Prosím o kontrolu logu

Zpráva

zmija832 · #1 Příspěvek od **zmija832** » 05 kvě 2014 08:56

Dobrý den, můj pc se začíná chovat nějak divně. Občas nejdou zapnout některé programy, nejde vypnout PC, ani restarovat, vlastně jde ale jen tlačítkem. Výrazné zpomalení PC.

Prosím o kontrolu, děkuji.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-05-2014
Ran by Milan (administrator) on BLACKPEARL-PC on 05-05-2014 09:47:51
Running from C:\Users\Milan\Desktop
Windows 8 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Aztec Media Inc) C:\Program Files (x86)\Settings Manager\systemk\SystemkService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Aztec Media Inc) C:\Program Files (x86)\Settings Manager\systemk\SystemkService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\Evernote.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Aztec Media Inc) C:\Program Files (x86)\Settings Manager\systemk\systemku.exe
(forum.viry.cz) C:\Users\Milan\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [VIAxHCUtl] => C:\VIA_XHCI\usb3Monitor.exe [331776 2011-07-12] (VIA Technologies, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-15] (Logitech Inc.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [2991856 2013-02-21] (Logitech, Inc.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5263504 2012-08-09] (VIA)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-08-16] (Intel Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-22] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2460298553-2316817018-2439930786-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHHE.EXE [241280 2013-03-25] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2460298553-2316817018-2439930786-1001\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
HKU\S-1-5-21-2460298553-2316817018-2439930786-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2460298553-2316817018-2439930786-1001\...\Run: [SpeedUpMyComputer] => C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe [2054776 2013-07-22] ()
HKU\S-1-5-21-2460298553-2316817018-2439930786-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [752736 2012-10-18] (ZONER software)
HKU\S-1-5-21-2460298553-2316817018-2439930786-1001\...\MountPoints2: {27f0312b-923f-11e2-be65-806e6f6e6963} - "F:\Start.exe"
HKU\S-1-5-21-2460298553-2316817018-2439930786-1001\...\MountPoints2: {287f69f0-b8a0-11e3-bec2-902b345efb6e} - "I:\Autorun\autorun.exe"
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\ccleaner64.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\et6sc.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\iastorui.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\kiesagent.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\setup.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\uninst.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.)
Startup: C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteTray.lnk
ShortcutTarget: EvernoteTray.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Registrace produktu.lnk
ShortcutTarget: Logitech . Registrace produktu.lnk -> C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
Startup: C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
HKLM\...\AppCertDlls: [x86] -> C:\Program Files (x86)\Settings Manager\systemk\sysapcrt.dll [490000 2014-04-28] ()
HKLM\...\AppCertDlls: [x64] -> C:\Program Files (x86)\Settings Manager\systemk\x64\sysapcrt.dll [664592 2014-04-28] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.default-search.net?sid=498&a ... 16&src=hmp
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2498} URL = http://www.default-search.net/search?si ... earchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2498} URL = http://www.default-search.net/search?si ... earchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2498} URL = http://www.default-search.net/search?si ... earchTerms}
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700
FF user.js: detected! => C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\user.js
FF SearchEngineOrder.1: default-search.net
FF Homepage: hxxp://www.centrum.cz
FF Keyword.URL: hxxp://www.default-search.net/search?sid=498&a ... &src=ds&p=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Milan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\searchplugins\default-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\default-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Fast Dial - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\Extensions\fastdial@telega.phpnet.us [2014-01-04]
FF Extension: SimilarWeb - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\Extensions\FirefoxAddon@similarWeb.com [2014-01-04]
FF Extension: Settings Manager - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\Extensions\{34FA153F-3A2C-364C-E68F-3F8A21AA8D9D} [2014-04-13]
FF Extension: Evernote Web Clipper - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800} [2014-03-18]
FF Extension: Seznam lištička - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-05-02]
FF Extension: Firebug - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\Extensions\firebug@software.joehewitt.com.xpi [2014-01-04]
FF Extension: Clearly - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\Extensions\readable@evernote.com.xpi [2014-03-18]
FF Extension: Google Translator for Firefox - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\Extensions\translator@zoli.bod.xpi [2014-03-21]
FF Extension: NoScript - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-03-28]
FF Extension: Pixlr Grabber - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\Extensions\{d47a9f51-8281-43fa-f450-f28ef8735e9a}.xpi [2014-01-04]
FF Extension: Tab Mix Plus - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-01-04]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-03-22]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-03-25]

Chrome:
=======
CHR HomePage: hxxp://www.default-search.net?sid=498&aid=121& ... 16&src=hmp
CHR StartupUrls: "hxxp://www.default-search.net?sid=498&aid=121& ... 16&src=hmp"
CHR DefaultSearchProvider: default-search.net
CHR DefaultSearchURL: http://www.default-search.net/search?si ... earchTerms}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\gcswf32.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Extension: (YouTube) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-22]
CHR Extension: (Vyhledávání Google) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-22]
CHR Extension: (Logitech SetPoint) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\edaibbiobngpbmeonadpbfafbkimjbdd [2013-03-26]
CHR Extension: (Peněženka Google) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-22]
CHR HKLM-x32\...\Chrome\Extension: [edaibbiobngpbmeonadpbfafbkimjbdd] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx [2013-03-25]

