Prosím o kontrolu logu

Zpráva

Cecil007 · #1 Příspěvek od **Cecil007** » 10 pro 2014 00:47

Logfile of random's system information tool 1.10 (written by random/random)
Run by UBD at 2014-12-10 00:41:42
Microsoft Windows 7 Professional
System drive C: has 107 GB (69%) free of 153 GB
Total RAM: 3037 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:42:14, on 10.12.2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16722)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Canon Electronics\P215\TouchDR.exe
C:\Program Files\AVG\AVG2015\avgui.exe
C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVG Web TuneUp\vprot.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\spool\drivers\w32x86\3\E_TATII1E.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\RunDll32.exe
C:\totalcmd\TOTALCMD.EXE
C:\Windows\system32\SearchFilterHost.exe
C:\Users\UBD\Downloads\RSIT.exe
C:\Program Files\trend micro\UBD.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Web TuneUp\4.0.5.7\AVG Web TuneUp.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Toolbar BHO - {d5a1d22b-9e17-454f-8ecd-83c578fb3983} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [USBToolTip] "C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe"
O4 - HKLM\..\Run: [USB2Check] RUNDLL32.EXE "C:\Windows\system32\PCLECoInst.dll",CheckUSBController
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [P-215 CAPTUREONTOUCH] "C:\Program Files\Canon Electronics\P215\TouchDR.exe" LOGON
O4 - HKLM\..\Run: [Clarus Drive Manager] C:\Program Files\Clarus\Samsung Drive Manager\Drive Manager.exe -Hide
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Web TuneUp\vprot.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Easy Speed PC] C:\Program Files\Probit Software\Easy Speed PC\ESPCLauncher.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [EPLTarget\P0000000000000004] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATII1E.EXE /EPT "EPLTarget\P0000000000000004" /M "L300 Series"
O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATII1E.EXE /EPT "EPLTarget\P0000000000000001" /M "L300 Series"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATII1E.EXE /EPT "EPLTarget\P0000000000000000" /M "L300 Series" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATII1E.EXE /EPT "EPLTarget\P0000000000000000" /M "L300 Series" (User 'Default user')
O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.2.0\ViProtocol.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Služba Acronis Scheduler2 (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Služba Acronis Nonstop Backup (afcdpsrv) - Acronis - C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgwdsvc.exe
O23 - Service: EMC Captiva Cloud Service (Emc.Captiva.WebCaptureService) - EMC Corporation - C:\Program Files\EMC Captiva\Captiva Cloud Runtime\Emc.Captiva.WebCaptureService.exe
O23 - Service: EPSON V3 Service4(05) (EPSON_PM_RPCV4_05) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NitroPDFReaderDriverCreatorReadSpool (NitroReaderDriverReadSpool) - Nitro PDF Software - C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: Sandboxie Service (SbieSvc) - Sandboxie Holdings, LLC - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe
O23 - Service: Samsung Drive Manager Service (SZDrvSvc) - Clarus, Inc. - C:\Program Files\Clarus\Samsung Drive Manager\SZDrvSvc.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: vToolbarUpdater18.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\ToolbarUpdater.exe

--
End of file - 10779 bytes

======Scheduled tasks folder======

C:\Windows\tasks\0814avUpdateInfo.job - C:\ProgramData\Avg_Update_0814av\0814av_AVG-Secure-Search-Update.exe /SETINFO /CMPID=0814av /INFORETRY=3
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job - C:\Windows\TEMP\{7B9CAEB3-6108-4EA8-8164-EC955D8340EB}.exe --uninstall=1
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\WGCDMREAQ.job - C:\Windows\system32\rundll32.exe "C:\Windows\system32\ELSCoref.dll",ZXUKLRRBC

=========Mozilla firefox=========

ProfilePath - C:\Users\UBD\AppData\Roaming\Mozilla\Firefox\Profiles\2vpbl7ft.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.google.cz"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.246 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_246.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@garmin.com/GpsControl]
"Description"=Garmin GPS Control for Firefox
"Path"=C:\Program Files\Garmin GPS Plugin\npGarmin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@InboxAce_1g.com/Plugin]
"Description"=InboxAce Plugin
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=Software602 Form Filler Plugin
"Path"=C:\Program Files\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@UtilityChest_49.com/Plugin]
"Description"=Utility Chest Plugin
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Users\UBD\AppData\Roaming\Mozilla\Firefox\Profiles\2vpbl7ft.default\extensions\
avg@toolbar

C:\Users\UBD\AppData\Roaming\Mozilla\Firefox\Profiles\2vpbl7ft.default\searchplugins\
ask-search.xml
ask-web-search.xml
avg-secure-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-10-18 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25 326752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Web TuneUp - C:\Program Files\AVG Web TuneUp\4.0.5.7\AVG Web TuneUp.dll [2014-12-09 2395160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d5a1d22b-9e17-454f-8ecd-83c578fb3983}]
Toolbar BHO

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-10-18 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25 326752]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2013-05-01 421888]
"USBToolTip"=C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe [2004-04-23 192512]
"USB2Check"=C:\Windows\system32\PCLECoInst.dll [2004-04-06 61440]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]
"PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2009-03-02 29984]
"IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2009-03-02 46368]
"PPort11reminder"=C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [2008-11-03 328992]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"P-215 CAPTUREONTOUCH"=C:\Program Files\Canon Electronics\P215\TouchDR.exe [2012-01-20 946176]
"Clarus Drive Manager"=C:\Program Files\Clarus\Samsung Drive Manager\Drive Manager.exe [2013-12-18 8135744]
"AVG_UI"=C:\Program Files\AVG\AVG2015\avgui.exe [2014-11-09 3653136]
"ApnTBMon"=C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2014-11-24 2039192]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744]
"vProt"=C:\Program Files\AVG Web TuneUp\vprot.exe [2014-12-09 3081752]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
"Easy Speed PC"=C:\Program Files\Probit Software\Easy Speed PC\ESPCLauncher.exe [2013-03-18 148272]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2014-09-26 4811032]
"GoogleDriveSync"=C:\Program Files\Google\Drive\googledrivesync.exe [2014-10-21 22869088]
"EPLTarget\P0000000000000004"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATII1E.EXE [2012-02-26 249440]
"EPLTarget\P0000000000000001"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATII1E.EXE [2012-02-26 249440]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MSIServer]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.I420"=emYUV.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-12-10 00:41:42 ----D---- C:\rsit
2014-12-10 00:41:42 ----D---- C:\Program Files\trend micro
2014-12-10 00:01:03 ----SD---- C:\Windows\system32\CompatTel
2014-12-10 00:01:03 ----D---- C:\Windows\system32\appraiser
2014-12-09 23:54:38 ----A---- C:\Windows\system32\invagent.dll
2014-12-09 23:54:38 ----A---- C:\Windows\system32\generaltel.dll
2014-12-09 23:54:38 ----A---- C:\Windows\system32\devinv.dll
2014-12-09 23:54:38 ----A---- C:\Windows\system32\appraiser.dll
2014-12-09 23:54:38 ----A---- C:\Windows\system32\aitstatic.exe
2014-12-09 23:54:38 ----A---- C:\Windows\system32\aepic.dll
2014-12-09 23:54:38 ----A---- C:\Windows\system32\aeinv.dll
2014-12-09 23:54:37 ----A---- C:\Windows\system32\aepdu.dll
2014-12-09 23:01:31 ----D---- C:\Windows\system32\MRT
2014-12-09 22:59:20 ----A---- C:\Windows\system32\win32k.sys
2014-12-09 17:33:59 ----D---- C:\ProgramData\Avg_Update_1214tb

