Prosím o kontrolu.Pomalé načítání a zpomalení.Děkuji.

Zpráva

ravelu · #1 Příspěvek od **ravelu** » 19 lis 2014 12:49

Logfile of random's system information tool 1.10 (written by random/random)
Run by Mamka at 2014-11-19 12:46:22
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 190 GB (80%) free of 239 GB
Total RAM: 1791 MB (18% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:46:26, on 19.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17420)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\FirefoxPreloader\FirefoxPreloader.exe
C:\Program Files (x86)\AVG\AVG10\avgtray.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Mamka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hal3000.cz
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: (no name) - {46897C77-E7A6-4c33-BFFB-E9C2E2718942} - (no file)
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1895847903-1196084755-4017770651-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1895847903-1196084755-4017770651-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: Firefox Preloader.lnk = C:\Program Files (x86)\FirefoxPreloader\FirefoxPreloader.exe
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Eltima Usb to Ethernet Connector (UsbService) - ASUSTek COMPUTER INC. - C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater18.1.9 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9134 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {5656852B-1D06-40BF-B24D-12EA641765E9}
"taskhost.exe"
"C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files (x86)\FirefoxPreloader\FirefoxPreloader.exe"
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe"
"C:\Program Files (x86)\AVG\AVG10\avgtray.exe"
"C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties"
\??\C:\Windows\system32\conhost.exe "26118010921014339248268417661344467873-19407508043075026401740378894-562698600
"C:\Program Files (x86)\AVG\AVG10\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG10\avgemca.exe"
\??\C:\Windows\system32\conhost.exe "-2074432739-941814533-1167256236363471999-270390706-19661793411628887989-1542320134
"C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe"
C:\Program Files (x86)\AVG\AVG10\avgchsva.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Program Files (x86)\AVG\AVG10\avgrsa.exe
"c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe /pipeName=6f6c2209-8aa7-423f-b770-a962b47b7334 /coreSdkOptions=30 /logConfFile="C:\ProgramData\AVG10\temp\5458ca2f-f094-485f-b5b9-755426f63a4e-d78-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG10\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg10" /tempPath="C:\ProgramData\AVG10\temp\"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -chrome "chrome://browser/content/web-panels.xul"
"taskhost.exe"

C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Users\Mamka\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job - C:\Windows\TEMP\{6C17FC92-710B-458B-A5EB-A1134598A3EB}.exe --uninstall=1
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Mamka\AppData\Roaming\Mozilla\Firefox\Profiles\a5tci8zc.default

prefs.js - "browser.startup.homepage" - "www.seznam.cz"
prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=green ... =668083&p="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.189 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\4.0.60129.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=1.1.11]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.189 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
mp3tubetoolbar@mp3tubetoolbar.com

C:\Program Files (x86)\Mozilla Firefox\components\
flashplayer.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
np32dsw.dll
nppdf32.dll
ShockwavePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Mamka\AppData\Roaming\Mozilla\Firefox\Profiles\a5tci8zc.default\extensions\
adsremoval@adsremoval.net

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll [2011-09-09 3561824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG10\avgssie.dll [2011-09-09 2276704]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-07-27 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll [2014-08-28 3627032]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{46897C77-E7A6-4c33-BFFB-E9C2E2718942}
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll [2014-08-28 3627032]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 415256]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-10-01 22059616]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-30 6501656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 6]
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe /AutoStart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2014-10-30 6501656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck]
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2010-05-24 2439072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
c:\Program Files\Microsoft Security Client\msseces.exe [2010-11-30 1436224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PAC7302_Monitor]
C:\Windows\PixArt\PAC7302\Monitor.exe [2007-12-10 323584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Viber]
C:\Users\Mamka\AppData\Local\Viber\Viber.exe [2013-12-02 936456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
C:\Program Files (x86)\AVG Secure Search\vprot.exe [2014-08-28 2640408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
C:\PROGRA~1\MCAFEE~1\386EB9~1.130\SSSCHE~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Mamka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk]
C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE [2010-12-13 1198592]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AVG_TRAY"=C:\Program Files (x86)\AVG\AVG10\avgtray.exe [2012-08-01 2345592]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Firefox Preloader.lnk - C:\Program Files (x86)\FirefoxPreloader\FirefoxPreloader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-25 271360]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-11-19 12:41:22 ----D---- C:\Program Files\trend micro
2014-11-19 12:41:20 ----D---- C:\rsit
2014-11-18 06:46:38 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-11-12 05:26:34 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2014-11-12 05:26:34 ----A---- C:\Windows\system32\termsrv.dll
2014-11-12 05:26:34 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-12 05:26:34 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-12 05:26:34 ----A---- C:\Windows\system32\adtschema.dll
2014-11-12 05:26:30 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-11-12 05:26:30 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-11-12 05:26:30 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2014-11-12 05:26:30 ----A---- C:\Windows\system32\msaudite.dll
2014-11-12 05:26:10 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-11-12 05:26:10 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-11-12 05:26:09 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-11-12 05:26:09 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-11-12 05:26:09 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-11-12 05:26:09 ----A---- C:\Windows\system32\iernonce.dll
2014-11-12 05:26:09 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-11-12 05:26:09 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-11-12 05:26:09 ----A---- C:\Windows\system32\ie4uinit.exe
2014-11-12 05:26:08 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-11-12 05:26:08 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-11-12 05:26:08 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-11-12 05:26:08 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-11-12 05:26:08 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 05:26:06 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-11-12 05:26:06 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-11-12 05:26:06 ----A---- C:\Windows\system32\iedkcs32.dll
2014-11-12 05:26:05 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-11-12 05:26:05 ----A---- C:\Windows\system32\urlmon.dll
2014-11-12 05:26:04 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-11-12 05:26:04 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-11-12 05:26:04 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-11-12 05:26:04 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 05:26:03 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-11-12 05:26:03 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 05:26:03 ----A---- C:\Windows\system32\dxtrans.dll
2014-11-12 05:26:02 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-11-12 05:26:02 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-11-12 05:26:02 ----A---- C:\Windows\system32\msfeeds.dll
2014-11-12 05:26:00 ----A---- C:\Windows\system32\iesetup.dll
2014-11-12 05:26:00 ----A---- C:\Windows\system32\ieapfltr.dll
2014-11-12 05:25:58 ----A---- C:\Windows\system32\iertutil.dll
2014-11-12 05:25:56 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-11-12 05:25:56 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-11-12 05:25:55 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-11-12 05:25:55 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-11-12 05:25:55 ----A---- C:\Windows\system32\jsproxy.dll
2014-11-12 05:25:54 ----A---- C:\Windows\system32\ieUnatt.exe
2014-11-12 05:25:53 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-11-12 05:25:52 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-11-12 05:25:51 ----A---- C:\Windows\system32\ieui.dll
2014-11-12 05:25:51 ----A---- C:\Windows\system32\ieframe.dll
2014-11-12 05:25:51 ----A---- C:\Windows\system32\dxtmsft.dll
2014-11-12 05:25:50 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-11-12 05:25:50 ----A---- C:\Windows\system32\mshtmled.dll
2014-11-12 05:25:50 ----A---- C:\Windows\system32\jscript9diag.dll
2014-11-12 05:25:50 ----A---- C:\Windows\system32\jscript9.dll
2014-11-12 05:25:49 ----A---- C:\Windows\system32\wininet.dll
2014-11-12 05:25:49 ----A---- C:\Windows\system32\vbscript.dll
2014-11-12 05:25:47 ----A---- C:\Windows\system32\msrating.dll
2014-11-12 05:25:47 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-11-12 05:25:45 ----A---- C:\Windows\system32\mshtml.dll
2014-11-12 05:25:16 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-11-12 05:25:16 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-11-12 05:25:16 ----A---- C:\Windows\system32\msxml3r.dll
2014-11-12 05:25:16 ----A---- C:\Windows\system32\msxml3.dll
2014-11-12 05:25:15 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-11-12 05:25:15 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-11-12 05:25:14 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-11-12 05:25:14 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-11-12 05:25:14 ----A---- C:\Windows\system32\EncDump.dll
2014-11-12 05:25:14 ----A---- C:\Windows\system32\audiosrv.dll
2014-11-12 05:25:14 ----A---- C:\Windows\system32\AudioSes.dll
2014-11-12 05:25:14 ----A---- C:\Windows\system32\AudioEng.dll
2014-11-12 05:25:11 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2014-11-12 05:25:11 ----A---- C:\Windows\system32\IMJP10K.DLL
2014-11-12 05:25:05 ----A---- C:\Windows\system32\schannel.dll
2014-11-12 05:25:04 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-11-12 05:25:04 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-11-12 05:25:04 ----A---- C:\Windows\system32\ncrypt.dll
2014-11-12 05:25:03 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-11-12 05:25:03 ----A---- C:\Windows\system32\kerberos.dll
2014-11-12 05:25:02 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-11-12 05:25:02 ----A---- C:\Windows\system32\wdigest.dll
2014-11-12 05:25:02 ----A---- C:\Windows\system32\msv1_0.dll
2014-11-12 05:25:01 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-11-12 05:25:01 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-11-12 05:25:01 ----A---- C:\Windows\system32\TSpkg.dll
2014-11-12 05:25:00 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-11-12 05:25:00 ----A---- C:\Windows\system32\credssp.dll
2014-11-12 05:24:43 ----A---- C:\Windows\system32\msi.dll
2014-11-12 05:24:42 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-11-12 05:24:34 ----A---- C:\Windows\system32\win32k.sys
2014-11-12 05:24:33 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-11-12 05:24:33 ----A---- C:\Windows\system32\packager.dll
2014-11-12 05:24:32 ----A---- C:\Windows\system32\oleaut32.dll
2014-11-12 05:24:31 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-11-06 08:42:10 ----D---- C:\Program Files (x86)\FirefoxPreloader
2014-11-06 08:42:10 ----A---- C:\Windows\SYSWOW64\regclass.dll

======List of files/folders modified in the last 1 month======

2014-11-19 12:45:48 ----D---- C:\Windows\Prefetch
2014-11-19 12:41:22 ----RD---- C:\Program Files
2014-11-19 12:38:20 ----D---- C:\Users\Mamka\AppData\Roaming\Skype
2014-11-19 11:55:48 ----D---- C:\Windows\Temp
2014-11-19 10:19:35 ----D---- C:\Windows\inf
2014-11-19 09:14:08 ----D---- C:\Windows\system32\config
2014-11-19 09:03:02 ----D---- C:\Windows\System32
2014-11-19 09:03:02 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-19 09:02:55 ----D---- C:\Windows
2014-11-19 08:56:54 ----D---- C:\Windows\SysWOW64
2014-11-19 08:48:20 ----D---- C:\Windows\system32\catroot2
2014-11-19 08:48:12 ----D---- C:\Windows\winsxs
2014-11-19 08:39:32 ----D---- C:\Windows\system32\drivers\AVG
2014-11-18 07:41:39 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-18 06:47:15 ----RD---- C:\Program Files (x86)
2014-11-16 10:18:19 ----SHD---- C:\Windows\Installer
2014-11-16 10:18:19 ----SHD---- C:\Config.Msi
2014-11-16 10:16:15 ----SHD---- C:\System Volume Information
2014-11-16 10:12:07 ----D---- C:\Windows\Tasks
2014-11-15 09:52:20 ----D---- C:\Windows\debug
2014-11-13 07:05:56 ----D---- C:\Windows\rescache
2014-11-13 05:27:47 ----D---- C:\Windows\Microsoft.NET
2014-11-13 05:26:23 ----RSD---- C:\Windows\assembly
2014-11-13 05:06:53 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-11-13 05:06:52 ----D---- C:\Windows\SYSWOW64\en-US
2014-11-13 05:06:52 ----D---- C:\Windows\system32\drivers
2014-11-13 05:06:52 ----D---- C:\Windows\system32\cs-CZ
2014-11-13 05:06:52 ----D---- C:\Program Files\Internet Explorer
2014-11-13 05:06:51 ----D---- C:\Windows\system32\en-US
2014-11-13 05:06:50 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-12 13:36:47 ----D---- C:\Windows\system32\MRT
2014-11-12 13:33:49 ----A---- C:\Windows\system32\MRT.exe
2014-11-06 12:22:18 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-11-04 20:08:39 ----D---- C:\Program Files\CCleaner
2014-10-30 12:25:26 ----N---- C:\Windows\system32\MpSigStub.exe
2014-10-27 06:45:36 ----D---- C:\Windows\system32\Tasks
2014-10-22 12:23:47 ----D---- C:\ProgramData\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2011-02-22 26704]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2011-03-16 37456]
R0 nvstor64;nvstor64; C:\Windows\system32\drivers\nvstor64.sys [2010-04-08 244328]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2014-07-14 21184]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2012-11-12 312160]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2011-03-01 41552]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2011-04-04 377936]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-08-12 50976]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-08-08 270912]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-10-24 188928]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-05-27 118864]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-02-10 29264]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\drivers\ASACPI.sys [2009-07-16 15416]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 72064]
R3 NVNET;NVIDIA nForce Ethernet Driver; C:\Windows\system32\DRIVERS\nvmf6264.sys [2010-08-12 350952]
R3 PAC7302;iLook 300; C:\Windows\system32\DRIVERS\PAC7302.SYS [2009-04-28 532480]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2010-05-15 1327520]
R3 vuhub;Virtual Usb Hub; C:\Windows\system32\DRIVERS\vuhub.sys [2007-12-17 47616]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552]
S3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 40832]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-26 19456]
S3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-10-26 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-10-26 30208]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgx64bus.sys []
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgx64diag.sys []
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgx64modem.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-10-16 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2012-01-31 7391072]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2011-02-08 269520]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2010-11-11 12784]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-31 878368]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-19 1259296]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-07-27 249136]
R2 UsbService;Eltima Usb to Ethernet Connector; C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe [2009-05-05 326656]
R2 vToolbarUpdater18.1.9;vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [2014-08-12 1820184]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-07 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-11-10 167264]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-07 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-06 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-18 114288]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-08-08 1255736]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-04 64704]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-06 267440]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-10-13 935208]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#2 Příspěvek od **altrok** » 19 lis 2014 12:59

Hezky den Vam preju

Odinstalujte

Skype Click to Call
Advanced System Care 6 a pak i vse ostatni od IObit... jsou to cinske smejdy, ktere opravuji i neopravitelne az se dopracujete k preinstalovani celeho OS
McAfee Security Scan

Aktualizujte verzi antiviru (vypada to, ze mate AVG ve verzi 10 - aktualni je 2015). Pri aktualizaci odmitnete instalaci utlity TuneUp

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/

ukoncete vsechny programy
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Scan, pote na Clean
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

ravelu · #3 Příspěvek od **ravelu** » 19 lis 2014 13:48

McAfee security scan jsem nikde k odinstalování nenašel.Zasílám log.