==================== Services (Whitelisted) =================

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-22] (AVAST Software)
R2 SystemkService; C:\Program Files (x86)\Settings Manager\systemk\SystemkService.exe [3543056 2014-04-28] (Aztec Media Inc)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2365792 2012-09-19] (TuneUp Software)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-08-03] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S3 AF9035BDA; C:\Windows\System32\Drivers\AF9035BDA.sys [492008 2010-06-25] (AfaTech )
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21616 2011-11-02] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-22] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-11-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-22] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-02-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-02-22] ()
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-03-31] (Disc Soft Ltd)
R1 F06DEFF2-5B9C-490D-910F-35D3A91196222; C:\Program Files (x86)\Settings Manager\systemk\x64\systemkmgrc1.cfg [36240 2014-04-28] (Aztec Media Inc)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-11-20] ()
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-09-18] (TuneUp Software)
R3 VUSB3HUB; C:\Windows\System32\drivers\ViaHub3.sys [205312 2012-01-20] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\drivers\xhcdrv.sys [254464 2012-01-20] (VIA Technologies, Inc.)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-05-05 09:47 - 2014-05-05 09:48 - 00022241 _____ () C:\Users\Milan\Desktop\FRST.txt
2014-05-05 09:47 - 2014-05-05 09:47 - 00000000 ____D () C:\FRST
2014-05-05 09:45 - 2014-05-05 09:45 - 00112640 _____ (forum.viry.cz) C:\Users\Milan\Desktop\FRSTLauncher.exe
2014-05-05 09:43 - 2014-05-05 09:44 - 02062336 _____ (Farbar) C:\Users\Milan\Desktop\FRST64.exe
2014-05-05 09:38 - 2014-05-05 09:42 - 00000000 ____D () C:\rsit
2014-05-05 09:38 - 2014-05-05 09:42 - 00000000 ____D () C:\Program Files\trend micro
2014-05-05 09:38 - 2014-05-05 09:38 - 00935175 _____ () C:\Users\Milan\Desktop\RSITx64.exe
2014-05-02 21:30 - 2014-05-05 09:45 - 00000000 ____D () C:\ProgramData\systemk
2014-04-30 10:03 - 2014-04-30 21:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-29 15:30 - 2014-04-29 15:30 - 00000000 ____D () C:\Users\Milan\AppData\Roaming\.mono
2014-04-29 10:43 - 2014-04-29 10:43 - 01444390 _____ () C:\Users\Milan\Desktop\easycdburner.exe
2014-04-29 10:43 - 2014-04-29 10:43 - 00001989 _____ () C:\Users\UpdatusUser\Desktop\Easy Audio CD Burner.lnk
2014-04-29 10:43 - 2014-04-29 10:43 - 00001989 _____ () C:\Users\Milan\Desktop\Easy Audio CD Burner.lnk
2014-04-29 10:43 - 2014-04-29 10:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Audio CD Burner
2014-04-29 10:43 - 2014-04-29 10:43 - 00000000 ____D () C:\Program Files (x86)\Easy Audio CD Burner
2014-04-29 10:43 - 2002-07-30 21:38 - 00647168 _____ (NUGROOVZ) C:\Windows\SysWOW64\cdr.dll
2014-04-29 10:07 - 2014-04-29 10:13 - 00000000 ____D () C:\Users\Milan\Desktop\písničky školka
2014-04-29 09:10 - 2014-04-29 07:57 - 00000326 _____ () C:\Users\Milan\Desktop\7 - Rumcajs.lnk
2014-04-29 08:50 - 2014-04-29 08:50 - 00001036 _____ () C:\Users\Public\Desktop\MP3 Cutter.lnk
2014-04-29 08:50 - 2014-04-29 08:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3 Cutter
2014-04-29 08:50 - 2014-04-29 08:50 - 00000000 ____D () C:\Program Files (x86)\MP3 Cutter
2014-04-29 08:48 - 2014-04-29 08:50 - 06938669 _____ (Aiv Software ) C:\Users\Milan\Desktop\mp3cutterSetup.exe
2014-04-28 21:03 - 2014-04-28 21:03 - 02347384 _____ (ESET) C:\Users\Milan\Desktop\esetsmartinstaller_csy.exe
2014-04-28 21:03 - 2014-04-28 21:03 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-28 20:59 - 2014-04-28 20:59 - 00001270 _____ () C:\Users\Milan\Desktop\SpeedUpMyComputer.lnk
2014-04-28 20:59 - 2014-04-28 20:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-28 20:59 - 2014-04-28 20:59 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-28 20:59 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-28 20:59 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-28 20:59 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-28 12:08 - 2014-04-28 12:08 - 00000000 ____D () C:\Users\Milan\Desktop\smlouva_F0546938437D494B2
2014-04-28 08:56 - 2014-04-28 08:56 - 01453676 _____ () C:\Users\Milan\Desktop\jidlo4.mp4
2014-04-25 21:46 - 2014-04-25 21:46 - 01006447 _____ () C:\Users\Milan\Desktop\jidlo3.mp4
2014-04-25 20:51 - 2014-04-25 20:56 - 286863945 _____ () C:\Users\Milan\Desktop\stankar_cz_583.sql
2014-04-25 20:29 - 2014-05-05 09:33 - 00002507 _____ () C:\Users\Public\Desktop\Evernote.lnk
2014-04-25 20:29 - 2014-05-05 09:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2014-04-25 20:29 - 2014-04-25 20:29 - 00000000 ____D () C:\Program Files (x86)\Evernote
2014-04-24 22:15 - 2014-04-24 22:15 - 00000374 _____ () C:\Users\Milan\Desktop\index.html
2014-04-21 21:23 - 2014-04-21 21:23 - 00371819 _____ () C:\Users\Milan\Desktop\vizitka mioniozadekk.psd
2014-04-21 21:22 - 2014-04-21 21:22 - 00651215 _____ () C:\Users\Milan\Desktop\vizitka mioniopredek.psd
2014-04-21 20:47 - 2014-04-21 21:05 - 109157112 _____ () C:\Users\Milan\Desktop\Angličtina-Moje-první-slova.rar
2014-04-20 22:54 - 2014-04-20 23:41 - 00846048 _____ () C:\Users\Milan\Desktop\ZitekVizitkaZadek2014.psd
2014-04-20 22:48 - 2014-04-20 23:42 - 00601462 _____ () C:\Users\Milan\Desktop\ZitekVizitkaPředek2014.psd
2014-04-20 22:28 - 2014-04-20 22:28 - 00000000 ____D () C:\Users\Milan\Desktop\Creative-0017-PSD
2014-04-20 22:28 - 2014-04-20 22:28 - 00000000 ____D () C:\Users\Milan\Desktop\Creative-0010-PSD
2014-04-20 22:28 - 2014-04-20 22:28 - 00000000 ____D () C:\Users\Milan\Desktop\Corporate-0024-PSD
2014-04-20 22:28 - 2014-04-20 22:28 - 00000000 ____D () C:\Users\Milan\Desktop\Corporate-0016-PSD
2014-04-20 22:27 - 2014-04-20 22:27 - 00101731 _____ () C:\Users\Milan\Desktop\Corporate-0016-PSD.zip
2014-04-20 22:27 - 2014-04-20 22:27 - 00099462 _____ () C:\Users\Milan\Desktop\Creative-0010-PSD.zip
2014-04-20 22:27 - 2014-04-20 22:27 - 00086333 _____ () C:\Users\Milan\Desktop\Creative-0017-PSD.zip
2014-04-20 22:22 - 2014-04-20 22:22 - 00069315 _____ () C:\Users\Milan\Desktop\Corporate-0024-PSD.zip
2014-04-13 23:29 - 2014-04-13 23:29 - 00002067 _____ () C:\Users\Public\Desktop\MyPhoneExplorer.lnk
2014-04-13 23:29 - 2014-04-13 23:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer
2014-04-13 23:29 - 2014-04-13 23:29 - 00000000 ____D () C:\Program Files (x86)\MyPhoneExplorer
2014-04-13 23:28 - 2014-04-13 23:28 - 00000000 ____D () C:\Program Files (x86)\Settings Manager
2014-04-13 23:27 - 2014-04-13 23:27 - 07441760 _____ () C:\Users\Milan\Desktop\MyPhoneExplorer_Setup_1.8.5.exe
2014-04-09 12:54 - 2014-04-09 12:54 - 04968079 _____ (Tim Kosse) C:\Users\Milan\Downloads\FileZilla_3.8.0_win32-setup.exe