======List of files/folders modified in the last 1 month======

2014-12-10 00:41:53 ----D---- C:\Windows\Prefetch
2014-12-10 00:41:42 ----RD---- C:\Program Files
2014-12-10 00:39:56 ----D---- C:\Windows\Temp
2014-12-10 00:33:15 ----D---- C:\Windows\system32\config
2014-12-10 00:29:10 ----D---- C:\Windows\System32
2014-12-10 00:29:10 ----D---- C:\Windows\inf
2014-12-10 00:29:10 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-12-10 00:24:51 ----D---- C:\Windows
2014-12-10 00:23:31 ----AD---- C:\ProgramData\TEMP
2014-12-10 00:19:39 ----D---- C:\Windows\SoftwareDistribution
2014-12-10 00:16:46 ----D---- C:\Windows\tracing
2014-12-10 00:10:01 ----D---- C:\Users\UBD\AppData\Roaming\XnView
2014-12-10 00:09:55 ----D---- C:\Windows\debug
2014-12-10 00:02:05 ----D---- C:\Windows\winsxs
2014-12-10 00:01:03 ----SD---- C:\ProgramData\Microsoft
2014-12-10 00:01:03 ----D---- C:\Windows\AppCompat
2014-12-09 23:54:44 ----A---- C:\Windows\system32\MRT.exe
2014-12-09 23:54:40 ----D---- C:\Windows\AppPatch
2014-12-09 23:54:31 ----D---- C:\Windows\system32\catroot
2014-12-09 23:54:25 ----D---- C:\Windows\system32\catroot2
2014-12-09 23:48:27 ----HD---- C:\Config.Msi
2014-12-09 23:46:39 ----SHD---- C:\Windows\Installer
2014-12-09 23:46:07 ----RSD---- C:\Windows\assembly
2014-12-09 23:24:06 ----D---- C:\Windows\Microsoft.NET
2014-12-09 18:44:14 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-12-09 17:49:44 ----D---- C:\ProgramData\MFAData
2014-12-09 17:49:08 ----D---- C:\Windows\Tasks
2014-12-09 17:49:08 ----D---- C:\Windows\system32\Tasks
2014-12-09 17:47:54 ----D---- C:\Program Files\AVG Web TuneUp
2014-12-09 17:33:59 ----HD---- C:\ProgramData
2014-12-09 16:35:43 ----D---- C:\Windows\system32\FxsTmp
2014-12-09 16:35:43 ----D---- C:\Users\UBD\AppData\Roaming\Nitro PDF
2014-12-07 20:04:51 ----A---- C:\Windows\setscan.ini
2014-11-27 21:59:42 ----D---- C:\Program Files\Hard Disk Sentinel
2014-11-27 20:59:56 ----D---- C:\Users\UBD\AppData\Roaming\HpUpdate
2014-11-26 20:38:52 ----D---- C:\Users\UBD\AppData\Roaming\TeamViewer
2014-11-24 21:09:58 ----D---- C:\ProgramData\EPSON
2014-11-17 10:45:01 ----D---- C:\Jts
2014-11-15 15:08:26 ----D---- C:\Users\UBD\AppData\Roaming\vlc
2014-11-15 10:42:55 ----D---- C:\Users\UBD\AppData\Roaming\PrimoPDF
2014-11-15 10:24:08 ----D---- C:\Zákon 4
2014-11-14 09:35:58 ----D---- C:\Windows\system32\drivers
2014-11-12 15:54:16 ----HD---- C:\$AVG
2014-11-12 15:47:39 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-11-12 00:10:25 ----D---- C:\Program Files\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2014-06-18 147736]
R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2014-07-18 230680]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2014-10-05 98584]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2014-06-18 27416]
R0 fltsrv;Acronis Storage Filter Management; C:\Windows\system32\DRIVERS\fltsrv.sys [2012-01-24 76768]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 330264]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2012-01-24 170496]
R0 tdrpman;Acronis Try&Decide and Restore Points filter; C:\Windows\system32\DRIVERS\tdrpman.sys [2012-01-24 766208]
R0 timounter;Acronis Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2012-01-24 609760]
R0 vididr;Acronis Virtual Disk; C:\Windows\system32\DRIVERS\vididr.sys [2012-01-24 126112]
R0 vidsflt58;Acronis Disk Storage Filter (58); C:\Windows\system32\DRIVERS\vsflt58.sys [2012-01-24 84512]
R1 Avgdiskx;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiskx.sys [2014-06-18 121624]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2014-10-29 213784]
R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2014-06-18 21272]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2014-08-28 192792]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2014-10-10 200984]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2014-12-09 43296]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2012-01-24 234752]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2009-08-11 488448]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2009-03-26 21000]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x86.sys [2009-06-29 51712]
R3 mdf16;mdf16; \??\C:\Program Files\Clarus\Samsung Drive Manager\mdf16.sys [2012-06-21 18864]
R3 mvd23;mvd23; \??\C:\Program Files\Clarus\Samsung Drive Manager\mvd23.sys [2012-06-21 89008]
R3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit; C:\Windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2011-08-06 47360]
R3 pneteth;PdaNet Broadband; C:\Windows\system32\DRIVERS\pneteth.sys [2011-11-25 13440]
R3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys [2014-05-19 159752]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-08-14 223792]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-07-01 43944]
S3 BVRPMPR5;BVRPMPR5 NDIS Protocol Driver; \??\C:\Windows\system32\drivers\BVRPMPR5.SYS [2010-09-27 49904]
S3 DCamUSBEMPIA;Dazzle DVC90 Video Device; C:\Windows\system32\DRIVERS\emDevice.sys [2004-04-06 100957]
S3 epmntdrv;epmntdrv; \??\C:\Windows\system32\epmntdrv.sys [2012-12-21 14920]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\system32\EuGdiDrv.sys [2012-12-21 9160]
S3 FiltUSBEMPIA;USB Device Lower Filter; C:\Windows\system32\DRIVERS\emFilter.sys [2004-04-06 5245]
S3 grmnusb;Garmin USB Driver; C:\Windows\system32\drivers\grmnusb.sys [2012-04-18 15720]
S3 HTCAND32;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-10-26 25088]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2012-01-09 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2012-01-09 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2012-01-09 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2012-01-09 8576]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-06-27 19072]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 RegFilter;RegFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [2011-03-23 30600]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 ScanUSBEMPIA;USB Still Image Capture Device; C:\Windows\system32\DRIVERS\emScan.sys [2004-04-06 4493]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2012-01-09 8192]
S3 UrlFilter;UrlFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys [2011-03-23 19280]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 15872]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2012-01-09 8192]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S4 FileMonitor;FileMonitor; \??\C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys [2011-07-11 18768]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2011-09-23 809112]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 afcdpsrv;Služba Acronis Nonstop Backup; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [2012-01-24 3409880]
R2 APNMCP;Ask Update Service; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [2014-10-30 166296]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [2014-11-09 3488784]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [2014-11-09 298080]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Emc.Captiva.WebCaptureService;EMC Captiva Cloud Service; C:\Program Files\EMC Captiva\Captiva Cloud Runtime\Emc.Captiva.WebCaptureService.exe [2011-11-08 44640]
R2 EPSON_PM_RPCV4_05;EPSON V3 Service4(05); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE [2012-02-26 142432]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-04 354840]
R2 IMFservice;IMF Service; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [2011-07-20 820568]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 NitroReaderDriverReadSpool;NitroPDFReaderDriverCreatorReadSpool; C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe [2011-01-14 196912]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-07-28 211488]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe [2010-11-26 398176]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2014-05-19 134664]
R2 syncagentsrv;Acronis Sync Agent Service; C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2011-09-23 5735152]
R2 SZDrvSvc;Samsung Drive Manager Service; C:\Program Files\Clarus\Samsung Drive Manager\SZDrvSvc.exe [2013-12-18 18432]
R2 TeamViewer9;TeamViewer 9; C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe [2014-08-06 5052224]
R2 vToolbarUpdater18.2.0;vToolbarUpdater18.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\ToolbarUpdater.exe [2014-12-09 1850392]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-18 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-18 107912]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-12 114288]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-08-01 724888]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#2 Příspěvek od **altrok** » 10 pro 2014 00:53

Dobry vecer Vam preju

V prvni rade doinstalujte Internet Explorer 11 a pak i vsechny ostatni dulezite MS aktualizace - duvod http://forum.viry.cz/viewtopic.php?f=29 ... 6#p1353406

Jsou s PC nejake konkretni problemy?

Pokud nepouzivate, odinstalujte Skype Click to Call

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/

ukoncete vsechny programy
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Scan, pote na Clean
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

Cecil007 · #3 Příspěvek od **Cecil007** » 12 pro 2014 00:25

Dobrý den,
děkuji za radu. Důležité aktualizace celkem stahuji. PC je celkem v pohodě až na poněkud vyšší trvalou zátěž CPU, což mě mírně znepokojuje.
Zde je log z AdwCleaneru:

# AdwCleaner v4.105 - Report created 12/12/2014 at 00:13:28
# Updated 08/12/2014 by Xplode
# Database : 2014-12-08.2 [Live]
# Operating System : Windows 7 Professional (32 bits)
# Username : UBD - UBD-PC
# Running from : C:\Users\UBD\Desktop\adwcleaner_4.105.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : APNMCP

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\ProgramData\NCH Software
Folder Deleted : C:\Program Files\AskPartnerNetwork
Folder Deleted : C:\Program Files\NCH Software
Folder Deleted : C:\Program Files\Probit Software
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Users\UBD\AppData\Local\Temp\apn
Folder Deleted : C:\Users\UBD\AppData\Local\AskPartnerNetwork
Folder Deleted : C:\Users\UBD\AppData\Roaming\NCH Software
Folder Deleted : C:\Users\UBD\AppData\Roaming\Probit Software
Folder Deleted : C:\Users\UBD\AppData\Roaming\Solvusoft
Folder Deleted : C:\Users\UBD\AppData\Roaming\Mozilla\Firefox\Profiles\2vpbl7ft.default\Extensions\Avg@toolbar
File Deleted : C:\Windows\system32\roboot.exe
File Deleted : C:\Users\UBD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Easy Speed PC on the Web.lnk
File Deleted : C:\Users\UBD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Easy Speed PC.lnk
File Deleted : C:\Users\UBD\AppData\Roaming\Mozilla\Firefox\Profiles\2vpbl7ft.default\searchplugins\ask-search.xml
File Deleted : C:\Users\UBD\AppData\Roaming\Mozilla\Firefox\Profiles\2vpbl7ft.default\searchplugins\ask-web-search.xml
File Deleted : C:\Users\UBD\AppData\Roaming\Mozilla\Firefox\Profiles\2vpbl7ft.default\searchplugins\avg-secure-search.xml
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\default-search.xml
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml

***** [ Scheduled Tasks ] *****

Task Deleted : BackgroundContainer Startup Task
Task Deleted : BrowserDefendert

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Easy Speed PC]
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Activities\Search\ask.com
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{344C03AA-B10A-4C73-9459-F2F8EE2AD1D2}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8fe8d013-c3fd-4802-af48-79274e9f969e}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8fe8d013-c3fd-4802-af48-79274e9f969e}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKCU\Software\SystemK
Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
Key Deleted : HKLM\SOFTWARE\SystemK
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Easy Speed PC
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7600.16722

-\\ Mozilla Firefox v34.0.5 (x86 cs)

[2vpbl7ft.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");
[2vpbl7ft.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled", false);
[2vpbl7ft.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "");
[2vpbl7ft.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "allin1convert@mindspark.com");

-\\ Google Chrome v39.0.2171.71

[C:\Users\UBD\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://isearch.avg.com/search?cid={AEA077AF-B066-4C7A-B2BB-C2F757F94F05}&mid=cbb72ccae25172adbc18e21b8398812c-9f93a26aaa2c9ec7b0c66ae3d8ffc4a7443013e1&lang=cs&ds=AVG&pr=fr&d=2012-06-11 17:58:09&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
[C:\Users\UBD\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://blekko.com/ws/?source=c3348dd4&tbp=rbox&toolbarid=blekkotb_031&u=01908E82BF43B066431F99505EC527A9&q={searchTerms}
[C:\Users\UBD\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&affID=110187&tt=4912_1&babsrc=SP_ss&mntrId=d57923bf000000000000001e645d50e0
[C:\Users\UBD\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&affID=110187&tt=4912_1&babsrc=SP_ss&mntrId=d57923bf000000000000001e645d50e0
[C:\Users\UBD\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.delta-search.com/?q={searchTerms}&a ... 1E645D50E0
[C:\Users\UBD\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&babsrc=SP_def_obla&affID=120669
[C:\Users\UBD\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&babsrc=SP_def_obla&affID=120669
[C:\Users\UBD\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=SLS&o=APN10610&locale=en_EU&apn_uid=a1ff3951-2ce9-4331-b961-38bf96549a51&apn_ptnrs=%5EADI&apn_sauid=5BBA412B-7FCF-437E-A1B7-7C7022245D21&apn_dtid=%5EYYYYYY%5EYY%5ECZ&q={searchTerms}
[C:\Users\UBD\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=SLS&o=APN10610&locale=en_EU&apn_uid=a1ff3951-2ce9-4331-b961-38bf96549a51&apn_ptnrs=%5EADI&apn_sauid=5BBA412B-7FCF-437E-A1B7-7C7022245D21&apn_dtid=%5EYYYYYY%5EYY%5ECZ&q={searchTerms}

*************************

AdwCleaner[R1].txt - [1188 octets] - [17/05/2014 07:50:20]
AdwCleaner[R2].txt - [10608 octets] - [12/12/2014 00:11:09]
AdwCleaner[S0].txt - [28171 octets] - [17/05/2014 07:47:04]
AdwCleaner[S1].txt - [908 octets] - [17/05/2014 08:44:42]
AdwCleaner[S2].txt - [10758 octets] - [12/12/2014 00:13:28]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [10819 octets] ##########

#4 Příspěvek od **altrok** » 12 pro 2014 01:32

Po doinstalovani vsech aktualizaci dejte novy log FRST, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

Cecil007 · #5 Příspěvek od **Cecil007** » 12 pro 2014 23:31

Dobrý den,
opět děkuji a zde je log z FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-12-2014
Ran by UBD (administrator) on UBD-PC on 12-12-2014 23:27:40
Running from C:\Users\UBD\Desktop
Loaded Profile: UBD (Available profiles: UBD)
Platform: Microsoft Windows 7 Professional (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IObit) C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Software602 a.s.) C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
(EMC Corporation) C:\Program Files\EMC Captiva\Captiva Cloud Runtime\Emc.Captiva.WebCaptureService.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE
(Nitro PDF Software) C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe
(Sony Corporation) C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
(Acronis) C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Clarus, Inc.) C:\Program Files\Clarus\Samsung Drive Manager\SZDrvSvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(H.D.S. Hungary) C:\Program Files\Hard Disk Sentinel\HDSentinel.exe
(EMC Corporation) C:\Program Files\EMC Captiva\Captiva Cloud Runtime\Emc.Captiva.WebToolkitHost.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Pinnacle Systems) C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
(Canon Electronics Inc.) C:\Program Files\Canon Electronics\P215\TouchDR.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_TATII1E.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [USBToolTip] => C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe [192512 2004-04-23] (Pinnacle Systems)
HKLM\...\Run: [USB2Check] => RUNDLL32.EXE "C:\Windows\system32\PCLECoInst.dll",CheckUSBController
HKLM\...\Run: [SSBkgdUpdate] => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [PaperPort PTD] => C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [29984 2009-03-02] (Nuance Communications, Inc.)
HKLM\...\Run: [IndexSearch] => C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [46368 2009-03-02] (Nuance Communications, Inc.)
HKLM\...\Run: [PPort11reminder] => C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2008-11-03] (Nuance Communications, Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM\...\Run: [P-215 CAPTUREONTOUCH] => C:\Program Files\Canon Electronics\P215\TouchDR.exe [946176 2012-01-20] (Canon Electronics Inc.)
HKLM\...\Run: [Clarus Drive Manager] => C:\Program Files\Clarus\Samsung Drive Manager\Drive Manager.exe [8135744 2013-12-18] (Clarus, Inc.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3653136 2014-11-09] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoComputersNearMe] 0
HKU\S-1-5-21-485145419-2806534028-1990940906-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4811032 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-485145419-2806534028-1990940906-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-485145419-2806534028-1990940906-1001\...\Run: [EPLTarget\P0000000000000004] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATII1E.EXE [249440 2012-02-26] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-485145419-2806534028-1990940906-1001\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATII1E.EXE [249440 2012-02-26] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-485145419-2806534028-1990940906-1001\...\Policies\Explorer: [NoNetHood] 0
HKU\S-1-5-21-485145419-2806534028-1990940906-1001\...\Policies\Explorer: [NoComputersNearMe] 0
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATII1E.EXE [249440 2012-02-26] (SEIKO EPSON CORPORATION)
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATII1E.EXE [249440 2012-02-26] (SEIKO EPSON CORPORATION)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-485145419-2806534028-1990940906-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-485145419-2806534028-1990940906-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=UP97&ocid=UP97DHP
HKU\S-1-5-21-485145419-2806534028-1990940906-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.msn.com/?pc=UP97&ocid=UP97DHP
http://www.google.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-485145419-2806534028-1990940906-1001 -> {5454D872-89FF-4DB7-961A-FF2ABC04D49C} URL = http://www.webhledani.cz/results.aspx?i ... earchTerms}
SearchScopes: HKU\S-1-5-21-485145419-2806534028-1990940906-1001 -> {858FFCD3-6DC9-41F0-AA34-40CBA95F5C3F} URL = http://search.yahoo.com/search?ei=utf-8 ... earchTerms}
SearchScopes: HKU\S-1-5-21-485145419-2806534028-1990940906-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={30 ... 2014-11-05 08:54:36&v=4.0.5.7&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-485145419-2806534028-1990940906-1001 -> {F9BC07CA-174D-4CD0-BD77-37404FF399E5} URL = http://www.bing.com/search?FORM=UP97DF& ... -SearchBox
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
BHO: Toolbar BHO -> {d5a1d22b-9e17-454f-8ecd-83c578fb3983} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\UBD\AppData\Roaming\Mozilla\Firefox\Profiles\2vpbl7ft.default
FF SearchEngineOrder.1: www.google.cz
FF SearchEngineOrder.3:
FF Homepage: www.google.cz
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @software602.cz/602XML Filler -> C:\Program Files\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Clickjacking Reveal - C:\Users\UBD\AppData\Roaming\Mozilla\Firefox\Profiles\2vpbl7ft.default\Extensions\no-clickjacking@daohoangson.com.xpi [2014-12-10]
FF Extension: New Tab Homepage - C:\Users\UBD\AppData\Roaming\Mozilla\Firefox\Profiles\2vpbl7ft.default\Extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi [2014-08-09]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\UBD\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Disk Google) - C:\Users\UBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-08]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\UBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-08]
CHR Extension: (Peněženka Google) - C:\Users\UBD\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKU\S-1-5-21-485145419-2806534028-1990940906-1001\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\UBD\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-11-08]
CHR HKU\S-1-5-21-485145419-2806534028-1990940906-1001\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [809112 2011-09-23] (Acronis)
R2 afcdpsrv; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [3409880 2012-01-24] (Acronis)
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3488784 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [298080 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 Emc.Captiva.WebCaptureService; C:\Program Files\EMC Captiva\Captiva Cloud Runtime\Emc.Captiva.WebCaptureService.exe [44640 2011-11-08] (EMC Corporation)
R2 EPSON_PM_RPCV4_05; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE [142432 2012-02-26] (SEIKO EPSON CORPORATION)
R2 IMFservice; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [820568 2011-07-20] (IObit)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [45568 2013-05-16] (Hewlett-Packard) [File not signed]
R2 NitroReaderDriverReadSpool; C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe [196912 2011-01-14] (Nitro PDF Software)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [55808 2013-05-16] (Hewlett-Packard) [File not signed]
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [134664 2014-05-19] (Sandboxie Holdings, LLC)
R2 syncagentsrv; C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe [5735152 2011-09-23] (Acronis)
R2 SZDrvSvc; C:\Program Files\Clarus\Samsung Drive Manager\SZDrvSvc.exe [18432 2013-12-18] (Clarus, Inc.) [File not signed]
S2 vToolbarUpdater18.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [213784 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [192792 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [230680 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [200984 2014-10-10] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [43296 2014-12-09] (AVG Technologies)
S3 BVRPMPR5; C:\Windows\system32\drivers\BVRPMPR5.SYS [49904 2010-09-27] (Avanquest Software) [File not signed]
S3 DCamUSBEMPIA; C:\Windows\System32\DRIVERS\emDevice.sys [100957 2004-04-06] (eMPIA Technology, Inc.) [File not signed]
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [14920 2012-12-21] () [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9160 2012-12-21] () [File not signed]
S4 FileMonitor; C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys [18768 2011-07-11] ()
S3 FiltUSBEMPIA; C:\Windows\System32\DRIVERS\emFilter.sys [5245 2004-04-06] (eMPIA Technology, Inc.) [File not signed]
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [15720 2012-04-18] (GARMIN Corp.)
S3 HTCAND32; C:\Windows\System32\Drivers\ANDROIDUSB.sys [25088 2009-10-26] (HTC, Corporation) [File not signed]
R3 mdf16; C:\Program Files\Clarus\Samsung Drive Manager\mdf16.sys [18864 2012-06-21] ()
R3 mvd23; C:\Program Files\Clarus\Samsung Drive Manager\mvd23.sys [89008 2012-06-21] ()
S3 nmwcd; C:\Windows\System32\drivers\ccdcmb.sys [18176 2012-01-09] (Nokia) [File not signed]
S3 nmwcdc; C:\Windows\System32\drivers\ccdcmbo.sys [23168 2012-01-09] (Nokia) [File not signed]
S3 nmwcdnsu; C:\Windows\System32\drivers\nmwcdnsu.sys [137600 2012-01-09] (Nokia) [File not signed]
S3 nmwcdnsuc; C:\Windows\System32\drivers\nmwcdnsuc.sys [8576 2012-01-09] (Nokia) [File not signed]
S3 pccsmcfd; C:\Windows\System32\DRIVERS\pccsmcfd.sys [19072 2012-06-27] (Nokia) [File not signed]
R3 pneteth; C:\Windows\System32\DRIVERS\pneteth.sys [13440 2011-11-25] (June Fabrics Technology Inc.)
S3 RegFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [30600 2011-03-23] (IObit.com)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [159752 2014-05-19] (Sandboxie Holdings, LLC)
S3 ScanUSBEMPIA; C:\Windows\System32\DRIVERS\emScan.sys [4493 2004-04-06] (eMPIA Technology, Inc.) [File not signed]
R0 tdrpman; C:\Windows\System32\DRIVERS\tdrpman.sys [766208 2012-01-24] (Acronis)
S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerflt.sys [8192 2012-01-09] (Nokia) [File not signed]
S3 UrlFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys [19280 2011-03-23] (IObit.com)
S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltj.sys [8192 2012-01-09] (Nokia) [File not signed]
R0 vididr; C:\Windows\System32\DRIVERS\vididr.sys [126112 2012-01-24] (Acronis)
R0 vidsflt58; C:\Windows\System32\DRIVERS\vsflt58.sys [84512 2012-01-24] (Acronis)
U3 DfSdkS; No ImagePath
S3 Huawei; system32\DRIVERS\ewdcsc.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S0 Lbd; system32\DRIVERS\Lbd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-12 23:27 - 2014-12-12 23:27 - 00019983 _____ () C:\Users\UBD\Desktop\FRST.txt
2014-12-12 23:26 - 2014-12-12 23:27 - 00000000 ____D () C:\FRST
2014-12-12 23:26 - 2014-12-12 23:26 - 01111040 _____ (Farbar) C:\Users\UBD\Desktop\FRST.exe
2014-12-12 23:25 - 2014-12-12 23:25 - 00029696 _____ () C:\Users\UBD\AppData\Local\MSGBOX.EXE
2014-12-12 23:25 - 2014-12-12 23:25 - 00015327 _____ () C:\Users\UBD\Desktop\LM.bat
2014-12-12 23:24 - 2014-12-12 23:24 - 00112640 _____ (forum.viry.cz) C:\Users\UBD\Desktop\FRSTLauncher.exe
2014-12-12 00:14 - 2014-12-12 00:14 - 00000314 _____ () C:\Windows\PFRO.log
2014-12-12 00:09 - 2014-12-12 00:09 - 02166272 _____ () C:\Users\UBD\Desktop\adwcleaner_4.105.exe
2014-12-10 18:40 - 2014-12-10 18:40 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-12-10 00:41 - 2014-12-10 00:42 - 00000000 ____D () C:\rsit
2014-12-10 00:41 - 2014-12-10 00:42 - 00000000 ____D () C:\Program Files\trend micro
2014-12-10 00:41 - 2014-12-10 00:41 - 01107968 _____ () C:\Users\UBD\Downloads\RSIT.exe
2014-12-10 00:24 - 2014-12-12 09:51 - 00000280 _____ () C:\Windows\setupact.log
2014-12-10 00:24 - 2014-12-10 00:24 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-10 00:18 - 2014-12-12 17:56 - 00108971 _____ () C:\Windows\WindowsUpdate.log
2014-12-10 00:01 - 2014-12-10 00:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-10 00:01 - 2014-12-10 00:01 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-09 23:54 - 2014-12-04 03:20 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-09 23:54 - 2014-12-04 03:20 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-09 23:54 - 2014-12-04 03:20 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-09 23:54 - 2014-12-04 03:20 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-09 23:54 - 2014-12-04 03:20 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-09 23:54 - 2014-12-04 03:20 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-09 23:54 - 2014-12-04 03:17 - 00873984 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-09 23:54 - 2014-12-02 00:27 - 01160872 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-09 23:01 - 2014-12-10 00:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-09 22:59 - 2014-09-15 01:42 - 02377216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-12-09 22:40 - 2014-12-09 22:40 - 01188194 _____ () C:\Users\UBD\Downloads\ProcessExplorer.zip
2014-12-09 17:33 - 2014-12-09 17:33 - 00000000 ____D () C:\ProgramData\Avg_Update_1214tb
2014-12-08 17:35 - 2014-12-08 17:35 - 00000000 ____D () C:\Users\UBD\AppData\Local\Clarus
2014-11-27 21:53 - 2014-11-27 21:53 - 00013000 _____ () C:\Users\UBD\Documents\Jitka%20Nagyová%20certifikat.docx_0.odt

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-12 22:44 - 2013-07-02 11:23 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-12 21:37 - 2010-08-20 22:25 - 00000000 ____D () C:\Users\UBD\AppData\Roaming\XnView
2014-12-12 20:49 - 2011-02-05 19:45 - 00000000 ____D () C:\Users\UBD\AppData\Roaming\Nitro PDF
2014-12-12 20:06 - 2014-09-14 11:51 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-12 19:29 - 2011-02-05 21:14 - 00000000 ____D () C:\Users\UBD\Documents\Moje naskenované obrázky
2014-12-12 19:23 - 2010-08-20 18:06 - 01576554 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-12 17:50 - 2011-05-15 17:40 - 00000000 ____D () C:\ProgramData\MFAData
2014-12-12 10:07 - 2013-05-31 18:59 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-12-12 10:07 - 2012-09-28 07:19 - 00000000 ___RD () C:\Users\UBD\Disk Google
2014-12-12 09:58 - 2009-07-14 05:34 - 00014224 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-12 09:58 - 2009-07-14 05:34 - 00014224 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-12 09:51 - 2013-10-01 06:38 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-12-12 09:51 - 2013-08-25 09:51 - 00000308 _____ () C:\Windows\Tasks\WGCDMREAQ.job
2014-12-12 09:51 - 2011-02-05 17:26 - 00000181 _____ () C:\PSLOG
2014-12-12 09:51 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-12 00:13 - 2014-05-17 07:47 - 00000000 ____D () C:\AdwCleaner
2014-12-12 00:05 - 2014-10-01 17:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-12-11 17:57 - 2009-07-14 05:52 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-12-11 17:54 - 2014-04-22 20:22 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-11 17:53 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\tracing
2014-12-11 17:52 - 2012-04-25 20:14 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-12-10 17:30 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-12-10 00:23 - 2011-12-07 20:35 - 00000000 ____D () C:\ProgramData\TEMP
2014-12-10 00:23 - 2010-08-20 18:00 - 00000000 ____D () C:\Users\UBD
2014-12-10 00:16 - 2011-02-05 16:12 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-10 00:16 - 2011-02-05 16:12 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-10 00:01 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\AppCompat
2014-12-09 23:54 - 2011-02-05 22:58 - 109818608 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-09 23:48 - 2009-07-14 05:33 - 00302416 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-09 18:44 - 2012-06-25 10:36 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-12-09 18:44 - 2012-06-25 10:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-12-09 17:47 - 2014-11-05 08:54 - 00000000 ____D () C:\Program Files\AVG Web TuneUp
2014-12-09 17:47 - 2012-08-30 17:56 - 00043296 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx86.sys
2014-12-07 20:04 - 2014-02-25 15:20 - 00000175 _____ () C:\Windows\setscan.ini
2014-12-05 19:28 - 2011-02-12 22:53 - 00000000 ____D () C:\Users\UBD\Desktop\Nová složka
2014-11-27 21:59 - 2013-07-12 16:10 - 00000000 ____D () C:\Program Files\Hard Disk Sentinel
2014-11-27 20:59 - 2013-08-28 19:33 - 00000000 ____D () C:\Users\UBD\AppData\Roaming\HpUpdate
2014-11-26 20:38 - 2012-11-18 20:32 - 00000000 ____D () C:\Users\UBD\AppData\Roaming\TeamViewer
2014-11-24 21:09 - 2014-03-02 14:16 - 00000000 ____D () C:\ProgramData\EPSON
2014-11-17 10:45 - 2014-09-02 19:12 - 00000000 ____D () C:\Jts
2014-11-15 15:08 - 2014-09-20 17:51 - 00000000 ____D () C:\Users\UBD\AppData\Roaming\vlc
2014-11-15 10:42 - 2011-02-05 19:43 - 00000000 ____D () C:\Users\UBD\AppData\Roaming\PrimoPDF
2014-11-15 10:24 - 2011-02-08 21:43 - 00000590 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zákon 4.lnk
2014-11-15 10:24 - 2011-02-08 21:43 - 00000578 _____ () C:\Users\Public\Desktop\Zákon 4.lnk
2014-11-15 10:24 - 2011-02-08 21:36 - 00000000 ____D () C:\Zákon 4
2014-11-14 09:36 - 2014-10-22 12:35 - 00000947 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2014-11-14 09:36 - 2014-10-22 12:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-11-12 17:14 - 2011-03-03 15:08 - 00008192 _____ () C:\Users\UBD\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-12 15:54 - 2011-06-19 08:39 - 00000000 ___HD () C:\$AVG

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-12-05 09:47

==================== End Of Log ============================

a zde additional:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-12-2014
Ran by UBD at 2014-12-12 23:28:16
Running from C:\Users\UBD\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 15.1.1 - Hewlett-Packard) Hidden
3GP Player 1.1.5 (HKLM\...\3GP Player_is1) (Version: - Bobabo)
602PdfDriver (Version: 1.01 - Software602 a.s.) Hidden
Acer Crystal Eye Webcam (HKLM\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.2.7.1 - Suyin Optronics Corp)
Acer Crystal Eye webcam Ver:1.1.93.702 (HKLM\...\{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}) (Version: 1.1.93.702 - Chicony Electronics Co.,Ltd.)
Acronis True Image Home 2012 (HKLM\...\{47A0C382-35D7-4A3A-B9AF-B2D38827A8A7}Visible) (Version: 15.0.5545 - Acronis)
Acronis True Image Home 2012 (Version: 15.0.5545 - Acronis) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.5.0.600 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AMR Player 1.2 (HKLM\...\{2F881B56-CBDF-4EC6-A8D2-6412A879C66A}_is1) (Version: - www.amrplayer.com)
Apple Application Support (HKLM\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 2013 v.11.0.6 (HKLM\...\{91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1) (Version: 11.0.6 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Card v.1.0.0 (HKLM\...\{C92AB6F1-EC2E-85C8-C6D7-5BB8C2F89C7F}_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.7 - Atheros Communications Inc.)
Atheros Driver Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 8.0.0.218 - Atheros)
Audacity 1.3.12 (Unicode) (HKLM\...\Audacity 1.3 Beta (Unicode)_is1) (Version: - Audacity Team)
Auslogics Registry Defrag (HKLM\...\{D627784F-B3EE-44E8-96B1-9509B991EA34}_is1) (Version: version 6.2 - Auslogics Software Pty Ltd)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5577 - AVG Technologies CZ, s.r.o.)
AVG 2015 (Version: 15.0.4235 - AVG Technologies CZ, s.r.o.) Hidden
AVG 2015 (Version: 15.0.5577 - AVG Technologies CZ, s.r.o.) Hidden
AVG Web TuneUp (HKLM\...\AVG Web TuneUp) (Version: 4.0.5.7 - AVG Technologies)
Balíček ovladače systému Windows - Hewlett-Packard hp scanjet 5590 (05/24/2012 8.1.0.73) (HKLM\...\BF60728927129EDF88B734736479C6E8EAEE8835) (Version: 05/24/2012 8.1.0.73 - Hewlett-Packard)
Balíček ovladače systému Windows - Intel (NETw5s32) net (09/15/2009 13.0.0.107) (HKLM\...\261F972493946CC8B32688E5247ADD2EE612DEB9) (Version: 09/15/2009 13.0.0.107 - Intel)
Balíček ovladače systému Windows - Intel (NETw5v32) net (09/15/2009 13.0.0.107) (HKLM\...\FB8C5A1BB9B0EB1DBE21E5BBBF6942439C4FB2F9) (Version: 09/15/2009 13.0.0.107 - Intel)
Balíček ovladače systému Windows - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
BufferChm (Version: 140.0.298.000 - Hewlett-Packard) Hidden
calibre (HKLM\...\{E357C7B4-E337-4E43-84F1-8FDAF1EF4038}) (Version: 0.9.32 - Kovid Goyal)
Canon driver for P-215 (HKLM\...\{E1BE0EE4-3341-424E-AF40-C200CD9BF508}) (Version: 1.2.4493 - Canon Electronics Inc.)
Canon iP1900 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP1900_series) (Version: - )
Canon iP2700 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2700_series) (Version: - )
CaptureOnTouch Google Docs(TM) Plugin (HKLM\...\{5B264EE1-5639-4647-A53F-7D946304A950}) (Version: 1.1.4311 - Canon Electronics Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.98.9.0 - Conexant)
ConvertXtoDVD 4.1.19.365 (HKLM\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.1.19.365 - )
Crypta 2.2.0 (HKLM\...\5139-7455-1198-4436) (Version: 2.2.0 - Česká pošta, s.p.)
Desktop Restore (HKLM\...\{228CEA74-6DD1-40B9-B95F-77273F4316B5}) (Version: 1.6.3 - JOConnell)
Destinations (Version: 140.0.0.0 - Hewlett-Packard) Hidden
DosPrint 2.3 (HKLM\...\DOSPrint pro podporu tisku z DOSu_is1) (Version: - Daniel Redlich)
DVDFab Platinum 3.0.6.0 Beta Ghosthunter release (HKLM\...\DVDFab Platinum_is1) (Version: - )
EaseUS Partition Master 9.2.1 Professional (HKLM\...\EaseUS Partition Master Professional Edition_is1) (Version: - EaseUS)
Epson Easy Photo Print 2 (HKLM\...\{02A312B5-1542-47B6-BFE9-F51358C39E86}) (Version: 2.4.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
EPSON L300 Series Printer Uninstall (HKLM\...\EPSON L300 Series) (Version: - SEIKO EPSON Corporation)
Epson Uživatelská příručka L300 Series (HKLM\...\L300 Series Useg) (Version: - )
Evernote v. 4.5.2 (HKLM\...\{8CE152BA-1D16-11E1-867D-984BE15F174E}) (Version: 4.5.2.5904 - Evernote Corp.)
f4 3.1.0 (HKLM\...\f4) (Version: 3.1.0 - MAXqda)
FFmpeg for Audacity on Windows (HKLM\...\FFmpeg for Audacity on Windows_is1) (Version: - )
Foxit PDF Editor (HKLM\...\Foxit PDF Editor) (Version: - )
Foxit Reader (HKLM\...\Foxit Reader) (Version: 4.1.0.726 - Foxit Software Company)
Free Window Registry Repair (HKLM\...\Free Window Registry Repair) (Version: - )
Free WMA Cutter and Editor 2.6 (HKLM\...\Free WMA Cutter and Editor_is1) (Version: - musetips.com)
Free WMA MP3 Converter (HKLM\...\Free WMA MP3 Converter) (Version: - )
Garmin City Navigator Europe NT 2013.20 Update (HKLM\...\{39B072B0-6003-4506-8A6A-28EFB3169D0F}) (Version: 16.20.0.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin (HKLM\...\{032A13FF-D26D-4844-9597-7EF698627985}) (Version: 4.1.0 - Garmin Ltd or its subsidiaries)
Garmin Trip and Waypoint Manager v5 (HKLM\...\{414A373B-59DF-4102-94CA-9FE9A74CBDDA}) (Version: 5.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM\...\{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Google Drive (HKLM\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Haali Media Splitter (HKLM\...\HaaliMkx) (Version: - )
Hard Disk Sentinel PRO (HKLM\...\Hard Disk Sentinel_is1) (Version: - HDS)
HP Imaging Device Functions 14.5 (HKLM\...\HP Imaging Device Functions) (Version: 14.5 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
hpg5590 (Version: 140.000.000.000 - Název společnosti:) Hidden
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HTC BMP USB Driver (HKLM\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
Incomedia WebSite X5 Evolution (HKLM\...\Incomedia WebSite X5 Evolution) (Version: - )
Incomedia WebSite X5 v9 - Smart (HKLM\...\{08F8A05F-C6FD-4A1C-96DA-4B48AACA7F35}_is1) (Version: 9.0.4.1748 - Incomedia s.r.l.)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
IObit Malware Fighter (HKLM\...\IObit Malware Fighter_is1) (Version: 1.0 - IObit)
IObit Toolbar v5.1 (HKLM\...\{D5297321-6138-43d8-93B0-EB268CC86A68}) (Version: 5.1 - Spigot, Inc.) <==== ATTENTION
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
JavaFX 2.1.0 (HKLM\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation)
LADSPA_plugins-win-0.4.15 (HKLM\...\LADSPA_plugins-win_is1) (Version: - Audacity Team)
Launch Manager (HKLM\...\LManager) (Version: 3.0.02 - Acer Inc.)
Lingea Lexicon 2002 (HKLM\...\Lexicon 4.0) (Version: - )
linguatec Voice Reader (HKLM\...\{93293322-B694-4270-B7FE-DDE1A681ACCA}) (Version: 1.00.0000 - linguatec)
MailStore Home 8.0.4.8653 (HKLM\...\MailStore Home_universal1) (Version: 8.0.4.8653 - MailStore Software GmbH)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works 6-9 Converter (HKLM\...\{95140000-0137-0405-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
MozBackup 1.4.10 (HKLM\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 34.0.5 (x86 cs) (HKLM\...\Mozilla Firefox 34.0.5 (x86 cs)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 cs) (HKLM\...\Mozilla Thunderbird 24.6.0 (x86 cs)) (Version: 24.6.0 - Mozilla)
MSVC80_x86 (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyKeyFinder (HKLM\...\MyKeyFinder_is1) (Version: 2013 - Abelssoft)
MyMarketAnalyzer (HKU\S-1-5-21-485145419-2806534028-1990940906-1001\...\ce686aec6e1d8db5) (Version: 1.0.0.82 - MyMarketAnalyzer)
MyPhoneExplorer (HKLM\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
NinjaTrader 7 (HKLM\...\{F32F7FC8-02AD-4E72-BD40-2B045CA191FE}) (Version: 7.0.1007 - NinjaTrader)
Nitro PDF Reader (HKLM\...\{2881063B-C58F-49EB-97FD-8BF58EC580F9}) (Version: 1.4.0.11 - Nitro PDF Software)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.71 - )
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation)
OCR Software by I.R.I.S. 14.5 (HKLM\...\HPOCR) (Version: 14.5 - HP)
OpenOffice 4.0.1 (HKLM\...\{220C463A-2890-4C7F-B97C-C49FE175B849}) (Version: 4.01.9714 - Apache Software Foundation)
P-215 CaptureOnTouch (HKLM\...\{551DCCF1-A5D6-4090-86A5-38EA6EB5AC18}) (Version: 2.2.212.120 - Canon Electronics Inc.)
P-215 UserManual (HKLM\...\{B00EDF44-C4C7-4857-872D-4C8459AD589B}) (Version: 1.04.0000 - Canon Electronics Inc.)
PaperPort Image Printer (HKLM\...\{2BC2781A-F7F6-452E-95EB-018A522F1B2C}) (Version: 1.00.0000 - Nuance Communications, Inc.)
PaperPort SharePoint Link (HKLM\...\{8D09F3C8-C890-4118-B3CC-697BE7FA0421}) (Version: 12.000.0001 - Nuance Communications, Inc.)
PC Connectivity Solution (HKLM\...\{7390478C-8581-415E-92E9-2997D9306B81}) (Version: 12.0.32.0 - Nokia)
PdaNet+ for Android 4.12 (HKLM\...\PdaNet_is1) (Version: - June Fabrics Technology Inc)
PDF Compressor (HKLM\...\{74CB4E29-732C-47A6-B9C6-790EC768FCBA}) (Version: 2.7.0.0 - iWesoft)
pdfsam (HKLM\...\pdfsam) (Version: 2.2.0 - )
PL-2303 Vista Driver Installer (HKLM\...\{EEC010D0-1252-4E1D-BAD9-F1B8F414535C}) (Version: 3.0.1.0 - Prolific)
PMB (HKLM\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.5.02.12220 - Sony Corporation)
podepsatPdf (HKLM\...\{9621126B-9210-4AEE-9E01-616E98A06F43}) (Version: 1.27.3 - TOPSPIN Solutions, s.r.o.)
Pošta & kancelář 2.3 (HKLM\...\Pošta & kancelář_is1) (Version: - PS Media s.r.o.)
Presto! BizCard 6 (HKLM\...\{4F9D15B4-0F57-4B84-94AE-C1286C8D4443}) (Version: 6.11.00 - NewSoft Technology Corporation)
Presto! BizCard 6 (Version: 6.11.00 - NewSoft) Hidden
PrimoPDF -- brought to you by Nitro PDF Software (HKLM\...\PrimoPDF) (Version: 5 - Nitro PDF Software)
PrintServer Network driver (HKLM\...\PrintServer Network driver) (Version: - )
Psaní všemi deseti 1.5 (HKLM\...\Psaní všemi deseti_is1) (Version: - Richard Šusta, David Vejchoda)
PSPad editor (HKLM\...\PSPad editor_is1) (Version: - Jan Fiala)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Ralink Wireless LAN v3.0.2.0 Installation Program for Windows7 (HKLM\...\{FDE773CD-9201-4655-87F3-4E051860D47D}) (Version: 1.0 - Ralink)
Registrace uživatele zařízení Canon iP2700 series (HKLM\...\Registrace uživatele zařízení Canon iP2700 series) (Version: - )
Revo Uninstaller 1.92 (HKLM\...\Revo Uninstaller) (Version: 1.92 - VS Revo Group)
Samsung Drive Manager (HKLM\...\{9F1A6A24-4901-42F6-A355-5DD2B82E62AE}) (Version: 1.0.172 - Clarus, Inc.)
Sandboxie 4.10 (32-bit) (HKLM\...\Sandboxie) (Version: 4.10 - Sandboxie Holdings, LLC)
Scan (Version: 14.0.1.0 - Hewlett-Packard) Hidden
Scanjet 5590 (HKLM\...\{A64EBD98-D9FB-4014-8658-F61C0EFFB87C}) (Version: 14.5 - HP)
ScanSoft PaperPort 11 (HKLM\...\{EA820D43-3E3F-4B16-BAA2-DCAB0D4E7F1A}) (Version: 11.2.0000 - Nuance Communications, Inc.)
Seabase Delta (HKLM\...\Seabase Delta) (Version: 1.0.0.0 - Vitware.cz)
Search App by Ask (HKLM\...\{4F524A2D-5350-4500-76A7-A758B70C1500}) (Version: 12.21.0.114 - APN, LLC) <==== ATTENTION
Skype™ 6.20 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
SlimPublisher (HKLM\...\{AB51C28A-DA2D-49A1-9DCF-D9548CEA815B}) (Version: 3.1 - SlimPublisher Team)
Software Bluetooth WIDCOMM (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9700 - Broadcom)
Software602 Form Filler (HKLM\...\{ABF049D4-0805-41D7-B657-F08347767539}) (Version: 4.53 - Software602 a.s.)
Subtitle Workshop 2.51 (HKLM\...\SubtitleWorkshop) (Version: - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.0.3 - Synaptics Incorporated)
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer)
TOPO Czech 3 PRO (HKLM\...\{4F50C25D-9236-42EE-86A4-F0BC39A543AE}) (Version: 3.00 - Picodas Praha, spol. s r.o.)
Topo España V.3.0 (HKLM\...\{1CFDFFDB-6646-43D6-8141-A77443F6BF98}) (Version: 2.00 - MPC Licensee)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 7.56a - Ghisler Software GmbH)
TotalPDFConverter (HKLM\...\Total PDF Converter_is1) (Version: 2.8 - Softplicity, Inc.)
Undelete Plus 2.93 (HKLM\...\Undelete Plus_is1) (Version: - FDRLab, Inc)
Universal Adb Driver (HKLM\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VSO CopyToDVD 4 (HKLM\...\{870F1750-BA89-11DA-A94D-0800200C9A66}_is1) (Version: 4.3.1.12c - VSO Software)
WebReg (Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows 7 USB/DVD Download Tool (HKLM\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 4.00 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
XnView 1.97.6 (HKLM\...\XnView_is1) (Version: 1.97.6 - Gougelet Pierre-e)
Zákon 4 (HKLM\...\{01DDA447-B7B2-4881-AE7B-F5B36650A713}) (Version: 4.0.48 - )
Zmeny (HKLM\...\Zmeny) (Version: - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-485145419-2806534028-1990940906-1001_Classes\CLSID\{3A999A50-AB25-4A20-90A9-08F71FCE320F}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\W32X86\3\hpcdmc32.dll (HP)
CustomCLSID: HKU\S-1-5-21-485145419-2806534028-1990940906-1001_Classes\CLSID\{98087D89-B93F-4BCF-A998-AE4D9F607C14}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\W32X86\3\hpcdmc32.dll (HP)
CustomCLSID: HKU\S-1-5-21-485145419-2806534028-1990940906-1001_Classes\CLSID\{B286F068-5B17-4AE8-989B-8F9A199C47BA}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\W32X86\3\hpcdmc32.dll (HP)

==================== Restore Points =========================

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {06EAF550-1C84-446F-BF76-F66E87D4515F} - System32\Tasks\Ad-Aware Update (Daily 1) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {0BA294E8-C44E-4D47-84DC-217611F2A7B3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {10BDB02E-0E08-4AB4-99BB-37375BCCF0A2} - System32\Tasks\Abelssoft\CheckDriveBackgroundGuard => C:\Program Files\CheckDrive\CheckDriveBackgroundGuard.exe
Task: {31580DF1-64B4-430D-9149-3FCA028D71BB} - System32\Tasks\ASC4_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 4\PMonitor.exe
Task: {3535FE35-B2E0-4765-821D-263DB77FE6E0} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_UBD => C:\Program Files\Hard Disk Sentinel\HDSentinel.exe [2012-08-06] (H.D.S. Hungary)
Task: {3E2F7FBF-1A83-4534-A8D9-A16594CB28D2} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{7B9CAEB3-6108-4EA8-8164-EC955D8340EB}.exe
Task: {4779BFA3-3CF5-4723-85D2-DCFD569D7C97} - System32\Tasks\{1E6A3417-602B-4617-8F0D-B56F28D1E1DE} => D:\Mrp\FOXR.EXE [2002-01-18] ()
Task: {51FBD71E-E2CB-4A72-AAE4-08BC18C49877} - System32\Tasks\{01613E45-A95A-4581-B01B-FE674D2116DB} => pcalua.exe -a E:\hp_LJ_P2015_Full_Solution_EE.exe -d E:\
Task: {5B87C15D-ECC8-4BED-8606-C637D9A36655} - System32\Tasks\Ad-Aware Update (Daily 4) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {5D830467-49B0-48D2-9A41-61AF865EDD9D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {79BD081A-DF02-4A27-BAB5-2EEB1189DF6E} - System32\Tasks\{9913A8BE-A71D-49C2-A6D8-7759AB4C21B8} => D:\Mrp\FOXR.EXE [2002-01-18] ()
Task: {7E768D1A-6FBC-49C5-84F3-20496D40A506} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {8CD43151-E27D-4B77-8093-31EEDDF1A3B7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {91699B1B-E66F-4DE8-9034-97A961712AD2} - System32\Tasks\{0CBCC544-D6CF-487C-BFDE-5E3F6CC22C24} => C:\Program Files\Skype\Phone\Skype.exe
Task: {98373164-43C6-4D7B-9C1A-EB0B211D311D} - System32\Tasks\WGCDMREAQ => Rundll32.exe "C:\Windows\system32\ELSCoref.dll",ZXUKLRRBC
Task: {AA98899D-26A7-4ED4-9A62-CF99AEC2015B} - System32\Tasks\Ad-Aware Update (Daily 3) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {AC6B7D15-023F-460D-88B7-38AA479D3C56} - System32\Tasks\Ad-Aware Update (Daily 2) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {E8A4D3B3-044E-4A98-8443-EE7A8D7618BD} - System32\Tasks\0814avUpdateInfo => C:\ProgramData\Avg_Update_0814av\0814av_AVG-Secure-Search-Update.exe [2014-08-12] ()
Task: {EED600BA-4BC5-4D67-A505-C3A2AC573CEC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\0814avUpdateInfo.job => C:\ProgramData\Avg_Update_0814av\0814av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{7B9CAEB3-6108-4EA8-8164-EC955D8340EB}.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\WGCDMREAQ.job => C:\Windows\system32\ELSCoref.dll

==================== Loaded Modules (whitelisted) =============

2011-02-05 19:42 - 2009-12-21 02:42 - 00176235 _____ () C:\Windows\System32\Primomonnt.dll
2011-11-08 18:43 - 2011-11-08 18:43 - 00021088 _____ () C:\Program Files\EMC Captiva\Captiva Cloud Runtime\SSLSupport.dll
2011-09-23 11:44 - 2011-09-23 11:44 - 00435552 _____ () C:\Program Files\Acronis\TrueImageHome\Common\ulxmlrpcpp.dll
2011-09-23 12:29 - 2011-09-23 12:29 - 00018784 _____ () C:\Program Files\Acronis\TrueImageHome\ti_managers_proxy_stub.dll
2011-05-17 20:13 - 2011-03-02 11:40 - 00140288 _____ () C:\Program Files\WinRAR\rarext.dll
2014-07-09 19:25 - 2012-08-08 14:59 - 00441536 _____ () C:\Program Files\Total PDF Converter\axTotalConverter.dll
2012-04-07 18:37 - 2009-11-16 19:31 - 00069632 _____ () C:\Program Files\PSPad editor\PSPadShell.dll
2014-11-05 08:54 - 2014-11-05 08:54 - 01685528 ____N () C:\Program Files\AVG Web TuneUp\TBAPI.dll
2014-09-25 19:44 - 2014-09-25 19:44 - 00043008 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2014-12-12 20:06 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-12 20:06 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-12 20:06 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-12 20:06 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-12-12 20:06 - 2014-12-06 02:50 - 14913352 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll
2014-12-10 18:40 - 2014-12-10 18:40 - 03758192 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:587EB586
AlternateDataStreams: C:\ProgramData\TEMP:C5831B98
AlternateDataStreams: C:\ProgramData\TEMP:CAEDBDA6

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

HKU\S-1-5-21-485145419-2806534028-1990940906-1001\Software\Classes\.exe: exefile => <===== ATTENTION!

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-485145419-2806534028-1990940906-500 - Administrator - Disabled)
Guest (S-1-5-21-485145419-2806534028-1990940906-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-485145419-2806534028-1990940906-1004 - Limited - Enabled)
UBD (S-1-5-21-485145419-2806534028-1990940906-1001 - Administrator - Enabled) => C:\Users\UBD

==================== Faulty Device Manager Devices =============

Name: Adaptér miniportu Microsoft Virtual WiFi
Description: Adaptér miniportu Microsoft Virtual WiFi
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Ovladač certifikace rozšířeného paměťového zařízení Microsoft WPD
Description: Ovladač certifikace rozšířeného paměťového zařízení Microsoft WPD
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: (rozšířené paměťové zařízení WPD)
Service: WUDFRd
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (12/12/2014 11:01:32 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/11/2014 06:18:23 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/11/2014 05:54:29 PM) (Source: MsiInstaller) (EventID: 1024) (User: UBD-PC)
Description: Aktualizaci {AC76BA86-7AD7-0000-2550-7A8C40011010} produktu Adobe Reader XI (11.0.09) - Czech nebylo možné nainstalovat. Kód chyby: 1625. Instalační služba systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error: (12/10/2014 05:07:29 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/09/2014 07:23:38 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Generování kontextu aktivace pro assemblyIdentity1 se nezdařilo. Chyba v souboru manifestu nebo zásady assemblyIdentity2 na řádku assemblyIdentity3.
Hodnota * atributu language v prvku assemblyIdentity je neplatná.

Error: (12/07/2014 10:46:49 PM) (Source: IMFservice) (EventID: 0) (User: )
Description: Neplatný popisovač

Error: (12/07/2014 01:54:07 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Generování kontextu aktivace pro assemblyIdentity1 se nezdařilo. Chyba v souboru manifestu nebo zásady assemblyIdentity2 na řádku assemblyIdentity3.
Hodnota * atributu language v prvku assemblyIdentity je neplatná.

Error: (12/07/2014 10:53:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ntvdm.exe, verze: 6.1.7600.16385, časové razítko: 0x4a5bc158
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000
ID chybujícího procesu: 0x1400
Čas spuštění chybující aplikace: 0xntvdm.exe0
Cesta k chybující aplikaci: ntvdm.exe1
Cesta k chybujícímu modulu: ntvdm.exe2
ID zprávy: ntvdm.exe3

Error: (12/07/2014 10:53:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ntvdm.exe, verze: 6.1.7600.16385, časové razítko: 0x4a5bc158
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000
ID chybujícího procesu: 0x778
Čas spuštění chybující aplikace: 0xntvdm.exe0
Cesta k chybující aplikaci: ntvdm.exe1
Cesta k chybujícímu modulu: ntvdm.exe2
ID zprávy: ntvdm.exe3

Error: (12/07/2014 10:53:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ntvdm.exe, verze: 6.1.7600.16385, časové razítko: 0x4a5bc158
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000
ID chybujícího procesu: 0x1334
Čas spuštění chybující aplikace: 0xntvdm.exe0
Cesta k chybující aplikaci: ntvdm.exe1
Cesta k chybujícímu modulu: ntvdm.exe2
ID zprávy: ntvdm.exe3

System errors:
=============
Error: (12/12/2014 08:07:26 PM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.

Error: (12/12/2014 07:21:29 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY)
Description: Kontrola šifrovaného svazku: Informace o svazku nelze přečíst.

Error: (12/12/2014 05:40:01 PM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.

Error: (12/12/2014 09:51:32 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom
Lbd

Error: (12/12/2014 09:51:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba vToolbarUpdater18.2.0 neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (12/12/2014 09:51:18 AM) (Source: Microsoft-Windows-EnhancedStorage-EhStorCertDrv) (EventID: 12) (User: NT AUTHORITY)
Description: Inicializace ovladače se nezdařila z důvodu nepodporovaného zařízení.

Error: (12/12/2014 00:27:38 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {1EF75F33-893B-4E8F-9655-C3D602BA4897}

Error: (12/12/2014 00:14:44 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom
Lbd

Error: (12/12/2014 00:14:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba vToolbarUpdater18.2.0 neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (12/12/2014 00:14:29 AM) (Source: Microsoft-Windows-EnhancedStorage-EhStorCertDrv) (EventID: 12) (User: NT AUTHORITY)
Description: Inicializace ovladače se nezdařila z důvodu nepodporovaného zařízení.

Microsoft Office Sessions:
=========================
Error: (12/12/2014 11:01:32 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\NewSoft\presto! bizcard 6\WinScanX64.exe

Error: (12/11/2014 06:18:23 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\NewSoft\presto! bizcard 6\WinScanX64.exe

Error: (12/11/2014 05:54:29 PM) (Source: MsiInstaller) (EventID: 1024) (User: UBD-PC)
Description: Adobe Reader XI (11.0.09) - Czech{AC76BA86-7AD7-0000-2550-7A8C40011010}1625(NULL)(NULL)(NULL)

Error: (12/10/2014 05:07:29 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\newsoft\presto! bizcard 6\WinScanX64.exe

Error: (12/09/2014 07:23:38 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentitylanguage*c:\program files\mozbackup\dll\DelZip179.dllc:\program files\mozbackup\dll\DelZip179.dll8

Error: (12/07/2014 10:46:49 PM) (Source: IMFservice) (EventID: 0) (User: )
Description: Neplatný popisovač

Error: (12/07/2014 01:54:07 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentitylanguage*c:\program files\mozbackup\dll\DelZip179.dllc:\program files\mozbackup\dll\DelZip179.dll8

Error: (12/07/2014 10:53:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ntvdm.exe6.1.7600.163854a5bc158unknown0.0.0.000000000c000000500000000140001d01203a94885e3C:\Windows\system32\ntvdm.exeunknowne70bb601-7df6-11e4-b6fe-c80aa94a84a6

Error: (12/07/2014 10:53:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ntvdm.exe6.1.7600.163854a5bc158unknown0.0.0.000000000c00000050000000077801d01203a90d29b4C:\Windows\system32\ntvdm.exeunknowne6c18c8b-7df6-11e4-b6fe-c80aa94a84a6

Error: (12/07/2014 10:53:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ntvdm.exe6.1.7600.163854a5bc158unknown0.0.0.000000000c000000500000000133401d01203a8c486e4C:\Windows\system32\ntvdm.exeunknowne67b0ca2-7df6-11e4-b6fe-c80aa94a84a6

==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU T6600 @ 2.20GHz
Percentage of memory in use: 56%
Total physical RAM: 3036.93 MB
Available physical RAM: 1328.98 MB
Total Pagefile: 6072.14 MB
Available Pagefile: 3710.02 MB
Total Virtual: 2047.88 MB
Available Virtual: 1885.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:149.89 GB) (Free:103.07 GB) NTFS
Drive d: () (Fixed) (Total:326.95 GB) (Free:245.49 GB) NTFS
Drive e: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: () (Fixed) (Total:146.38 GB) (Free:95.99 GB) NTFS
Drive g: () (Fixed) (Total:319.28 GB) (Free:35.62 GB) NTFS
Drive h: (SAMSUNG) (Fixed) (Total:3726.01 GB) (Free:3360.09 GB) NTFS
Drive i: () (Removable) (Total:3.67 GB) (Free:2.91 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 476.9 GB) (Disk ID: 0BA21099)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=326.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: BA71B4B3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=146.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=319.3 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 2.

========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 3.7 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=3.7 GB) - (Type=0B)

==================== End Of Log ============================

#6 Příspěvek od **altrok** » 13 pro 2014 03:25

2x jsem Vas zadal o doinstalovani IE11 a vsech dulezitych MS aktualizaci, ale nestalo se tak... je tedy s aktualizacemi nejaky problem?

Otestuje na virustotal.com soubor C:\Windows\system32\ELSCoref.dll

Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
znovu spustte FRST a kliknete na Fix

po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi

Kód: Vybrat vše

Start
CloseProcesses:
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoComputersNearMe] 0
HKU\S-1-5-21-485145419-2806534028-1990940906-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4811032 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-485145419-2806534028-1990940906-1001\...\Policies\Explorer: [NoNetHood] 0
HKU\S-1-5-21-485145419-2806534028-1990940906-1001\...\Policies\Explorer: [NoComputersNearMe] 0

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-485145419-2806534028-1990940906-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-485145419-2806534028-1990940906-1001 -> {5454D872-89FF-4DB7-961A-FF2ABC04D49C} URL = http://www.webhledani.cz/results.aspx?i=39&tp=ie&q={searchTerms}
SearchScopes: HKU\S-1-5-21-485145419-2806534028-1990940906-1001 -> {858FFCD3-6DC9-41F0-AA34-40CBA95F5C3F} URL = http://search.yahoo.com/search?ei=utf-8 ... &ilc=12&p={searchTerms}
SearchScopes: HKU\S-1-5-21-485145419-2806534028-1990940906-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={30988161-4395-4337-A64F-933A36D508A3}&mid=cbb72ccae25172adbc18e21b8398812c-9f93a26aaa2c9ec7b0c66ae3d8ffc4a7443013e1&lang=cs&ds=AVG&coid=avgtbavg&cmpid=1214tb&pr=fr&d=2014-11-05 08:54:36&v=4.0.5.7&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-485145419-2806534028-1990940906-1001 -> {F9BC07CA-174D-4CD0-BD77-37404FF399E5} URL = http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
BHO: Toolbar BHO -> {d5a1d22b-9e17-454f-8ecd-83c578fb3983} -> No File

FF Extension: Clickjacking Reveal - C:\Users\UBD\AppData\Roaming\Mozilla\Firefox\Profiles\2vpbl7ft.default\Extensions\no-clickjacking@daohoangson.com.xpi [2014-12-10]
CHR HomePage: Default -> hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP
CHR HKU\S-1-5-21-485145419-2806534028-1990940906-1001\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path
S2 vToolbarUpdater18.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\ToolbarUpdater.exe [X]
U3 DfSdkS; No ImagePath
S3 Huawei; system32\DRIVERS\ewdcsc.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S0 Lbd; system32\DRIVERS\Lbd.sys [X]

2014-12-12 23:25 - 2014-12-12 23:25 - 00029696 _____ () C:\Users\UBD\AppData\Local\MSGBOX.EXE
2014-12-12 23:25 - 2014-12-12 23:25 - 00015327 _____ () C:\Users\UBD\Desktop\LM.bat
2014-12-12 23:24 - 2014-12-12 23:24 - 00112640 _____ (forum.viry.cz) C:\Users\UBD\Desktop\FRSTLauncher.exe
2014-12-12 00:09 - 2014-12-12 00:09 - 02166272 _____ () C:\Users\UBD\Desktop\adwcleaner_4.105.exe
2014-12-10 00:41 - 2014-12-10 00:42 - 00000000 ____D () C:\rsit
2014-12-10 00:41 - 2014-12-10 00:42 - 00000000 ____D () C:\Program Files\trend micro
2014-12-10 00:41 - 2014-12-10 00:41 - 01107968 _____ () C:\Users\UBD\Downloads\RSIT.exe
2014-12-12 00:13 - 2014-05-17 07:47 - 00000000 ____D () C:\AdwCleaner
Task: {06EAF550-1C84-446F-BF76-F66E87D4515F} - System32\Tasks\Ad-Aware Update (Daily 1) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {31580DF1-64B4-430D-9149-3FCA028D71BB} - System32\Tasks\ASC4_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 4\PMonitor.exe
Task: {3E2F7FBF-1A83-4534-A8D9-A16594CB28D2} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{7B9CAEB3-6108-4EA8-8164-EC955D8340EB}.exe
Task: {5B87C15D-ECC8-4BED-8606-C637D9A36655} - System32\Tasks\Ad-Aware Update (Daily 4) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {AA98899D-26A7-4ED4-9A62-CF99AEC2015B} - System32\Tasks\Ad-Aware Update (Daily 3) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {AC6B7D15-023F-460D-88B7-38AA479D3C56} - System32\Tasks\Ad-Aware Update (Daily 2) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {E8A4D3B3-044E-4A98-8443-EE7A8D7618BD} - System32\Tasks\0814avUpdateInfo => C:\ProgramData\Avg_Update_0814av\0814av_AVG-Secure-Search-Update.exe [2014-08-12] ()
Task: C:\Windows\Tasks\0814avUpdateInfo.job => C:\ProgramData\Avg_Update_0814av\0814av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{7B9CAEB3-6108-4EA8-8164-EC955D8340EB}.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\WGCDMREAQ.job => C:\Windows\system32\ELSCoref.dll

AlternateDataStreams: C:\ProgramData\TEMP:587EB586
AlternateDataStreams: C:\ProgramData\TEMP:C5831B98
AlternateDataStreams: C:\ProgramData\TEMP:CAEDBDA6
Hosts:
EmptyTemp:
End

Cecil007 · #7 Příspěvek od **Cecil007** » 13 pro 2014 12:57

Dobrý den,
v odpovědi, kde žádáte o doinstalaci IE11 píšete ob řádek: " pokud nepoužíváte, odinstalujte Skype One Click Call (nebo jak se to jmenuje) a protože IE nepoužívám od verze 6 a vždy mám potíže jej dostat ze systému, odinstaloval jsem onen One Click a hotovo.
Ad aktualizace: mám dojem, že systém žádné nereklamuje, možná to ale jen nevidím. Měl bych něco konkrétního stáhnout a doinstalovat?
Ad virustotal. com: Otestováno a je v pořádku - harmless.
Jen pro pořádek: po odinstalaci SKype One Click-u to vypadá už docela dobře. Zátěž CPU je " v klidu" kolem 3%.
Zde je fixlog:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 13-12-2014
Ran by UBD at 2014-12-13 12:40:03 Run:1
Running from C:\Users\UBD\Desktop
Loaded Profile: UBD (Available profiles: UBD)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoComputersNearMe] 0
HKU\S-1-5-21-485145419-2806534028-1990940906-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4811032 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-485145419-2806534028-1990940906-1001\...\Policies\Explorer: [NoNetHood] 0
HKU\S-1-5-21-485145419-2806534028-1990940906-1001\...\Policies\Explorer: [NoComputersNearMe] 0

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-485145419-2806534028-1990940906-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-485145419-2806534028-1990940906-1001 -> {5454D872-89FF-4DB7-961A-FF2ABC04D49C} URL = http://www.webhledani.cz/results.aspx?i ... earchTerms}
SearchScopes: HKU\S-1-5-21-485145419-2806534028-1990940906-1001 -> {858FFCD3-6DC9-41F0-AA34-40CBA95F5C3F} URL = http://search.yahoo.com/search?ei=utf-8 ... &ilc=12&p={searchTerms}
SearchScopes: HKU\S-1-5-21-485145419-2806534028-1990940906-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={30 ... 2014-11-05 08:54:36&v=4.0.5.7&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-485145419-2806534028-1990940906-1001 -> {F9BC07CA-174D-4CD0-BD77-37404FF399E5} URL = http://www.bing.com/search?FORM=UP97DF& ... -SearchBox
BHO: Toolbar BHO -> {d5a1d22b-9e17-454f-8ecd-83c578fb3983} -> No File

FF Extension: Clickjacking Reveal - C:\Users\UBD\AppData\Roaming\Mozilla\Firefox\Profiles\2vpbl7ft.default\Extensions\no-clickjacking@daohoangson.com.xpi [2014-12-10]
CHR HomePage: Default -> hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP
CHR HKU\S-1-5-21-485145419-2806534028-1990940906-1001\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path
S2 vToolbarUpdater18.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\ToolbarUpdater.exe [X]
U3 DfSdkS; No ImagePath
S3 Huawei; system32\DRIVERS\ewdcsc.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S0 Lbd; system32\DRIVERS\Lbd.sys [X]

2014-12-12 23:25 - 2014-12-12 23:25 - 00029696 _____ () C:\Users\UBD\AppData\Local\MSGBOX.EXE
2014-12-12 23:25 - 2014-12-12 23:25 - 00015327 _____ () C:\Users\UBD\Desktop\LM.bat
2014-12-12 23:24 - 2014-12-12 23:24 - 00112640 _____ (forum.viry.cz) C:\Users\UBD\Desktop\FRSTLauncher.exe
2014-12-12 00:09 - 2014-12-12 00:09 - 02166272 _____ () C:\Users\UBD\Desktop\adwcleaner_4.105.exe
2014-12-10 00:41 - 2014-12-10 00:42 - 00000000 ____D () C:\rsit
2014-12-10 00:41 - 2014-12-10 00:42 - 00000000 ____D () C:\Program Files\trend micro
2014-12-10 00:41 - 2014-12-10 00:41 - 01107968 _____ () C:\Users\UBD\Downloads\RSIT.exe
2014-12-12 00:13 - 2014-05-17 07:47 - 00000000 ____D () C:\AdwCleaner
Task: {06EAF550-1C84-446F-BF76-F66E87D4515F} - System32\Tasks\Ad-Aware Update (Daily 1) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {31580DF1-64B4-430D-9149-3FCA028D71BB} - System32\Tasks\ASC4_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 4\PMonitor.exe
Task: {3E2F7FBF-1A83-4534-A8D9-A16594CB28D2} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{7B9CAEB3-6108-4EA8-8164-EC955D8340EB}.exe
Task: {5B87C15D-ECC8-4BED-8606-C637D9A36655} - System32\Tasks\Ad-Aware Update (Daily 4) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {AA98899D-26A7-4ED4-9A62-CF99AEC2015B} - System32\Tasks\Ad-Aware Update (Daily 3) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {AC6B7D15-023F-460D-88B7-38AA479D3C56} - System32\Tasks\Ad-Aware Update (Daily 2) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {E8A4D3B3-044E-4A98-8443-EE7A8D7618BD} - System32\Tasks\0814avUpdateInfo => C:\ProgramData\Avg_Update_0814av\0814av_AVG-Secure-Search-Update.exe [2014-08-12] ()
Task: C:\Windows\Tasks\0814avUpdateInfo.job => C:\ProgramData\Avg_Update_0814av\0814av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{7B9CAEB3-6108-4EA8-8164-EC955D8340EB}.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\WGCDMREAQ.job => C:\Windows\system32\ELSCoref.dll

AlternateDataStreams: C:\ProgramData\TEMP:587EB586
AlternateDataStreams: C:\ProgramData\TEMP:C5831B98
AlternateDataStreams: C:\ProgramData\TEMP:CAEDBDA6
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoComputersNearMe => value deleted successfully.
HKU\S-1-5-21-485145419-2806534028-1990940906-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value deleted successfully.
HKU\S-1-5-21-485145419-2806534028-1990940906-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoNetHood => value deleted successfully.
HKU\S-1-5-21-485145419-2806534028-1990940906-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoComputersNearMe => value deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-485145419-2806534028-1990940906-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909}" => Key deleted successfully.
"HKCR\CLSID\{483830EE-A4CD-4b71-B0A3-3D82E62A6909}" => Key not found.
"HKU\S-1-5-21-485145419-2806534028-1990940906-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5454D872-89FF-4DB7-961A-FF2ABC04D49C}" => Key deleted successfully.
"HKCR\CLSID\{5454D872-89FF-4DB7-961A-FF2ABC04D49C}" => Key not found.
"HKU\S-1-5-21-485145419-2806534028-1990940906-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{858FFCD3-6DC9-41F0-AA34-40CBA95F5C3F}" => Key deleted successfully.
"HKCR\CLSID\{858FFCD3-6DC9-41F0-AA34-40CBA95F5C3F}" => Key not found.
"HKU\S-1-5-21-485145419-2806534028-1990940906-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key deleted successfully.
"HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key not found.
"HKU\S-1-5-21-485145419-2806534028-1990940906-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F9BC07CA-174D-4CD0-BD77-37404FF399E5}" => Key deleted successfully.
"HKCR\CLSID\{F9BC07CA-174D-4CD0-BD77-37404FF399E5}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d5a1d22b-9e17-454f-8ecd-83c578fb3983}" => Key deleted successfully.
"HKCR\CLSID\{d5a1d22b-9e17-454f-8ecd-83c578fb3983}" => Key deleted successfully.
C:\Users\UBD\AppData\Roaming\Mozilla\Firefox\Profiles\2vpbl7ft.default\Extensions\no-clickjacking@daohoangson.com.xpi => Moved successfully.
Chrome HomePage deleted successfully.
"HKU\S-1-5-21-485145419-2806534028-1990940906-1001\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh" => Key deleted successfully.
vToolbarUpdater18.2.0 => Service deleted successfully.
DfSdkS => Service deleted successfully.
Huawei => Service deleted successfully.
hwdatacard => Service deleted successfully.
hwusbdev => Service deleted successfully.
Lbd => Service deleted successfully.
"C:\Users\UBD\AppData\Local\MSGBOX.EXE" => File/Directory not found.
C:\Users\UBD\Desktop\LM.bat => Moved successfully.
"C:\Users\UBD\Desktop\FRSTLauncher.exe" => File/Directory not found.
C:\Users\UBD\Desktop\adwcleaner_4.105.exe => Moved successfully.
C:\rsit => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\Users\UBD\Downloads\RSIT.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{06EAF550-1C84-446F-BF76-F66E87D4515F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{06EAF550-1C84-446F-BF76-F66E87D4515F}" => Key deleted successfully.
C:\Windows\System32\Tasks\Ad-Aware Update (Daily 1) => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Ad-Aware Update (Daily 1)" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{31580DF1-64B4-430D-9149-3FCA028D71BB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31580DF1-64B4-430D-9149-3FCA028D71BB}" => Key deleted successfully.
C:\Windows\System32\Tasks\ASC4_PerformanceMonitor => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC4_PerformanceMonitor" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3E2F7FBF-1A83-4534-A8D9-A16594CB28D2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3E2F7FBF-1A83-4534-A8D9-A16594CB28D2}" => Key deleted successfully.
C:\Windows\System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG-Secure-Search-Update_JUNE2013_TB_rmv" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5B87C15D-ECC8-4BED-8606-C637D9A36655}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B87C15D-ECC8-4BED-8606-C637D9A36655}" => Key deleted successfully.
C:\Windows\System32\Tasks\Ad-Aware Update (Daily 4) => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Ad-Aware Update (Daily 4)" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AA98899D-26A7-4ED4-9A62-CF99AEC2015B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AA98899D-26A7-4ED4-9A62-CF99AEC2015B}" => Key deleted successfully.
C:\Windows\System32\Tasks\Ad-Aware Update (Daily 3) => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Ad-Aware Update (Daily 3)" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AC6B7D15-023F-460D-88B7-38AA479D3C56}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC6B7D15-023F-460D-88B7-38AA479D3C56}" => Key deleted successfully.
C:\Windows\System32\Tasks\Ad-Aware Update (Daily 2) => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Ad-Aware Update (Daily 2)" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E8A4D3B3-044E-4A98-8443-EE7A8D7618BD}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E8A4D3B3-044E-4A98-8443-EE7A8D7618BD}" => Key deleted successfully.
C:\Windows\System32\Tasks\0814avUpdateInfo => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0814avUpdateInfo" => Key deleted successfully.
C:\Windows\Tasks\0814avUpdateInfo.job => Moved successfully.
C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\WGCDMREAQ.job => Moved successfully.
C:\ProgramData\TEMP => ":587EB586" ADS removed successfully.
C:\ProgramData\TEMP => ":C5831B98" ADS removed successfully.
C:\ProgramData\TEMP => ":CAEDBDA6" ADS removed successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 1.2 GB temporary data.

The system needed a reboot.

==== End of Fixlog ====

#8 Příspěvek od **altrok** » 13 pro 2014 13:10

IE11 je uzce spjaty s jadrem operacniho systemu a ma nemaly vliv na jeho bezpecnostni stranku

Takze jeste uklidime.

Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
Oznacte jen moznost "Remove disinfection tools"
kliknete na Run

A pokud nejsou dotazy ci jine problemy, je to ode mne vse.

Cecil007 · #9 Příspěvek od **Cecil007** » 14 pro 2014 15:12

Děkuji a - jako obvykle - přispívám. S pozdraven C.

#10 Příspěvek od **altrok** » 14 pro 2014 15:16

Nemate zac, rad jsem pomohl

Za podporu fora jmenem celeho tymu dekuji.

Preju Vam prijemnou adventni nedeli.. mejte se a treba zase nekdy

VIRY.CZ

Prosím o kontrolu logu

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu