Vyskakující reklama

Zpráva

Beskyd1 · #1 Příspěvek od **Beskyd1** » 06 dub 2014 16:17

Zdravím,prosím o prověření logu z RSIT na PC mé švagrové.Vyskakují okna z reklamou a celkově pomalejší PC.Díky Jakub.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Barca at 2014-04-06 16:45:57
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 239 GB (78%) free of 305 GB
Total RAM: 4091 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:46:12, on 6.4.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16521)
Boot mode: Normal

Running processes:
C:\Users\Barca\AppData\Roaming\ICQM\icq.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\BitTorrent Sync\BTSync.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Barca.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?utm_source= ... 1393432362
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... ORM=IE10SR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?utm_source= ... 1393432362
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?utm_source= ... 1393432362
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?utm_ ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?utm_ ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?utm_source= ... 1393432362
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {1f05b178-9c51-4ac6-8c5c-a4d38e78d911} - (no file)
R3 - URLSearchHook: (no name) - {96f454ea-9d38-474f-b504-56193e00c1a5} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: MediaViewV1alpha617 - {0ff0d3dd-b093-42aa-95dd-62d668248015} - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha617\ie\MediaViewV1alpha617.dll
O2 - BHO: HotMP3 - {1f05b178-9c51-4ac6-8c5c-a4d38e78d911} - (no file)
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: uTorrentControl_v6 - {96f454ea-9d38-474f-b504-56193e00c1a5} - (no file)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: MediaWatchV1home610 - {cdb4e8b9-cc0d-48fe-8350-f6fd6360c13b} - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home610\ie\MediaWatchV1home610.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O3 - Toolbar: (no name) - {1f05b178-9c51-4ac6-8c5c-a4d38e78d911} - (no file)
O3 - Toolbar: (no name) - {96f454ea-9d38-474f-b504-56193e00c1a5} - (no file)
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [icq] C:\Users\Barca\AppData\Roaming\ICQM\icq.exe -CU
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [BitTorrent Sync] "C:\Program Files (x86)\BitTorrent Sync\BTSync.exe" /MINIMIZED
O4 - HKCU\..\RunOnce: [Application Restart #1] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --restore-last-session http://www.dosearches.com/?utm_source=b ... 1382091682
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SpUninstallDeleteDir] rmdir /s /q "\SearchProtect" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SpUninstallDeleteDir] rmdir /s /q "\SearchProtect" (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Barca\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Barca\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IePlugin Service (IePluginService) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginService\PluginService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Tor Win32 Service (tor) - Unknown owner - C:\Program Files (x86)\Tor\tor.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WinZiper service (winzipersvc) - Taiwan Shui Mu Chih Ching Technology Limited. - C:\Program Files (x86)\WinZipper\winzipersvc.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wpm Service (Wpm) - Cherished Technololgy LIMITED - C:\ProgramData\WPM\wprotectmanager.exe

--
End of file - 13293 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\system32\WLANExt.exe 2452496
\??\C:\Windows\system32\conhost.exe "1396734826-728409485686490048-204361229311623051451577854181566118036612177005
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\ProgramData\IePluginService\PluginService.exe -service
"C:\Program Files (x86)\WinZipper\winzipersvc.exe"
C:\ProgramData\WPM\wprotectmanager.exe -service
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Users\Barca\AppData\Roaming\ICQM\icq.exe" -CU
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\BitTorrent Sync\BTSync.exe" /MINIMIZED
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Winamp\winampa.exe"
"C:\Program Files (x86)\Tor\tor.exe" --nt-service "-ControlPort" "9051"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe" /TUStart /pid:2960
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.dosearches.com/?utm_source=b ... 1382091682
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4000.0.414865768\2085796306" --disable-image-transport-surface --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,14,27 --gpu-vendor-id=0x1002 --gpu-device-id=0x68c1 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=12.102.3.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group7 pct:10g stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_31/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --enable-software-compositing --channel="4000.2.1371902130\1107799857" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group7 pct:10g stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_31/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --enable-software-compositing --channel="4000.4.620357916\1898443458" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="4000.5.344641696\778458700" --ppapi-flash-args --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group7 pct:10g stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/None/OmniboxBundledExperimentV1/StandardR2/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_31/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --enable-software-compositing --channel="4000.28.1027325876\2085060978" /prefetch:673131151
"C:\Users\Barca\Downloads\RSITx64 (4).exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\AmiUpdXp.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-03-03 218784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-04-05 724512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-11-20 6270336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2013-09-13 878296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2013-11-02 2331336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ff0d3dd-b093-42aa-95dd-62d668248015}]
Media View - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha617\ie\MediaViewV1alpha617.dll [2014-02-26 87040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1f05b178-9c51-4ac6-8c5c-a4d38e78d911}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-03-03 153248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
IETabPage Class - C:\Program Files (x86)\SupTab\SupTab.dll [2014-02-26 513136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-04-05 597816]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96f454ea-9d38-474f-b504-56193e00c1a5}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2013-11-20 4502400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2013-09-13 705240]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cdb4e8b9-cc0d-48fe-8350-f6fd6360c13b}]
Media Watch - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home610\ie\MediaWatchV1home610.dll [2014-03-20 87040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2013-11-02 1727176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{1f05b178-9c51-4ac6-8c5c-a4d38e78d911}
{96f454ea-9d38-474f-b504-56193e00c1a5}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-08-14 1573160]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"icq"=C:\Users\Barca\AppData\Roaming\ICQM\icq.exe [2013-05-26 27598184]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14 20584608]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]
"BitTorrent Sync"=C:\Program Files (x86)\BitTorrent Sync\BTSync.exe [2013-10-18 1538920]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #1"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2014-03-15 859976]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-04-25 642816]
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2011-12-09 74752]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-04-05 3854640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-04-06 16:45:57 ----D---- C:\rsit
2014-04-06 16:45:57 ----D---- C:\Program Files\trend micro
2014-04-05 09:53:27 ----D---- C:\Users\Barca\AppData\Roaming\Dropbox
2014-04-05 09:42:01 ----A---- C:\Windows\avastSS.scr
2014-03-22 17:57:43 ----D---- C:\Program Files (x86)\MediaWatchV1
2014-03-12 13:48:45 ----A---- C:\Windows\system32\wwansvc.dll
2014-03-12 13:48:44 ----A---- C:\Windows\SYSWOW64\wer.dll
2014-03-12 13:48:44 ----A---- C:\Windows\system32\wer.dll
2014-03-12 13:48:43 ----A---- C:\Windows\system32\win32k.sys
2014-03-12 13:48:41 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-03-12 13:48:41 ----A---- C:\Windows\system32\iertutil.dll
2014-03-12 13:48:41 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-03-12 13:48:40 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-03-12 13:48:40 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-03-12 13:48:40 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-03-12 13:48:40 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-03-12 13:48:39 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-03-12 13:48:38 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-03-12 13:48:38 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-03-12 13:48:38 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-03-12 13:48:38 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-03-12 13:48:38 ----A---- C:\Windows\system32\urlmon.dll
2014-03-12 13:48:38 ----A---- C:\Windows\system32\iernonce.dll
2014-03-12 13:48:38 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-03-12 13:48:37 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-03-12 13:48:37 ----A---- C:\Windows\system32\msfeeds.dll
2014-03-12 13:48:36 ----A---- C:\Windows\system32\iesetup.dll
2014-03-12 13:48:36 ----A---- C:\Windows\system32\ie4uinit.exe
2014-03-12 13:48:35 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-03-12 13:48:35 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-03-12 13:48:35 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-03-12 13:48:35 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-03-12 13:48:34 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-03-12 13:48:34 ----A---- C:\Windows\system32\jsproxy.dll
2014-03-12 13:48:34 ----A---- C:\Windows\system32\ieui.dll
2014-03-12 13:48:34 ----A---- C:\Windows\system32\ieframe.dll
2014-03-12 13:48:34 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-03-12 13:48:33 ----A---- C:\Windows\system32\jscript9diag.dll
2014-03-12 13:48:33 ----A---- C:\Windows\system32\jscript9.dll
2014-03-12 13:48:33 ----A---- C:\Windows\system32\ieUnatt.exe
2014-03-12 13:48:32 ----A---- C:\Windows\system32\wininet.dll
2014-03-12 13:48:32 ----A---- C:\Windows\system32\msrating.dll
2014-03-12 13:48:32 ----A---- C:\Windows\system32\ieapfltr.dll
2014-03-12 13:48:31 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-12 13:48:31 ----A---- C:\Windows\system32\mshtml.dll
2014-03-12 13:47:29 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-03-12 13:47:29 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-03-12 13:47:29 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-03-12 13:47:29 ----A---- C:\Windows\system32\qedit.dll

======List of files/folders modified in the last 1 month======

2014-04-06 16:46:12 ----D---- C:\Windows\Prefetch
2014-04-06 16:46:08 ----D---- C:\Windows\Temp
2014-04-06 16:45:57 ----RD---- C:\Program Files
2014-04-06 16:28:29 ----D---- C:\Users\Barca\AppData\Roaming\Skype
2014-04-06 16:28:26 ----D---- C:\Users\Barca\AppData\Roaming\BitTorrent Sync
2014-04-06 11:57:12 ----D---- C:\Windows\System32
2014-04-06 11:57:12 ----D---- C:\Windows\inf
2014-04-06 11:57:12 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-04-06 11:52:54 ----D---- C:\Program Files (x86)\WinZipper
2014-04-06 09:46:03 ----D---- C:\Windows\system32\config
2014-04-05 18:24:53 ----SHD---- C:\System Volume Information
2014-04-05 09:43:09 ----D---- C:\Windows\system32\Tasks
2014-04-05 09:42:04 ----D---- C:\Windows
2014-04-05 09:42:02 ----A---- C:\Windows\system32\aswBoot.exe
2014-03-26 22:11:03 ----SHD---- C:\Windows\Installer
2014-03-26 22:07:01 ----D---- C:\Program Files (x86)
2014-03-22 17:58:41 ----A---- C:\extensions.ini
2014-03-22 17:58:29 ----HD---- C:\ProgramData
2014-03-21 20:00:10 ----D---- C:\Windows\system32\catroot2
2014-03-19 15:59:28 ----D---- C:\ProgramData\Microsoft Help
2014-03-19 15:59:16 ----D---- C:\Windows\system32\MRT
2014-03-19 15:55:49 ----A---- C:\Windows\system32\MRT.exe
2014-03-15 19:53:38 ----RD---- C:\Program Files (x86)\Skype
2014-03-13 19:21:59 ----D---- C:\Windows\winsxs
2014-03-13 19:20:24 ----D---- C:\Program Files\Microsoft Silverlight
2014-03-13 19:20:23 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-03-13 19:19:35 ----D---- C:\Windows\SysWOW64
2014-03-13 19:19:34 ----D---- C:\Program Files\Internet Explorer
2014-03-13 19:19:34 ----D---- C:\Program Files (x86)\Internet Explorer
2014-03-13 19:04:08 ----A---- C:\Windows\win.ini
2014-03-12 19:33:24 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-03-12 13:47:24 ----D---- C:\Windows\system32\catroot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-04-05 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-04-05 208928]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2007-11-09 26968]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-04-05 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-04-05 1039096]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-04-05 423240]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-05-26 283200]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-04-05 79184]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-25 11654144]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-04-25 581120]
R3 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-04-05 84816]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-02-14 96768]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2013-05-26 3058168]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-04-20 169584]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-08-14 260144]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [2012-09-19 11880]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-04-25 241152]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-04-25 361984]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-04-05 50344]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-03-03 1363584]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-03-03 1748608]
R2 IePluginService;IePlugin Service; C:\ProgramData\IePluginService\PluginService.exe [2014-02-26 508016]
R2 tor;Tor Win32 Service; C:\Program Files (x86)\Tor\tor.exe [2013-08-31 3233806]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2013-01-31 2402080]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 winzipersvc;WinZiper service; C:\Program Files (x86)\WinZipper\winzipersvc.exe [2014-02-26 425104]
R2 Wpm;Wpm Service; C:\ProgramData\WPM\wprotectmanager.exe [2014-02-26 501904]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-05 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12 257928]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-05 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-01 111616]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-05-26 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 06 dub 2014 16:21

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Beskyd1 · #3 Příspěvek od **Beskyd1** » 06 dub 2014 16:43

LOG z JRT

Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Barca on ne 06.04.2014 at 17:36:47,86
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-2590445644-2112999408-151093625-1000\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\dnu.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babsolution
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\filescout
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\pricegong
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2590445644-2112999408-151093625-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\searchprotect
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdate
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdater.downloaduibrowser
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdater.downloaduibrowser.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdater.downloadupdcontroller
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdater.downloadupdcontroller.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\updater.amiupd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\updater.amiupd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{99c91fc5-db5b-4aa0-bb70-5d89c5a4df96}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3281067
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3289075
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}

~~~ Files

Successfully deleted: [File] C:\Windows\Tasks\amiupdxp.job
Successfully deleted: [File] "C:\Users\Barca\appdata\local\google\chrome\user data\default\bprotector web data"
Successfully deleted: [File] "C:\Users\Barca\appdata\local\google\chrome\user data\default\bprotectorpreferences"
Successfully deleted: [File] "C:\end"
Successfully disinfected: [Shortcut] C:\Users\Barca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Successfully disinfected: [Shortcut] C:\Users\Barca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Successfully disinfected: [Shortcut] C:\Users\Barca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Successfully disinfected: [Shortcut] C:\Users\Barca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera12.15 1748.lnk
Successfully disinfected: [Shortcut] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
Successfully disinfected: [Shortcut] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Successfully disinfected: [Shortcut] C:\Users\Barca\AppData\Roaming\microsoft\windows\start menu\Programs\Internet Explorer.lnk
Successfully disinfected: [Shortcut] C:\Users\Barca\AppData\Roaming\microsoft\windows\start menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Successfully disinfected: [Shortcut] C:\Users\Public\Desktop\Google Chrome.lnk
Successfully disinfected: [Shortcut] C:\Users\Public\Desktop\Opera.lnk

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\esafe"
Successfully deleted: [Folder] "C:\Users\Barca\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\Barca\AppData\Roaming\file scout"
Successfully deleted: [Folder] "C:\Users\Barca\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "\searchprotect"
Successfully deleted: [Folder] "C:\Users\Barca\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Barca\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\lemurleap"
Successfully deleted: [Folder] "C:\Program Files (x86)\searchprotect"
Successfully deleted: [Folder] "C:\Program Files (x86)\videoplayerv3"
Successfully deleted: [Folder] "C:\Program Files (x86)\webexpenhancedv1"
Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\software update utility"

~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]
Successfully deleted: [Folder] C:\Users\Barca\appdata\local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\cekcjpgehmohobmdiikfnopibipmgnml
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dedmngkbaffkenlfdcbganndoghblmap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 06.04.2014 at 17:45:42,75
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#4 Příspěvek od **vyosek** » 06 dub 2014 16:54

Pockam na AdwCleaner

Beskyd1 · #5 Příspěvek od **Beskyd1** » 06 dub 2014 16:57

AdwCleaner LOG

# AdwCleaner v3.023 - Report created 06/04/2014 at 17:58:23
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Barca - BARCA-PC
# Running from : C:\Users\Barca\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : IePluginService
Service Deleted : winzipersvc
Service Deleted : Wpm

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\IePluginService
Folder Deleted : C:\ProgramData\WPM
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Folder Deleted : C:\Program Files (x86)\MediaPlayerV1
Folder Deleted : C:\Program Files (x86)\MediaWatchV1
Folder Deleted : C:\Program Files (x86)\SupTab
Folder Deleted : C:\Program Files (x86)\WinZipper
Folder Deleted : C:\Program Files (x86)\HotMP3
Folder Deleted : C:\Program Files (x86)\uTorrentControl_v6
Folder Deleted : C:\Windows\SysWOW64\SearchProtect
Folder Deleted : C:\Users\Barca\AppData\Local\Conduit
Folder Deleted : C:\Users\Barca\AppData\Local\SearchProtect
Folder Deleted : C:\Users\Barca\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Barca\AppData\Local\Temp\eIntaller
Folder Deleted : C:\Users\Barca\AppData\LocalLow\HotMP3
Folder Deleted : C:\Users\Barca\AppData\LocalLow\uTorrentControl_v6
Folder Deleted : C:\Users\Barca\AppData\Roaming\iPumper
Folder Deleted : C:\Users\Barca\AppData\Roaming\SupTab
Folder Deleted : C:\Users\Barca\AppData\Roaming\WinZipper
Folder Deleted : C:\Users\Barca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Folder Deleted : C:\Users\Barca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iPumper
File Deleted : C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
File Deleted : C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.delta-search.com_0.localstorage