==================== One Month Modified Files and Folders =======

2014-05-05 09:48 - 2014-05-05 09:47 - 00022241 _____ () C:\Users\Milan\Desktop\FRST.txt
2014-05-05 09:47 - 2014-05-05 09:47 - 00000000 ____D () C:\FRST
2014-05-05 09:45 - 2014-05-05 09:45 - 00112640 _____ (forum.viry.cz) C:\Users\Milan\Desktop\FRSTLauncher.exe
2014-05-05 09:45 - 2014-05-02 21:30 - 00000000 ____D () C:\ProgramData\systemk
2014-05-05 09:44 - 2014-05-05 09:43 - 02062336 _____ (Farbar) C:\Users\Milan\Desktop\FRST64.exe
2014-05-05 09:44 - 2012-07-26 12:01 - 00727284 _____ () C:\Windows\system32\perfh005.dat
2014-05-05 09:44 - 2012-07-26 12:01 - 00148336 _____ () C:\Windows\system32\perfc005.dat
2014-05-05 09:44 - 2012-07-26 09:28 - 01717852 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-05 09:42 - 2014-05-05 09:38 - 00000000 ____D () C:\rsit
2014-05-05 09:42 - 2014-05-05 09:38 - 00000000 ____D () C:\Program Files\trend micro
2014-05-05 09:40 - 2013-03-22 15:19 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-05 09:40 - 2013-03-22 12:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-05 09:40 - 2013-03-21 11:18 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-05 09:40 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-05 09:38 - 2014-05-05 09:38 - 00935175 _____ () C:\Users\Milan\Desktop\RSITx64.exe
2014-05-05 09:33 - 2014-04-25 20:29 - 00002507 _____ () C:\Users\Public\Desktop\Evernote.lnk
2014-05-05 09:33 - 2014-04-25 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2014-05-05 09:29 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-04-30 21:55 - 2014-04-30 10:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-30 21:11 - 2013-09-04 21:41 - 00000436 ____H () C:\Users\Milan\Desktop\fssort.ini
2014-04-30 21:11 - 2013-03-24 06:52 - 00001480 _____ () C:\Users\Milan\AppData\Local\Adobe Uložit pro web 12.0 Prefs
2014-04-30 11:32 - 2013-06-17 19:22 - 00000000 ____D () C:\Users\Milan\AppData\Local\CrashDumps
2014-04-29 15:30 - 2014-04-29 15:30 - 00000000 ____D () C:\Users\Milan\AppData\Roaming\.mono
2014-04-29 10:43 - 2014-04-29 10:43 - 01444390 _____ () C:\Users\Milan\Desktop\easycdburner.exe
2014-04-29 10:43 - 2014-04-29 10:43 - 00001989 _____ () C:\Users\UpdatusUser\Desktop\Easy Audio CD Burner.lnk
2014-04-29 10:43 - 2014-04-29 10:43 - 00001989 _____ () C:\Users\Milan\Desktop\Easy Audio CD Burner.lnk
2014-04-29 10:43 - 2014-04-29 10:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Audio CD Burner
2014-04-29 10:43 - 2014-04-29 10:43 - 00000000 ____D () C:\Program Files (x86)\Easy Audio CD Burner
2014-04-29 10:13 - 2014-04-29 10:07 - 00000000 ____D () C:\Users\Milan\Desktop\písničky školka
2014-04-29 09:08 - 2013-07-01 13:28 - 00000000 ____D () C:\Users\Milan\AppData\Roaming\vlc
2014-04-29 08:50 - 2014-04-29 08:50 - 00001036 _____ () C:\Users\Public\Desktop\MP3 Cutter.lnk
2014-04-29 08:50 - 2014-04-29 08:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3 Cutter
2014-04-29 08:50 - 2014-04-29 08:50 - 00000000 ____D () C:\Program Files (x86)\MP3 Cutter
2014-04-29 08:50 - 2014-04-29 08:48 - 06938669 _____ (Aiv Software ) C:\Users\Milan\Desktop\mp3cutterSetup.exe
2014-04-29 07:57 - 2014-04-29 09:10 - 00000326 _____ () C:\Users\Milan\Desktop\7 - Rumcajs.lnk
2014-04-28 23:40 - 2013-03-21 11:07 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2460298553-2316817018-2439930786-1001
2014-04-28 23:16 - 2014-02-01 18:11 - 00073326 _____ () C:\Windows\PFRO.log
2014-04-28 22:48 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-04-28 21:03 - 2014-04-28 21:03 - 02347384 _____ (ESET) C:\Users\Milan\Desktop\esetsmartinstaller_csy.exe
2014-04-28 21:03 - 2014-04-28 21:03 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-28 21:00 - 2014-03-25 10:06 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-28 20:59 - 2014-04-28 20:59 - 00001270 _____ () C:\Users\Milan\Desktop\SpeedUpMyComputer.lnk
2014-04-28 20:59 - 2014-04-28 20:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-28 20:59 - 2014-04-28 20:59 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-28 20:59 - 2014-03-23 13:43 - 00000000 ____D () C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
2014-04-28 20:59 - 2014-03-23 13:43 - 00000000 ____D () C:\Program Files (x86)\SmartTweak
2014-04-28 20:34 - 2013-03-22 15:19 - 00003802 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-28 12:08 - 2014-04-28 12:08 - 00000000 ____D () C:\Users\Milan\Desktop\smlouva_F0546938437D494B2
2014-04-28 08:56 - 2014-04-28 08:56 - 01453676 _____ () C:\Users\Milan\Desktop\jidlo4.mp4
2014-04-28 08:56 - 2014-02-18 15:18 - 00000000 ____D () C:\Users\Milan\AppData\Local\Screencast-O-Matic
2014-04-25 22:45 - 2013-03-22 13:02 - 00000000 ____D () C:\Users\Milan\AppData\Roaming\FileZilla
2014-04-25 21:46 - 2014-04-25 21:46 - 01006447 _____ () C:\Users\Milan\Desktop\jidlo3.mp4
2014-04-25 20:56 - 2014-04-25 20:51 - 286863945 _____ () C:\Users\Milan\Desktop\stankar_cz_583.sql
2014-04-25 20:29 - 2014-04-25 20:29 - 00000000 ____D () C:\Program Files (x86)\Evernote
2014-04-25 17:33 - 2014-02-01 21:47 - 02085674 _____ () C:\Windows\setupact.log
2014-04-24 22:15 - 2014-04-24 22:15 - 00000374 _____ () C:\Users\Milan\Desktop\index.html
2014-04-23 07:02 - 2013-03-21 11:01 - 00000000 ___RD () C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-23 06:47 - 2013-03-22 15:41 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-21 21:23 - 2014-04-21 21:23 - 00371819 _____ () C:\Users\Milan\Desktop\vizitka mioniozadekk.psd