# AdwCleaner v4.101 - Report created 19/11/2014 at 13:39:11
# Updated 09/11/2014 by Xplode
# Database : 2014-11-16.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Mamka - MAMKA-PC
# Running from : C:\Users\Mamka\Desktop\adwcleaner_4.101.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : vToolbarUpdater18.1.9
[#] Service Deleted : AVG Security Toolbar Service

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\AVG Security Toolbar
Folder Deleted : C:\Program Files (x86)\Gophoto.it
Folder Deleted : C:\Program Files (x86)\OnlineHD.TV
Folder Deleted : C:\Program Files (x86)\WinZip Registry Optimizer
Folder Deleted : C:\Program Files (x86)\YourFileDownloader
Folder Deleted : C:\Program Files (x86)\AVG\AVG10\Toolbar
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Common Files\Spigot
Folder Deleted : C:\Users\Mamka\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Mamka\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Mamka\AppData\LocalLow\AVG Security Toolbar
Folder Deleted : C:\Users\Mamka\AppData\LocalLow\Funmoods
Folder Deleted : C:\Users\Mamka\AppData\LocalLow\Mp3Tube Toolbar
Folder Deleted : C:\Users\Mamka\AppData\Roaming\Media Finder
Folder Deleted : C:\Users\Mamka\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Folder Deleted : C:\Users\Mamka\AppData\Roaming\YourFileDownloader
Folder Deleted : C:\Users\Mamka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager
[!] Folder Deleted : C:\Users\Mamka\AppData\Roaming\Mozilla\Firefox\Profiles\a5tci8zc.default\Extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9}.xpi
Folder Deleted : C:\Users\Mamka\AppData\Roaming\Mozilla\Firefox\Profiles\a5tci8zc.default\Extensions\adsremoval@adsremoval.net
Folder Deleted : C:\Users\Mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod
Folder Deleted : C:\Users\Mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Mamka\AppData\Local\funmoods.crx
File Deleted : C:\Users\Mamka\AppData\Local\funmoods-speeddial.crx
File Deleted : C:\Users\Mamka\AppData\Roaming\Mozilla\Firefox\Profiles\a5tci8zc.default\bprotector_extensions.sqlite
File Deleted : C:\Users\Mamka\AppData\Roaming\Mozilla\Firefox\Profiles\a5tci8zc.default\bprotector_prefs.js
File Deleted : C:\Users\Mamka\AppData\Roaming\Mozilla\Firefox\Profiles\a5tci8zc.default\user.js
File Deleted : C:\Users\Mamka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjpglkicenollcignonpgiafdgfeehoj_0.localstorage

***** [ Scheduled Tasks ] *****

Task Deleted : Browser Manager
Task Deleted : YourFile Update

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{B64982B1-D112-42B5-B1E4-D3867C4533F8}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dkinklhnkmkhkhofcnapakaoehijaoih
Key Deleted : HKCU\Software\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [Backup.old.Start Page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\MF
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKCU\Software\5a2d98fb76ee945
Key Deleted : HKLM\SOFTWARE\5a2d98fb76ee945
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{46897C77-E7A6-4C33-BFFB-E9C2E2718942}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{46897C77-E7A6-4C33-BFFB-E9C2E2718942}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{46897C77-E7A6-4C33-BFFB-E9C2E2718942}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{46897C77-E7A6-4C33-BFFB-E9C2E2718942}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CC63AB8A-F432-4FC4-A9B1-08E9F5387DAB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\MediaFinder
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKCU\Software\YourFileDownloader
Key Deleted : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Mp3Tube
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKLM\SOFTWARE\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\DataMngr
Key Deleted : HKLM\SOFTWARE\Iminent
Key Deleted : HKLM\SOFTWARE\Mp3Tube
Key Deleted : HKLM\SOFTWARE\YourFileDownloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IspAssistant-Mp3Tube
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17420

-\\ Mozilla Firefox v33.1.1 (x86 cs)

-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [16714 octets] - [19/11/2014 13:37:44]
AdwCleaner[S0].txt - [16059 octets] - [19/11/2014 13:39:11]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [16120 octets] ##########

#4 Příspěvek od **altrok** » 19 lis 2014 13:50

Ulozte na plochu zoek.exe http://hijackthis.nl/smeenk/zoek.htm

spustte jako spravce
do velkeho okna zkopirujte script uvedeny nize
kliknete na Run script
po restartu na Vas vyskoci log (pripadne jej najdete v C:\zoek-results.log) - vlozte mi jej do pristi odpovedi
Kód: Vybrat vše
```
autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;
```

ravelu · #5 Příspěvek od **ravelu** » 19 lis 2014 14:29

Zoek.exe v5.0.0.0 Updated 16-November-2014
Tool run by Mamka on st 19.11.2014 at 13:54:26,92.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Mamka\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

19.11.2014 13:56:01 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1895847903-1196084755-4017770651-1000\Software\Microsoft\Internet Explorer\SearchScopes\{41B53E1D-704E-4647-B076-DD6A4ED6B4B8} deleted successfully
HKEY_USERS\S-1-5-21-1895847903-1196084755-4017770651-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1895847903-1196084755-4017770651-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\UrlSearchHooks\{A3BC75A2-1F87-4686-AA43-5347D756017C} deleted successfully
HKEY_USERS\S-1-5-21-1895847903-1196084755-4017770651-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{A3BC75A2-1F87-4686-AA43-5347D756017C} deleted successfully

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\Mamka\AppData\Roaming\Mozilla\Firefox\Profiles\a5tci8zc.default\prefs.js:
user_pref("browser.startup.homepage", "www.seznam.cz");
user_pref("browser.search.selectedEngine", "Google");
user_pref("keyword.URL", "http://search.yahoo.com/search?fr=green ... =668083&p=");

Added to C:\Users\Mamka\AppData\Roaming\Mozilla\Firefox\Profiles\a5tci8zc.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\Mamka\AppData\Roaming\Mozilla\Firefox\Profiles\a5tci8zc.default

user.js not found
---- Lines Search modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{1E73965B-8B48-48be-9C8D-68B920ABC1C4}\":{\"descriptor\":\"C:\\\\
---- FireFox user.js and prefs.js backups ----

prefs_19.11.2014_1414_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~3\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} deleted
C:\PROGRA~2\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml deleted
C:\PROGRA~3\Avg_Update_0814tb deleted
C:\PROGRA~3\InstallMate deleted
C:\Users\Mamka\AppData\LocalLow\ADSRemoval deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater deleted
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job deleted
C:\windows\SysNative\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv deleted
C:\Windows\SysWow64\searchplugins deleted
C:\Windows\SysWow64\Extensions deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{27182e60-b5f3-411c-b545-b44205977502}"="C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension" [07.08.2011 17:48]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- MP3Tube Toolbar - %AppDir%\extensions\mp3tubetoolbar@mp3tubetoolbar.com
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Mamka\AppData\Roaming\Mozilla\Firefox\Profiles\a5tci8zc.default
63F8C13F269B10BC9363B007DAAACAE6 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll - Shockwave Flash

==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\Mamka\AppData\Local\Google\Chrome deleted

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://seznam.cz/"
"Default_Page_URL"="http://www.hal3000.cz"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://seznam.cz/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{2c7c201f-350a-4736-93c1-4ea6d8f27abb} Seznam Url="http://search.seznam.cz/?q={searchTerms ... isticka_12"
{753FD9F2-4479-28C0-F7E8-34DA9FC919E9} Unknown Url="Not_Found"
{953d6147-ee09-4f49-82ce-fddd2d5400b1} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r= ... isticka_12"
{d4896821-4158-4cc2-826f-6f174fb3ef81} Firmy.cz Url="http://www.firmy.cz/phr/{searchTerms}?s ... isticka_12"
{f7e38db7-2e39-4b5d-9cea-71afbadf595a} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms} ... isticka_12"

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1895847903-1196084755-4017770651-1000\Software\Microsoft\Internet Explorer\SearchScopes\{753FD9F2-4479-28C0-F7E8-34DA9FC919E9} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 6 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Mamka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Mamka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HKIBN0YJ will be deleted at reboot
C:\Users\Mamka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NAHIGT64 will be deleted at reboot
C:\Users\Mamka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OF2AU9S2 will be deleted at reboot
C:\Users\Mamka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SKSOH0C2 will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Mamka\AppData\Local\Mozilla\Firefox\Profiles\a5tci8zc.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

No Chrome Cache found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=64 folders=13 4089913 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Mamka\AppData\Local\Temp will be emptied at reboot
C:\Users\TEMP\AppData\Local\Temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Mamka\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Mamka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HKIBN0YJ" not found
"C:\Users\Mamka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NAHIGT64" not found
"C:\Users\Mamka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OF2AU9S2" not found
"C:\Users\Mamka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SKSOH0C2" not found

==== EOF on st 19.11.2014 at 14:27:16,55 ======================

#6 Příspěvek od **altrok** » 19 lis 2014 14:30

Dejte novy log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

ravelu · #7 Příspěvek od **ravelu** » 19 lis 2014 14:48

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-11-2014
Ran by Mamka (administrator) on MAMKA-PC on 19-11-2014 14:43:02
Running from C:\Users\Mamka\Desktop
Loaded Profiles: Mamka & UpdatusUser (Available profiles: Mamka & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG10\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG10\avgemca.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG10\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG10\avgchsva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(6XGate Incorporated) C:\Program Files (x86)\FirefoxPreloader\FirefoxPreloader.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG10\avgtray.exe
() C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [AVG_TRAY] => C:\Program Files (x86)\AVG\AVG10\avgtray.exe [2345592 2012-08-01] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1895847903-1196084755-4017770651-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22059616 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-1895847903-1196084755-4017770651-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-30] (Piriform Ltd)
HKU\S-1-5-21-1895847903-1196084755-4017770651-1000\...\MountPoints2: {951d238a-df97-11e1-bdd4-f46d04d9460b} - G:\LGAutoRun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Firefox Preloader.lnk
ShortcutTarget: Firefox Preloader.lnk -> C:\Program Files (x86)\FirefoxPreloader\FirefoxPreloader.exe (6XGate Incorporated)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1895847903-1196084755-4017770651-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL =
SearchScopes: HKLM-x32 -> Backup.Old.DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
SearchScopes: HKU\S-1-5-21-1895847903-1196084755-4017770651-1000 -> Backup.Old.DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-1895847903-1196084755-4017770651-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1895847903-1196084755-4017770651-1000 -> {2c7c201f-350a-4736-93c1-4ea6d8f27abb} URL = http://search.seznam.cz/?q={searchTerms ... isticka_12
SearchScopes: HKU\S-1-5-21-1895847903-1196084755-4017770651-1000 -> {953d6147-ee09-4f49-82ce-fddd2d5400b1} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... isticka_12
SearchScopes: HKU\S-1-5-21-1895847903-1196084755-4017770651-1000 -> {d4896821-4158-4cc2-826f-6f174fb3ef81} URL = http://www.firmy.cz/phr/{searchTerms}?s ... isticka_12
SearchScopes: HKU\S-1-5-21-1895847903-1196084755-4017770651-1000 -> {f7e38db7-2e39-4b5d-9cea-71afbadf595a} URL = http://www.mapy.cz/?query={searchTerms} ... isticka_12
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Windows Live Toolbar Helper -> {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} -> C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-1895847903-1196084755-4017770651-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll (AVG Technologies CZ, s.r.o.)
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Mamka\AppData\Roaming\Mozilla\Firefox\Profiles\9v9y51xp.default-1416403387782
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.60129.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=1.1.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np32dsw.dll (Macromedia, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: MP3Tube Toolbar - C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com [2014-11-18]
FF HKLM-x32\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files (x86)\AVG\AVG10\Firefox4
FF Extension: AVG Safe Search - C:\Program Files (x86)\AVG\AVG10\Firefox4 [2011-08-07]
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension
FF Extension: Search Helper Extension - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2011-08-07]

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [7391072 2012-01-31] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [269520 2011-02-08] (AVG Technologies CZ, s.r.o.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [12784 2010-11-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [282616 2010-11-11] (Microsoft Corporation)
R2 UsbService; C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe [326656 2009-05-05] (ASUSTek COMPUTER INC.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AVGIDSDriver; C:\Windows\System32\DRIVERS\AVGIDSDriver.Sys [118864 2011-05-27] (AVG Technologies CZ, s.r.o. )
R0 AVGIDSEH; C:\Windows\System32\DRIVERS\AVGIDSEH.Sys [26704 2011-02-22] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSFilter; C:\Windows\System32\DRIVERS\AVGIDSFilter.Sys [29264 2011-02-10] (AVG Technologies CZ, s.r.o. )
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [312160 2012-11-12] (AVG Technologies CZ, s.r.o.)
R1 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [41552 2011-03-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [37456 2011-03-16] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [377936 2011-04-04] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-12] (AVG Technologies)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [270912 2011-08-08] (DT Soft Ltd)
R1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [188928 2010-10-24] (Microsoft Corporation)
R3 MTsensor; C:\Windows\system32\drivers\ASACPI.sys [15416 2009-07-16] ()
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [72064 2010-10-24] (Microsoft Corporation)
R3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [532480 2009-04-28] (PixArt Imaging Inc.)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-07-14] (IObit)
R3 vuhub; C:\Windows\System32\DRIVERS\vuhub.sys [47616 2007-12-17] ()
S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]
S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-19 14:43 - 2014-11-19 14:44 - 00011545 _____ () C:\Users\Mamka\Desktop\FRST.txt
2014-11-19 14:42 - 2014-11-19 14:43 - 00000000 ____D () C:\FRST
2014-11-19 14:41 - 2014-11-19 14:41 - 00112640 _____ () C:\Users\Mamka\Desktop\FRSTLauncher.exe
2014-11-19 14:40 - 2014-11-19 14:40 - 02117120 _____ (Farbar) C:\Users\Mamka\Desktop\FRST64.exe
2014-11-19 14:35 - 2014-11-19 14:35 - 02117120 _____ (Farbar) C:\Users\Mamka\Downloads\FRST64(1).exe
2014-11-19 14:23 - 2014-11-19 14:23 - 00000000 ____D () C:\Users\Mamka\Desktop\Původní data aplikace Firefox
2014-11-19 14:22 - 2014-11-19 13:54 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-11-19 13:55 - 2014-11-19 14:27 - 00011063 _____ () C:\zoek-results.log
2014-11-19 13:54 - 2014-11-19 14:14 - 00000000 ____D () C:\zoek_backup
2014-11-19 13:53 - 2014-11-19 13:54 - 01294848 _____ () C:\Users\Mamka\Desktop\zoek.exe
2014-11-19 13:42 - 2014-11-19 14:26 - 00000650 _____ () C:\Windows\PFRO.log
2014-11-19 13:42 - 2014-11-19 14:26 - 00000112 _____ () C:\Windows\setupact.log
2014-11-19 13:42 - 2014-11-19 13:42 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-19 13:37 - 2014-11-19 13:39 - 00000000 ____D () C:\AdwCleaner
2014-11-19 13:36 - 2014-11-19 13:36 - 02140160 _____ () C:\Users\Mamka\Desktop\adwcleaner_4.101.exe
2014-11-19 12:41 - 2014-11-19 12:46 - 00000000 ____D () C:\Program Files\trend micro
2014-11-19 12:41 - 2014-11-19 12:41 - 00000000 ____D () C:\rsit
2014-11-19 12:40 - 2014-11-19 12:40 - 01222144 _____ () C:\Users\Mamka\Desktop\RSITx64.exe
2014-11-18 06:46 - 2014-11-18 06:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-15 09:45 - 2014-11-17 20:21 - 00000000 ____D () C:\Users\Mamka\Desktop\fotky enny
2014-11-12 05:26 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 05:26 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 05:26 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 05:26 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 05:26 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 05:26 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 05:26 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 05:26 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 05:26 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 05:26 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 05:26 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 05:26 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 05:26 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 05:26 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 05:26 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 05:26 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 05:26 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 05:26 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 05:26 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 05:26 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 05:26 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 05:26 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 05:26 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 05:26 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 05:26 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 05:26 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 05:26 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 05:26 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 05:26 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 05:26 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 05:26 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 05:26 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 05:26 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 05:26 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 05:26 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 05:26 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 05:26 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 05:26 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 05:26 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 05:26 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 05:26 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 05:26 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 05:26 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 05:25 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 05:25 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 05:25 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 05:25 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 05:25 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 05:25 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 05:25 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 05:25 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 05:25 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 05:25 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 05:25 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 05:25 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 05:25 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 05:25 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 05:25 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 05:25 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 05:25 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 05:25 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 05:25 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 05:25 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 05:25 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 05:25 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 05:25 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 05:25 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 05:25 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 05:25 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 05:25 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 05:25 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 05:25 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 05:25 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 05:25 - 2014-09-19 10:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-12 05:25 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 05:25 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 05:25 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 05:25 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 05:25 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 05:25 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 05:25 - 2014-09-19 10:23 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-12 05:25 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 05:25 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 05:25 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 05:25 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 05:25 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 05:25 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 05:25 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 05:25 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 05:25 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 05:25 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 05:25 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 05:25 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 05:24 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 05:24 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 05:24 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 05:24 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 05:24 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 05:24 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 05:24 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-06 08:42 - 2014-11-06 08:46 - 00000000 ____D () C:\Program Files (x86)\FirefoxPreloader
2014-11-06 08:42 - 2014-11-06 08:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Preloader
2014-11-06 08:42 - 2005-01-19 03:15 - 00028672 _____ (6XGate Systems, Inc.) C:\Windows\SysWOW64\regclass.dll
2014-11-04 20:12 - 2014-11-18 13:47 - 00000000 ____D () C:\Users\Mamka\Desktop\zálohy ccleaner
2014-11-04 20:08 - 2014-11-04 20:08 - 00000829 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-11-04 09:59 - 2014-11-04 13:39 - 00008939 _____ () C:\Users\Mamka\Desktop\Nový Sešit OpenDocument.ods
2014-11-04 09:57 - 2014-11-04 19:58 - 00000000 ____D () C:\Users\Mamka\Desktop\Nová složka
2014-11-04 09:27 - 2014-11-04 09:27 - 22437370 _____ () C:\Users\Mamka\Desktop\bdd8df66bae7d4d3_240p.mp4
2014-11-04 07:51 - 2014-11-04 07:51 - 19465461 _____ () C:\Users\Mamka\Desktop\2468dec83897d398_240p.mp4
2014-11-04 07:48 - 2014-11-04 07:48 - 11232486 _____ () C:\Users\Mamka\Desktop\21cb9a9cd4dfa444_240p.mp4
2014-11-03 06:42 - 2014-11-03 06:42 - 00000674 _____ () C:\Users\Mamka\Desktop\Tatarkové bagetky pre Katarínku.txt
2014-11-01 14:14 - 2014-11-01 14:15 - 00007607 _____ () C:\Users\Mamka\AppData\Local\resmon.resmoncfg

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-19 14:36 - 2011-08-07 16:53 - 00000000 ____D () C:\Users\Mamka\AppData\Roaming\Skype
2014-11-19 14:34 - 2009-07-14 05:45 - 00023056 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-19 14:34 - 2009-07-14 05:45 - 00023056 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-19 14:30 - 2011-08-07 14:53 - 01110734 _____ () C:\Windows\WindowsUpdate.log
2014-11-19 14:26 - 2013-11-07 12:43 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-19 14:26 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-19 14:18 - 2013-11-07 12:43 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-19 14:17 - 2011-08-07 15:35 - 00000000 ____D () C:\Users\Mamka\AppData\Local\Google
2014-11-19 13:49 - 2009-07-14 16:18 - 00670982 _____ () C:\Windows\system32\perfh005.dat
2014-11-19 13:49 - 2009-07-14 16:18 - 00142542 _____ () C:\Windows\system32\perfc005.dat
2014-11-19 13:49 - 2009-07-14 06:13 - 01591218 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-19 13:35 - 2012-08-17 10:10 - 00000119 _____ () C:\Users\Mamka\AppData\Roaming\default.rss
2014-11-19 13:29 - 2011-08-07 15:52 - 00000000 ____D () C:\Windows\system32\Drivers\AVG
2014-11-19 13:22 - 2014-08-22 07:48 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-11-19 08:49 - 2011-10-19 10:37 - 00013824 _____ () C:\Users\Mamka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-19 08:35 - 2011-08-07 15:09 - 00003970 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{CD0E62F3-2E61-4D2B-8FFC-470F7AF1B102}
2014-11-18 07:41 - 2012-10-26 11:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-16 10:12 - 2013-11-07 12:43 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-16 10:12 - 2013-11-07 12:43 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-15 09:49 - 2014-01-02 17:02 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-11-14 13:45 - 2013-10-14 12:24 - 00100339 _____ () C:\Users\Mamka\Desktop\Opravy.ods
2014-11-13 07:05 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-13 05:10 - 2009-07-14 05:45 - 00294528 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-12 13:36 - 2014-01-01 22:35 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 13:33 - 2011-08-10 21:10 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-08 13:07 - 2014-08-15 11:41 - 00000000 ____D () C:\Users\Mamka\Desktop\ENNY
2014-11-07 06:43 - 2013-03-29 16:21 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-06 12:22 - 2013-03-29 16:21 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-06 12:22 - 2013-03-29 16:21 - 00003854 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-06 12:22 - 2011-08-07 15:29 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-06 12:21 - 2011-08-10 19:22 - 00000000 ____D () C:\Users\Mamka\AppData\Local\Adobe
2014-11-04 20:19 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-11-04 20:08 - 2014-01-02 17:01 - 00000000 ____D () C:\Program Files\CCleaner
2014-10-30 12:25 - 2011-02-25 14:15 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-29 10:20 - 2011-08-07 19:22 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-10-22 12:23 - 2011-08-07 16:53 - 00000000 ____D () C:\ProgramData\Skype

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-11-15 11:09

==================== End Of Log ============================

ravelu · #8 Příspěvek od **ravelu** » 19 lis 2014 14:49

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-11-2014
Ran by Mamka at 2014-11-19 14:44:40
Running from C:\Users\Mamka\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {108DAC43-C256-20B7-BB05-914135DA5160}
AV: AVG Anti-Virus Free Edition 2011 (Enabled - Up to date) {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AS: AVG Anti-Virus Free Edition 2011 (Enabled - Up to date) {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
AS: Microsoft Security Essentials (Enabled - Up to date) {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Aktualizace NVIDIA 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
ASUS Wireless Router WL-520GU Manuals (HKLM-x32\...\{9308EDF4-04C9-4806-81CA-3AF0EC104E75}) (Version: 1.00.000 - )
ASUS Wireless Router WL-520GU Utilities (HKLM-x32\...\{B835DEF8-26A7-4E9B-B9F8-8D56F385DEAA}) (Version: 4.0.6.7 - ASUS)
AVG 2011 (HKLM\...\AVG) (Version: 10.0.1432 - AVG Technologies CZ, s.r.o.)
AVG 2011 (Version: 10.0.1432 - AVG Technologies CZ, s.r.o.) Hidden
AVG 2011 (Version: 10.0.4189 - AVG Technologies CZ, s.r.o.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Codec Pack - All In 1 6.0.3.0 (HKLM-x32\...\Cool's_Codec_pack_4.12) (Version: - )
DolbyFiles (x32 Version: 0.1 - Nero AG) Hidden
Firefox Preloader (HKLM-x32\...\Firefox Preloader_is1) (Version: 1.0.366.0 - 6XGate Incorporated)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HP Deskjet 2050 J510 series Nápověda (HKLM-x32\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.${CAB_VERSION} - HP Photo Creations Powered by RocketLife)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.28 - Irfan Skiljan)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 2.0.657.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60129.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Mozilla Firefox 33.1.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 33.1.1 (x86 cs)) (Version: 33.1.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 Essentials (HKLM-x32\...\{3ca92c96-8c03-4437-8715-e82cd3bcbdd0}) (Version: - Nero AG)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.11.9713 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 307.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.83 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{DEA314C4-0929-4250-BC92-98E4C105F28D}) (Version: 9.10.0129 - NVIDIA Corporation)
OpenOffice.org 3.3 (HKLM-x32\...\{D5B94160-4A07-4956-9C73-8C5EEFEF180F}) (Version: 3.3.9567 - OpenOffice.org)
Opera 11.50 (HKLM-x32\...\Opera 11.50.1074) (Version: 11.50.1074 - Opera Software ASA)
Ovládací panel NVIDIA 307.83 (Version: 307.83 - NVIDIA Corporation) Hidden
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Studie zlepšení produktu HP Deskjet 2050 J510 series (HKLM\...\{0A7F2F66-9C79-4255-B4C3-727B7A43AFAA}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
VIA Platforma Ovladače zařízení (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
Viber (HKU\S-1-5-21-1895847903-1196084755-4017770651-1000\...\Viber) (Version: 3.0.0.134193 - Viber Media Inc)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
Win7codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 3.0.2 - Shark007)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{068B46A0-8858-4CEB-80BC-A4AE787A05FC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Základní software zařízení HP Deskjet 2050 J510 series (HKLM\...\{6390461E-D4C5-44ED-A783-9823ED17BF79}) (Version: 22.50.231.0 - Hewlett-Packard Co.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

30-10-2014 10:41:27 Windows Update
03-11-2014 04:49:55 Windows Update
06-11-2014 07:59:43 Windows Update
10-11-2014 18:17:25 Windows Update
12-11-2014 12:31:39 Windows Update
16-11-2014 09:15:42 Windows Update
19-11-2014 12:21:13 Removed Skype Click to Call
19-11-2014 12:55:35 zoek.exe restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-11-19 13:56 - 00000840 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {00D5E4AE-E745-44B4-A86B-B0C7723ADA8C} - System32\Tasks\{C092BC05-0920-42E7-9CAF-FCD8CD9C1FF7} => c:\program files (x86)\opera\opera.exe [2011-08-22] (Opera Software)
Task: {169BCF6F-C91C-4690-9148-16261C4D209F} - System32\Tasks\{F0BE36BD-3788-46B6-BCC4-159A1633D715} => C:\Program Files (x86)\Opera\opera.exe [2011-08-22] (Opera Software)
Task: {21C84AEC-3446-4780-BCF4-92B765CC3882} - System32\Tasks\ASC4_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 4\PMonitor.exe
Task: {47043707-AD5F-4632-9B24-1C90880A7469} - System32\Tasks\Microsoft\Microsoft Antimalware\MP Scheduled Scan => c:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11] (Microsoft Corporation)
Task: {4A441FE6-C9B8-4F69-8C9C-B964FF09528D} - System32\Tasks\{D1853EC9-D535-4563-93F8-300EE945094C} => c:\program files (x86)\opera\opera.exe [2011-08-22] (Opera Software)
Task: {4F2A58A5-81E2-409F-8A30-61766A546A83} - System32\Tasks\Driver Booster SkipUAC (Mamka) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {51B571D2-2C37-4353-A183-167E0A68DA6E} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => c:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11] (Microsoft Corporation)
Task: {577C9A76-E84B-4752-9501-FB356EC75C85} - System32\Tasks\{263951D1-6108-4A0F-8D49-BA2D0715B331} => C:\Program Files (x86)\Opera\opera.exe [2011-08-22] (Opera Software)
Task: {5C1DA519-C64A-4C2F-9FD8-A8BC783B0E75} - System32\Tasks\{D34F1D9A-05C8-4452-96F6-37D447331FD0} => C:\Program Files (x86)\Opera\opera.exe [2011-08-22] (Opera Software)
Task: {674269D0-AB20-4A9C-A231-F370E207A655} - System32\Tasks\{5F064678-BB5B-45BF-8885-41085208D82E} => c:\program files (x86)\opera\opera.exe [2011-08-22] (Opera Software)
Task: {748FB733-0F22-4205-985E-A8D577F2A578} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-07] (Google Inc.)
Task: {7AB2613D-BC7B-467A-A65D-3A058A31D92B} - System32\Tasks\{1F70E0E9-7E1D-4942-BC0F-6831F1C5E151} => c:\program files (x86)\opera\opera.exe [2011-08-22] (Opera Software)
Task: {7C91C69E-BD34-4017-9CC7-23DA806B9799} - System32\Tasks\{50BE240F-6E8B-4014-9B19-18DE50639216} => Firefox.exe http://ui.skype.com/ui/0/5.5.0.124/cs/g ... Error=1603
Task: {9B517996-2679-42E1-8184-8288F55CEDFD} - System32\Tasks\{EC654696-17F1-41A1-BFB6-46CF0C4FCB13} => C:\Program Files (x86)\Opera\opera.exe [2011-08-22] (Opera Software)
Task: {AB2527F5-072B-4C84-90DC-A901A7A1F958} - System32\Tasks\HPCustParticipation HP Deskjet 2050 J510 series => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {ADC032B7-EEE3-463A-8AF6-A84070F9F059} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-30] (Piriform Ltd)
Task: {D570765E-79D8-4AA4-A585-1BCCF99ED365} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-06] (Adobe Systems Incorporated)
Task: {E376E63A-A7D0-40B3-B3BC-7D63A6E2A404} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-07] (Google Inc.)
Task: {E8595415-5FB1-497A-8330-A74EB6E05745} - System32\Tasks\{76ED2DCA-0B92-49A6-B871-C95FF97DF740} => c:\program files (x86)\opera\opera.exe [2011-08-22] (Opera Software)
Task: {F0AD783C-A813-4FED-A349-8B2EBD68C4D1} - System32\Tasks\{1C0D6D90-F9CE-499A-ABB2-0866332BF289} => c:\program files (x86)\opera\opera.exe [2011-08-22] (Opera Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-01-01 22:42 - 2013-01-31 10:25 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-02-10 06:55 - 2011-02-10 06:55 - 01148256 _____ () C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
2014-10-23 20:19 - 2014-10-23 20:19 - 00043520 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2014-11-18 06:46 - 2014-11-18 06:46 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Nero BackItUp Scheduler 4.0 => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Mamka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: PAC7302_Monitor => C:\Windows\PixArt\PAC7302\Monitor.exe
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Viber => "C:\Users\Mamka\AppData\Local\Viber\Viber.exe" StartMinimized

========================= Accounts: ==========================

Administrator (S-1-5-21-1895847903-1196084755-4017770651-500 - Administrator - Disabled)
Guest (S-1-5-21-1895847903-1196084755-4017770651-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1895847903-1196084755-4017770651-1002 - Limited - Enabled)
Mamka (S-1-5-21-1895847903-1196084755-4017770651-1000 - Administrator - Enabled) => C:\Users\Mamka
UpdatusUser (S-1-5-21-1895847903-1196084755-4017770651-1003 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (11/19/2014 00:45:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program RSITx64.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 7dc

Čas spuštění: 01d003edac9e1c80

Čas ukončení: 60

Cesta k aplikaci: C:\Users\Mamka\Desktop\RSITx64.exe

ID hlášení:

Error: (11/19/2014 08:32:09 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/19/2014 08:32:09 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.

Kontext: aplikace Windows

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/19/2014 08:32:09 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt indexování nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/19/2014 08:32:09 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.TripoliIndexer> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Prvek nebyl nalezen. (HRESULT : 0x80070490) (0x80070490)

Error: (11/19/2014 08:32:09 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.JetPropStore> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/19/2014 08:32:08 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Služba Windows Search nenačetla informace o úložišti vlastností.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Databáze indexu obsahu je poškozená. (HRESULT : 0xc0041800) (0xc0041800)

Error: (11/19/2014 08:32:08 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Služba Windows Search byla zastavena, protože došlo k problému s indexovacím modulem The catalog is corrupt.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/19/2014 08:32:08 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vyhledávací služby zjistila, že index {id=4700} obsahuje poškozené datové soubory. Služba se pokusí tyto potíže automaticky odstranit vytvořením nového indexu.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/19/2014 08:32:08 AM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: Služba Windows Search neotevřela úložiště vlastností databázového stroje Jet.

Podrobnosti:
0x%08x (0xc0041800 - Databáze indexu obsahu je poškozená. (HRESULT : 0xc0041800))

System errors:
=============
Error: (11/19/2014 02:27:17 PM) (Source: Microsoft Antimalware) (EventID: 3002) (User: )
Description: %%860 – funkce ochrany v reálném čase selhala z důvodu chyby.

Funkce: %%835

Kód chyby: 0x80004005

Popis chyby: Nespecifikovaná chyba

Důvod: %%842

Error: (11/19/2014 02:14:42 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (11/19/2014 02:14:41 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (11/19/2014 02:14:40 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (11/19/2014 02:14:39 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (11/19/2014 02:14:38 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (11/19/2014 01:43:10 PM) (Source: Microsoft Antimalware) (EventID: 3002) (User: )
Description: %%860 – funkce ochrany v reálném čase selhala z důvodu chyby.

Funkce: %%835

Kód chyby: 0x80004005

Popis chyby: Nespecifikovaná chyba

Důvod: %%842

Error: (11/19/2014 01:39:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba zařazování tisku byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (11/19/2014 01:39:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Update Service Daemon byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/19/2014 01:39:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SeaPort byla neočekávaně ukončena. Tento stav nastal již 1krát.

Microsoft Office Sessions:
=========================
Error: (11/19/2014 00:45:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: RSITx64.exe0.0.0.07dc01d003edac9e1c8060C:\Users\Mamka\Desktop\RSITx64.exe

Error: (11/19/2014 08:32:09 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/19/2014 08:32:09 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontext: aplikace Windows

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/19/2014 08:32:09 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/19/2014 08:32:09 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Prvek nebyl nalezen. (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (11/19/2014 08:32:09 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (11/19/2014 08:32:08 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Databáze indexu obsahu je poškozená. (HRESULT : 0xc0041800) (0xc0041800)

Error: (11/19/2014 08:32:08 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (11/19/2014 08:32:08 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)
4700

Error: (11/19/2014 08:32:08 AM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: Podrobnosti:
0x%08x (0xc0041800 - Databáze indexu obsahu je poškozená. (HRESULT : 0xc0041800))

CodeIntegrity Errors:
===================================
Date: 2011-07-25 16:41:03.744
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\Temp\SiwIo.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-07-25 16:41:03.728
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\Temp\SiwIo.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: AMD Sempron(tm) 140 Processor
Percentage of memory in use: 62%
Total physical RAM: 1791.23 MB
Available physical RAM: 678.34 MB
Total Pagefile: 3582.45 MB
Available Pagefile: 1951.84 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:233.83 GB) (Free:189.24 GB) NTFS
Drive d: (DATA) (Fixed) (Total:231.73 GB) (Free:218.19 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 4CBF4980)
Partition 1: (Active) - (Size=201 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=233.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=231.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================

#9 Příspěvek od **altrok** » 19 lis 2014 15:01

V PC mate 2 antiviry: AVG a Microsoft Security Essentials... Jeden z nich odinstalujte.

Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
znovu spustte FRST a kliknete na Fix

po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi

Kód: Vybrat vše

Start
CloseProcesses:
HKU\S-1-5-21-1895847903-1196084755-4017770651-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-30] (Piriform Ltd)
HKU\S-1-5-21-1895847903-1196084755-4017770651-1000\...\MountPoints2: {951d238a-df97-11e1-bdd4-f46d04d9460b} - G:\LGAutoRun.exe
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL =
SearchScopes: HKLM-x32 -> Backup.Old.DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
SearchScopes: HKU\S-1-5-21-1895847903-1196084755-4017770651-1000 -> Backup.Old.DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-1895847903-1196084755-4017770651-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1895847903-1196084755-4017770651-1000 -> {2c7c201f-350a-4736-93c1-4ea6d8f27abb} URL = http://search.seznam.cz/?q={searchTerms}&sourceid=IEListicka_12
SearchScopes: HKU\S-1-5-21-1895847903-1196084755-4017770651-1000 -> {953d6147-ee09-4f49-82ce-fddd2d5400b1} URL = http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=IEListicka_12
SearchScopes: HKU\S-1-5-21-1895847903-1196084755-4017770651-1000 -> {d4896821-4158-4cc2-826f-6f174fb3ef81} URL = http://www.firmy.cz/phr/{searchTerms}?sourceid=IEListicka_12
SearchScopes: HKU\S-1-5-21-1895847903-1196084755-4017770651-1000 -> {f7e38db7-2e39-4b5d-9cea-71afbadf595a} URL = http://www.mapy.cz/?query={searchTerms}&sourceid=IEListicka_12
Toolbar: HKU\S-1-5-21-1895847903-1196084755-4017770651-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF HKLM-x32\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files (x86)\AVG\AVG10\Firefox4
FF Extension: AVG Safe Search - C:\Program Files (x86)\AVG\AVG10\Firefox4 [2011-08-07]

R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-07-14] (IObit)
C:\Windows\System32\Drivers\SmartDefragDriver.sys
2014-11-19 14:22 - 2014-11-19 13:54 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-11-19 13:55 - 2014-11-19 14:27 - 00011063 _____ () C:\zoek-results.log
2014-11-19 13:54 - 2014-11-19 14:14 - 00000000 ____D () C:\zoek_backup
2014-11-19 13:53 - 2014-11-19 13:54 - 01294848 _____ () C:\Users\Mamka\Desktop\zoek.exe
2014-11-19 12:41 - 2014-11-19 12:46 - 00000000 ____D () C:\Program Files\trend micro
Task: {21C84AEC-3446-4780-BCF4-92B765CC3882} - System32\Tasks\ASC4_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 4\PMonitor.exe
Task: {4F2A58A5-81E2-409F-8A30-61766A546A83} - System32\Tasks\Driver Booster SkipUAC (Mamka) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\IObit
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 6" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Mamka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk" /f
Hosts:
EmptyTemp:
End

ravelu · #10 Příspěvek od **ravelu** » 19 lis 2014 15:11

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-11-2014
Ran by Mamka at 2014-11-19 15:07:52 Run:1
Running from C:\Users\Mamka\Desktop
Loaded Profiles: Mamka & UpdatusUser (Available profiles: Mamka & UpdatusUser)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-1895847903-1196084755-4017770651-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-30] (Piriform Ltd)
HKU\S-1-5-21-1895847903-1196084755-4017770651-1000\...\MountPoints2: {951d238a-df97-11e1-bdd4-f46d04d9460b} - G:\LGAutoRun.exe
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL =
SearchScopes: HKLM-x32 -> Backup.Old.DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
SearchScopes: HKU\S-1-5-21-1895847903-1196084755-4017770651-1000 -> Backup.Old.DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-1895847903-1196084755-4017770651-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1895847903-1196084755-4017770651-1000 -> {2c7c201f-350a-4736-93c1-4ea6d8f27abb} URL = http://search.seznam.cz/?q={searchTerms ... isticka_12
SearchScopes: HKU\S-1-5-21-1895847903-1196084755-4017770651-1000 -> {953d6147-ee09-4f49-82ce-fddd2d5400b1} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... isticka_12
SearchScopes: HKU\S-1-5-21-1895847903-1196084755-4017770651-1000 -> {d4896821-4158-4cc2-826f-6f174fb3ef81} URL = http://www.firmy.cz/phr/{searchTerms}?s ... isticka_12
SearchScopes: HKU\S-1-5-21-1895847903-1196084755-4017770651-1000 -> {f7e38db7-2e39-4b5d-9cea-71afbadf595a} URL = http://www.mapy.cz/?query={searchTerms} ... isticka_12
Toolbar: HKU\S-1-5-21-1895847903-1196084755-4017770651-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF HKLM-x32\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files (x86)\AVG\AVG10\Firefox4
FF Extension: AVG Safe Search - C:\Program Files (x86)\AVG\AVG10\Firefox4 [2011-08-07]

R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-07-14] (IObit)
C:\Windows\System32\Drivers\SmartDefragDriver.sys
2014-11-19 14:22 - 2014-11-19 13:54 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-11-19 13:55 - 2014-11-19 14:27 - 00011063 _____ () C:\zoek-results.log
2014-11-19 13:54 - 2014-11-19 14:14 - 00000000 ____D () C:\zoek_backup
2014-11-19 13:53 - 2014-11-19 13:54 - 01294848 _____ () C:\Users\Mamka\Desktop\zoek.exe
2014-11-19 12:41 - 2014-11-19 12:46 - 00000000 ____D () C:\Program Files\trend micro
Task: {21C84AEC-3446-4780-BCF4-92B765CC3882} - System32\Tasks\ASC4_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 4\PMonitor.exe
Task: {4F2A58A5-81E2-409F-8A30-61766A546A83} - System32\Tasks\Driver Booster SkipUAC (Mamka) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\IObit
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 6" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Mamka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk" /f
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-1895847903-1196084755-4017770651-1000\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value deleted successfully.
"HKU\S-1-5-21-1895847903-1196084755-4017770651-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{951d238a-df97-11e1-bdd4-f46d04d9460b}" => Key deleted successfully.
"HKCR\CLSID\{951d238a-df97-11e1-bdd4-f46d04d9460b}" => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\Backup.Old.DefaultScope => value deleted successfully.
HKU\S-1-5-21-1895847903-1196084755-4017770651-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\Backup.Old.DefaultScope => value deleted successfully.
"HKU\S-1-5-21-1895847903-1196084755-4017770651-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => Key deleted successfully.
"HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66}" => Key not found.
"HKU\S-1-5-21-1895847903-1196084755-4017770651-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2c7c201f-350a-4736-93c1-4ea6d8f27abb}" => Key deleted successfully.
"HKCR\CLSID\{2c7c201f-350a-4736-93c1-4ea6d8f27abb}" => Key not found.
"HKU\S-1-5-21-1895847903-1196084755-4017770651-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{953d6147-ee09-4f49-82ce-fddd2d5400b1}" => Key deleted successfully.
"HKCR\CLSID\{953d6147-ee09-4f49-82ce-fddd2d5400b1}" => Key not found.
"HKU\S-1-5-21-1895847903-1196084755-4017770651-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{d4896821-4158-4cc2-826f-6f174fb3ef81}" => Key deleted successfully.
"HKCR\CLSID\{d4896821-4158-4cc2-826f-6f174fb3ef81}" => Key not found.
"HKU\S-1-5-21-1895847903-1196084755-4017770651-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{f7e38db7-2e39-4b5d-9cea-71afbadf595a}" => Key deleted successfully.
"HKCR\CLSID\{f7e38db7-2e39-4b5d-9cea-71afbadf595a}" => Key not found.
HKU\S-1-5-21-1895847903-1196084755-4017770651-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => value deleted successfully.
"HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}" => Key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4} => value deleted successfully.
C:\Program Files (x86)\AVG\AVG10\Firefox4 => Moved successfully.
SmartDefragDriver => Service stopped successfully.
SmartDefragDriver => Service deleted successfully.
C:\Windows\System32\Drivers\SmartDefragDriver.sys => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Mamka\Desktop\zoek.exe => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{21C84AEC-3446-4780-BCF4-92B765CC3882}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{21C84AEC-3446-4780-BCF4-92B765CC3882}" => Key deleted successfully.
C:\Windows\System32\Tasks\ASC4_PerformanceMonitor => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC4_PerformanceMonitor" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4F2A58A5-81E2-409F-8A30-61766A546A83}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F2A58A5-81E2-409F-8A30-61766A546A83}" => Key deleted successfully.
C:\Windows\System32\Tasks\Driver Booster SkipUAC (Mamka) => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (Mamka)" => Key deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
"C:\Program Files (x86)\IObit" => File/Directory not found.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 6" /f =========

Chyba: Syst‚m nenalezl zadaně klˇź registru nebo po§adovanou hodnotu.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt" /f =========

Chyba: Syst‚m nenalezl zadaně klˇź registru nebo po§adovanou hodnotu.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Mamka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 21.8 MB temporary data.

The system needed a reboot.

==== End of Fixlog ====

#11 Příspěvek od **altrok** » 19 lis 2014 15:14

Vyborne

Jaky antivir jste se rozhodl ponechat?

Jak se pocitac chova ted?

ravelu · #12 Příspěvek od **ravelu** » 19 lis 2014 15:19

Ponechal jsem AVG.Je to o poznání lepší,jen ty internetové stránky nabíhají pomalu.Ale přesto mnohokrát děkuji.

#13 Příspěvek od **altrok** » 19 lis 2014 15:20

Takze jeste uklidime.

Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
Oznacte jen moznost "Remove disinfection tools"
kliknete na Run

A pokud nejsou dotazy ci jine problemy, je to ode mne vse.

VIRY.CZ

Prosím o kontrolu.Pomalé načítání a zpomalení.Děkuji.

Prosím o kontrolu.Pomalé načítání a zpomalení.Děkuji.

Re: Prosím o kontrolu.Pomalé načítání a zpomalení.Děkuji.

Re: Prosím o kontrolu.Pomalé načítání a zpomalení.Děkuji.

Re: Prosím o kontrolu.Pomalé načítání a zpomalení.Děkuji.

Re: Prosím o kontrolu.Pomalé načítání a zpomalení.Děkuji.

Re: Prosím o kontrolu.Pomalé načítání a zpomalení.Děkuji.

Re: Prosím o kontrolu.Pomalé načítání a zpomalení.Děkuji.

Re: Prosím o kontrolu.Pomalé načítání a zpomalení.Děkuji.

Re: Prosím o kontrolu.Pomalé načítání a zpomalení.Děkuji.

Re: Prosím o kontrolu.Pomalé načítání a zpomalení.Děkuji.

Re: Prosím o kontrolu.Pomalé načítání a zpomalení.Děkuji.

Re: Prosím o kontrolu.Pomalé načítání a zpomalení.Děkuji.

Re: Prosím o kontrolu.Pomalé načítání a zpomalení.Děkuji.