Awardhotspot a jiný nepořádek v ntb

Zpráva

Jirkas9 · #1 Příspěvek od **Jirkas9** » 13 bře 2014 00:31

Dobrý den, tak jsem chytil na svém ntb Awarda. Poradíte mi jak ho dostat ven?

Děkuji

Projel jsem to AdwCleanerem a tady je log

# AdwCleaner v3.021 - Report created 12/03/2014 at 23:16:52
# Updated 10/03/2014 by Xplode
# Operating System : Windows Vista (TM) Ultimate Service Pack 2 (32 bits)
# Username : Jiri Stojak - JIRISTOJAK-NTB2
# Running from : C:\Users\Jiri Stojak\Downloads\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Found C:\Program Files\Conduit
Folder Found C:\Program Files\Convesoft
Folder Found C:\ProgramData\~0
Folder Found C:\ProgramData\Ask
Folder Found C:\ProgramData\GamesBar
Folder Found C:\ProgramData\ICQ\ICQToolbar
Folder Found C:\Users\Jiri Stojak\AppData\Local\Conduit
Folder Found C:\Users\Jiri Stojak\AppData\LocalLow\Conduit
Folder Found C:\Users\Jiri Stojak\AppData\LocalLow\PriceGong

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\ICQToolbar
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{055FD26D-3A88-4E15-963D-DC8493744B1D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\PIP
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\Software\caphyon
Key Found : HKLM\SOFTWARE\Classes\AppID\BHO.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{055FD26D-3A88-4E15-963D-DC8493744B1D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Found : HKLM\SOFTWARE\Classes\ToolBand.XTTBPos00
Key Found : HKLM\SOFTWARE\Classes\ToolBand.XTTBPos00.1
Key Found : HKLM\SOFTWARE\Classes\XTTB00001.IEToolbar
Key Found : HKLM\SOFTWARE\Classes\XTTB00001.IEToolbar.1
Key Found : HKLM\SOFTWARE\Classes\XTTB00001.XTTB00001
Key Found : HKLM\SOFTWARE\Classes\XTTB00001.XTTB00001.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\ICQ\ICQToolbar
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4E15-963D-DC8493744B1D}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\Software\PIP
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{855F3B16-6D32-4FE6-8A56-BBB695989046}]

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16533

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search] - hxxp://www.icq.com/search/results.php?q={searc ... &ch_id=osd

-\\ Google Chrome v33.0.1750.146

[ File : C:\Users\Jiri Stojak\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Jirkas9 · #2 Příspěvek od **Jirkas9** » 13 bře 2014 00:34

Tady ještě log z rsit

Logfile of random's system information tool 1.09 (written by random/random)
Run by Jiri Stojak at 2014-03-13 00:01:26
Microsoft® Windows Vista™ Ultimate Service Pack 2
System drive C: has 27 GB (18%) free of 148 GB
Total RAM: 3068 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:01:48, on 13.3.2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16533)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Norton 360\Engine\21.1.0.18\N360.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
C:\Windows\PLFSetI.exe
C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
C:\Users\JIRIST~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Acer\Empowering Technology\NotificationCenter\Framework.NotificationCenter.exe
C:\Windows\system32\conime.exe
C:\Windows\explorer.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Jiri Stojak\Downloads\RSIT (1).exe
C:\Program Files\trend micro\Jiri Stojak.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://cs.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://cs.intl.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagItBHO.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\21.1.0.18\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\21.1.0.18\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagItIEAddin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\21.1.0.18\coIEPlg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [WD Drive Manager] C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [ISUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_0E2C2B76D2606C897B38003EBB3AE4C7] "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Orion.lnk = C:\Program Files\Convesoft\Orion\Messenger.exe
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HD Writer.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1AE23F24-D3E4-4C57-8468-6618B9B8B70F} (ICASign Class) - https://ib24.csob.cz/Comp/IcaSignerCZ.cab
O16 - DPF: {461A37E7-17B3-40E3-B6BB-7CAEC732C9E4} (CSOBEnroll Class) - https://ib24.csob.cz/comp/CSOBEnroll.dll
O16 - DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} (Active602XMLFiller Control) - https://www.mojedatovaschranka.cz/stati ... ?3,16,13,0
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {8DB83558-B5E6-4449-8E59-B91126580A99} (ICAHsmEngine Class) - https://ib24.csob.cz/comp/ICAHsmEngine.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (file missing)
O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: DisplayLinkManager (DisplayLinkService) - DisplayLink Corp. - C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Služba Google Update (gupdate1ca50f4abb52c59) (gupdate1ca50f4abb52c59) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\21.1.0.18\N360.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe
O23 - Service: WD Drive Manager Service (WDBtnMgrSvc.exe) - WDC - C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe

--
End of file - 14809 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\G2MUpdateTask-S-1-5-21-3409020611-171815611-717584154-1000.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
SnagIt Toolbar Loader - C:\Program Files\TechSmith\Snagit 9\SnagItBHO.dll [2009-10-15 68936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files\Norton 360\Engine\21.1.0.18\coIEPlg.dll [2013-10-06 526672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Norton Vulnerability Protection - C:\Program Files\Norton 360\Engine\21.1.0.18\IPS\IPSBHO.DLL [2013-09-29 388504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-18 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]
ShowBarObj Class - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll [2008-05-14 312880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-11 194128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0BF43445-2F28-4351-9252-17FE6E806AA0}
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-05-14 142896]
{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - Snagit - C:\Program Files\TechSmith\Snagit 9\SnagItIEAddin.dll [2009-10-15 211272]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton 360\Engine\21.1.0.18\coIEPlg.dll [2013-10-06 526672]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-11 194128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-07-20 182808]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-05-07 6139904]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-04-04 1037608]
"ePower_DMC"=C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [2008-06-11 409600]
"eDataSecurity Loader"=C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [2008-05-14 526896]
"eAudio"=C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe [2008-05-30 544768]
"BkupTray"=C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [2008-04-25 28672]
"WarReg_PopUp"=C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe [2008-01-29 303104]
"ZPdtWzdVitaKey MC3000"=C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe [2008-11-19 3719680]
"PLFSetI"=C:\Windows\PLFSetI.exe [2007-10-23 200704]
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2008-06-16 809480]
"eRecoveryService"= []
"ArcadeDeluxeAgent"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2008-05-12 147456]
"WD Drive Manager"=C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe [2008-07-24 450560]
"Skytel"=C:\Windows\Skytel.exe [2007-11-20 1826816]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe [2008-01-21 215552]
"PlayMovie"=C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2009-05-21 173288]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-08-20 150016]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-08-01 13548064]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-08-01 92704]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"=C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe [2007-07-12 226904]
"GoogleChromeAutoLaunch_0E2C2B76D2606C897B38003EBB3AE4C7"=C:\Program Files\Google\Chrome\Application\chrome.exe [2014-03-02 859464]
""= []
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2013-12-08 39408]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer VCM.lnk - C:\Program Files\Acer\Acer VCM\AcerVCM.exe
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
HD Writer.lnk - C:\Program Files\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Users\Jiri Stojak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Orion.lnk - C:\Program Files\Convesoft\Orion\Messenger.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AWinNotifyVitaKey MC3000]
C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll [2008-11-19 3162624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll [2007-07-20 233888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\Acer\Acer Bio Protection\PwdFilter

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu"
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption"
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption"
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr"
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr"
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu"
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption"
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:decryption"
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr"
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux1"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-03-13 00:01:29 ----D---- C:\Program Files\trend micro
2014-03-13 00:01:26 ----D---- C:\rsit
2014-03-12 23:40:55 ----D---- C:\Windows\ERUNT
2014-03-12 23:16:44 ----D---- C:\AdwCleaner
2014-03-12 13:26:10 ----D---- C:\ProgramData\regid.1995-08.com.techsmith
2014-03-08 14:23:53 ----A---- C:\Windows\system32\nvuhda.exe
2014-03-08 14:23:53 ----A---- C:\Windows\system32\drivers\nvhda32v.sys
2014-03-08 14:23:52 ----A---- C:\Windows\system32\oemdspif.dll
2014-03-08 14:23:52 ----A---- C:\Windows\system32\nvwssr.dll
2014-03-08 14:23:52 ----A---- C:\Windows\system32\nvwss.dll
2014-03-08 14:23:52 ----A---- C:\Windows\system32\nvcohda.dll
2014-03-08 14:23:51 ----A---- C:\Windows\system32\nvwgf2um.dll
2014-03-08 14:23:51 ----A---- C:\Windows\system32\nvvitvsr.dll
2014-03-08 14:23:51 ----A---- C:\Windows\system32\nvvitvs.dll
2014-03-08 14:23:51 ----A---- C:\Windows\system32\nvudisp.exe
2014-03-08 14:23:51 ----A---- C:\Windows\system32\dlumdfb11.dll
2014-03-08 14:23:51 ----A---- C:\Windows\system32\dlumdfb10.dll
2014-03-08 14:23:50 ----A---- C:\Windows\system32\nvoglv32.dll
2014-03-08 14:23:50 ----A---- C:\Windows\system32\nvmoblsr.dll
2014-03-08 14:23:50 ----A---- C:\Windows\system32\nvmobls.dll
2014-03-08 14:23:50 ----A---- C:\Windows\system32\nvmccssr.dll
2014-03-08 14:23:50 ----A---- C:\Windows\system32\nvmccss.dll
2014-03-08 14:23:50 ----A---- C:\Windows\system32\nvmccsrs.dll
2014-03-08 14:23:50 ----A---- C:\Windows\system32\nvmccs.dll
2014-03-08 14:23:49 ----A---- C:\Windows\system32\nvhotkey.dll
2014-03-08 14:23:49 ----A---- C:\Windows\system32\nvgamesr.dll
2014-03-08 14:23:49 ----A---- C:\Windows\system32\nvgames.dll
2014-03-08 14:23:49 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-03-08 14:23:48 ----A---- C:\Windows\system32\nvdispsr.dll
2014-03-08 14:23:48 ----A---- C:\Windows\system32\nvdisps.dll
2014-03-08 14:23:48 ----A---- C:\Windows\system32\nvd3dum.dll
2014-03-08 14:23:48 ----A---- C:\Windows\system32\dlumdfb9.dll
2014-03-08 14:23:46 ----A---- C:\Windows\system32\nvcpl.dll
2014-03-08 14:23:46 ----A---- C:\Windows\system32\nvcolor.exe
2014-03-08 14:23:46 ----A---- C:\Windows\system32\nvcod133.dll
2014-03-08 14:23:46 ----A---- C:\Windows\system32\nvcod.dll
2014-03-08 14:19:55 ----A---- C:\Windows\system32\drivers\iaStor.sys
2014-03-08 10:55:44 ----D---- C:\Program Files\NVIDIA Corporation
2014-02-28 00:55:18 ----SHD---- C:\Config.Msi
2014-02-26 20:19:27 ----D---- C:\Windows\Migration
2014-02-25 21:25:43 ----D---- C:\ProgramData\Freemake
2014-02-14 22:56:28 ----A---- C:\Windows\system32\vbscript.dll
2014-02-14 22:56:28 ----A---- C:\Windows\system32\mshtmled.dll
2014-02-14 22:56:26 ----A---- C:\Windows\system32\jsproxy.dll
2014-02-14 22:56:26 ----A---- C:\Windows\system32\ieui.dll
2014-02-14 22:56:25 ----A---- C:\Windows\system32\ieUnatt.exe
2014-02-14 22:56:24 ----A---- C:\Windows\system32\wininet.dll
2014-02-14 22:56:24 ----A---- C:\Windows\system32\msfeeds.dll
2014-02-14 22:56:23 ----A---- C:\Windows\system32\jscript.dll
2014-02-14 22:56:22 ----A---- C:\Windows\system32\url.dll
2014-02-14 22:56:22 ----A---- C:\Windows\system32\jscript9.dll
2014-02-14 22:56:21 ----A---- C:\Windows\system32\iertutil.dll
2014-02-14 22:56:20 ----A---- C:\Windows\system32\urlmon.dll
2014-02-14 22:56:19 ----A---- C:\Windows\system32\ieframe.dll
2014-02-14 22:56:16 ----A---- C:\Windows\system32\mshtml.dll
2014-02-14 14:14:59 ----A---- C:\Windows\system32\msxml3.dll

======List of files/folders modified in the last 1 month======

2014-03-13 00:01:45 ----D---- C:\Windows\Prefetch
2014-03-13 00:01:37 ----D---- C:\Windows\Temp
2014-03-13 00:01:29 ----RD---- C:\Program Files
2014-03-12 23:40:55 ----D---- C:\Windows
2014-03-12 23:28:21 ----SHD---- C:\System Volume Information
2014-03-12 23:20:44 ----D---- C:\ProgramData\ICQ
2014-03-12 23:20:43 ----HD---- C:\ProgramData
2014-03-12 13:49:21 ----D---- C:\SierraChart
2014-03-12 13:28:51 ----SHD---- C:\Windows\Installer
2014-03-12 09:22:53 ----D---- C:\Windows\System32
2014-03-11 22:29:27 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-03-09 16:13:32 ----D---- C:\Windows\Tasks
2014-03-08 14:38:55 ----D---- C:\ProgramData\NVIDIA
2014-03-08 14:29:29 ----D---- C:\Windows\system32\drivers
2014-03-08 14:29:20 ----D---- C:\Windows\system32\catroot
2014-03-08 14:29:16 ----D---- C:\Windows\inf
2014-03-08 14:26:17 ----D---- C:\Windows\system32\catroot2
2014-03-08 11:19:31 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-03-07 22:14:17 ----D---- C:\Windows\Minidump
2014-03-01 22:45:46 ----A---- C:\Windows\AviSplitter.INI
2014-03-01 22:43:37 ----D---- C:\Users\Jiri Stojak\AppData\Roaming\vlc
2014-02-28 11:44:41 ----D---- C:\Program Files\DisplayLink Core Software
2014-02-28 11:43:07 ----D---- C:\Windows\Microsoft.NET
2014-02-26 20:20:28 ----D---- C:\Windows\system32\en-US
2014-02-26 20:19:27 ----SD---- C:\ProgramData\Microsoft
2014-02-16 09:15:51 ----RSD---- C:\Windows\assembly
2014-02-16 08:22:39 ----D---- C:\Windows\system32\migration
2014-02-16 08:22:39 ----D---- C:\Program Files\Internet Explorer
2014-02-14 23:33:37 ----D---- C:\Windows\winsxs
2014-02-14 23:24:27 ----D---- C:\Windows\system32\MRT
2014-02-14 23:07:53 ----D---- C:\Windows\Debug
2014-02-14 23:07:43 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AlfaFF;AlfaFF File System mini-filter; C:\Windows\system32\Drivers\AlfaFF.sys [2008-11-19 43184]
R0 dlkmdldr;dlkmdldr; C:\Windows\system32\drivers\dlkmdldr.sys [2012-11-20 15224]
R0 fvevol;BitLocker Drive Encryption Filter Driver; C:\Windows\System32\DRIVERS\fvevol.sys [2009-04-11 143848]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-07-20 324120]
R0 PSDFilter;PSDFilter; C:\Windows\system32\DRIVERS\psdfilter.sys [2008-05-14 18992]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2010-03-19 45648]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\N360\1501000.012\SYMDS.SYS [2013-08-01 367704]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\N360\1501000.012\SYMEFA.SYS [2013-09-27 935512]
R0 UBHelper;UBHelper; C:\Windows\system32\drivers\UBHelper.sys [2008-01-30 13824]
R1 BHDrvx86;BHDrvx86; \??\C:\Program Files\Norton 360\NortonData\21.0.1.3\Definitions\BASHDefs\20140214.001\BHDrvx86.sys [2013-12-18 1098968]
R1 ccSet_N360;N360 Settings Manager; C:\Windows\system32\drivers\N360\1501000.012\ccSetx86.sys [2013-09-26 127064]
R1 DritekPortIO;Dritek General Port I/O; \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys [2006-11-02 20112]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2013-11-21 376920]
R1 IDSVix86;IDSVix86; \??\C:\Program Files\Norton 360\NortonData\21.0.1.3\Definitions\IPSDefs\20140311.001\IDSvix86.sys [2014-03-06 395992]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\Windows\system32\drivers\N360\1501000.012\SRTSPX.SYS [2013-07-31 32344]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\N360\1501000.012\Ironx86.SYS [2013-07-31 206936]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver; C:\Windows\System32\Drivers\N360\1501000.012\SYMTDIV.SYS [2013-09-26 383576]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2007-01-26 69632]
R2 NTIPPKernel;NTIPPKernel; \??\C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [2008-01-16 122368]
R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-05-14 16944]
R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-05-14 60464]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2008-02-29 1202560]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264]
R3 dlkmd;dlkmd; C:\Windows\system32\drivers\dlkmd.sys [2012-11-20 336248]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-11-21 108120]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-05-07 2134424]
R3 itecir;ITECIR Infrared Receiver; C:\Windows\system32\DRIVERS\itecir.sys [2007-12-18 54784]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E60x86.sys [2009-08-05 48640]
R3 NAVENG;NAVENG; \??\C:\Program Files\Norton 360\NortonData\21.0.1.3\Definitions\VirusDefs\20140311.032\NAVENG.SYS [2013-10-16 93272]
R3 NAVEX15;NAVEX15; \??\C:\Program Files\Norton 360\NortonData\21.0.1.3\Definitions\VirusDefs\20140311.032\NAVEX15.SYS [2013-10-16 1612376]
R3 NETw5v32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-04-27 3658752]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-30 14848]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-06-26 44064]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-08-01 7549568]
R3 SRTSP;Symantec Real Time Storage Protection; C:\Windows\System32\Drivers\N360\1501000.012\SRTSP.SYS [2013-09-27 651352]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2013-09-09 142936]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-04-04 196784]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272]
R3 vfs101x;vfs101x; C:\Windows\system32\drivers\vfs101x.sys [2008-05-26 40752]
S3 AVerAF15;AVerMedia BDA Digital Tuner; C:\Windows\System32\Drivers\AVerAF15.sys [2008-03-14 280192]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BthPort;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2007-03-29 79664]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2007-02-27 81200]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-02-27 16432]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2011-10-27 78136]
S3 DisplayLinkUsbPort;DisplayLink USB Device; C:\Windows\system32\DRIVERS\DisplayLinkUsbPort_7.0.41409.0.sys [2014-01-20 21888]
S3 dlusbaudio;dlusbaudio; C:\Windows\system32\DRIVERS\dlusbaudio.sys [2012-11-20 143520]
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 GEMPC430;GEMPC430; C:\Windows\System32\Drivers\gemusb.sys [2001-12-04 53568]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2008-01-21 987648]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-05-07 85136]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2012-11-16 18560]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2012-11-16 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-10-17 19072]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2011-10-27 181432]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2012-11-16 8192]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2012-11-16 8192]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2008-01-21 654336]
S3 WinUSB;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2009-07-14 34944]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2007-12-11 12800]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 CLHNService;CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2009-04-16 75048]
R2 DisplayLinkService;DisplayLinkManager; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [2012-11-20 7418840]
R2 eDataSecurity Service;eDataSecurity Service; C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-05-14 500784]
R2 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-03-21 24576]
R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2008-04-30 815104]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-07-20 354840]
R2 IGBASVC;iGroupTec Service; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [2008-11-19 3520512]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2007-12-06 110592]
R2 N360;Norton 360; C:\Program Files\Norton 360\Engine\21.1.0.18\N360.exe [2013-10-08 264360]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-25 45056]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-25 131072]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-08-01 196608]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2008-04-30 466944]
R2 RS_Service;Raw Socket Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [2008-01-10 233472]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
R2 vfsFPService;Validity Fingerprint Service; C:\Windows\system32\vfsFPService.exe [2008-05-26 599344]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 WDBtnMgrSvc.exe;WD Drive Manager Service; C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [2008-07-24 102400]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate1ca50f4abb52c59;Služba Google Update (gupdate1ca50f4abb52c59); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-19 133104]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11 257928]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-19 133104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-12-08 194032]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S4 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
S4 BUNAgentSvc;NTI Backup Now 5 Agent Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#3 Příspěvek od **vyosek** » 13 bře 2014 14:46

Zdravim

Jen se zeptam pouzivate legalni operacni system, nejvyssi licence Ultimate zrovna neni bezna domaci verze

Jirkas9 · #4 Příspěvek od **Jirkas9** » 13 bře 2014 14:49

Ano stoprocentně koupeno s ntb v TSbohemia

#5 Příspěvek od **vyosek** » 13 bře 2014 14:51

Spustte znovu AdwCleaner

Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Jirkas9 · #6 Příspěvek od **Jirkas9** » 13 bře 2014 15:47

# AdwCleaner v3.021 - Report created 13/03/2014 at 15:42:29
# Updated 10/03/2014 by Xplode
# Operating System : Windows Vista (TM) Ultimate Service Pack 2 (32 bits)
# Username : Jiri Stojak - JIRISTOJAK-NTB2
# Running from : C:\Users\Jiri Stojak\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16533

-\\ Google Chrome v33.0.1750.146

[ File : C:\Users\Jiri Stojak\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [4555 octets] - [12/03/2014 23:16:52]
AdwCleaner[R1].txt - [985 octets] - [13/03/2014 15:39:12]
AdwCleaner[S0].txt - [4671 octets] - [12/03/2014 23:20:41]
AdwCleaner[S1].txt - [909 octets] - [13/03/2014 15:42:29]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [968 octets] ##########

#7 Příspěvek od **vyosek** » 13 bře 2014 15:48

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Jirkas9 · #8 Příspěvek od **Jirkas9** » 13 bře 2014 16:53

Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by Jiri Stojak on źt 13.03.2014 at 16:09:51,91.
Microsoft® Windows Vista™ Ultimate 6.0.6002 Service Pack 2 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Jiri Stojak\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

13.3.2014 16:13:25 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3409020611-171815611-717584154-1000\Software\Microsoft\Internet Explorer\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4} deleted successfully
HKEY_USERS\S-1-5-21-3409020611-171815611-717584154-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32004B8A-44A9-43E7-84E9-808838809519} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3409020611-171815611-717584154-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{124D001A-BDCB-472F-AA59-BBE7E4BC3204} deleted successfully
HKEY_USERS\S-1-5-21-3409020611-171815611-717584154-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{124D001A-BDCB-472F-AA59-BBE7E4BC3204} deleted successfully
HKEY_USERS\S-1-5-21-3409020611-171815611-717584154-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{0BF43445-2F28-4351-9252-17FE6E806AA0} deleted successfully

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\JIRIST~1\AppData\Roaming\Thunderbird\Profiles\6h9rn2iw.default\prefs.js:

Added to C:\Users\JIRIST~1\AppData\Roaming\Thunderbird\Profiles\6h9rn2iw.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

==== Deleting Files \ Folders ======================

C:\Users\Jiri Stojak\AppData\Roaming\Yahoo! deleted
C:\Windows\wininit.ini deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\IPSFF" [10.10.2013 02:15]

==== Firefox Extensions ======================

==== Firefox Plugins ======================

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
jbolfgndggfhhpbnkgnpjkfhinclbigj - No path found[]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[09.10.2013 09:59]
mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files\Norton 360\Engine\21.1.0.18\Exts\Chrome.crx[19.01.2014 18:42]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
apdfllckaahabafndbhieahigkjlhalf - C:\Users\JIRIST~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx[25.10.2013 20:53]

Skype Click to Call - Jiri Stojak\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Norton Identity Protection - Jiri Stojak\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
World Clocks - Jiri Stojak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjgoijhajhaahklokegbfnohialajpej

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://cs.intl.acer.yahoo.com"
"Default_Page_URL"="http://cs.intl.acer.yahoo.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"

==== Reset Google Chrome ======================

C:\Users\Jiri Stojak\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Jiri Stojak\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj deleted successfully

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jiri Stojak\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Jiri Stojak\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jirka ntb\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jiri Stojak\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Jiri Stojak\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=2 folders=0 298 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Jiri Stojak\AppData\Local\Temp will be emptied at reboot
C:\Users\Jirka ntb\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\JIRIST~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Jiri Stojak\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

==== EOF on źt 13.03.2014 at 16:56:02,31 ======================

#9 Příspěvek od **vyosek** » 13 bře 2014 16:55

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

Jirkas9 · #10 Příspěvek od **Jirkas9** » 13 bře 2014 17:23

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014
Ran by Jiri Stojak (administrator) on JIRISTOJAK-NTB2 on 13-03-2014 17:23:14
Running from C:\Users\Jiri Stojak\Desktop
Microsoft® Windows Vista™ Ultimate Service Pack 2 (X86) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(Validity Sensors, Inc.) C:\Windows\system32\vfsFPService.exe
(Arachnoid Biometrics Identification Group Corp.) C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe
(Agere Systems) C:\Windows\system32\agrsmsvc.exe
() C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
(Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
() C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
() C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\Acer\Mobility Center\MobilityService.exe
(Symantec Corporation) C:\Program Files\Norton 360\Engine\21.1.0.18\N360.exe
(NewTech InfoSystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
() C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Symantec Corporation) C:\Program Files\Norton 360\Engine\21.1.0.18\N360.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer VCM\RS_Service.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(WDC) C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Inc.) C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
(Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
(Acer Incorporated) C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
() C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
(Arachnoid Biometrics Identification Group Corp.) C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
() C:\Windows\PLFSetI.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(WDC) C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdSync.exe
(Acer Corp.) C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Macrovision Corporation) C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Panasonic Corporation) C:\Program Files\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Realtek Semiconductor Corp.) C:\Users\Jiri Stojak\AppData\Local\Temp\RtkBtMnt.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(acer) C:\Program Files\Acer\Empowering Technology\NotificationCenter\Framework.NotificationCenter.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(forum.viry.cz) C:\Users\Jiri Stojak\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [182808 2008-07-20] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [6139904 2008-05-07] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1037608 2008-04-04] (Synaptics, Inc.)
HKLM\...\Run: [ePower_DMC] - C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [409600 2008-06-11] (Acer Inc.)
HKLM\...\Run: [eDataSecurity Loader] - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [526896 2008-05-14] (Egis Incorporated)
HKLM\...\Run: [eAudio] - C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe [544768 2008-05-30] (Acer Incorporated)
HKLM\...\Run: [BkupTray] - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [28672 2008-04-25] ()
HKLM\...\Run: [WarReg_PopUp] - C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe [303104 2008-01-29] (Acer Incorporated)
HKLM\...\Run: [ZPdtWzdVitaKey MC3000] - C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe [3719680 2008-11-19] (Arachnoid Biometrics Identification Group Corp.)
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [200704 2007-10-23] ()
HKLM\...\Run: [LManager] - C:\Program Files\Launch Manager\LManager.exe [809480 2008-06-16] (Dritek System Inc.)
HKLM\...\Run: [eRecoveryService] - [X]
HKLM\...\Run: [ArcadeDeluxeAgent] - C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [147456 2008-05-12] (CyberLink Corp.)
HKLM\...\Run: [WD Drive Manager] - C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe [450560 2008-07-24] (WDC)
HKLM\...\Run: [Skytel] - C:\Windows\Skytel.exe [1826816 2007-11-20] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Windows Mobile-based device management] - C:\Windows\WindowsMobile\wmdSync.exe [215552 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [PlayMovie] - C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe [173288 2009-05-21] (Acer Corp.)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2007-03-11] (Hewlett-Packard Co.)
HKLM\...\Run: [hpqSRMon] - C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150016 2008-08-20] (Hewlett-Packard)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [NvCplDaemon] - C:\Windows\system32\NvCpl.dll [13548064 2008-08-01] (NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] - C:\Windows\system32\NvMcTray.dll [92704 2008-08-01] (NVIDIA Corporation)
Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [X]
Winlogon\Notify\AWinNotifyVitaKey MC3000: C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3409020611-171815611-717584154-1000\...\Run: [ISUSPM] - C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe [226904 2007-07-12] (Macrovision Corporation)
HKU\S-1-5-21-3409020611-171815611-717584154-1000\...\Run: [GoogleChromeAutoLaunch_0E2C2B76D2606C897B38003EBB3AE4C7] - C:\Program Files\Google\Chrome\Application\chrome.exe [859464 2014-03-02] (Google Inc.)
HKU\S-1-5-21-3409020611-171815611-717584154-1000\...\Run: [] - [X]
HKU\S-1-5-21-3409020611-171815611-717584154-1000\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-12-08] (Google Inc.)
HKU\S-1-5-21-3409020611-171815611-717584154-1000\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-3409020611-171815611-717584154-1000\...\MountPoints2: {40a1383c-138f-11de-b1e3-00a0d1a96e07} - E:\StartVMCLite.exe
HKU\S-1-5-21-3409020611-171815611-717584154-1000\...\MountPoints2: {6821ab0e-bc17-11de-b1ac-00a0d1a96e07} - G:\StartVMCLite.exe
HKU\S-1-5-21-3409020611-171815611-717584154-1000\...\MountPoints2: {b0f8898a-2b36-11de-865f-00a0d1a96e07} - E:\StartVMCLite.exe
HKU\S-1-5-21-3409020611-171815611-717584154-1000\...\MountPoints2: {be4311fd-8390-11df-b4c2-00a0d1a96e07} - E:\Install_Nokia_Ovi_Suite.exe
Lsa: [Notification Packages] scecli C:\Program Files\Acer\Acer Bio Protection\PwdFilter
Startup: C:\Users\Jiri Stojak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Orion.lnk
ShortcutTarget: Orion.lnk -> C:\Program Files\Convesoft\Orion\Messenger.exe (No File)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.forexfactory.com/calendar.php/
http://www.patria.cz/
http://www.fio.cz/
http://trusto.cz/apps/webmail/
http://www.google.cz/
http://www.google.cz/
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... GB_csCZ565
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... GB_csCZ565
BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagItBHO.dll (TechSmith Corporation)
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagItIEAddin.dll (TechSmith Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {1AE23F24-D3E4-4C57-8468-6618B9B8B70F} https://ib24.csob.cz/Comp/IcaSignerCZ.cab
DPF: {461A37E7-17B3-40E3-B6BB-7CAEC732C9E4} https://ib24.csob.cz/comp/CSOBEnroll.dll
DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} https://www.mojedatovaschranka.cz/stati ... ?3,16,13,0
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/200 ... ader55.cab
DPF: {8DB83558-B5E6-4449-8E59-B91126580A99} https://ib24.csob.cz/comp/ICAHsmEngine.dll
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.20.1

Chrome:
=======
CHR Extension: (Disk Google) - C:\Users\Jiri Stojak\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-26]
CHR Extension: (YouTube) - C:\Users\Jiri Stojak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-01-02]
CHR Extension: (Google Search) - C:\Users\Jiri Stojak\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-01-02]
CHR Extension: (Porsche) - C:\Users\Jiri Stojak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkclphmapdcppbmekmbkcjfanpmoidpg [2013-02-27]
CHR Extension: (Skype Click to Call) - C:\Users\Jiri Stojak\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-08-10]
CHR Extension: (Norton Identity Protection) - C:\Users\Jiri Stojak\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-09-10]
CHR Extension: (Peněženka Google) - C:\Users\Jiri Stojak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (World Clocks) - C:\Users\Jiri Stojak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjgoijhajhaahklokegbfnohialajpej [2013-02-27]
CHR Extension: (Gmail) - C:\Users\Jiri Stojak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-01-02]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton 360\Engine\21.1.0.18\Exts\Chrome.crx [2013-10-14]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\JIRIST~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-10-25]

========================== Services (Whitelisted) =================

S4 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [73728 2010-04-14] (Software602 a.s.)
R2 CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [75048 2009-04-16] ()
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [7418840 2012-11-20] (DisplayLink Corp.)
R2 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576 2008-03-21] ()
S2 gupdate1ca50f4abb52c59; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-10-19] (Google Inc.)
R2 IGBASVC; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [3520512 2008-11-19] ()
R2 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [110592 2007-12-06] ()
R2 N360; C:\Program Files\Norton 360\Engine\21.1.0.18\N360.exe [264360 2013-10-08] (Symantec Corporation)
R2 NTISchedulerSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [131072 2008-04-25] ()
R2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [233472 2008-01-10] (Acer Incorporated)
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
R2 WDBtnMgrSvc.exe; C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [102400 2008-07-24] (WDC)

==================== Drivers (Whitelisted) ====================

R0 AlfaFF; C:\Windows\System32\Drivers\AlfaFF.sys [43184 2008-11-19] (Alfa Corporation)
R1 BHDrvx86; C:\Program Files\Norton 360\NortonData\21.0.1.3\Definitions\BASHDefs\20140214.001\BHDrvx86.sys [1098968 2013-12-18] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360\1501000.012\ccSetx86.sys [127064 2013-09-26] (Symantec Corporation)
S3 DisplayLinkUsbPort; C:\Windows\System32\DRIVERS\DisplayLinkUsbPort_7.0.41409.0.sys [21888 2014-01-20] (http://libusb-win32.sourceforge.net)
R3 dlkmd; C:\Windows\system32\drivers\dlkmd.sys [336248 2012-11-20] (DisplayLink Corp.)
R0 dlkmdldr; C:\Windows\System32\drivers\dlkmdldr.sys [15224 2012-11-20] (DisplayLink Corp.)
S3 dlusbaudio; C:\Windows\System32\DRIVERS\dlusbaudio.sys [143520 2012-11-20] (DisplayLink Corp.)
R1 DritekPortIO; C:\Program Files\Launch Manager\DPortIO.sys [20112 2006-11-02] (Dritek System Inc.)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2013-11-21] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2013-11-21] (Symantec Corporation)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
S3 GEMPC430; C:\Windows\System32\Drivers\gemusb.sys [53568 2001-12-04] (Gemplus)
R1 IDSVix86; C:\Program Files\Norton 360\NortonData\21.0.1.3\Definitions\IPSDefs\20140312.001\IDSvix86.sys [395992 2014-03-06] (Symantec Corporation)
R2 int15; C:\Windows\system32\drivers\int15.sys [69632 2007-01-26] ()
R3 itecir; C:\Windows\System32\DRIVERS\itecir.sys [54784 2007-12-18] (ITE Tech. Inc. )
R3 L1E; C:\Windows\System32\DRIVERS\L1E60x86.sys [48640 2009-08-05] (Atheros Communications, Inc.)
R3 NAVENG; C:\Program Files\Norton 360\NortonData\21.0.1.3\Definitions\VirusDefs\20140312.037\NAVENG.SYS [93272 2013-10-16] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Norton 360\NortonData\21.0.1.3\Definitions\VirusDefs\20140312.037\NAVEX15.SYS [1612376 2013-10-16] (Symantec Corporation)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R3 SRTSP; C:\Windows\System32\Drivers\N360\1501000.012\SRTSP.SYS [651352 2013-09-27] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360\1501000.012\SRTSPX.SYS [32344 2013-07-31] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360\1501000.012\SYMDS.SYS [367704 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360\1501000.012\SYMEFA.SYS [935512 2013-09-27] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142936 2013-09-09] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360\1501000.012\Ironx86.SYS [206936 2013-07-31] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\N360\1501000.012\SYMTDIV.SYS [383576 2013-09-26] (Symantec Corporation)
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl [87536 2009-09-11] (CyberLink Corp.)
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-03-13 17:23 - 2014-03-13 17:23 - 00020684 _____ () C:\Users\Jiri Stojak\Desktop\FRST.txt
2014-03-13 17:22 - 2014-03-13 17:23 - 00000000 ____D () C:\FRST
2014-03-13 17:21 - 2014-03-13 17:21 - 00112640 _____ (forum.viry.cz) C:\Users\Jiri Stojak\Desktop\FRSTLauncher.exe
2014-03-13 17:04 - 2014-03-13 17:05 - 01145856 _____ (Farbar) C:\Users\Jiri Stojak\Desktop\FRST.exe
2014-03-13 16:51 - 2014-03-13 16:09 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-03-13 16:12 - 2014-03-13 16:56 - 00009133 _____ () C:\zoek-results.log
2014-03-13 16:09 - 2014-03-13 16:44 - 00000000 ____D () C:\zoek_backup
2014-03-13 16:07 - 2014-03-13 16:07 - 01285120 _____ () C:\Users\Jiri Stojak\Desktop\zoek.exe
2014-03-13 15:36 - 2014-03-13 15:37 - 01949184 _____ () C:\Users\Jiri Stojak\Downloads\adwcleaner (1).exe
2014-03-13 00:01 - 2014-03-13 00:01 - 00000000 ____D () C:\rsit
2014-03-13 00:01 - 2014-03-13 00:01 - 00000000 ____D () C:\Program Files\trend micro
2014-03-13 00:00 - 2014-03-13 00:00 - 00781383 _____ () C:\Users\Jiri Stojak\Downloads\RSIT (1).exe
2014-03-12 23:59 - 2014-03-12 23:59 - 00781909 _____ () C:\Users\Jiri Stojak\Downloads\Nepotvrzeno 253179.crdownload
2014-03-12 23:55 - 2014-03-12 23:55 - 00000789 _____ () C:\Users\Jiri Stojak\Documents\JRT.txt
2014-03-12 23:54 - 2014-03-12 23:54 - 00000789 _____ () C:\Users\Jiri Stojak\Desktop\JRT.txt
2014-03-12 23:40 - 2014-03-12 23:40 - 00000000 ____D () C:\Windows\ERUNT
2014-03-12 23:38 - 2014-03-12 23:39 - 01037734 _____ (Thisisu) C:\Users\Jiri Stojak\Desktop\JRT.exe
2014-03-12 23:16 - 2014-03-13 15:42 - 00000000 ____D () C:\AdwCleaner
2014-03-12 23:16 - 2014-03-12 23:16 - 01949184 _____ () C:\Users\Jiri Stojak\Desktop\adwcleaner.exe
2014-03-12 13:26 - 2014-03-12 13:26 - 00000000 ____D () C:\ProgramData\regid.1995-08.com.techsmith
2014-03-09 21:19 - 2014-03-09 21:19 - 00223566 _____ () C:\Users\Jiri Stojak\Downloads\arb.xlsx
2014-03-08 14:23 - 2008-08-01 21:11 - 13548064 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-03-08 14:23 - 2008-08-01 21:11 - 09048064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2014-03-08 14:23 - 2008-08-01 21:11 - 07549568 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-03-08 14:23 - 2008-08-01 21:11 - 05890048 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll
2014-03-08 14:23 - 2008-08-01 21:11 - 05890048 _____ (NVIDIA Corporation) C:\Windows\system32\dlumdfb9.dll
2014-03-08 14:23 - 2008-08-01 21:11 - 05790240 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispsr.dll
2014-03-08 14:23 - 2008-08-01 21:11 - 04147744 _____ (NVIDIA Corporation) C:\Windows\system32\nvvitvsr.dll
2014-03-08 14:23 - 2008-08-01 21:11 - 03992096 _____ (NVIDIA Corporation) C:\Windows\system32\nvdisps.dll
2014-03-08 14:23 - 2008-08-01 21:11 - 03787296 _____ (NVIDIA Corporation) C:\Windows\system32\nvvitvs.dll
2014-03-08 14:23 - 2008-08-01 21:11 - 03430944 _____ (NVIDIA Corporation) C:\Windows\system32\nvgamesr.dll
2014-03-08 14:23 - 2008-08-01 21:11 - 03402272 _____ (NVIDIA Corporation) C:\Windows\system32\nvgames.dll
2014-03-08 14:23 - 2008-08-01 21:11 - 02861600 _____ (NVIDIA Corporation) C:\Windows\system32\nvmoblsr.dll
2014-03-08 14:23 - 2008-08-01 21:11 - 02677280 _____ (NVIDIA Corporation) C:\Windows\system32\nvwssr.dll
2014-03-08 14:23 - 2008-08-01 21:11 - 02636320 _____ (NVIDIA Corporation) C:\Windows\system32\nvwss.dll
2014-03-08 14:23 - 2008-08-01 21:11 - 02362880 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll
2014-03-08 14:23 - 2008-08-01 21:11 - 02362880 _____ (NVIDIA Corporation) C:\Windows\system32\dlumdfb11.dll
2014-03-08 14:23 - 2008-08-01 21:11 - 02362880 _____ (NVIDIA Corporation) C:\Windows\system32\dlumdfb10.dll
2014-03-08 14:23 - 2008-08-01 21:11 - 01264160 _____ (NVIDIA Corporation) C:\Windows\system32\nvmobls.dll
2014-03-08 14:23 - 2008-08-01 21:11 - 00465440 _____ (NVIDIA Corporation) C:\Windows\system32\nvmccssr.dll
2014-03-08 14:23 - 2008-08-01 21:11 - 00453152 _____ (NVIDIA Corporation) C:\Windows\system32\nvudisp.exe
2014-03-08 14:23 - 2008-08-01 21:11 - 00236064 _____ (NVIDIA Corporation) C:\Windows\system32\nvmccs.dll
2014-03-08 14:23 - 2008-08-01 21:11 - 00221184 _____ (NVIDIA Corporation) C:\Windows\system32\oemdspif.dll
2014-03-08 14:23 - 2008-08-01 21:11 - 00195104 _____ (NVIDIA Corporation) C:\Windows\system32\nvmccss.dll
2014-03-08 14:23 - 2008-08-01 21:11 - 00190059 _____ () C:\Windows\system32\nvapps.xml
2014-03-08 14:23 - 2008-08-01 21:11 - 00147456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcolor.exe
2014-03-08 14:23 - 2008-08-01 21:11 - 00122880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcod133.dll
2014-03-08 14:23 - 2008-08-01 21:11 - 00122880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcod.dll
2014-03-08 14:23 - 2008-08-01 21:11 - 00096800 _____ (NVIDIA Corporation) C:\Windows\system32\nvhotkey.dll
2014-03-08 14:23 - 2008-08-01 21:11 - 00045056 _____ (NVIDIA Corporation) C:\Windows\system32\nvmccsrs.dll
2014-03-08 14:23 - 2008-08-01 21:11 - 00035521 _____ () C:\Windows\system32\nvwsapps.xml
2014-03-08 14:23 - 2008-08-01 21:11 - 00008664 _____ () C:\Windows\system32\nvdisp.nvu
2014-03-08 14:23 - 2008-06-26 01:35 - 00044064 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda32v.sys
2014-03-08 14:23 - 2008-06-20 23:57 - 00446464 _____ (NVIDIA Corporation) C:\Windows\system32\nvuhda.exe
2014-03-08 14:23 - 2008-06-20 23:57 - 00118784 _____ (NVIDIA Corporation) C:\Windows\system32\nvcohda.dll
2014-03-08 14:19 - 2008-07-20 17:44 - 00324120 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys
2014-03-08 14:00 - 2014-03-08 14:00 - 12522974 _____ () C:\Users\Jiri Stojak\Downloads\Touchpad_Synaptics_v10.2.4.1_Vistax86x64.zip
2014-03-08 13:59 - 2014-03-08 13:59 - 00728675 _____ () C:\Users\Jiri Stojak\Downloads\Modem_LSI_v2.1.87_Vistax86.zip
2014-03-08 13:54 - 2014-03-08 13:55 - 70846553 _____ () C:\Users\Jiri Stojak\Downloads\VGA_nVidia_v7.15.11.7626_Vistax86.zip
2014-03-08 12:31 - 2014-03-08 12:31 - 01021888 _____ (Symantec Corporation) C:\Users\Jiri Stojak\Downloads\NortonN360Downloader.exe
2014-03-08 10:55 - 2014-03-08 10:55 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-07 22:14 - 2014-03-07 22:14 - 00143488 _____ () C:\Windows\Minidump\Mini030714-01.dmp
2014-03-06 22:03 - 2014-03-06 22:03 - 00143488 _____ () C:\Windows\Minidump\Mini030614-01.dmp
2014-03-04 23:25 - 2014-03-07 22:14 - 446938586 _____ () C:\Windows\MEMORY.DMP
2014-03-04 23:25 - 2014-03-04 23:25 - 00143488 _____ () C:\Windows\Minidump\Mini030414-01.dmp
2014-03-01 22:08 - 2014-03-01 22:09 - 08529624 _____ () C:\Users\Jiri Stojak\Downloads\j-a-tester-3.zip
2014-02-27 21:06 - 2014-02-27 21:06 - 00000529 _____ () C:\Users\Jirka ntb\Desktop\Sierra Chart (D--SierraChart2).lnk
2014-02-27 21:06 - 2014-02-27 21:06 - 00000529 _____ () C:\Users\Jiri Stojak\Desktop\Sierra Chart (D--SierraChart2).lnk
2014-02-27 21:03 - 2014-02-27 21:04 - 18607420 _____ () C:\Users\Jiri Stojak\Downloads\SierraChartSetup (1).exe
2014-02-27 20:52 - 2014-03-03 16:02 - 00000789 _____ () C:\Windows\setupact.log
2014-02-27 20:52 - 2014-02-27 20:52 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-25 21:20 - 2014-02-25 21:21 - 28689896 _____ (Ellora Assets Corporation ) C:\Users\Jiri Stojak\Downloads\FreemakeVideoConverter_4.1.3.6.exe
2014-02-24 14:19 - 2014-02-13 18:51 - 03148637 _____ () C:\Users\Jiri Stojak\Desktop\Hlas 005.3ga
2014-02-16 21:18 - 2014-02-16 21:19 - 18577233 _____ () C:\Users\Jiri Stojak\Downloads\SierraChartSetup.exe
2014-02-16 20:55 - 2014-02-16 20:55 - 00025600 _____ () C:\Users\Jiri Stojak\Downloads\týdenní plán.xls
2014-02-14 22:56 - 2014-02-05 09:58 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-14 22:56 - 2014-02-05 09:56 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-14 22:56 - 2014-02-05 09:53 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-14 22:56 - 2014-02-05 09:51 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-14 22:56 - 2014-02-05 09:50 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-14 22:56 - 2014-02-05 09:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-14 22:56 - 2014-02-05 09:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-14 22:56 - 2014-02-05 09:48 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-14 22:56 - 2014-02-05 09:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-14 22:56 - 2014-02-05 09:48 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-14 22:56 - 2014-02-05 09:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-14 22:56 - 2014-02-05 09:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-14 22:56 - 2014-02-05 09:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-14 22:56 - 2014-02-05 09:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-14 22:56 - 2014-02-05 09:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-14 22:56 - 2014-02-05 09:46 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-14 14:14 - 2013-12-05 03:12 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 18:30 - 2014-03-13 16:29 - 00000598 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3409020611-171815611-717584154-1000.job
2014-02-13 18:30 - 2014-02-13 18:30 - 00000000 ____D () C:\Users\Jiri Stojak\AppData\Local\Citrix
2014-02-13 08:49 - 2014-03-13 16:53 - 00196524 _____ () C:\Windows\PFRO.log
2014-02-12 22:14 - 2014-02-12 22:14 - 11140364 _____ () C:\Users\Jiri Stojak\Downloads\cc-setup.exe
2014-02-12 22:10 - 2014-02-12 22:10 - 00000000 ____D () C:\Users\Jiri Stojak\AppData\Roaming\Audacity
2014-02-12 21:57 - 2014-02-12 21:57 - 00000000 ____D () C:\Users\Jiri Stojak\Documents\Smart PC Recorder Records
2014-02-12 21:56 - 2014-02-12 21:56 - 01098186 _____ () C:\Users\Jiri Stojak\Downloads\smartrecordereng.exe
2014-02-11 14:42 - 2014-02-11 14:42 - 00587194 _____ () C:\Users\Jiri Stojak\Downloads\podkladyvmeritku.zip

==================== One Month Modified Files and Folders =======

2014-03-13 17:23 - 2014-03-13 17:23 - 00020684 _____ () C:\Users\Jiri Stojak\Desktop\FRST.txt
2014-03-13 17:23 - 2014-03-13 17:22 - 00000000 ____D () C:\FRST
2014-03-13 17:21 - 2014-03-13 17:21 - 00112640 _____ (forum.viry.cz) C:\Users\Jiri Stojak\Desktop\FRSTLauncher.exe
2014-03-13 17:05 - 2014-03-13 17:04 - 01145856 _____ (Farbar) C:\Users\Jiri Stojak\Desktop\FRST.exe
2014-03-13 17:02 - 2008-11-19 19:39 - 01289306 _____ () C:\Windows\WindowsUpdate.log
2014-03-13 16:58 - 2008-11-19 17:19 - 00099269 _____ () C:\ProgramData\nvModes.001
2014-03-13 16:56 - 2014-03-13 16:12 - 00009133 _____ () C:\zoek-results.log
2014-03-13 16:56 - 2008-11-19 17:18 - 00099269 _____ () C:\ProgramData\nvModes.dat
2014-03-13 16:55 - 2008-11-19 14:05 - 00000000 _____ () C:\Windows\system32\LogConfigTemp.xml
2014-03-13 16:54 - 2009-10-19 20:54 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-13 16:53 - 2014-02-13 08:49 - 00196524 _____ () C:\Windows\PFRO.log
2014-03-13 16:53 - 2006-11-02 14:00 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-13 16:53 - 2006-11-02 13:46 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-13 16:53 - 2006-11-02 13:46 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-13 16:51 - 2008-11-20 00:51 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-03-13 16:51 - 2006-11-02 14:00 - 00032564 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-13 16:45 - 2009-10-19 20:54 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-13 16:44 - 2014-03-13 16:09 - 00000000 ____D () C:\zoek_backup
2014-03-13 16:29 - 2014-02-13 18:30 - 00000598 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3409020611-171815611-717584154-1000.job
2014-03-13 16:29 - 2012-04-02 14:23 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-13 16:11 - 2013-10-29 11:29 - 00000000 ____D () C:\Users\Jiri Stojak\AppData\Local\CrashDumps
2014-03-13 16:09 - 2014-03-13 16:51 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-03-13 16:07 - 2014-03-13 16:07 - 01285120 _____ () C:\Users\Jiri Stojak\Desktop\zoek.exe
2014-03-13 16:05 - 2009-03-01 20:58 - 00000000 ____D () C:\SierraChart
2014-03-13 15:42 - 2014-03-12 23:16 - 00000000 ____D () C:\AdwCleaner
2014-03-13 15:37 - 2014-03-13 15:36 - 01949184 _____ () C:\Users\Jiri Stojak\Downloads\adwcleaner (1).exe
2014-03-13 00:01 - 2014-03-13 00:01 - 00000000 ____D () C:\rsit
2014-03-13 00:01 - 2014-03-13 00:01 - 00000000 ____D () C:\Program Files\trend micro
2014-03-13 00:00 - 2014-03-13 00:00 - 00781383 _____ () C:\Users\Jiri Stojak\Downloads\RSIT (1).exe
2014-03-12 23:59 - 2014-03-12 23:59 - 00781909 _____ () C:\Users\Jiri Stojak\Downloads\Nepotvrzeno 253179.crdownload
2014-03-12 23:55 - 2014-03-12 23:55 - 00000789 _____ () C:\Users\Jiri Stojak\Documents\JRT.txt
2014-03-12 23:54 - 2014-03-12 23:54 - 00000789 _____ () C:\Users\Jiri Stojak\Desktop\JRT.txt
2014-03-12 23:40 - 2014-03-12 23:40 - 00000000 ____D () C:\Windows\ERUNT
2014-03-12 23:39 - 2014-03-12 23:38 - 01037734 _____ (Thisisu) C:\Users\Jiri Stojak\Desktop\JRT.exe
2014-03-12 23:20 - 2010-04-03 19:10 - 00000000 ____D () C:\ProgramData\ICQ
2014-03-12 23:16 - 2014-03-12 23:16 - 01949184 _____ () C:\Users\Jiri Stojak\Desktop\adwcleaner.exe
2014-03-12 13:26 - 2014-03-12 13:26 - 00000000 ____D () C:\ProgramData\regid.1995-08.com.techsmith
2014-03-12 13:26 - 2013-05-20 19:36 - 00001045 _____ () C:\Users\Public\Desktop\Snagit 11 Editor.lnk
2014-03-12 13:26 - 2013-05-20 19:36 - 00001001 _____ () C:\Users\Public\Desktop\Snagit 11.lnk
2014-03-12 06:51 - 2008-08-01 08:05 - 00000147 _____ () C:\Windows\system32\agent.log
2014-03-11 22:29 - 2012-04-02 14:23 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-03-11 22:29 - 2011-05-23 17:03 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-03-09 21:19 - 2014-03-09 21:19 - 00223566 _____ () C:\Users\Jiri Stojak\Downloads\arb.xlsx
2014-03-08 14:38 - 2008-11-19 13:58 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-08 14:29 - 2008-11-19 13:56 - 00000000 ____D () C:\Users\Jiri Stojak
2014-03-08 14:00 - 2014-03-08 14:00 - 12522974 _____ () C:\Users\Jiri Stojak\Downloads\Touchpad_Synaptics_v10.2.4.1_Vistax86x64.zip
2014-03-08 13:59 - 2014-03-08 13:59 - 00728675 _____ () C:\Users\Jiri Stojak\Downloads\Modem_LSI_v2.1.87_Vistax86.zip
2014-03-08 13:55 - 2014-03-08 13:54 - 70846553 _____ () C:\Users\Jiri Stojak\Downloads\VGA_nVidia_v7.15.11.7626_Vistax86.zip
2014-03-08 12:31 - 2014-03-08 12:31 - 01021888 _____ (Symantec Corporation) C:\Users\Jiri Stojak\Downloads\NortonN360Downloader.exe
2014-03-08 11:19 - 2008-01-21 07:12 - 01545096 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-08 10:55 - 2014-03-08 10:55 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-07 22:14 - 2014-03-07 22:14 - 00143488 _____ () C:\Windows\Minidump\Mini030714-01.dmp
2014-03-07 22:14 - 2014-03-04 23:25 - 446938586 _____ () C:\Windows\MEMORY.DMP
2014-03-07 22:14 - 2011-12-08 22:53 - 00000000 ____D () C:\Windows\Minidump
2014-03-06 22:03 - 2014-03-06 22:03 - 00143488 _____ () C:\Windows\Minidump\Mini030614-01.dmp
2014-03-04 23:25 - 2014-03-04 23:25 - 00143488 _____ () C:\Windows\Minidump\Mini030414-01.dmp
2014-03-04 08:55 - 2009-10-19 20:48 - 00001975 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-03 16:02 - 2014-02-27 20:52 - 00000789 _____ () C:\Windows\setupact.log
2014-03-01 22:45 - 2013-01-01 23:58 - 00000038 _____ () C:\Windows\AviSplitter.INI
2014-03-01 22:43 - 2011-08-02 20:11 - 00000000 ____D () C:\Users\Jiri Stojak\AppData\Roaming\vlc
2014-03-01 22:35 - 2013-03-09 13:30 - 00000863 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-03-01 22:09 - 2014-03-01 22:08 - 08529624 _____ () C:\Users\Jiri Stojak\Downloads\j-a-tester-3.zip
2014-03-01 21:57 - 2013-10-26 10:27 - 00000000 ____D () C:\Users\Jiri Stojak\Desktop\Obchodní deník
2014-02-28 11:44 - 2011-08-31 14:48 - 00000000 ____D () C:\Program Files\DisplayLink Core Software
2014-02-28 11:43 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-02-27 21:06 - 2014-02-27 21:06 - 00000529 _____ () C:\Users\Jirka ntb\Desktop\Sierra Chart (D--SierraChart2).lnk
2014-02-27 21:06 - 2014-02-27 21:06 - 00000529 _____ () C:\Users\Jiri Stojak\Desktop\Sierra Chart (D--SierraChart2).lnk
2014-02-27 21:04 - 2014-02-27 21:03 - 18607420 _____ () C:\Users\Jiri Stojak\Downloads\SierraChartSetup (1).exe
2014-02-27 20:52 - 2014-02-27 20:52 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-25 21:21 - 2014-02-25 21:20 - 28689896 _____ (Ellora Assets Corporation ) C:\Users\Jiri Stojak\Downloads\FreemakeVideoConverter_4.1.3.6.exe
2014-02-19 22:35 - 2008-12-16 23:03 - 00000000 ____D () C:\Users\Jiri Stojak\Documents\Poznámkové bloky aplikace OneNote
2014-02-19 21:58 - 2008-11-19 20:54 - 00002597 _____ () C:\Users\Jiri Stojak\Desktop\Microsoft Office OneNote 2007.lnk
2014-02-18 11:51 - 2013-10-25 20:52 - 00001911 _____ () C:\Users\Public\Desktop\Google Slides.lnk
2014-02-18 11:51 - 2013-10-25 20:52 - 00001909 _____ () C:\Users\Public\Desktop\Google Sheets.lnk
2014-02-18 11:51 - 2013-10-25 20:52 - 00001899 _____ () C:\Users\Public\Desktop\Google Docs.lnk
2014-02-16 21:20 - 2011-10-25 14:29 - 00000598 _____ () C:\Users\Jiri Stojak\Desktop\Sierra Chart (C--SierraChart).lnk
2014-02-16 21:20 - 2009-01-25 22:37 - 00000598 _____ () C:\Users\Jirka ntb\Desktop\Sierra Chart (C--SierraChart).lnk
2014-02-16 21:19 - 2014-02-16 21:18 - 18577233 _____ () C:\Users\Jiri Stojak\Downloads\SierraChartSetup.exe
2014-02-16 20:55 - 2014-02-16 20:55 - 00025600 _____ () C:\Users\Jiri Stojak\Downloads\týdenní plán.xls
2014-02-14 23:24 - 2013-08-15 21:20 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-14 23:07 - 2006-11-02 11:24 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-02-13 18:51 - 2014-02-24 14:19 - 03148637 _____ () C:\Users\Jiri Stojak\Desktop\Hlas 005.3ga
2014-02-13 18:30 - 2014-02-13 18:30 - 00000000 ____D () C:\Users\Jiri Stojak\AppData\Local\Citrix
2014-02-12 22:17 - 2013-01-20 20:43 - 00000808 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-12 22:17 - 2013-01-20 20:43 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-12 22:14 - 2014-02-12 22:14 - 11140364 _____ () C:\Users\Jiri Stojak\Downloads\cc-setup.exe
2014-02-12 22:10 - 2014-02-12 22:10 - 00000000 ____D () C:\Users\Jiri Stojak\AppData\Roaming\Audacity
2014-02-12 21:57 - 2014-02-12 21:57 - 00000000 ____D () C:\Users\Jiri Stojak\Documents\Smart PC Recorder Records
2014-02-12 21:56 - 2014-02-12 21:56 - 01098186 _____ () C:\Users\Jiri Stojak\Downloads\smartrecordereng.exe
2014-02-11 14:42 - 2014-02-11 14:42 - 00587194 _____ () C:\Users\Jiri Stojak\Downloads\podkladyvmeritku.zip

Files to move or delete:
====================
C:\Users\Jiri Stojak\AppData\Roaming\desktop.ini

Some content of TEMP:
====================
C:\Users\Jiri Stojak\AppData\Local\Temp\RtkBtMnt.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Norton 360 (Disabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Jiri Stojak\Desktop" je 12611 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDSfsu.exe"="C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDSfsu.exe:*:Enabled:eDSfsu"
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\encryption.exe"="C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\encryption.exe:*:Enabled:encryption"
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\decryption.exe"="C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\decryption.exe:*:Enabled:decryption"
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDSMgr.exe"="C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDSMgr.exe:*:Enabled:eDSMgr"
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDStbmngr.exe"="C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDStbmngr.exe:*:Enabled:eDStbmngr"
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\eDSfsu.exe"="C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\eDSfsu.exe:*:Enabled:eDSfsu"
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\encryption.exe"="C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\encryption.exe:*:Enabled:encryption"
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\decryption.exe"="C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\decryption.exe:*:Enabled:decryption"
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\eDSMgr.exe"="C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\eDSMgr.exe:*:Enabled:eDSMgr"
"C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\eDStbmngr.exe"="C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x64\\eDStbmngr.exe:*:Enabled:eDStbmngr"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#11 Příspěvek od **vyosek** » 14 bře 2014 02:44

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKLM\...\Run: [PlayMovie] - C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe [173288 2009-05-21] (Acer Corp.)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2007-03-11] (Hewlett-Packard Co.)
KLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3409020611-171815611-717584154-1000\...\Run: [ISUSPM] - C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe [226904 2007-07-12] (Macrovision Corporation)
HKU\S-1-5-21-3409020611-171815611-717584154-1000\...\Run: [GoogleChromeAutoLaunch_0E2C2B76D2606C897B38003EBB3AE4C7] - C:\Program Files\Google\Chrome\Application\chrome.exe [859464 2014-03-02] (Google Inc.)
HKU\S-1-5-21-3409020611-171815611-717584154-1000\...\Run: [] - [X]
HKU\S-1-5-21-3409020611-171815611-717584154-1000\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-12-08] (Google Inc.)
HKU\S-1-5-21-3409020611-171815611-717584154-1000\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-3409020611-171815611-717584154-1000\...\MountPoints2: {40a1383c-138f-11de-b1e3-00a0d1a96e07} - E:\StartVMCLite.exe
HKU\S-1-5-21-3409020611-171815611-717584154-1000\...\MountPoints2: {6821ab0e-bc17-11de-b1ac-00a0d1a96e07} - G:\StartVMCLite.exe
HKU\S-1-5-21-3409020611-171815611-717584154-1000\...\MountPoints2: {b0f8898a-2b36-11de-865f-00a0d1a96e07} - E:\StartVMCLite.exe
HKU\S-1-5-21-3409020611-171815611-717584154-1000\...\MountPoints2: {be4311fd-8390-11df-b4c2-00a0d1a96e07} - E:\Install_Nokia_Ovi_Suite.exe

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.forexfactory.com/calendar.php/
http://www.patria.cz/
http://www.fio.cz/
http://trusto.cz/apps/webmail/
http://www.google.cz/
http://www.google.cz/
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}&rlz=1I7MXGB_csCZ565
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}&rlz=1I7MXGB_csCZ565
BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagItBHO.dll (TechSmith Corporation)
Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagItIEAddin.dll (TechSmith Corporation)

CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\JIRIST~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-10-25]

2014-03-13 17:21 - 2014-03-13 17:21 - 00112640 _____ (forum.viry.cz) C:\Users\Jiri Stojak\Desktop\FRSTLauncher.exe
2014-03-13 16:51 - 2014-03-13 16:09 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-03-13 16:12 - 2014-03-13 16:56 - 00009133 _____ () C:\zoek-results.log
2014-03-13 16:09 - 2014-03-13 16:44 - 00000000 ____D () C:\zoek_backup
2014-03-13 16:07 - 2014-03-13 16:07 - 01285120 _____ () C:\Users\Jiri Stojak\Desktop\zoek.exe
2014-03-13 15:36 - 2014-03-13 15:37 - 01949184 _____ () C:\Users\Jiri Stojak\Downloads\adwcleaner (1).exe
2014-03-13 00:00 - 2014-03-13 00:00 - 00781383 _____ () C:\Users\Jiri Stojak\Downloads\RSIT (1).exe
2014-03-12 23:59 - 2014-03-12 23:59 - 00781909 _____ () C:\Users\Jiri Stojak\Downloads\Nepotvrzeno 253179.crdownload
2014-03-12 23:55 - 2014-03-12 23:55 - 00000789 _____ () C:\Users\Jiri Stojak\Documents\JRT.txt
2014-03-12 23:54 - 2014-03-12 23:54 - 00000789 _____ () C:\Users\Jiri Stojak\Desktop\JRT.txt
2014-03-12 23:38 - 2014-03-12 23:39 - 01037734 _____ (Thisisu) C:\Users\Jiri Stojak\Desktop\JRT.exe
2014-03-12 23:16 - 2014-03-12 23:16 - 01949184 _____ () C:\Users\Jiri Stojak\Desktop\adwcleaner.exe
C:\Users\Jiri Stojak\AppData\Roaming\desktop.ini

Hosts:
CMD: shutdown /r /f /t 2

End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Jirkas9 · #12 Příspěvek od **Jirkas9** » 14 bře 2014 07:03

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 13-03-2014
Ran by Jiri Stojak at 2014-03-14 07:08:36 Run:1
Running from C:\Users\Jiri Stojak\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [PlayMovie] - C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe [173288 2009-05-21] (Acer Corp.)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2007-03-11] (Hewlett-Packard Co.)
KLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3409020611-171815611-717584154-1000\...\Run: [ISUSPM] - C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe [226904 2007-07-12] (Macrovision Corporation)
HKU\S-1-5-21-3409020611-171815611-717584154-1000\...\Run: [GoogleChromeAutoLaunch_0E2C2B76D2606C897B38003EBB3AE4C7] - C:\Program Files\Google\Chrome\Application\chrome.exe [859464 2014-03-02] (Google Inc.)
HKU\S-1-5-21-3409020611-171815611-717584154-1000\...\Run: [] - [X]
HKU\S-1-5-21-3409020611-171815611-717584154-1000\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-12-08] (Google Inc.)
HKU\S-1-5-21-3409020611-171815611-717584154-1000\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-3409020611-171815611-717584154-1000\...\MountPoints2: {40a1383c-138f-11de-b1e3-00a0d1a96e07} - E:\StartVMCLite.exe
HKU\S-1-5-21-3409020611-171815611-717584154-1000\...\MountPoints2: {6821ab0e-bc17-11de-b1ac-00a0d1a96e07} - G:\StartVMCLite.exe
HKU\S-1-5-21-3409020611-171815611-717584154-1000\...\MountPoints2: {b0f8898a-2b36-11de-865f-00a0d1a96e07} - E:\StartVMCLite.exe
HKU\S-1-5-21-3409020611-171815611-717584154-1000\...\MountPoints2: {be4311fd-8390-11df-b4c2-00a0d1a96e07} - E:\Install_Nokia_Ovi_Suite.exe

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.forexfactory.com/calendar.php/
http://www.patria.cz/
http://www.fio.cz/
http://trusto.cz/apps/webmail/
http://www.google.cz/
http://www.google.cz/
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... GB_csCZ565
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... GB_csCZ565
BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagItBHO.dll (TechSmith Corporation)
Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagItIEAddin.dll (TechSmith Corporation)

CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\JIRIST~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-10-25]

2014-03-13 17:21 - 2014-03-13 17:21 - 00112640 _____ (forum.viry.cz) C:\Users\Jiri Stojak\Desktop\FRSTLauncher.exe
2014-03-13 16:51 - 2014-03-13 16:09 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-03-13 16:12 - 2014-03-13 16:56 - 00009133 _____ () C:\zoek-results.log
2014-03-13 16:09 - 2014-03-13 16:44 - 00000000 ____D () C:\zoek_backup
2014-03-13 16:07 - 2014-03-13 16:07 - 01285120 _____ () C:\Users\Jiri Stojak\Desktop\zoek.exe
2014-03-13 15:36 - 2014-03-13 15:37 - 01949184 _____ () C:\Users\Jiri Stojak\Downloads\adwcleaner (1).exe
2014-03-13 00:00 - 2014-03-13 00:00 - 00781383 _____ () C:\Users\Jiri Stojak\Downloads\RSIT (1).exe
2014-03-12 23:59 - 2014-03-12 23:59 - 00781909 _____ () C:\Users\Jiri Stojak\Downloads\Nepotvrzeno 253179.crdownload
2014-03-12 23:55 - 2014-03-12 23:55 - 00000789 _____ () C:\Users\Jiri Stojak\Documents\JRT.txt
2014-03-12 23:54 - 2014-03-12 23:54 - 00000789 _____ () C:\Users\Jiri Stojak\Desktop\JRT.txt
2014-03-12 23:38 - 2014-03-12 23:39 - 01037734 _____ (Thisisu) C:\Users\Jiri Stojak\Desktop\JRT.exe
2014-03-12 23:16 - 2014-03-12 23:16 - 01949184 _____ () C:\Users\Jiri Stojak\Desktop\adwcleaner.exe
C:\Users\Jiri Stojak\AppData\Roaming\desktop.ini

Hosts:
CMD: shutdown /r /f /t 2

End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\PlayMovie => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run\\WindowsWelcomeCenter => Value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run\\WindowsWelcomeCenter => Value deleted successfully.
HKU\S-1-5-21-3409020611-171815611-717584154-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ISUSPM => Value deleted successfully.
HKU\S-1-5-21-3409020611-171815611-717584154-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_0E2C2B76D2606C897B38003EBB3AE4C7 => Value deleted successfully.
HKU\S-1-5-21-3409020611-171815611-717584154-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKU\S-1-5-21-3409020611-171815611-717584154-1000\Software\Microsoft\Windows\CurrentVersion\Run\\swg => Value deleted successfully.
HKU\S-1-5-21-3409020611-171815611-717584154-1000\Software\Microsoft\Windows\CurrentVersion\Run\\WMPNSCFG => Value deleted successfully.
HKU\S-1-5-21-3409020611-171815611-717584154-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{40a1383c-138f-11de-b1e3-00a0d1a96e07} => Key deleted successfully.
HKCR\CLSID\{40a1383c-138f-11de-b1e3-00a0d1a96e07} => Key not found.
HKU\S-1-5-21-3409020611-171815611-717584154-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6821ab0e-bc17-11de-b1ac-00a0d1a96e07} => Key deleted successfully.
HKCR\CLSID\{6821ab0e-bc17-11de-b1ac-00a0d1a96e07} => Key not found.
HKU\S-1-5-21-3409020611-171815611-717584154-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b0f8898a-2b36-11de-865f-00a0d1a96e07} => Key deleted successfully.
HKCR\CLSID\{b0f8898a-2b36-11de-865f-00a0d1a96e07} => Key not found.
HKU\S-1-5-21-3409020611-171815611-717584154-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{be4311fd-8390-11df-b4c2-00a0d1a96e07} => Key deleted successfully.
HKCR\CLSID\{be4311fd-8390-11df-b4c2-00a0d1a96e07} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208} => Key deleted successfully.
HKCR\CLSID\{00C6482D-C502-44C8-8409-FCE54AD9C208} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} => Value deleted successfully.
HKCR\CLSID\{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} => Key deleted successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => Key deleted successfully.
C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx => Moved successfully.
HKCU\SOFTWARE\Google\Chrome\Extensions\apdfllckaahabafndbhieahigkjlhalf => Key deleted successfully.
C:\Users\JIRIST~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx => Moved successfully.
C:\Users\Jiri Stojak\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Jiri Stojak\Desktop\zoek.exe => Moved successfully.
C:\Users\Jiri Stojak\Downloads\adwcleaner (1).exe => Moved successfully.
C:\Users\Jiri Stojak\Downloads\RSIT (1).exe => Moved successfully.
C:\Users\Jiri Stojak\Downloads\Nepotvrzeno 253179.crdownload => Moved successfully.
C:\Users\Jiri Stojak\Documents\JRT.txt => Moved successfully.
C:\Users\Jiri Stojak\Desktop\JRT.txt => Moved successfully.
C:\Users\Jiri Stojak\Desktop\JRT.exe => Moved successfully.
C:\Users\Jiri Stojak\Desktop\adwcleaner.exe => Moved successfully.
C:\Users\Jiri Stojak\AppData\Roaming\desktop.ini => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========

========= End of CMD: =========

Jirkas9 · #13 Příspěvek od **Jirkas9** » 14 bře 2014 21:35

Je to všechno nebo ještě něco?

#14 Příspěvek od **vyosek** » 14 bře 2014 21:41

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

Jirkas9 · #15 Příspěvek od **Jirkas9** » 14 bře 2014 23:47

Moc vám děkuji za pomoc, jeden dotaz bych ještě měl, koupil jsem si dnes další ntb a co se nestalo stáhnul jsem si google chrome a nainstaloval a jakmile jsem povolil v nastavení googlu aby se mi stáhlo stejné nastavení záložek a stránek tak se opět objevili na těchto stránkách awardhotspot a spol, okamžitě jsem google odinstaloval a musím tedy používat explorer. Naštěstí se v exploreru na žádných stránkách "zatím" award neobjevuje. Windows mám bohužel W8 vybrat jsem si nemohl, proto bych se vás rád ještě zeptal jestli je nějaký CCleaner i pro W8 nebo něco podobného.
Děkuji

VIRY.CZ

Awardhotspot a jiný nepořádek v ntb

Awardhotspot a jiný nepořádek v ntb

Re: Awardhotspot a jiný nepořádek v ntb

Re: Awardhotspot a jiný nepořádek v ntb

Re: Awardhotspot a jiný nepořádek v ntb

Re: Awardhotspot a jiný nepořádek v ntb

Re: Awardhotspot a jiný nepořádek v ntb

Re: Awardhotspot a jiný nepořádek v ntb

Re: Awardhotspot a jiný nepořádek v ntb

Re: Awardhotspot a jiný nepořádek v ntb

Re: Awardhotspot a jiný nepořádek v ntb

Re: Awardhotspot a jiný nepořádek v ntb

Re: Awardhotspot a jiný nepořádek v ntb

Re: Awardhotspot a jiný nepořádek v ntb

Re: Awardhotspot a jiný nepořádek v ntb

Re: Awardhotspot a jiný nepořádek v ntb