2014-04-21 21:22 - 2014-04-21 21:22 - 00651215 _____ () C:\Users\Milan\Desktop\vizitka mioniopredek.psd
2014-04-21 21:05 - 2014-04-21 20:47 - 109157112 _____ () C:\Users\Milan\Desktop\Angličtina-Moje-první-slova.rar
2014-04-20 23:42 - 2014-04-20 22:48 - 00601462 _____ () C:\Users\Milan\Desktop\ZitekVizitkaPředek2014.psd
2014-04-20 23:41 - 2014-04-20 22:54 - 00846048 _____ () C:\Users\Milan\Desktop\ZitekVizitkaZadek2014.psd
2014-04-20 22:28 - 2014-04-20 22:28 - 00000000 ____D () C:\Users\Milan\Desktop\Creative-0017-PSD
2014-04-20 22:28 - 2014-04-20 22:28 - 00000000 ____D () C:\Users\Milan\Desktop\Creative-0010-PSD
2014-04-20 22:28 - 2014-04-20 22:28 - 00000000 ____D () C:\Users\Milan\Desktop\Corporate-0024-PSD
2014-04-20 22:28 - 2014-04-20 22:28 - 00000000 ____D () C:\Users\Milan\Desktop\Corporate-0016-PSD
2014-04-20 22:27 - 2014-04-20 22:27 - 00101731 _____ () C:\Users\Milan\Desktop\Corporate-0016-PSD.zip
2014-04-20 22:27 - 2014-04-20 22:27 - 00099462 _____ () C:\Users\Milan\Desktop\Creative-0010-PSD.zip
2014-04-20 22:27 - 2014-04-20 22:27 - 00086333 _____ () C:\Users\Milan\Desktop\Creative-0017-PSD.zip
2014-04-20 22:22 - 2014-04-20 22:22 - 00069315 _____ () C:\Users\Milan\Desktop\Corporate-0024-PSD.zip
2014-04-13 23:58 - 2014-03-23 13:43 - 00000000 ____D () C:\Users\Milan\AppData\Roaming\MyPhoneExplorer
2014-04-13 23:29 - 2014-04-13 23:29 - 00002067 _____ () C:\Users\Public\Desktop\MyPhoneExplorer.lnk
2014-04-13 23:29 - 2014-04-13 23:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer
2014-04-13 23:29 - 2014-04-13 23:29 - 00000000 ____D () C:\Program Files (x86)\MyPhoneExplorer
2014-04-13 23:28 - 2014-04-13 23:28 - 00000000 ____D () C:\Program Files (x86)\Settings Manager
2014-04-13 23:27 - 2014-04-13 23:27 - 07441760 _____ () C:\Users\Milan\Desktop\MyPhoneExplorer_Setup_1.8.5.exe
2014-04-13 19:47 - 2014-03-23 15:18 - 00000000 ____D () C:\Users\Milan\Desktop\divokejBill
2014-04-09 15:27 - 2014-03-01 13:52 - 00000000 ____D () C:\Users\Milan\AppData\Local\Unity
2014-04-09 12:54 - 2014-04-09 12:54 - 04968079 _____ (Tim Kosse) C:\Users\Milan\Downloads\FileZilla_3.8.0_win32-setup.exe
2014-04-09 12:54 - 2013-03-22 13:02 - 00000000 ____D () C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-04-09 12:54 - 2013-03-22 13:02 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-04-08 21:02 - 2014-02-01 21:47 - 01612039 _____ () C:\Windows\WindowsUpdate.log
2014-04-08 17:54 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent

Some content of TEMP:
====================
C:\Users\Milan\AppData\Local\Temp\SpeedUpMyComputer.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-04-28 09:07

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (SYSTEM) (Fixed) (Total:110.83 GB) (Free:38.99 GB) NTFS
Drive d: (DATA) (Fixed) (Total:299.55 GB) (Free:256.58 GB) NTFS
Drive e: (DATA II) (Fixed) (Total:631.84 GB) (Free:437.66 GB) NTFS
Drive f: (NEF Beginner) (CDROM) (Total:0.47 GB) (Free:0 GB) CDFS
Drive i: (Mafia 2_Disk2) (CDROM) (Total:3.39 GB) (Free:0 GB) UDF

Available physical RAM: 14295.42 MB
Total physical RAM: 16340.92 MB
Percentage of memory in use: 12%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 00000000)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 00000000)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Milan\Desktop" je 761 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000

==================== End Of Log ==============================

#2 Příspěvek od **vyosek** » 05 kvě 2014 09:35

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

zmija832 · #3 Příspěvek od **zmija832** » 05 kvě 2014 09:47

U AdwCleaner neproběhl Restart.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8 x64
Ran by Milan on po 05. 05. 2014 at 10:35:30,42
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\speedupmycomputer

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\scripthelper.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smarttweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\speedupmycomputer

~~~ Files

Successfully deleted: [File] "C:\Users\Milan\desktop\SpeedUpMyComputer.lnk"

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\fighters"
Successfully deleted: [Folder] "C:\Users\Milan\AppData\Roaming\fighters"
Successfully deleted: [Folder] "C:\Program Files (x86)\smarttweak"
Successfully deleted: [Folder] "C:\Users\Milan\AppData\Roaming\microsoft\windows\start menu\programs\smarttweak software"
Successfully deleted: [Empty Folder] C:\Users\Milan\appdata\local\{01DCFF86-B61A-462F-94B9-0E6F62FC8A4D}
Successfully deleted: [Empty Folder] C:\Users\Milan\appdata\local\{4EBA41F9-7862-4465-B321-536FC10FAC0F}
Successfully deleted: [Empty Folder] C:\Users\Milan\appdata\local\{A28E14A7-B823-4638-99FF-B555F7A2E26E}
Successfully deleted: [Empty Folder] C:\Users\Milan\appdata\local\{D136EE55-6892-48CD-8511-D4D9F737D117}
Successfully deleted: [Empty Folder] C:\Users\Milan\appdata\local\{DDAEBE5E-424C-4DBE-8DB4-518A8C340AC8}
Successfully deleted: [Empty Folder] C:\Users\Milan\appdata\local\{E490663A-F1BC-447B-9489-0A42F0987FD5}
Successfully deleted: [Empty Folder] C:\Users\Milan\appdata\local\{EF51B038-1104-4BD8-B636-BE56B948DDFD}
Successfully deleted: [Empty Folder] C:\Users\Milan\appdata\local\{F18547E2-F07C-468B-A489-8A8A38A420FC}
Successfully deleted: [Empty Folder] C:\Users\Milan\appdata\local\{F3AEF775-88F8-4D1D-A485-55E37C4608A2}
Successfully deleted: [Empty Folder] C:\Users\Milan\appdata\local\{FDDC37B6-DC93-4C26-95A7-B630400437DB}