File Deleted : C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.delta-search.com_0.localstorage-journal

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [12x3q@3244516.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ext@bettersurfplus.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [xz123@ya456.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jlnfdbbladgcmhhamgkioifhbobjaoof
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\poheodfamflhhhdcmjfeggbgigeefaco
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\conduit.com
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Key Deleted : HKLM\SOFTWARE\Classes\*\shell\filescout
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKCU\Software\5a4dddde56fef43
Key Deleted : HKLM\SOFTWARE\5a4dddde56fef43
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A52E05B7-319F-4257-B765-7C85CEF6532D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD90659F-D5B2-4104-9504-7CA36E6532DF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1F05B178-9C51-4AC6-8C5C-A4D38E78D911}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96F454EA-9D38-474F-B504-56193E00C1A5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A52E05B7-319F-4257-B765-7C85CEF6532D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CD90659F-D5B2-4104-9504-7CA36E6532DF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{76AC41C7-931D-43C3-8D4B-B942E27CB154}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD27F0FF-83F6-4B53-B864-1E69DA5880B5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{58741C97-5B22-4837-9053-F11A6E65E410}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F2B9706D-B4EB-4B59-9251-48AC16F9F84B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{1F05B178-9C51-4AC6-8C5C-A4D38E78D911}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{96F454EA-9D38-474F-B504-56193E00C1A5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{1F05B178-9C51-4AC6-8C5C-A4D38E78D911}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{1F05B178-9C51-4AC6-8C5C-A4D38E78D911}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{96F454EA-9D38-474F-B504-56193E00C1A5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{1F05B178-9C51-4AC6-8C5C-A4D38E78D911}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{96F454EA-9D38-474F-B504-56193E00C1A5}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\Escolade
Key Deleted : HKCU\Software\AppDataLow\Software\HotMP3
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl_v6
Key Deleted : HKLM\Software\BetterSurf
Key Deleted : HKLM\Software\delta-homesSoftware
Key Deleted : HKLM\Software\dosearchessoftware
Key Deleted : HKLM\Software\hdcode
Key Deleted : HKLM\Software\supTab
Key Deleted : HKLM\Software\supWPM
Key Deleted : HKLM\Software\V9
Key Deleted : HKLM\Software\winzipersvc
Key Deleted : HKLM\Software\Wpm
Key Deleted : HKLM\Software\HotMP3
Key Deleted : HKLM\Software\uTorrentControl_v6
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IePlugins
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\supTab
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HotMP3 Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v6 Toolbar
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16521

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v33.0.1750.154

[ File : C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage
Deleted : search_url
Deleted : keyword

*************************

AdwCleaner[R0].txt - [10357 octets] - [06/04/2014 17:57:34]
AdwCleaner[S0].txt - [9168 octets] - [06/04/2014 17:58:23]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9228 octets] ##########

#6 Příspěvek od **vyosek** » 06 dub 2014 17:34

Tak jdeme dale

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Beskyd1 · #7 Příspěvek od **Beskyd1** » 07 dub 2014 08:28

Reklama je pryč.LOG z Zoek

Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by Barca on po 07.04.2014 at 9:14:49,70.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Barca\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

7.4.2014 9:16:53 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{cdb4e8b9-cc0d-48fe-8350-f6fd6360c13b} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cdb4e8b9-cc0d-48fe-8350-f6fd6360c13b} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2590445644-2112999408-151093625-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{cdb4e8b9-cc0d-48fe-8350-f6fd6360c13b} deleted successfully
HKEY_USERS\S-1-5-21-2590445644-2112999408-151093625-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{852fa76c-6c19-4eb3-b98f-abc26c964148} deleted successfully
HKEY_USERS\S-1-5-21-2590445644-2112999408-151093625-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{a6ef1481-e7a4-496e-8d72-f6187aaafb98} deleted successfully
HKEY_USERS\S-1-5-21-2590445644-2112999408-151093625-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{77d9a488-7669-4c77-a2ee-0a1178807f21} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@WebexpEnhancedV1alpha734.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@VideoPlayerV3beta302.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@MediaPlayerV1alpha49.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@MediaWatchV1home610.net deleted successfully

==== Deleting Services ======================

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Opera\shell\open\command]
@="C:\\Program Files (x86)\\Opera\\Opera.exe"

==== Deleting Files \ Folders ======================

C:\PROGRA~3\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted
C:\PROGRA~2\MediaViewV1 deleted
C:\extensions.sqlite deleted
C:\extensions.ini deleted
C:\Users\Barca\AppData\Local\avgchrome deleted
C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx deleted
C:\Windows\SysWow64\searchplugins deleted
C:\Windows\SysWow64\Extensions deleted
C:\Users\Barca\Desktop\iPumper.lnk deleted
C:\Users\Barca\AppData\Local\ws_updater.exe deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"ext@MediaViewV1alpha617.net"="C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha617\ff" []

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
acnkojpdpmlgjjcgkfpadjkhlijnojlg - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha617\ch\MediaViewV1alpha617.crx[]
aeeljpiofnldkngpddjiaohmcanimein - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home610\ch\MediaWatchV1home610.crx[]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[05.04.2014 09:41]
hocadeaakmingjpdgkobgedahijeafpj - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha734\ch\WebexpEnhancedV1alpha734.crx[]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[03.03.2014 10:53]
mmifolfpllfdhilecpdpmemhelmanajl - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx[]
ogfjmhfnldnajmfaofeiaepghjenbgjo - C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx[]

Media View - Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\acnkojpdpmlgjjcgkfpadjkhlijnojlg
avast Online Security - Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Skype Click to Call - Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Extended Protection - Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo

==== Chrome Fix ======================

C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\acnkojpdpmlgjjcgkfpadjkhlijnojlg deleted successfully
C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo deleted successfully
C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ogfjmhfnldnajmfaofeiaepghjenbgjo_0.localstorage deleted successfully
C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ogfjmhfnldnajmfaofeiaepghjenbgjo_0.localstorage-journal deleted successfully
C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cekcjpgehmohobmdiikfnopibipmgnml_0.localstorage deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.bing.com/search?q={searchTer ... ORM=IE10SR"
"Default_Search_URL"="http://www.google.com/ie"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{2C3C39B1-0BD1-4E99-BE18-BB04FB285117} Google Url="http://www.google.com/search?q={searchT ... f8&oe=utf8"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"

==== Reset Google Chrome ======================

C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\web data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{0ff0d3dd-b093-42aa-95dd-62d668248015} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ff0d3dd-b093-42aa-95dd-62d668248015} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2590445644-2112999408-151093625-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{0ff0d3dd-b093-42aa-95dd-62d668248015} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@MediaViewV1alpha617.net deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\acnkojpdpmlgjjcgkfpadjkhlijnojlg deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\aeeljpiofnldkngpddjiaohmcanimein deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\hocadeaakmingjpdgkobgedahijeafpj deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mmifolfpllfdhilecpdpmemhelmanajl deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Video Player deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Barca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Barca\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Barca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YTEX2VV3 will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=35 folders=18 676379 bytes)

==== Empty Temp Folders ======================

C:\Users\Barca\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Barca\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Barca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YTEX2VV3" not found
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on po 07.04.2014 at 9:31:11,97 ======================

#8 Příspěvek od **vyosek** » 08 dub 2014 13:41

Poprosim o log z FRST http://forum.viry.cz/viewtopic.php?f=30&t=133101

Beskyd1 · #9 Příspěvek od **Beskyd1** » 20 dub 2014 15:14

Omlouvám se za zdržení tady je LOG s FRST

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-04-2014
Ran by Barca (administrator) on BARCA-PC on 20-04-2014 16:07:10
Running from C:\Users\Barca\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files (x86)\Tor\tor.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(AMD) C:\Windows\system32\atieclxx.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ICQ) C:\Users\Barca\AppData\Roaming\ICQM\icq.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(BitTorrent, Inc.) C:\Program Files (x86)\BitTorrent Sync\BTSync.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoUpdateCheck.exe
(Microsoft Corporation) C:\Windows\system32\UI0Detect.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Barca\Desktop\FRSTLauncher (2).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1573160 2008-08-14] (Synaptics, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642816 2013-04-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2011-12-09] (Nullsoft, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-04-05] (AVAST Software)
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "\SearchProtect"
HKU\S-1-5-21-2590445644-2112999408-151093625-1000\...\Run: [icq] => C:\Users\Barca\AppData\Roaming\ICQM\icq.exe [27598184 2013-05-26] (ICQ)
HKU\S-1-5-21-2590445644-2112999408-151093625-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-2590445644-2112999408-151093625-1000\...\Run: [BitTorrent Sync] => C:\Program Files (x86)\BitTorrent Sync\BTSync.exe [1538920 2013-10-18] (BitTorrent, Inc.)
HKU\S-1-5-21-2590445644-2112999408-151093625-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2590445644-2112999408-151093625-1000\...\MountPoints2: {8c2da3e2-c640-11e2-9437-4cedde6dd02f} - F:\autorun.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - A89207717ECA47F7ABF79E96F1E0D87C URL = http://search.dosearches.com/web/?utm_s ... earchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 84.16.107.1 84.16.96.2

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)

Chrome:
=======
CHR Extension: (Dokumenty Google) - C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-07]
CHR Extension: (Disk Google) - C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-07]
CHR Extension: (YouTube) - C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-07]
CHR Extension: (Vyhledávání Google) - C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-07]
CHR Extension: (avast! Online Security) - C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-02-06]
CHR Extension: (Skype Click to Call) - C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-02-06]
CHR Extension: (Peněženka Google) - C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR Extension: (Gmail) - C:\Users\Barca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-07]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-05]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-25] (Advanced Micro Devices, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-05] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-08-31] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2402080 2013-01-31] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-05] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-05] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-05] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-05] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [84816 2014-04-05] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-04-05] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-05-26] (DT Soft Ltd)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-09-19] (TuneUp Software)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-04-20 16:07 - 2014-04-20 16:07 - 00012702 _____ () C:\Users\Barca\Desktop\FRST.txt
2014-04-20 16:06 - 2014-04-20 16:07 - 00000000 ____D () C:\FRST
2014-04-20 16:03 - 2014-04-20 16:03 - 00112640 _____ (forum.viry.cz) C:\Users\Barca\Desktop\FRSTLauncher (2).exe
2014-04-20 16:01 - 2014-04-20 16:01 - 00112640 _____ (forum.viry.cz) C:\Users\Barca\Downloads\Nepotvrzeno 593068.crdownload
2014-04-20 16:01 - 2014-04-20 16:01 - 00112640 _____ (forum.viry.cz) C:\Users\Barca\Downloads\Nepotvrzeno 406218.crdownload
2014-04-20 15:59 - 2014-04-20 15:59 - 02055680 _____ (Farbar) C:\Users\Barca\Desktop\FRST64.exe
2014-04-20 11:33 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-20 11:33 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-20 11:33 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-20 11:33 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-20 11:33 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-20 11:33 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-20 11:32 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-20 11:32 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-20 11:32 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-20 11:32 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-20 11:32 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-20 11:32 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-20 11:32 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-20 11:32 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-20 11:32 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-20 11:32 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-20 11:32 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-20 11:32 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-20 11:32 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-20 11:32 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-20 11:32 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-20 11:32 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-20 11:32 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-20 11:32 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-20 11:32 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-20 11:32 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-20 11:32 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-20 11:32 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-20 11:32 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-20 11:32 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-20 11:32 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-20 11:32 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-20 11:32 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-20 11:32 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-20 11:32 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-20 11:32 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-20 11:32 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-20 11:32 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-20 11:32 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-20 11:32 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-20 11:32 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-20 11:32 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-20 11:32 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-20 11:32 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-20 11:32 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-20 11:32 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-20 11:32 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-20 11:32 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-19 18:06 - 2014-04-19 18:06 - 00000000 ____D () C:\Users\Barca\AppData\Local\Skype
2014-04-09 22:54 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 22:54 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 22:54 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 22:54 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 22:54 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-09 22:53 - 2014-03-04 13:08 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 22:53 - 2014-03-04 13:08 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-04-09 22:53 - 2014-03-04 13:08 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-09 22:53 - 2014-03-04 13:08 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-09 22:53 - 2014-03-04 13:08 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-04-09 22:53 - 2014-03-04 13:08 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-09 22:53 - 2014-03-04 13:08 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-09 22:53 - 2014-03-04 13:07 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-04-09 22:53 - 2014-03-04 13:03 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 13:03 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 13:03 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 13:03 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 13:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 13:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 13:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 13:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 13:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 13:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 13:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 13:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 13:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 13:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 13:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 13:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 13:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 13:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 13:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 13:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 13:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 13:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 13:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 13:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 13:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 13:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 13:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 13:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 12:39 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 22:53 - 2014-03-04 12:38 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-09 22:53 - 2014-03-04 12:38 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-04-09 22:53 - 2014-03-04 12:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-09 22:53 - 2014-03-04 12:38 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-09 22:53 - 2014-03-04 12:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 12:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 12:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 12:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 12:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 12:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 12:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 12:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 12:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 12:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 12:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 12:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 12:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 12:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 12:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 12:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 12:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 12:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 12:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 12:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 12:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 12:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 12:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 12:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 11:33 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-09 22:53 - 2014-03-04 11:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-09 22:53 - 2014-03-04 11:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 11:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 11:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-04-09 22:53 - 2014-03-04 11:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-04-09 22:53 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-07 09:27 - 2014-04-07 09:12 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-04-06 17:36 - 2014-04-06 17:36 - 00000000 ____D () C:\Windows\ERUNT
2014-04-05 09:53 - 2014-04-05 09:54 - 00000000 ____D () C:\Users\Barca\AppData\Roaming\Dropbox
2014-04-05 09:42 - 2014-04-05 09:42 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-05 09:37 - 2014-04-05 09:40 - 88551496 _____ (AVAST Software) C:\Users\Barca\Downloads\avast_free_antivirus_setup (1).exe
2014-03-25 00:23 - 2014-03-25 01:09 - 823507142 _____ () C:\Users\Barca\Downloads\Jehovova-pomsta-CZ-2010.avi

==================== One Month Modified Files and Folders =======

2014-04-20 16:07 - 2014-04-20 16:07 - 00012702 _____ () C:\Users\Barca\Desktop\FRST.txt
2014-04-20 16:07 - 2014-04-20 16:06 - 00000000 ____D () C:\FRST
2014-04-20 16:03 - 2014-04-20 16:03 - 00112640 _____ (forum.viry.cz) C:\Users\Barca\Desktop\FRSTLauncher (2).exe
2014-04-20 16:01 - 2014-04-20 16:01 - 00112640 _____ (forum.viry.cz) C:\Users\Barca\Downloads\Nepotvrzeno 593068.crdownload
2014-04-20 16:01 - 2014-04-20 16:01 - 00112640 _____ (forum.viry.cz) C:\Users\Barca\Downloads\Nepotvrzeno 406218.crdownload
2014-04-20 15:59 - 2014-04-20 15:59 - 02055680 _____ (Farbar) C:\Users\Barca\Desktop\FRST64.exe
2014-04-20 15:54 - 2013-05-26 22:18 - 00000000 ____D () C:\Users\Barca\AppData\Roaming\Skype
2014-04-20 15:54 - 2013-05-26 19:35 - 01400975 _____ () C:\Windows\WindowsUpdate.log
2014-04-20 15:53 - 2013-10-18 12:28 - 00000000 ____D () C:\Users\Barca\AppData\Roaming\BitTorrent Sync
2014-04-20 15:26 - 2014-03-05 18:53 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-20 15:22 - 2013-05-26 22:18 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-20 15:11 - 2013-06-05 12:50 - 00000950 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-20 11:57 - 2009-07-14 06:45 - 00022560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-20 11:57 - 2009-07-14 06:45 - 00022560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-20 11:51 - 2013-06-05 12:50 - 00000946 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-20 11:51 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-20 11:51 - 2009-07-14 06:51 - 00065295 _____ () C:\Windows\setupact.log
2014-04-20 11:50 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-20 11:28 - 2014-01-31 11:32 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-19 18:06 - 2014-04-19 18:06 - 00000000 ____D () C:\Users\Barca\AppData\Local\Skype
2014-04-19 18:06 - 2013-05-26 22:18 - 00000000 ____D () C:\ProgramData\Skype
2014-04-12 14:33 - 2013-05-26 22:41 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-12 05:10 - 2013-05-26 19:58 - 00000000 ____D () C:\Users\Barca
2014-04-11 18:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-10 18:21 - 2013-06-05 12:50 - 00002143 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-10 18:09 - 2013-07-20 23:29 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-10 18:04 - 2010-11-21 05:47 - 00216872 _____ () C:\Windows\PFRO.log
2014-04-09 23:31 - 2013-05-26 21:03 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-09 15:57 - 2011-11-23 23:16 - 00669116 _____ () C:\Windows\system32\perfh005.dat
2014-04-09 15:57 - 2011-11-23 23:16 - 00141744 _____ () C:\Windows\system32\perfc005.dat
2014-04-09 15:57 - 2009-07-14 07:13 - 01584554 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-07 09:12 - 2014-04-07 09:27 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-04-06 17:45 - 2013-05-26 22:00 - 00001829 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-04-06 17:45 - 2013-05-26 19:59 - 00001393 _____ () C:\Users\Barca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-06 17:36 - 2014-04-06 17:36 - 00000000 ____D () C:\Windows\ERUNT
2014-04-06 17:27 - 2013-05-26 19:58 - 00000000 ____D () C:\Users\Barca\AppData\Local\VirtualStore
2014-04-05 09:54 - 2014-04-05 09:53 - 00000000 ____D () C:\Users\Barca\AppData\Roaming\Dropbox
2014-04-05 09:43 - 2014-03-03 18:16 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-05 09:42 - 2014-04-05 09:42 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-05 09:42 - 2014-01-31 11:31 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-05 09:42 - 2014-01-31 11:31 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-05 09:42 - 2014-01-31 11:31 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-05 09:42 - 2014-01-31 11:31 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-05 09:42 - 2014-01-31 11:31 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-05 09:42 - 2014-01-31 11:31 - 00084816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-05 09:42 - 2014-01-31 11:31 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-05 09:42 - 2014-01-31 11:31 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-05 09:40 - 2014-04-05 09:37 - 88551496 _____ (AVAST Software) C:\Users\Barca\Downloads\avast_free_antivirus_setup (1).exe
2014-03-31 09:35 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-03-26 22:06 - 2013-06-05 12:50 - 00003946 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-26 22:06 - 2013-06-05 12:50 - 00003694 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-25 01:09 - 2014-03-25 00:23 - 823507142 _____ () C:\Users\Barca\Downloads\Jehovova-pomsta-CZ-2010.avi
2014-03-22 17:58 - 2014-01-29 19:20 - 00000270 __RSH () C:\ProgramData\ntuser.pol

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-04-19 13:01

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:298.22 GB) (Free:232.41 GB) NTFS
Drive d: (Data) (Fixed) (Total:297.85 GB) (Free:252.33 GB) NTFS
Drive f: (PES2012) (CDROM) (Total:6.35 GB) (Free:0 GB) UDF

Available physical RAM: 2506.96 MB
Total physical RAM: 4090.9 MB
Percentage of memory in use: 38%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 7A62E0D3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=298 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Barca\Desktop" je 10798 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

Beskyd1 · #10 Příspěvek od **Beskyd1** » 20 dub 2014 15:16

A tady je Addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-04-2014
Ran by Barca at 2014-04-20 16:07:53
Running from C:\Users\Barca\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

50 FREE MP3s +1 Free Audiobook! (HKLM-x32\...\eMusic Promotion) (Version: 1.0.0.1 - eMusic.com Inc)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.45.2 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 12.10.100.30425 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{D25F8038-09B3-AF89-45A9-CDEE0489449B}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2013.0425.1721.29306 - Název společnosti:) Hidden
AMD Media Foundation Decoders (Version: 1.0.80425.1717 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2013.0425.1721.29306 - Název společnosti:) Hidden
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2016 - Avast Software)
BitTorrent Sync (HKLM-x32\...\BitTorrent Sync) (Version: 1.1.74 - )
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.35 - Broadcom Corporation)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0425.1721.29306 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0425.1721.29306 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0425.1721.29306 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0425.1720.29306 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0425.1720.29306 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0425.1720.29306 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0425.1720.29306 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0425.1720.29306 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0425.1720.29306 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0425.1720.29306 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0425.1720.29306 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0425.1720.29306 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0425.1720.29306 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0425.1720.29306 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0425.1720.29306 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0425.1720.29306 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0425.1720.29306 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0425.1720.29306 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0425.1720.29306 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0425.1720.29306 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0425.1720.29306 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0425.1720.29306 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0425.1720.29306 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0425.1720.29306 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0425.1720.29306 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0425.1721.29306 - Advanced Micro Devices, Inc.) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{9D8D67FD-8FAB-4B98-A121-4CFA10380058}) (Version: - Microsoft)
GC (HKLM-x32\...\GC) (Version: - ) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
ICQ 8.0 (verze 6019) (HKCU\...\ICQ) (Version: 8.0.6019.0 - Mail.Ru)
iPumper (HKCU\...\{E2AF26F0-6DCC-410c-A24D-ED093DDE1638}) (Version: - Escolade Solutions LTD)
LemurLeap 1.0.0 (HKLM\...\LemurLeap) (Version: 1.0.0 - LemurLeap) <==== ATTENTION
Media Player (HKLM-x32\...\MediaPlayerV1alpha49) (Version: 1.1 - Media Player)
Media View (HKLM-x32\...\MediaViewV1alpha617) (Version: 1.1 - Media View) <==== ATTENTION
Media Watch (HKLM-x32\...\MediaWatchV1home610) (Version: 1.1 - Media Watch)
Microsoft .NET Framework 4.5.1 (CSY) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (Czech) 2013 (x32 Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Czech) 2013 (x32 Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft Excel MUI (Czech) 2013 (x32 Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Czech) 2013 (x32 Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Czech) 2013 (x32 Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft Lync MUI (Czech) 2013 (x32 Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Czech) 2013 (x32 Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Czech) 2013 (x32 Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2013 (x32 Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2013 (Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2013 (x32 Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (Czech) 2013 (x32 Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Czech) 2013 (x32 Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Czech) 2013 (x32 Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Czech) 2013 (x32 Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Word MUI (Czech) 2013 (x32 Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Opera 12.15 (HKLM-x32\...\Opera 12.15.1748) (Version: 12.15.1748 - Opera Software ASA)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pro Evolution Soccer 2012 (HKLM-x32\...\{E737A098-F161-4B6F-AF22-86AAE34F6FBD}) (Version: 1.00.0000 - KONAMI)
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Super Mp3 Download (HKLM-x32\...\SuperMp3Download) (Version: 4.9.0.2 - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.2.4.0 - Synaptics)
TuneUp Utilities 2013 (HKLM-x32\...\TuneUp Utilities 2013) (Version: 13.0.3020.6 - TuneUp Software)
TuneUp Utilities 2013 (x32 Version: 13.0.3020.6 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (cs-CZ) (x32 Version: 13.0.3020.6 - TuneUp Software) Hidden
Update for Microsoft Access 2013 (KB2768008) 32-Bit Edition (HKLM-x32\...\{90150000-0015-0405-0000-0000000FF1CE}_Office15.PROPLUSR_{7C53EA65-B344-4E51-8C72-8FA680215205}) (Version: - Microsoft)
Update for Microsoft Access 2013 (KB2827233) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{FB31ABE4-BB41-4E9A-A252-1A4BC9DC8C43}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0405-0000-0000000FF1CE}_Office15.PROPLUSR_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0405-0000-0000000FF1CE}_Office15.PROPLUSR_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0405-0000-0000000FF1CE}_Office15.PROPLUSR_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version: - Microsoft)
Update for Microsoft InfoPath 2013 (KB2837648) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{F15AA550-A0B9-44AD-9067-2294CCA51F1C}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0405-0000-0000000FF1CE}_Office15.PROPLUSR_{43A47ABA-B5EE-47C5-A865-91DB315ADA86}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{6764E50D-D076-41BC-B069-08DD488AE88B}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0405-0000-0000000FF1CE}_Office15.PROPLUSR_{F0EA0F7E-E21B-4E34-AC04-C9DF5AC94761}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{6764E50D-D076-41BC-B069-08DD488AE88B}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{4F307363-49DA-4AE7-9D9D-DAA1FF59274F}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{6E6B2968-B9D7-40C9-9FC2-8E729DDBB39C}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2738038) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{AFDC9BDD-5608-4A21-8066-13E2ACE1EDB4}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{4F8AD68D-9F41-446E-AA81-C43BF88671BF}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760242) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{BCD0EA38-A8FB-4F3D-B04E-DFFB38BC7849}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760267) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{9E03AB38-EF60-4DE6-92FB-656E23403BFA}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760539) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{E58009CD-D950-4CAE-89B4-E97C3B78319B}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{45B7D395-EB9B-414F-9E46-5849B42326E2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760553) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{03FC8649-9511-4FB1-BE34-67A442505DCF}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{B299B17D-874D-43DD-84AA-414BD9C70021}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{B299B17D-874D-43DD-84AA-414BD9C70021}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0405-0000-0000000FF1CE}_Office15.PROPLUSR_{E9DE5490-86AD-4C4B-BBE7-1BFC62C803CF}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817314) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{B9A3A7A7-8B5B-4D07-9816-80EE2EA5B9B7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0405-0000-0000000FF1CE}_Office15.PROPLUSR_{5EFADE14-CE0B-43BF-ADD2-850FCB79485F}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0405-0000-0000000FF1CE}_Office15.PROPLUSR_{9CD6330D-C04A-4DE5-8C27-EAE0771CBDDA}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{670559E6-5725-4B84-A16C-0859771F25DE}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{188DFB16-BA3F-4AD3-9432-45C8FA64EC8B}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{188DFB16-BA3F-4AD3-9432-45C8FA64EC8B}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817626) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{BC369230-B0E0-4BB0-82D6-E93196060BFA}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0405-0000-0000000FF1CE}_Office15.PROPLUSR_{2D355F71-076A-42AD-8747-6132105441F4}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{2D355F71-076A-42AD-8747-6132105441F4}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0405-0000-0000000FF1CE}_Office15.PROPLUSR_{E458713D-E208-4098-A155-EA1152F9B301}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{E458713D-E208-4098-A155-EA1152F9B301}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2826004) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{FD782270-0456-4B87-AC5E-C6EE2D063C48}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827225) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{C5CF8938-646A-41A5-A4E6-6EEE4205CBA4}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0405-0000-0000000FF1CE}_Office15.PROPLUSR_{B2B19EEF-80DC-42D7-9D03-D6D5DDEF894F}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{08F8B8BC-97B5-4110-8FC1-A840DEAD0DF9}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{F75F8521-118D-4DE2-927F-073BE7B6DC7F}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM-x32\...\{90150000-001F-041B-0000-0000000FF1CE}_Office15.PROPLUSR_{9BEC8A24-C328-4F6D-A787-0F9E3986509A}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827230) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{954A0EA5-CCCB-4B4E-8664-40E2CC8BBCBB}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{4B1A48FA-CAE2-49BB-A912-6F96AE7875D9}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{4B1A48FA-CAE2-49BB-A912-6F96AE7875D9}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0405-0000-0000000FF1CE}_Office15.PROPLUSR_{5A645CF3-3C40-4172-BCEB-19E3FC855266}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 32-Bit Edition (HKLM-x32\...\{90150000-0090-0405-0000-0000000FF1CE}_Office15.PROPLUSR_{5A645CF3-3C40-4172-BCEB-19E3FC855266}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{5A645CF3-3C40-4172-BCEB-19E3FC855266}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863825) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{96754DD8-5AF9-4CF8-A5A9-19770CD9AFBC}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863844) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{8AEAF88E-A488-4C1E-B10D-F00143BA650F}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863860) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{4E47A3B9-D863-4CE7-9488-847F2981361B}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863860) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{4E47A3B9-D863-4CE7-9488-847F2981361B}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{48D4C003-065C-460C-A864-BB18A159F3D6}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0405-1000-0000000FF1CE}_Office15.PROPLUSR_{48D4C003-065C-460C-A864-BB18A159F3D6}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 32-Bit Edition (HKLM-x32\...\{90150000-00BA-0405-0000-0000000FF1CE}_Office15.PROPLUSR_{48D4C003-065C-460C-A864-BB18A159F3D6}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{48D4C003-065C-460C-A864-BB18A159F3D6}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{DF36A224-4C72-4FF4-9961-CD4873DDAE6C}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 32-Bit Edition (HKLM-x32\...\{90150000-00A1-0405-0000-0000000FF1CE}_Office15.PROPLUSR_{DF36A224-4C72-4FF4-9961-CD4873DDAE6C}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{DF36A224-4C72-4FF4-9961-CD4873DDAE6C}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0405-0000-0000000FF1CE}_Office15.PROPLUSR_{6EC49167-B916-4B45-AF18-A4A7248CF6F1}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{6022B459-32A4-4318-A9A4-815C0BCEF977}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2837627) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0405-0000-0000000FF1CE}_Office15.PROPLUSR_{CA8215E2-4E68-4BCA-BBEB-D4ED8140F037}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2837627) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{CA8215E2-4E68-4BCA-BBEB-D4ED8140F037}) (Version: - Microsoft)
Update for Microsoft Project 2013 (KB2727085) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{DFC72135-28F1-48CD-B39A-AD28ED0AFEF5}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 32-Bit Edition (HKLM-x32\...\{90150000-0019-0405-0000-0000000FF1CE}_Office15.PROPLUSR_{41E59786-791B-4DD1-95D3-96D332607693}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{696ACAB0-DCE3-4050-849A-629CE94A9E3A}) (Version: - Microsoft)
Update for Microsoft Visio 2013 (KB2837632) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{6D8F4981-88A1-4386-8B3C-A51021FD8395}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0405-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2863909) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{FF3BD143-BA46-4948-A71F-5B07AA1706BB}) (Version: - Microsoft)
Webexp Enhanced (HKLM-x32\...\Webexp Enhanced) (Version: 1.1 - Webexp Enhanced) <==== ATTENTION
Winamp (HKLM-x32\...\Winamp) (Version: 5.623 - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Restore Points =========================

19-04-2014 18:13:45 Naplánovaný kontrolní bod
20-04-2014 09:31:39 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-04-07 09:17 - 00000840 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {2669AA8D-C5C9-4473-BB19-BE02A79A84DF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {2AEFF3F1-9550-4162-A0F9-C086C0B3F6B0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {428CDF90-60DC-4E1A-AFB4-6F0F1DFFD446} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {451649F5-1292-4559-964B-5A6534B2E964} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe [2013-01-31] (TuneUp Software)
Task: {8C1B1823-96A8-4693-80C3-B3F1D3F195DB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-05] (Google Inc.)
Task: {A154D1EC-A706-4FC1-8B28-4D6233DAD2AB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {A43528D1-53FF-4EF3-BC3A-0DAE7FA73BAA} - System32\Tasks\Trigger KMS Activation => C:\Program Files\KMSnano Final\TriggerKMS.exe [2013-01-26] ()
Task: {ABB83E71-4DAC-418A-973C-3F3DE143E0A3} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {BCF0AB9F-25A4-4EB3-BF44-A70E1B802A1B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-04-05] (AVAST Software)
Task: {D73ED3C6-170A-4CEA-82F3-950817E6E30A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-05] (Google Inc.)
Task: {D8A6E562-9632-4075-AFC3-45278E39D651} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {E3D660A0-EEAA-433E-B9A8-89982B6171DB} - System32\Tasks\UP_Scheduler => %LOCALAPPDATA%\GC\updater.exe <==== ATTENTION
Task: {EEB0AF4E-9B4F-4E9E-9921-FAE08FEFAA85} - System32\Tasks\Program k provádění aktualizací online Adobe => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {F21EEE03-E15D-4198-9B88-16473FAF6FF5} - System32\Tasks\GC_Scheduler => %LOCALAPPDATA%\GC\Runner.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-04-25 17:32 - 2013-04-25 17:32 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-08-31 15:39 - 2013-08-31 15:39 - 03233806 _____ () C:\Program Files (x86)\Tor\tor.exe
2013-04-25 17:32 - 2013-04-25 17:32 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-04-20 11:30 - 2014-04-20 11:30 - 02215424 _____ () C:\Program Files\AVAST Software\Avast\defs\14042000\algo.dll
2013-05-26 22:16 - 2013-05-26 22:16 - 00851456 _____ () C:\Users\Barca\AppData\Roaming\ICQM\ICQ\dll\YLUSBTEL.dll
2014-01-31 11:31 - 2014-01-31 11:31 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-04-10 18:21 - 2014-04-02 03:57 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\chrome_elf.dll
2014-04-10 18:21 - 2014-04-02 03:57 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libglesv2.dll
2014-04-10 18:21 - 2014-04-02 03:57 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libegl.dll
2014-04-10 18:21 - 2014-04-02 03:57 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll
2014-04-10 18:21 - 2014-04-02 03:58 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll
2014-04-10 18:21 - 2014-04-02 03:57 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

==================== Disabled items from MSCONFIG ==============

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (04/20/2014 11:52:51 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/20/2014 11:29:39 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2014 07:44:59 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2014 06:05:24 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2014 09:40:23 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/18/2014 09:42:26 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/17/2014 02:56:06 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/17/2014 10:18:37 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/16/2014 03:14:08 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/16/2014 01:27:09 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (04/19/2014 08:09:43 PM) (Source: atapi) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (04/19/2014 08:09:43 PM) (Source: atapi) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (04/19/2014 08:09:43 PM) (Source: atapi) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (04/19/2014 08:09:43 PM) (Source: atapi) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (04/19/2014 08:09:43 PM) (Source: atapi) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (04/19/2014 08:09:43 PM) (Source: atapi) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (04/19/2014 08:09:43 PM) (Source: atapi) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (04/19/2014 08:06:17 PM) (Source: atapi) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (04/19/2014 08:06:17 PM) (Source: atapi) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (04/19/2014 08:06:17 PM) (Source: atapi) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Microsoft Office Sessions:
=========================
Error: (04/20/2014 11:52:51 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/20/2014 11:29:39 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2014 07:44:59 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2014 06:05:24 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2014 09:40:23 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/18/2014 09:42:26 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/17/2014 02:56:06 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/17/2014 10:18:37 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/16/2014 03:14:08 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/16/2014 01:27:09 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

==================== Memory info ===========================

Percentage of memory in use: 38%
Total physical RAM: 4090.9 MB
Available physical RAM: 2506.96 MB
Total Pagefile: 8179.98 MB
Available Pagefile: 6205.64 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:298.22 GB) (Free:232.41 GB) NTFS
Drive d: (Data) (Fixed) (Total:297.85 GB) (Free:252.33 GB) NTFS
Drive f: (PES2012) (CDROM) (Total:6.35 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 7A62E0D3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=298 GB) - (Type=07 NTFS)

====

#11 Příspěvek od **vyosek** » 21 dub 2014 11:01

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2011-12-09] (Nullsoft, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "\SearchProtect"
HKU\S-1-5-21-2590445644-2112999408-151093625-1000\...\Run: [icq] => C:\Users\Barca\AppData\Roaming\ICQM\icq.exe [27598184 2013-05-26] (ICQ)
HKU\S-1-5-21-2590445644-2112999408-151093625-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-2590445644-2112999408-151093625-1000\...\Run: [BitTorrent Sync] => C:\Program Files (x86)\BitTorrent Sync\BTSync.exe [1538920 2013-10-18] (BitTorrent, Inc.)
HKU\S-1-5-21-2590445644-2112999408-151093625-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2590445644-2112999408-151093625-1000\...\MountPoints2: {8c2da3e2-c640-11e2-9437-4cedde6dd02f} - F:\autorun.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - A89207717ECA47F7ABF79E96F1E0D87C URL = http://search.dosearches.com/web/?utm_s ... default&q={searchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]

R2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-08-31] ()
C:\Program Files (x86)\Tor

DisableService: c2cautoupdatesvc
DisableService: c2cpnrsvc

2014-04-20 16:03 - 2014-04-20 16:03 - 00112640 _____ (forum.viry.cz) C:\Users\Barca\Desktop\FRSTLauncher (2).exe
2014-04-20 16:01 - 2014-04-20 16:01 - 00112640 _____ (forum.viry.cz) C:\Users\Barca\Downloads\Nepotvrzeno 593068.crdownload
2014-04-20 16:01 - 2014-04-20 16:01 - 00112640 _____ (forum.viry.cz) C:\Users\Barca\Downloads\Nepotvrzeno 406218.crdownload
2014-04-07 09:12 - 2014-04-07 09:27 - 00024064 _____ () C:\Windows\zoek-delete.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {F21EEE03-E15D-4198-9B88-16473FAF6FF5} - System32\Tasks\GC_Scheduler => %LOCALAPPDATA%\GC\Runner.exe <==== ATTENTION
Task: {D8A6E562-9632-4075-AFC3-45278E39D651} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {E3D660A0-EEAA-433E-B9A8-89982B6171DB} - System32\Tasks\UP_Scheduler => %LOCALAPPDATA%\GC\updater.exe <==== ATTENTION
Task: {428CDF90-60DC-4E1A-AFB4-6F0F1DFFD446} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION

C:\Program Files\KMSnano Final
Task: {A43528D1-53FF-4EF3-BC3A-0DAE7FA73BAA} - System32\Tasks\Trigger KMS Activation => C:\Program Files\KMSnano Final\TriggerKMS.exe [2013-01-26] ()

Hosts:
End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Beskyd1 · #12 Příspěvek od **Beskyd1** » 11 kvě 2014 14:32

Zdravím zde je fixlog

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-05-2014
Ran by Barca at 2014-05-11 15:27:54 Run:1
Running from C:\Users\Barca\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2011-12-09] (Nullsoft, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "\SearchProtect"
HKU\S-1-5-21-2590445644-2112999408-151093625-1000\...\Run: [icq] => C:\Users\Barca\AppData\Roaming\ICQM\icq.exe [27598184 2013-05-26] (ICQ)
HKU\S-1-5-21-2590445644-2112999408-151093625-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-2590445644-2112999408-151093625-1000\...\Run: [BitTorrent Sync] => C:\Program Files (x86)\BitTorrent Sync\BTSync.exe [1538920 2013-10-18] (BitTorrent, Inc.)
HKU\S-1-5-21-2590445644-2112999408-151093625-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2590445644-2112999408-151093625-1000\...\MountPoints2: {8c2da3e2-c640-11e2-9437-4cedde6dd02f} - F:\autorun.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - A89207717ECA47F7ABF79E96F1E0D87C URL = http://search.dosearches.com/web/?utm_s ... default&q={searchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]

R2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-08-31] ()
C:\Program Files (x86)\Tor

DisableService: c2cautoupdatesvc
DisableService: c2cpnrsvc

2014-04-20 16:03 - 2014-04-20 16:03 - 00112640 _____ (forum.viry.cz) C:\Users\Barca\Desktop\FRSTLauncher (2).exe
2014-04-20 16:01 - 2014-04-20 16:01 - 00112640 _____ (forum.viry.cz) C:\Users\Barca\Downloads\Nepotvrzeno 593068.crdownload
2014-04-20 16:01 - 2014-04-20 16:01 - 00112640 _____ (forum.viry.cz) C:\Users\Barca\Downloads\Nepotvrzeno 406218.crdownload
2014-04-07 09:12 - 2014-04-07 09:27 - 00024064 _____ () C:\Windows\zoek-delete.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {F21EEE03-E15D-4198-9B88-16473FAF6FF5} - System32\Tasks\GC_Scheduler => %LOCALAPPDATA%\GC\Runner.exe <==== ATTENTION
Task: {D8A6E562-9632-4075-AFC3-45278E39D651} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {E3D660A0-EEAA-433E-B9A8-89982B6171DB} - System32\Tasks\UP_Scheduler => %LOCALAPPDATA%\GC\updater.exe <==== ATTENTION
Task: {428CDF90-60DC-4E1A-AFB4-6F0F1DFFD446} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION

C:\Program Files\KMSnano Final
Task: {A43528D1-53FF-4EF3-BC3A-0DAE7FA73BAA} - System32\Tasks\Trigger KMS Activation => C:\Program Files\KMSnano Final\TriggerKMS.exe [2013-01-26] ()

Hosts:
End

*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\WinampAgent => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpUninstallDeleteDir => Value deleted successfully.
HKU\S-1-5-21-2590445644-2112999408-151093625-1000\Software\Microsoft\Windows\CurrentVersion\Run\\icq => Value deleted successfully.
HKU\S-1-5-21-2590445644-2112999408-151093625-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKU\S-1-5-21-2590445644-2112999408-151093625-1000\Software\Microsoft\Windows\CurrentVersion\Run\\BitTorrent Sync => Value deleted successfully.
HKU\S-1-5-21-2590445644-2112999408-151093625-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => Value deleted successfully.
HKU\S-1-5-21-2590445644-2112999408-151093625-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8c2da3e2-c640-11e2-9437-4cedde6dd02f} => Key deleted successfully.
HKCR\CLSID\{8c2da3e2-c640-11e2-9437-4cedde6dd02f} => Key not found.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\First Home Page => Value deleted successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\A89207717ECA47F7ABF79E96F1E0D87C => Key deleted successfully.
HKCR\CLSID\A89207717ECA47F7ABF79E96F1E0D87C => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key deleted successfully.
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => Key deleted successfully.
C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx => Moved successfully.
tor => Service stopped successfully.
tor => Service deleted successfully.
C:\Program Files (x86)\Tor => Moved successfully.
c2cautoupdatesvc service was disabled
c2cpnrsvc service was disabled
"C:\Users\Barca\Desktop\FRSTLauncher (2).exe" => File/Directory not found.
"C:\Users\Barca\Downloads\Nepotvrzeno 593068.crdownload" => File/Directory not found.
"C:\Users\Barca\Downloads\Nepotvrzeno 406218.crdownload" => File/Directory not found.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F21EEE03-E15D-4198-9B88-16473FAF6FF5} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F21EEE03-E15D-4198-9B88-16473FAF6FF5} => Key deleted successfully.
C:\Windows\System32\Tasks\GC_Scheduler => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GC_Scheduler => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{D8A6E562-9632-4075-AFC3-45278E39D651} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D8A6E562-9632-4075-AFC3-45278E39D651} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeFlashPlayerUpdate 2 => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E3D660A0-EEAA-433E-B9A8-89982B6171DB} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3D660A0-EEAA-433E-B9A8-89982B6171DB} => Key deleted successfully.
C:\Windows\System32\Tasks\UP_Scheduler => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UP_Scheduler => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{428CDF90-60DC-4E1A-AFB4-6F0F1DFFD446} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{428CDF90-60DC-4E1A-AFB4-6F0F1DFFD446} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeFlashPlayerUpdate => Key deleted successfully.
C:\Program Files\KMSnano Final => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A43528D1-53FF-4EF3-BC3A-0DAE7FA73BAA} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A43528D1-53FF-4EF3-BC3A-0DAE7FA73BAA} => Key deleted successfully.
C:\Windows\System32\Tasks\Trigger KMS Activation => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Trigger KMS Activation => Key deleted successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

The system needed a reboot.

==== End of Fixlog ====

#13 Příspěvek od **vyosek** » 11 kvě 2014 14:39

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

Beskyd1 · #14 Příspěvek od **Beskyd1** » 11 kvě 2014 15:04

Díky za pomoc

#15 Příspěvek od **vyosek** » 11 kvě 2014 15:07

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

A na zaklade Pravidla o zamykani temat

VIRY.CZ

Vyskakující reklama

Vyskakující reklama

Re: Vyskakující reklama

Re: Vyskakující reklama

Re: Vyskakující reklama

Re: Vyskakující reklama

Re: Vyskakující reklama

Re: Vyskakující reklama

Re: Vyskakující reklama

Re: Vyskakující reklama

Re: Vyskakující reklama

Re: Vyskakující reklama

Re: Vyskakující reklama

Re: Vyskakující reklama

Re: Vyskakující reklama

Re: Vyskakující reklama