:38 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-02-26 10:26 - 2014-03-09 10:37 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-02-26 10:25 - 2014-02-26 10:26 - 11140364 _____ () C:\Users\Jakub\Downloads\cc-setup.exe
2014-02-26 10:24 - 2014-02-26 10:25 - 16409960 _____ (Safer Networking Limited ) C:\Users\Jakub\Downloads\spybotsd162.exe

Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
CMD: shutdown /r /f /t 2

End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui => Key deleted successfully.
HKU\S-1-5-21-1590769430-2290388610-2074737809-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKU\S-1-5-21-1590769430-2290388610-2074737809-1001\Software\Microsoft\Windows\CurrentVersion\Run\\FixMyRegistry => Value deleted successfully.
HKU\S-1-5-21-1590769430-2290388610-2074737809-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Autoupdate => Value deleted successfully.
HKU\S-1-5-21-1590769430-2290388610-2074737809-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{88731706-41a3-11e3-be77-6036ddeb1a76} => Key deleted successfully.
HKCR\CLSID\{88731706-41a3-11e3-be77-6036ddeb1a76} => Key not found.
C:\windows\system32\GroupPolicy\Machine => Moved successfully.
C:\windows\system32\GroupPolicy\GPT.ini => Moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key deleted successfully.
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
"C:\Program Files (x86)\SmartTweak" => File/Directory not found.

"C:\Users\Jakub\Desktop\FRST-OlderVersion" directory move:

C:\Users\Jakub\Desktop\FRST-OlderVersion\FRST64.exe => Moved successfully.
Could not move "C:\Users\Jakub\Desktop\FRST-OlderVersion" directory. => Scheduled to move on reboot.

C:\windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Jakub\Desktop\zoek.exe => Moved successfully.
C:\Users\Jakub\Desktop\adwcleaner.exe => Moved successfully.
"C:\Users\Jakub\Desktop\JRT2.txt" => File/Directory not found.
"C:\Users\Jakub\Desktop\JRT.txt" => File/Directory not found.
C:\Users\Jakub\Downloads\JRT.exe => Moved successfully.
C:\Users\Jakub\Desktop\Desktop.rar => Moved successfully.
C:\ProgramData\Spybot - Search & Destroy => Moved successfully.
C:\Program Files (x86)\Spybot - Search & Destroy => Moved successfully.
C:\Users\Jakub\Downloads\cc-setup.exe => Moved successfully.
C:\Users\Jakub\Downloads\spybotsd162.exe => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========

========= End of CMD: =========

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-03-10 20:18:56)<=

C:\Users\Jakub\Desktop\FRST-OlderVersion => Moved successfully.

==== End of Fixlog ====

#12 Příspěvek od **vyosek** » 10 bře 2014 21:01

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

kubekr · #13 Příspěvek od **kubekr** » 11 bře 2014 12:24

Děkuji za vyřešení

Ještě dotaz na antivir. Esential je v pohodě?

#14 Příspěvek od **vyosek** » 11 bře 2014 12:50

Ano, MSE je dostatecna ochrana. Pokud byste chtel zmenu, tak doporucuji Avast Free, ten je o neco kvalitnejsi, ale i MSE je dostacujici

kubekr · #15 Příspěvek od **kubekr** » 11 bře 2014 14:33

Moc díky za vyřešení. Jako laik bez pomoci bych byl bez šance.

Díky

Jakub

VIRY.CZ

Speed up my computer - FIXmyRegistry

Speed up my computer - FIXmyRegistry

Re: Speed up my computer - FIXmyRegistry

Re: Speed up my computer - FIXmyRegistry

Re: Speed up my computer - FIXmyRegistry

Re: Speed up my computer - FIXmyRegistry

Re: Speed up my computer - FIXmyRegistry

Re: Speed up my computer - FIXmyRegistry

Re: Speed up my computer - FIXmyRegistry

Re: Speed up my computer - FIXmyRegistry

Re: Speed up my computer - FIXmyRegistry

Re: Speed up my computer - FIXmyRegistry

Re: Speed up my computer - FIXmyRegistry

Re: Speed up my computer - FIXmyRegistry

Re: Speed up my computer - FIXmyRegistry

Re: Speed up my computer - FIXmyRegistry