~~~ FireFox

Successfully deleted: [File] C:\Users\Milan\AppData\Roaming\mozilla\firefox\profiles\hbfcoqs0.default-1388786602700\user.js
Emptied folder: C:\Users\Milan\AppData\Roaming\mozilla\firefox\profiles\hbfcoqs0.default-1388786602700\minidumps [2 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 05. 05. 2014 at 10:38:56,43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

*******************************************************************************************************

# AdwCleaner v3.207 - Report created 05/05/2014 at 10:43:36
# Updated 05/05/2014 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : Milan - BLACKPEARL-PC
# Running from : C:\Users\Milan\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : F06DEFF2-5B9C-490D-910F-35D3A91196222
Service Found : SystemkService

***** [ Files / Folders ] *****

Folder Found : C:\Program Files (x86)\Settings Manager
Folder Found : C:\ProgramData\RegClean
Folder Found : C:\ProgramData\systemk

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\Linkey
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1}
Key Found : HKCU\Software\SystemK
Key Found : [x64] HKCU\Software\Linkey
Key Found : [x64] HKCU\Software\SystemK
Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Settings Manager
Key Found : HKLM\Software\SystemK
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Value Found : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Found : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Found : HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls [x64]
Value Found : HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls [x86]
Value Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}]

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16843

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.default-search.net?sid=498&aid=121& ... 16&src=hmp

-\\ Mozilla Firefox v28.0 (cs)

[ File : C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\prefs.js ]

Line Found : user_pref("browser.search.order.1", "default-search.net");
Line Found : user_pref("keyword.URL", "hxxp://www.default-search.net/search?sid=498&a ... &src=ds&p=");

-\\ Google Chrome v33.0.1750.154

[ File : C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [Startup_urls] : hxxp://www.default-search.net?sid=498&aid=121& ... 16&src=hmp
Found [Homepage] : hxxp://www.default-search.net?sid=498&aid=121& ... 16&src=hmp

*************************

AdwCleaner[R0].txt - [5862 octets] - [05/05/2014 10:40:45]
AdwCleaner[R1].txt - [5750 octets] - [05/05/2014 10:43:36]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [5810 octets] ##########

#4 Příspěvek od **vyosek** » 05 kvě 2014 10:13

Jelikoz jste dal u AdwCleaneru jen Search a ne Clean

Spustte znovu AdwCleaner

Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

zmija832 · #5 Příspěvek od **zmija832** » 05 kvě 2014 10:54

málo čtu, moc klikám

# AdwCleaner v3.207 - Report created 05/05/2014 at 11:51:23
# Updated 05/05/2014 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : Milan - BLACKPEARL-PC
# Running from : C:\Users\Milan\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : F06DEFF2-5B9C-490D-910F-35D3A91196222
[#] Service Deleted : SystemkService

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\RegClean
[!] Folder Deleted : C:\ProgramData\systemk
[!] Folder Deleted : C:\Program Files (x86)\Settings Manager

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}]
Key Deleted : HKCU\Software\Linkey
Key Deleted : HKCU\Software\SystemK
Key Deleted : HKLM\Software\SystemK
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Settings Manager
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16843

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v28.0 (cs)

[ File : C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\prefs.js ]

Line Deleted : user_pref("browser.search.order.1", "default-search.net");
Line Deleted : user_pref("keyword.URL", "hxxp://www.default-search.net/search?sid=498&a ... &src=ds&p=");

-\\ Google Chrome v33.0.1750.154

[ File : C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Startup_urls] : hxxp://www.default-search.net?sid=498&aid=121& ... 16&src=hmp
Deleted [Homepage] : hxxp://www.default-search.net?sid=498&aid=121& ... 16&src=hmp

*************************

AdwCleaner[R0].txt - [5862 octets] - [05/05/2014 10:40:45]
AdwCleaner[R1].txt - [5922 octets] - [05/05/2014 10:43:36]
AdwCleaner[R2].txt - [5982 octets] - [05/05/2014 11:51:06]
AdwCleaner[S0].txt - [5660 octets] - [05/05/2014 11:51:23]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5720 octets] ##########

#6 Příspěvek od **vyosek** » 05 kvě 2014 14:38

Zas nic tak hroznyho se nestalo

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

zmija832 · #7 Příspěvek od **zmija832** » 05 kvě 2014 19:37

Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Milan on po 05. 05. 2014 at 20:28:43,41.
Microsoft Windows 8 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Milan\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

5. 5. 2014 20:29:06 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2460298553-2316817018-2439930786-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\prefs.js:
user_pref("browser.startup.homepage", "http://www.centrum.cz");

Added to C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\Milan\AppData\Roaming\Thunderbird\Profiles\qw0i477h.default\prefs.js:

Added to C:\Users\Milan\AppData\Roaming\Thunderbird\Profiles\qw0i477h.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_201405.05._2033_.backup

ProfilePath: C:\Users\Milan\AppData\Roaming\Thunderbird\Profiles\qw0i477h.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_201405.05._2033_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~3\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted
C:\PROGRA~2\Mozilla Firefox\browser\searchplugins\default-search.xml deleted
C:\Users\Milan\AppData\Roaming\DRPSu deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\searchplugins\default-search.xml deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{F003DA68-8256-4b37-A6C4-350FA04494DF}"="C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt" [25. 03. 2013 23:46]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700
- Fast Dial - %ProfilePath%\extensions\fastdial@telega.phpnet.us
- SimilarWeb - %ProfilePath%\extensions\FirefoxAddon@similarWeb.com
- Settings Manager - %ProfilePath%\extensions\{34FA153F-3A2C-364C-E68F-3F8A21AA8D9D}
- Evernote Web Clipper - %ProfilePath%\extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}
- Seznam litika - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
- Firebug - %ProfilePath%\extensions\firebug@software.joehewitt.com.xpi
- Clearly - %ProfilePath%\extensions\readable@evernote.com.xpi
- Google Translator for Firefox - %ProfilePath%\extensions\translator@zoli.bod.xpi
- NoScript - %ProfilePath%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
- Pixlr Grabber - %ProfilePath%\extensions\{d47a9f51-8281-43fa-f450-f28ef8735e9a}.xpi
- Tab Mix Plus - %ProfilePath%\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi

ProfilePath: C:\Users\Milan\AppData\Roaming\Thunderbird\Profiles\qw0i477h.default
- Lightning - %ProfilePath%\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103}
- Noia Fox : Options - %ProfilePath%\extensions\NoiaFoxoption@davidvincent.tld.xpi
- Office Black - %ProfilePath%\extensions\Office2007Black@JBBS.xpi
- Win8 - %ProfilePath%\extensions\Win8@paenglab.ch.xpi
- WiseStamp - %ProfilePath%\extensions\wisestamp@wisestamp.com.xpi
- MS Office 2003 JB Edition v3 - %ProfilePath%\extensions\{35f30c40-35d4-11d9-8dbc-000c6e787ef9}.xpi
- Noia Fox - %ProfilePath%\extensions\{7b90e860-5d61-11e0-80e3-0800200c9a66}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700
9FD6A1990289B9290563CA069CB74EF9 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll - Shockwave Flash
65C1D9F74004E775F9A8598476ABE5EE - C:\Users\Milan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
edaibbiobngpbmeonadpbfafbkimjbdd - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx[21. 02. 2013 03:59]

Logitech SetPoint - Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\edaibbiobngpbmeonadpbfafbkimjbdd

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE10SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"

==== Reset Google Chrome ======================

C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Milan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Milan\AppData\Local\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\Cache emptied successfully
C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\fastdial\cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=35 folders=4 201639 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Milan\AppData\Local\Temp will be emptied at reboot
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Milan\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on po 05. 05. 2014 at 20:35:46,16 ======================

zmija832 · #8 Příspěvek od **zmija832** » 06 kvě 2014 18:09

halooo halooo , je prosím ten log už v pořádku? Děkuji.

#9 Příspěvek od **vyosek** » 07 kvě 2014 17:23

Omlouvam se, vcera jsem jaksi nestihal

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

zmija832 · #10 Příspěvek od **zmija832** » 07 kvě 2014 20:40

To je v pohodě, já se jen připoměl

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-05-2014
Ran by Milan (administrator) on BLACKPEARL-PC on 07-05-2014 21:36:42
Running from C:\Users\Milan\Desktop
Windows 8 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\Evernote.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
(forum.viry.cz) C:\Users\Milan\Desktop\FRST-OlderVersion\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [VIAxHCUtl] => C:\VIA_XHCI\usb3Monitor.exe [331776 2011-07-12] (VIA Technologies, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-15] (Logitech Inc.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [2991856 2013-02-21] (Logitech, Inc.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5263504 2012-08-09] (VIA)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-08-16] (Intel Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-22] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2460298553-2316817018-2439930786-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHHE.EXE [241280 2013-03-25] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2460298553-2316817018-2439930786-1001\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
HKU\S-1-5-21-2460298553-2316817018-2439930786-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2460298553-2316817018-2439930786-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [752736 2012-10-18] (ZONER software)
HKU\S-1-5-21-2460298553-2316817018-2439930786-1001\...\MountPoints2: {27f0312b-923f-11e2-be65-806e6f6e6963} - "F:\Start.exe"
IFEO\ccleaner64.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\et6sc.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\iastorui.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\kiesagent.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\setup.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\uninst.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.)
Startup: C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteTray.lnk
ShortcutTarget: EvernoteTray.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Registrace produktu.lnk
ShortcutTarget: Logitech . Registrace produktu.lnk -> C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
Startup: C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
HKLM\...\AppCertDlls: [x64] -> c:\program files (x86)\settings manager\systemk\x64\sysapcrt.dll
HKLM\...\AppCertDlls: [x86] -> c:\program files (x86)\settings manager\systemk\sysapcrt.dll

==================== Internet (Whitelisted) ====================

SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700
FF NewTab: hxxp://www.google.com/
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.centrum.cz
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Milan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Fast Dial - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\Extensions\fastdial@telega.phpnet.us [2014-01-04]
FF Extension: SimilarWeb - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\Extensions\FirefoxAddon@similarWeb.com [2014-01-04]
FF Extension: Settings Manager - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\Extensions\{34FA153F-3A2C-364C-E68F-3F8A21AA8D9D} [2014-04-13]
FF Extension: Evernote Web Clipper - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800} [2014-03-18]
FF Extension: Seznam lištička - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-05-02]
FF Extension: Firebug - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\Extensions\firebug@software.joehewitt.com.xpi [2014-01-04]
FF Extension: Clearly - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\Extensions\readable@evernote.com.xpi [2014-03-18]
FF Extension: Google Translator for Firefox - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\Extensions\translator@zoli.bod.xpi [2014-03-21]
FF Extension: NoScript - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-03-28]
FF Extension: Pixlr Grabber - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\Extensions\{d47a9f51-8281-43fa-f450-f28ef8735e9a}.xpi [2014-01-04]
FF Extension: Tab Mix Plus - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-01-04]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-03-22]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-03-25]

Chrome:
=======
CHR Extension: (Dokumenty Google) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-05]
CHR Extension: (Disk Google) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-05]
CHR Extension: (YouTube) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-22]
CHR Extension: (Vyhledávání Google) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-22]
CHR Extension: (Logitech SetPoint) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\edaibbiobngpbmeonadpbfafbkimjbdd [2013-03-26]
CHR Extension: (Peněženka Google) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-22]
CHR HKLM-x32\...\Chrome\Extension: [edaibbiobngpbmeonadpbfafbkimjbdd] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx [2013-03-25]

==================== Services (Whitelisted) =================

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-22] (AVAST Software)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2365792 2012-09-19] (TuneUp Software)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-08-03] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S3 AF9035BDA; C:\Windows\System32\Drivers\AF9035BDA.sys [492008 2010-06-25] (AfaTech )
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21616 2011-11-02] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-22] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-11-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-22] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-02-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-02-22] ()
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-03-31] (Disc Soft Ltd)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-11-20] ()
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-09-18] (TuneUp Software)
R3 VUSB3HUB; C:\Windows\System32\drivers\ViaHub3.sys [205312 2012-01-20] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\drivers\xhcdrv.sys [254464 2012-01-20] (VIA Technologies, Inc.)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-05-07 21:36 - 2014-05-07 21:36 - 00029696 _____ () C:\Users\Milan\AppData\Local\MSGBOX.EXE
2014-05-07 21:36 - 2014-05-07 21:36 - 00018568 _____ () C:\Users\Milan\Desktop\FRST.txt
2014-05-07 21:36 - 2014-05-07 21:36 - 00015327 _____ () C:\Users\Milan\Desktop\LM.bat
2014-05-07 21:36 - 2014-05-07 21:36 - 00000000 ____D () C:\Users\Milan\Desktop\FRST-OlderVersion
2014-05-07 12:17 - 2014-05-07 12:17 - 00115017 _____ () C:\Users\Milan\Desktop\Obrázekd.jpeg
2014-05-07 12:16 - 2014-05-07 12:16 - 00042801 _____ () C:\Users\Milan\Desktop\Obrázek.jpeg
2014-05-05 20:35 - 2014-05-05 20:28 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-05 20:29 - 2014-05-05 20:35 - 00010425 _____ () C:\zoek-results.log
2014-05-05 20:28 - 2014-05-05 20:33 - 00000000 ____D () C:\zoek_backup
2014-05-05 20:28 - 2014-05-05 20:28 - 01285120 _____ () C:\Users\Milan\Desktop\zoek.exe
2014-05-05 10:40 - 2014-05-05 11:51 - 00000000 ____D () C:\AdwCleaner
2014-05-05 10:40 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-05 10:39 - 2014-05-05 10:39 - 01316991 _____ () C:\Users\Milan\Desktop\adwcleaner.exe
2014-05-05 10:38 - 2014-05-05 10:39 - 00003649 _____ () C:\Users\Milan\Desktop\JRT.txt
2014-05-05 10:35 - 2014-05-05 10:35 - 00000000 ____D () C:\Windows\ERUNT
2014-05-05 10:34 - 2014-05-05 10:34 - 01016261 _____ (Thisisu) C:\Users\Milan\Desktop\JRT.exe
2014-05-05 09:54 - 2014-05-05 09:54 - 00009195 _____ () C:\Users\Milan\Desktop\Addition.zip
2014-05-05 09:53 - 2014-05-05 09:54 - 00042654 _____ () C:\Users\Milan\Desktop\FRST2.txt
2014-05-05 09:47 - 2014-05-07 21:36 - 00000000 ____D () C:\FRST
2014-05-05 09:43 - 2014-05-07 21:36 - 02063872 _____ (Farbar) C:\Users\Milan\Desktop\FRST64.exe
2014-05-05 09:38 - 2014-05-05 09:49 - 00000000 ____D () C:\Program Files\trend micro
2014-05-05 09:38 - 2014-05-05 09:42 - 00000000 ____D () C:\rsit
2014-05-05 09:38 - 2014-05-05 09:38 - 00935175 _____ () C:\Users\Milan\Desktop\RSITx64.exe
2014-05-02 21:30 - 2014-05-05 11:51 - 00000000 ____D () C:\ProgramData\systemk
2014-04-30 10:03 - 2014-04-30 21:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-29 15:30 - 2014-04-29 15:30 - 00000000 ____D () C:\Users\Milan\AppData\Roaming\.mono
2014-04-29 10:43 - 2014-04-29 10:43 - 01444390 _____ () C:\Users\Milan\Desktop\easycdburner.exe
2014-04-29 10:43 - 2014-04-29 10:43 - 00001989 _____ () C:\Users\UpdatusUser\Desktop\Easy Audio CD Burner.lnk
2014-04-29 10:43 - 2014-04-29 10:43 - 00001989 _____ () C:\Users\Milan\Desktop\Easy Audio CD Burner.lnk
2014-04-29 10:43 - 2014-04-29 10:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Audio CD Burner
2014-04-29 10:43 - 2014-04-29 10:43 - 00000000 ____D () C:\Program Files (x86)\Easy Audio CD Burner
2014-04-29 10:43 - 2002-07-30 21:38 - 00647168 _____ (NUGROOVZ) C:\Windows\SysWOW64\cdr.dll
2014-04-29 10:07 - 2014-04-29 10:13 - 00000000 ____D () C:\Users\Milan\Desktop\písničky školka
2014-04-29 09:10 - 2014-04-29 07:57 - 00000326 _____ () C:\Users\Milan\Desktop\7 - Rumcajs.lnk
2014-04-29 08:50 - 2014-04-29 08:50 - 00001036 _____ () C:\Users\Public\Desktop\MP3 Cutter.lnk
2014-04-29 08:50 - 2014-04-29 08:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3 Cutter
2014-04-29 08:50 - 2014-04-29 08:50 - 00000000 ____D () C:\Program Files (x86)\MP3 Cutter
2014-04-29 08:48 - 2014-04-29 08:50 - 06938669 _____ (Aiv Software ) C:\Users\Milan\Desktop\mp3cutterSetup.exe
2014-04-28 21:03 - 2014-04-28 21:03 - 02347384 _____ (ESET) C:\Users\Milan\Desktop\esetsmartinstaller_csy.exe
2014-04-28 21:03 - 2014-04-28 21:03 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-28 20:59 - 2014-04-28 20:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-28 20:59 - 2014-04-28 20:59 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-28 20:59 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-28 20:59 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-28 20:59 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-28 12:08 - 2014-04-28 12:08 - 00000000 ____D () C:\Users\Milan\Desktop\smlouva_F0546938437D494B2
2014-04-28 08:56 - 2014-04-28 08:56 - 01453676 _____ () C:\Users\Milan\Desktop\jidlo4.mp4
2014-04-25 20:51 - 2014-04-25 20:56 - 286863945 _____ () C:\Users\Milan\Desktop\stankar_cz_583.sql
2014-04-25 20:29 - 2014-05-07 06:46 - 00002507 _____ () C:\Users\Public\Desktop\Evernote.lnk
2014-04-25 20:29 - 2014-05-07 06:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2014-04-25 20:29 - 2014-04-25 20:29 - 00000000 ____D () C:\Program Files (x86)\Evernote
2014-04-21 21:23 - 2014-04-21 21:23 - 00371819 _____ () C:\Users\Milan\Desktop\vizitka mioniozadekk.psd
2014-04-21 21:22 - 2014-04-21 21:22 - 00651215 _____ () C:\Users\Milan\Desktop\vizitka mioniopredek.psd
2014-04-21 20:47 - 2014-04-21 21:05 - 109157112 _____ () C:\Users\Milan\Desktop\Angličtina-Moje-první-slova.rar
2014-04-20 22:54 - 2014-04-20 23:41 - 00846048 _____ () C:\Users\Milan\Desktop\ZitekVizitkaZadek2014.psd
2014-04-20 22:48 - 2014-04-20 23:42 - 00601462 _____ () C:\Users\Milan\Desktop\ZitekVizitkaPředek2014.psd
2014-04-20 22:28 - 2014-04-20 22:28 - 00000000 ____D () C:\Users\Milan\Desktop\Creative-0017-PSD
2014-04-20 22:28 - 2014-04-20 22:28 - 00000000 ____D () C:\Users\Milan\Desktop\Creative-0010-PSD
2014-04-20 22:28 - 2014-04-20 22:28 - 00000000 ____D () C:\Users\Milan\Desktop\Corporate-0024-PSD
2014-04-20 22:28 - 2014-04-20 22:28 - 00000000 ____D () C:\Users\Milan\Desktop\Corporate-0016-PSD
2014-04-20 22:27 - 2014-04-20 22:27 - 00101731 _____ () C:\Users\Milan\Desktop\Corporate-0016-PSD.zip
2014-04-20 22:27 - 2014-04-20 22:27 - 00099462 _____ () C:\Users\Milan\Desktop\Creative-0010-PSD.zip
2014-04-20 22:27 - 2014-04-20 22:27 - 00086333 _____ () C:\Users\Milan\Desktop\Creative-0017-PSD.zip
2014-04-20 22:22 - 2014-04-20 22:22 - 00069315 _____ () C:\Users\Milan\Desktop\Corporate-0024-PSD.zip
2014-04-13 23:29 - 2014-04-13 23:29 - 00002067 _____ () C:\Users\Public\Desktop\MyPhoneExplorer.lnk
2014-04-13 23:29 - 2014-04-13 23:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer
2014-04-13 23:29 - 2014-04-13 23:29 - 00000000 ____D () C:\Program Files (x86)\MyPhoneExplorer
2014-04-09 12:54 - 2014-04-09 12:54 - 04968079 _____ (Tim Kosse) C:\Users\Milan\Downloads\FileZilla_3.8.0_win32-setup.exe

==================== One Month Modified Files and Folders =======

2014-05-07 21:36 - 2014-05-07 21:36 - 00029696 _____ () C:\Users\Milan\AppData\Local\MSGBOX.EXE
2014-05-07 21:36 - 2014-05-07 21:36 - 00018568 _____ () C:\Users\Milan\Desktop\FRST.txt
2014-05-07 21:36 - 2014-05-07 21:36 - 00015327 _____ () C:\Users\Milan\Desktop\LM.bat
2014-05-07 21:36 - 2014-05-07 21:36 - 00000000 ____D () C:\Users\Milan\Desktop\FRST-OlderVersion
2014-05-07 21:36 - 2014-05-05 09:47 - 00000000 ____D () C:\FRST
2014-05-07 21:36 - 2014-05-05 09:43 - 02063872 _____ (Farbar) C:\Users\Milan\Desktop\FRST64.exe
2014-05-07 21:08 - 2013-09-04 21:41 - 00000590 ____H () C:\Users\Milan\Desktop\fssort.ini
2014-05-07 21:08 - 2013-03-24 06:52 - 00001480 _____ () C:\Users\Milan\AppData\Local\Adobe Uložit pro web 12.0 Prefs
2014-05-07 21:04 - 2013-03-22 15:19 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-07 21:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-05-07 12:17 - 2014-05-07 12:17 - 00115017 _____ () C:\Users\Milan\Desktop\Obrázekd.jpeg
2014-05-07 12:16 - 2014-05-07 12:16 - 00042801 _____ () C:\Users\Milan\Desktop\Obrázek.jpeg
2014-05-07 11:53 - 2014-03-31 08:49 - 00000000 ____D () C:\Users\Milan\Desktop\školka foto březen2014
2014-05-07 11:51 - 2012-07-26 12:01 - 00727284 _____ () C:\Windows\system32\perfh005.dat
2014-05-07 11:51 - 2012-07-26 12:01 - 00148336 _____ () C:\Windows\system32\perfc005.dat
2014-05-07 11:51 - 2012-07-26 09:28 - 01717852 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-07 06:46 - 2014-04-25 20:29 - 00002507 _____ () C:\Users\Public\Desktop\Evernote.lnk
2014-05-07 06:46 - 2014-04-25 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2014-05-05 20:35 - 2014-05-05 20:29 - 00010425 _____ () C:\zoek-results.log
2014-05-05 20:35 - 2014-02-01 18:11 - 00074150 _____ () C:\Windows\PFRO.log
2014-05-05 20:35 - 2013-03-21 11:18 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-05 20:35 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-05 20:35 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-05-05 20:33 - 2014-05-05 20:28 - 00000000 ____D () C:\zoek_backup
2014-05-05 20:28 - 2014-05-05 20:35 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-05 20:28 - 2014-05-05 20:28 - 01285120 _____ () C:\Users\Milan\Desktop\zoek.exe
2014-05-05 12:13 - 2013-03-21 11:07 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2460298553-2316817018-2439930786-1001
2014-05-05 11:51 - 2014-05-05 10:40 - 00000000 ____D () C:\AdwCleaner
2014-05-05 11:51 - 2014-05-02 21:30 - 00000000 ____D () C:\ProgramData\systemk
2014-05-05 10:39 - 2014-05-05 10:39 - 01316991 _____ () C:\Users\Milan\Desktop\adwcleaner.exe
2014-05-05 10:39 - 2014-05-05 10:38 - 00003649 _____ () C:\Users\Milan\Desktop\JRT.txt
2014-05-05 10:35 - 2014-05-05 10:35 - 00000000 ____D () C:\Windows\ERUNT
2014-05-05 10:34 - 2014-05-05 10:34 - 01016261 _____ (Thisisu) C:\Users\Milan\Desktop\JRT.exe
2014-05-05 09:54 - 2014-05-05 09:54 - 00009195 _____ () C:\Users\Milan\Desktop\Addition.zip
2014-05-05 09:54 - 2014-05-05 09:53 - 00042654 _____ () C:\Users\Milan\Desktop\FRST2.txt
2014-05-05 09:49 - 2014-05-05 09:38 - 00000000 ____D () C:\Program Files\trend micro
2014-05-05 09:42 - 2014-05-05 09:38 - 00000000 ____D () C:\rsit
2014-05-05 09:40 - 2013-03-22 12:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-05 09:38 - 2014-05-05 09:38 - 00935175 _____ () C:\Users\Milan\Desktop\RSITx64.exe
2014-04-30 21:55 - 2014-04-30 10:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-30 11:32 - 2013-06-17 19:22 - 00000000 ____D () C:\Users\Milan\AppData\Local\CrashDumps
2014-04-29 15:30 - 2014-04-29 15:30 - 00000000 ____D () C:\Users\Milan\AppData\Roaming\.mono
2014-04-29 10:43 - 2014-04-29 10:43 - 01444390 _____ () C:\Users\Milan\Desktop\easycdburner.exe
2014-04-29 10:43 - 2014-04-29 10:43 - 00001989 _____ () C:\Users\UpdatusUser\Desktop\Easy Audio CD Burner.lnk
2014-04-29 10:43 - 2014-04-29 10:43 - 00001989 _____ () C:\Users\Milan\Desktop\Easy Audio CD Burner.lnk
2014-04-29 10:43 - 2014-04-29 10:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Audio CD Burner
2014-04-29 10:43 - 2014-04-29 10:43 - 00000000 ____D () C:\Program Files (x86)\Easy Audio CD Burner
2014-04-29 10:13 - 2014-04-29 10:07 - 00000000 ____D () C:\Users\Milan\Desktop\písničky školka
2014-04-29 09:08 - 2013-07-01 13:28 - 00000000 ____D () C:\Users\Milan\AppData\Roaming\vlc
2014-04-29 08:50 - 2014-04-29 08:50 - 00001036 _____ () C:\Users\Public\Desktop\MP3 Cutter.lnk
2014-04-29 08:50 - 2014-04-29 08:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3 Cutter
2014-04-29 08:50 - 2014-04-29 08:50 - 00000000 ____D () C:\Program Files (x86)\MP3 Cutter
2014-04-29 08:50 - 2014-04-29 08:48 - 06938669 _____ (Aiv Software ) C:\Users\Milan\Desktop\mp3cutterSetup.exe
2014-04-29 07:57 - 2014-04-29 09:10 - 00000326 _____ () C:\Users\Milan\Desktop\7 - Rumcajs.lnk
2014-04-28 21:03 - 2014-04-28 21:03 - 02347384 _____ (ESET) C:\Users\Milan\Desktop\esetsmartinstaller_csy.exe
2014-04-28 21:03 - 2014-04-28 21:03 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-28 21:00 - 2014-03-25 10:06 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-28 20:59 - 2014-04-28 20:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-28 20:59 - 2014-04-28 20:59 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-28 20:34 - 2013-03-22 15:19 - 00003802 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-28 12:08 - 2014-04-28 12:08 - 00000000 ____D () C:\Users\Milan\Desktop\smlouva_F0546938437D494B2
2014-04-28 08:56 - 2014-04-28 08:56 - 01453676 _____ () C:\Users\Milan\Desktop\jidlo4.mp4
2014-04-28 08:56 - 2014-02-18 15:18 - 00000000 ____D () C:\Users\Milan\AppData\Local\Screencast-O-Matic
2014-04-25 22:45 - 2013-03-22 13:02 - 00000000 ____D () C:\Users\Milan\AppData\Roaming\FileZilla
2014-04-25 20:56 - 2014-04-25 20:51 - 286863945 _____ () C:\Users\Milan\Desktop\stankar_cz_583.sql
2014-04-25 20:29 - 2014-04-25 20:29 - 00000000 ____D () C:\Program Files (x86)\Evernote
2014-04-25 17:33 - 2014-02-01 21:47 - 02085674 _____ () C:\Windows\setupact.log
2014-04-23 07:02 - 2013-03-21 11:01 - 00000000 ___RD () C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-23 06:47 - 2013-03-22 15:41 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-21 21:23 - 2014-04-21 21:23 - 00371819 _____ () C:\Users\Milan\Desktop\vizitka mioniozadekk.psd
2014-04-21 21:22 - 2014-04-21 21:22 - 00651215 _____ () C:\Users\Milan\Desktop\vizitka mioniopredek.psd
2014-04-21 21:05 - 2014-04-21 20:47 - 109157112 _____ () C:\Users\Milan\Desktop\Angličtina-Moje-první-slova.rar
2014-04-20 23:42 - 2014-04-20 22:48 - 00601462 _____ () C:\Users\Milan\Desktop\ZitekVizitkaPředek2014.psd
2014-04-20 23:41 - 2014-04-20 22:54 - 00846048 _____ () C:\Users\Milan\Desktop\ZitekVizitkaZadek2014.psd
2014-04-20 22:28 - 2014-04-20 22:28 - 00000000 ____D () C:\Users\Milan\Desktop\Creative-0017-PSD
2014-04-20 22:28 - 2014-04-20 22:28 - 00000000 ____D () C:\Users\Milan\Desktop\Creative-0010-PSD
2014-04-20 22:28 - 2014-04-20 22:28 - 00000000 ____D () C:\Users\Milan\Desktop\Corporate-0024-PSD
2014-04-20 22:28 - 2014-04-20 22:28 - 00000000 ____D () C:\Users\Milan\Desktop\Corporate-0016-PSD
2014-04-20 22:27 - 2014-04-20 22:27 - 00101731 _____ () C:\Users\Milan\Desktop\Corporate-0016-PSD.zip
2014-04-20 22:27 - 2014-04-20 22:27 - 00099462 _____ () C:\Users\Milan\Desktop\Creative-0010-PSD.zip
2014-04-20 22:27 - 2014-04-20 22:27 - 00086333 _____ () C:\Users\Milan\Desktop\Creative-0017-PSD.zip
2014-04-20 22:22 - 2014-04-20 22:22 - 00069315 _____ () C:\Users\Milan\Desktop\Corporate-0024-PSD.zip
2014-04-13 23:58 - 2014-03-23 13:43 - 00000000 ____D () C:\Users\Milan\AppData\Roaming\MyPhoneExplorer
2014-04-13 23:29 - 2014-04-13 23:29 - 00002067 _____ () C:\Users\Public\Desktop\MyPhoneExplorer.lnk
2014-04-13 23:29 - 2014-04-13 23:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer
2014-04-13 23:29 - 2014-04-13 23:29 - 00000000 ____D () C:\Program Files (x86)\MyPhoneExplorer
2014-04-13 19:47 - 2014-03-23 15:18 - 00000000 ____D () C:\Users\Milan\Desktop\divokejBill
2014-04-09 15:27 - 2014-03-01 13:52 - 00000000 ____D () C:\Users\Milan\AppData\Local\Unity
2014-04-09 12:54 - 2014-04-09 12:54 - 04968079 _____ (Tim Kosse) C:\Users\Milan\Downloads\FileZilla_3.8.0_win32-setup.exe
2014-04-09 12:54 - 2013-03-22 13:02 - 00000000 ____D () C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-04-09 12:54 - 2013-03-22 13:02 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-04-08 21:02 - 2014-02-01 21:47 - 01612039 _____ () C:\Windows\WindowsUpdate.log
2014-04-08 17:54 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-05-07 06:53

==================== End Of Log ============================

#11 Příspěvek od **vyosek** » 08 kvě 2014 06:37

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-2460298553-2316817018-2439930786-1001\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
HKU\S-1-5-21-2460298553-2316817018-2439930786-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2460298553-2316817018-2439930786-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [752736 2012-10-18] (ZONER software)
HKU\S-1-5-21-2460298553-2316817018-2439930786-1001\...\MountPoints2: {27f0312b-923f-11e2-be65-806e6f6e6963} - "F:\Start.exe"
IFEO\ccleaner64.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\et6sc.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\iastorui.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\kiesagent.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\setup.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\uninst.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
HKLM\...\AppCertDlls: [x64] -> c:\program files (x86)\settings manager\systemk\x64\sysapcrt.dll
HKLM\...\AppCertDlls: [x86] -> c:\program files (x86)\settings manager\systemk\sysapcrt.dll

FF Extension: SimilarWeb - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\Extensions\FirefoxAddon@similarWeb.com [2014-01-04]
FF Extension: Settings Manager - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\Extensions\{34FA153F-3A2C-364C-E68F-3F8A21AA8D9D} [2014-04-13]
FF Extension: Firebug - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\Extensions\firebug@software.joehewitt.com.xpi [2014-01-04]
FF Extension: Clearly - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\Extensions\readable@evernote.com.xpi [2014-03-18]
FF Extension: Tab Mix Plus - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-01-04]

2014-05-07 21:36 - 2014-05-07 21:36 - 00029696 _____ () C:\Users\Milan\AppData\Local\MSGBOX.EXE
2014-05-07 21:36 - 2014-05-07 21:36 - 00018568 _____ () C:\Users\Milan\Desktop\FRST.txt
2014-05-07 21:36 - 2014-05-07 21:36 - 00015327 _____ () C:\Users\Milan\Desktop\LM.bat
2014-05-07 21:36 - 2014-05-07 21:36 - 00000000 ____D () C:\Users\Milan\Desktop\FRST-OlderVersion
2014-05-07 12:17 - 2014-05-07 12:17 - 00115017 _____ () C:\Users\Milan\Desktop\Obrázekd.jpeg
2014-05-07 12:16 - 2014-05-07 12:16 - 00042801 _____ () C:\Users\Milan\Desktop\Obrázek.jpeg
2014-05-05 20:35 - 2014-05-05 20:28 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-05 20:29 - 2014-05-05 20:35 - 00010425 _____ () C:\zoek-results.log
2014-05-05 20:28 - 2014-05-05 20:33 - 00000000 ____D () C:\zoek_backup
2014-05-05 20:28 - 2014-05-05 20:28 - 01285120 _____ () C:\Users\Milan\Desktop\zoek.exe
2014-05-05 10:39 - 2014-05-05 10:39 - 01316991 _____ () C:\Users\Milan\Desktop\adwcleaner.exe
2014-05-05 10:38 - 2014-05-05 10:39 - 00003649 _____ () C:\Users\Milan\Desktop\JRT.txt
2014-05-05 10:34 - 2014-05-05 10:34 - 01016261 _____ (Thisisu) C:\Users\Milan\Desktop\JRT.exe
2014-05-05 09:54 - 2014-05-05 09:54 - 00009195 _____ () C:\Users\Milan\Desktop\Addition.zip
2014-05-05 09:53 - 2014-05-05 09:54 - 00042654 _____ () C:\Users\Milan\Desktop\FRST2.txt
2014-05-05 09:38 - 2014-05-05 09:38 - 00935175 _____ () C:\Users\Milan\Desktop\RSITx64.exe
2014-05-02 21:30 - 2014-05-05 11:51 - 00000000 ____D () C:\ProgramData\systemk
2014-04-28 21:03 - 2014-04-28 21:03 - 02347384 _____ (ESET) C:\Users\Milan\Desktop\esetsmartinstaller_csy.exe
c:\program files (x86)\settings manager

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

zmija832 · #12 Příspěvek od **zmija832** » 08 kvě 2014 19:34

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-05-2014
Ran by Milan at 2014-05-08 20:30:27 Run:1
Running from C:\Users\Milan\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-2460298553-2316817018-2439930786-1001\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
HKU\S-1-5-21-2460298553-2316817018-2439930786-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2460298553-2316817018-2439930786-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [752736 2012-10-18] (ZONER software)
HKU\S-1-5-21-2460298553-2316817018-2439930786-1001\...\MountPoints2: {27f0312b-923f-11e2-be65-806e6f6e6963} - "F:\Start.exe"
IFEO\ccleaner64.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\et6sc.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\iastorui.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\kiesagent.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\setup.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
IFEO\uninst.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
HKLM\...\AppCertDlls: [x64] -> c:\program files (x86)\settings manager\systemk\x64\sysapcrt.dll
HKLM\...\AppCertDlls: [x86] -> c:\program files (x86)\settings manager\systemk\sysapcrt.dll

FF Extension: SimilarWeb - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\Extensions\FirefoxAddon@similarWeb.com [2014-01-04]
FF Extension: Settings Manager - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\Extensions\{34FA153F-3A2C-364C-E68F-3F8A21AA8D9D} [2014-04-13]
FF Extension: Firebug - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\Extensions\firebug@software.joehewitt.com.xpi [2014-01-04]
FF Extension: Clearly - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\Extensions\readable@evernote.com.xpi [2014-03-18]
FF Extension: Tab Mix Plus - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-01-04]

2014-05-07 21:36 - 2014-05-07 21:36 - 00029696 _____ () C:\Users\Milan\AppData\Local\MSGBOX.EXE
2014-05-07 21:36 - 2014-05-07 21:36 - 00018568 _____ () C:\Users\Milan\Desktop\FRST.txt
2014-05-07 21:36 - 2014-05-07 21:36 - 00015327 _____ () C:\Users\Milan\Desktop\LM.bat
2014-05-07 21:36 - 2014-05-07 21:36 - 00000000 ____D () C:\Users\Milan\Desktop\FRST-OlderVersion
2014-05-07 12:17 - 2014-05-07 12:17 - 00115017 _____ () C:\Users\Milan\Desktop\Obrázekd.jpeg
2014-05-07 12:16 - 2014-05-07 12:16 - 00042801 _____ () C:\Users\Milan\Desktop\Obrázek.jpeg
2014-05-05 20:35 - 2014-05-05 20:28 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-05 20:29 - 2014-05-05 20:35 - 00010425 _____ () C:\zoek-results.log
2014-05-05 20:28 - 2014-05-05 20:33 - 00000000 ____D () C:\zoek_backup
2014-05-05 20:28 - 2014-05-05 20:28 - 01285120 _____ () C:\Users\Milan\Desktop\zoek.exe
2014-05-05 10:39 - 2014-05-05 10:39 - 01316991 _____ () C:\Users\Milan\Desktop\adwcleaner.exe
2014-05-05 10:38 - 2014-05-05 10:39 - 00003649 _____ () C:\Users\Milan\Desktop\JRT.txt
2014-05-05 10:34 - 2014-05-05 10:34 - 01016261 _____ (Thisisu) C:\Users\Milan\Desktop\JRT.exe
2014-05-05 09:54 - 2014-05-05 09:54 - 00009195 _____ () C:\Users\Milan\Desktop\Addition.zip
2014-05-05 09:53 - 2014-05-05 09:54 - 00042654 _____ () C:\Users\Milan\Desktop\FRST2.txt
2014-05-05 09:38 - 2014-05-05 09:38 - 00935175 _____ () C:\Users\Milan\Desktop\RSITx64.exe
2014-05-02 21:30 - 2014-05-05 11:51 - 00000000 ____D () C:\ProgramData\systemk
2014-04-28 21:03 - 2014-04-28 21:03 - 02347384 _____ (ESET) C:\Users\Milan\Desktop\esetsmartinstaller_csy.exe
c:\program files (x86)\settings manager

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS5ServiceManager => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKU\S-1-5-21-2460298553-2316817018-2439930786-1001\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKU\S-1-5-21-2460298553-2316817018-2439930786-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKU\S-1-5-21-2460298553-2316817018-2439930786-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Autoupdate => Value deleted successfully.
HKU\S-1-5-21-2460298553-2316817018-2439930786-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{27f0312b-923f-11e2-be65-806e6f6e6963} => Key deleted successfully.
HKCR\CLSID\{27f0312b-923f-11e2-be65-806e6f6e6963} => Key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ccleaner64.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\et6sc.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\iastorui.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\kiesagent.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\setup.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\uninst.exe => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls\\x64 => Value deleted successfully.
HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls\\x86 => Value deleted successfully.
C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\Extensions\FirefoxAddon@similarWeb.com => Moved successfully.
C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\Extensions\{34FA153F-3A2C-364C-E68F-3F8A21AA8D9D} => Moved successfully.
C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\Extensions\firebug@software.joehewitt.com.xpi => Moved successfully.
C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\Extensions\readable@evernote.com.xpi => Moved successfully.
C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\hbfcoqs0.default-1388786602700\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi => Moved successfully.
C:\Users\Milan\AppData\Local\MSGBOX.EXE => Moved successfully.
"C:\Users\Milan\Desktop\FRST.txt" => File/Directory not found.
C:\Users\Milan\Desktop\LM.bat => Moved successfully.
C:\Users\Milan\Desktop\FRST-OlderVersion => Moved successfully.
C:\Users\Milan\Desktop\Obrázekd.jpeg => Moved successfully.
C:\Users\Milan\Desktop\Obrázek.jpeg => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Milan\Desktop\zoek.exe => Moved successfully.
C:\Users\Milan\Desktop\adwcleaner.exe => Moved successfully.
"C:\Users\Milan\Desktop\JRT.txt" => File/Directory not found.
C:\Users\Milan\Desktop\JRT.exe => Moved successfully.
C:\Users\Milan\Desktop\Addition.zip => Moved successfully.
"C:\Users\Milan\Desktop\FRST2.txt" => File/Directory not found.
C:\Users\Milan\Desktop\RSITx64.exe => Moved successfully.
C:\ProgramData\systemk => Moved successfully.
C:\Users\Milan\Desktop\esetsmartinstaller_csy.exe => Moved successfully.
"c:\program files (x86)\settings manager" => File/Directory not found.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

==== End of Fixlog ====

#13 Příspěvek od **vyosek** » 09 kvě 2014 06:16

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

zmija832 · #14 Příspěvek od **zmija832** » 11 kvě 2014 11:46

Děkuji za pomoc. Očividně se pc zrychlil, neseká se.

Akorát ccleaner při kontrole registrů najde toto :

Problém ActiveX/COM InProcServer32\%CommonProgramFiles%\System\Ole DB\msdaora.dll HKCR\CLSID\{e8cc4cbe-fdff-11d0-b865-00a0c9081c1d}

dám ho opravit, ale poté ho ccleaner najde znova. Několikrát po sobě.

#15 Příspěvek od **vyosek** » 11 kvě 2014 15:34

Obcas se stane, ze CCleaner nejaky klic nemuze vymazat, je to jen drobna kosmeticka vada

VIRY.CZ

Prosím o kontrolu logu

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu