Prosím o kontrolu

Zpráva

Puclik05 · #1 Příspěvek od **Puclik05** » 19 pro 2014 13:54

Dobrý den,

prosím o kontrolu logu. PC poslední dobou dost pomalu startuje a občas je hodně zpomalený internet.
Předem díky.

Logfile of random's system information tool 1.10 (written by random/random)
Run by MaM at 2014-12-19 13:39:32
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 16 GB (16%) free of 100 GB
Total RAM: 4094 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:39:34, on 19.12.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
C:\Program Files (x86)\Cyberlink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
C:\Program Files\Alwil Software\Avast5\avastui.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files\trend micro\MaM.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - (no file)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O3 - Toolbar: (no name) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - (no file)
O3 - Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O4 - HKLM\..\Run: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\Cyberlink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AllShareAgent] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "D:\Program Files (x86)\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\RunOnce: [Adobe Speed Launcher] 1418980163
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} - http://download.gigabyte.com.tw/object/Dldrv.ocx
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: CardBusService - Unknown owner - C:\Program Files (x86)\Common Files\AVerMedia\Service\CardBusService.exe
O23 - Service: DraftSight API Service - Dassault Systemes - C:\Program Files (x86)\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: JMB36X - Unknown owner - C:\Windows\SysWOW64\XSrvSetup.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Moborobo Device Service (MoboroboDeviceService) - Unknown owner - D:\Program Files (x86)\MoboRobo\MoboroboDeviceService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Ralink Registry Writer 64 (RalinkRegistryWriter64) - Ralink Technology, Corp. - C:\Program Files (x86)\Ovislink\Common\RaRegistry64.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung AllShare PC (SamsungAllShareV2.0) - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SimpleSlideShowServer - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - d:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14014 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
taskeng.exe {0D559555-F0F9-4D70-8D69-BB855BF50BE5}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe" C:\Program Files (x86)\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
"C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE"
C:\Windows\SysWOW64\XSrvSetup.exe
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"D:\Program Files (x86)\MoboRobo\MoboroboDeviceService.exe"
"C:\Program Files (x86)\Ovislink\Common\RaRegistry64.exe"
"C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"d:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 348
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Microsoft IntelliType Pro\itype.exe"
"C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
"C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe"
"C:\Program Files (x86)\Cyberlink\Power2Go\CLMLSvc.exe"
"C:\Program Files (x86)\Cyberlink\Shared files\brs.exe"
"C:\Program Files\Alwil Software\Avast5\avastui.exe" /nogui
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\wuauclt.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
"D:\Program Files (x86)\CCleaner\CCleaner64.exe" /monitor

"C:\Users\MaM\Downloads\RSITx64(1).exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\MaM\AppData\Roaming\Mozilla\Firefox\Profiles\auoyazwv.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, personas@christopher.beard:1.5.3, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, jqs@sun.com:1.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.3"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.235 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@garmin.com/GpsControl]
"Description"=Garmin GPS Control for Firefox
"Path"=C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~2\COMMON~1\Nero\BrowserPlugin\npBrowserPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.7]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.235 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@garmin.com/GpsControl]
"Description"=Garmin GPS Control for Firefox
"Path"=C:\Program Files\Garmin GPS Plugin\npGarmin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll

d:\Program Files (x86)\Mozilla Firefox\extensions\
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

d:\Program Files (x86)\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

d:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npvsharetvplg.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\MaM\AppData\Roaming\Mozilla\Firefox\Profiles\auoyazwv.default\extensions\
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}

C:\Users\MaM\AppData\Roaming\Mozilla\Firefox\Profiles\auoyazwv.default\searchplugins\
youtube.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Pro [2013-05-22 6583664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Pro [2013-05-22 6583664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Pro [2013-05-22 6583664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F}
{BFC32E1D-EE75-4A48-BC60-104E11EE2431}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Pro [2013-05-22 6583664]
"itype"=C:\Pro [2013-05-22 6583664]
"IntelliPoint"=C:\Pro [2013-05-22 6583664]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"= []
"CCleaner Monitoring"=D:\Program Files (x86)\CCleaner\CCleaner64.exe [2014-12-12 7394584]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Adobe Speed Launcher"=1418980163 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Pro [2013-05-22 6583664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Pro [2013-05-22 6583664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
C:\Pro [2013-05-22 6583664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarminExpressTrayApp]
C:\Pro [2013-05-22 6583664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
C:\Pro [2013-05-22 6583664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSU_agent]
C:\Pro [2013-05-22 6583664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10]
d:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10\PDVD10Serv.exe [2010-02-03 87336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SRDownloader]
C:\Users\MaM\Downloads\MRDownloader.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]
C:\Pro [2013-05-22 6583664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut]
C:\Pro [2013-05-22 6583664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut]
C:\Pro [2013-05-22 6583664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePPShortCut]
C:\Pro [2013-05-22 6583664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ImageMixer 3 SE Camera Monitor Ver.4.5.lnk]
D:\PROGRA~1\PIXELA\IMAGEM~1.5\TRANSF~1\CAMERA~1.EXE [2009-08-28 406896]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCU"=C:\Pro [2013-05-22 6583664]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2007-03-20 36864]
"ATICustomerCare"=C:\Pro [2013-05-22 6583664]
"CLMLServer"=C:\Pro [2013-05-22 6583664]
"UpdatePSTShortCut"=C:\Pro [2013-05-22 6583664]
"BDRegion"=C:\Pro [2013-05-22 6583664]
"StartCCC"=C:\Pro [2013-05-22 6583664]
"AvastUI.exe"=C:\Pro [2013-05-22 6583664]
"NUSB3MON"=C:\Pro [2013-05-22 6583664]
"SunJavaUpdateSched"=C:\Pro [2013-05-22 6583664]
"QuickTime Task"=D:\Program Files (x86)\QuickTime\QTTask.exe [2014-10-02 421888]
"Adobe ARM"=C:\Pro [2013-05-22 6583664]
"AllShareAgent"=C:\Pro [2013-05-22 6583664]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\MaM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-12-19 13:10:58 ----D---- C:\rsit
2014-12-19 13:10:58 ----D---- C:\Program Files\trend micro
2014-12-10 19:04:25 ----D---- C:\Windows\system32\appraiser
2014-12-09 20:36:07 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-12-09 20:36:06 ----A---- C:\Windows\system32\mf.dll
2014-12-09 20:05:28 ----A---- C:\Windows\system32\aitstatic.exe
2014-12-09 20:05:27 ----A---- C:\Windows\system32\appraiser.dll
2014-12-09 20:05:27 ----A---- C:\Windows\system32\aepic.dll
2014-12-09 20:05:27 ----A---- C:\Windows\system32\aeinv.dll
2014-12-09 20:05:26 ----A---- C:\Windows\system32\invagent.dll
2014-12-09 20:05:25 ----A---- C:\Windows\system32\generaltel.dll
2014-12-09 20:05:25 ----A---- C:\Windows\system32\devinv.dll
2014-12-09 20:05:23 ----A---- C:\Windows\system32\aepdu.dll
2014-12-09 20:05:06 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-12-09 20:05:05 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-12-09 20:05:03 ----A---- C:\Windows\system32\drivers\tdx.sys
2014-12-09 20:05:01 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-12-09 20:05:01 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-12-09 20:05:01 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-12-09 20:05:01 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-12-09 20:05:01 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-12-09 20:05:00 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-12-09 20:05:00 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-12-09 20:05:00 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-12-09 20:05:00 ----A---- C:\Windows\system32\iernonce.dll
2014-12-09 20:05:00 ----A---- C:\Windows\system32\ie4uinit.exe
2014-12-09 20:04:59 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-12-09 20:04:59 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-12-09 20:04:59 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-12-09 20:04:59 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-09 20:04:58 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-12-09 20:04:58 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-12-09 20:04:58 ----A---- C:\Windows\system32\urlmon.dll
2014-12-09 20:04:58 ----A---- C:\Windows\system32\iedkcs32.dll
2014-12-09 20:04:57 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-12-09 20:04:57 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-12-09 20:04:57 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-12-09 20:04:57 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-12-09 20:04:57 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-09 20:04:57 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-12-09 20:04:56 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-12-09 20:04:56 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-12-09 20:04:56 ----A---- C:\Windows\system32\msfeeds.dll
2014-12-09 20:04:56 ----A---- C:\Windows\system32\dxtrans.dll
2014-12-09 20:04:55 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-12-09 20:04:55 ----A---- C:\Windows\system32\iesetup.dll
2014-12-09 20:04:55 ----A---- C:\Windows\system32\ieapfltr.dll
2014-12-09 20:04:53 ----A---- C:\Windows\system32\iertutil.dll
2014-12-09 20:04:52 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-12-09 20:04:52 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-12-09 20:04:51 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-12-09 20:04:51 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-12-09 20:04:50 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-12-09 20:04:50 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-12-09 20:04:50 ----A---- C:\Windows\system32\jsproxy.dll
2014-12-09 20:04:50 ----A---- C:\Windows\system32\ieUnatt.exe
2014-12-09 20:04:49 ----A---- C:\Windows\system32\dxtmsft.dll
2014-12-09 20:04:48 ----A---- C:\Windows\system32\mshtmled.dll
2014-12-09 20:04:48 ----A---- C:\Windows\system32\ieui.dll
2014-12-09 20:04:48 ----A---- C:\Windows\system32\ieframe.dll
2014-12-09 20:04:47 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-12-09 20:04:46 ----A---- C:\Windows\system32\wininet.dll
2014-12-09 20:04:46 ----A---- C:\Windows\system32\vbscript.dll
2014-12-09 20:04:46 ----A---- C:\Windows\system32\jscript9diag.dll
2014-12-09 20:04:46 ----A---- C:\Windows\system32\jscript9.dll
2014-12-09 20:04:45 ----A---- C:\Windows\system32\msrating.dll
2014-12-09 20:04:45 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-12-09 20:04:44 ----A---- C:\Windows\system32\mshtml.dll
2014-12-09 20:00:34 ----A---- C:\Windows\SYSWOW64\charmap.exe
2014-12-09 20:00:34 ----A---- C:\Windows\system32\charmap.exe
2014-12-09 20:00:32 ----A---- C:\Windows\system32\WsmSvc.dll
2014-12-09 20:00:31 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-12-09 20:00:31 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2014-12-09 20:00:31 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-12-09 20:00:31 ----A---- C:\Windows\system32\WsmAuto.dll
2014-12-09 20:00:31 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-09 20:00:31 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2014-12-09 20:00:30 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2014-12-09 20:00:30 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2014-12-09 20:00:30 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2014-12-09 20:00:28 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-12-09 20:00:28 ----A---- C:\Windows\system32\tzres.dll
2014-11-21 13:23:02 ----A---- C:\Windows\system32\aswBoot.exe
2014-11-21 13:23:00 ----A---- C:\Windows\avastSS.scr

======List of files/folders modified in the last 1 month======

2014-12-19 13:39:33 ----D---- C:\Windows\Temp
2014-12-19 13:38:05 ----RD---- C:\Program Files (x86)
2014-12-19 13:38:04 ----D---- C:\Windows\system32\drivers
2014-12-19 13:22:02 ----D---- C:\Users\MaM\AppData\Roaming\Media Player Classic
2014-12-19 13:22:02 ----D---- C:\Users\MaM\AppData\Roaming\DAEMON Tools Lite
2014-12-19 13:21:54 ----D---- C:\Windows\system32\LogFiles
2014-12-19 13:21:53 ----D---- C:\Windows\inf
2014-12-19 13:21:53 ----D---- C:\Windows\debug
2014-12-19 13:21:53 ----AD---- C:\Windows
2014-12-19 13:10:58 ----D---- C:\Program Files
2014-12-19 12:57:40 ----D---- C:\Windows\Prefetch
2014-12-19 11:04:38 ----D---- C:\Windows\System32
2014-12-19 11:04:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-12-19 10:23:01 ----D---- C:\Windows\system32\config
2014-12-19 10:07:44 ----D---- C:\Windows\addins
2014-12-19 09:06:02 ----HD---- C:\ProgramData
2014-12-19 09:06:02 ----D---- C:\Program Files (x86)\FLVPlayer
2014-12-19 08:24:42 ----SHD---- C:\System Volume Information
2014-12-19 08:23:54 ----D---- C:\Windows\winsxs
2014-12-15 18:39:41 ----D---- C:\Program Files\Microsoft Silverlight
2014-12-15 18:39:40 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-12-15 12:17:37 ----SHD---- C:\Windows\Installer
2014-12-15 11:28:16 ----D---- C:\Windows\SysWOW64
2014-12-10 22:04:38 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-12-10 20:33:13 ----D---- C:\Windows\rescache
2014-12-10 19:04:25 ----SD---- C:\Windows\system32\CompatTel
2014-12-10 19:04:25 ----SD---- C:\ProgramData\Microsoft
2014-12-10 19:04:25 ----D---- C:\Windows\AppCompat
2014-12-10 19:04:24 ----D---- C:\Windows\SYSWOW64\en-US
2014-12-10 19:04:24 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-12-10 19:04:24 ----D---- C:\Windows\system32\en-US
2014-12-10 19:04:24 ----D---- C:\Windows\system32\cs-CZ
2014-12-10 19:04:24 ----D---- C:\Windows\PolicyDefinitions
2014-12-10 19:04:24 ----D---- C:\Program Files\Internet Explorer
2014-12-10 19:04:23 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-09 20:43:27 ----D---- C:\ProgramData\Microsoft Help
2014-12-09 20:42:21 ----D---- C:\Windows\system32\MRT
2014-12-09 20:37:39 ----A---- C:\Windows\system32\MRT.exe
2014-12-09 19:58:15 ----D---- C:\Windows\system32\catroot2
2014-12-04 17:58:34 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-24 14:04:56 ----N---- C:\Windows\system32\MpSigStub.exe
2014-11-21 13:23:17 ----D---- C:\Windows\system32\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-11-21 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-11-21 267632]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2009-10-07 115312]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-07-23 834544]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-11-21 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-22 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-11-21 436624]
R1 eusk2par;Aladdin SmartKey Parallel Driver; \??\C:\Windows\system32\Drivers\eusk2par-amd64.sys [2008-12-18 32336]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 AODDriver4.2;AODDriver4.2; \??\C:\Pro [2013-05-22 6583664]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-11-21 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-11-21 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-11-21 116728]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-08-03 314016]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-08-03 43680]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 146432]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-12-19 11278336]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-12-19 552960]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-11-06 96256]
R3 AVerBDA3x_x64;AVerMedia SAA713x BDA Service; C:\Windows\system32\DRIVERS\AVerBDA3x_x64.sys [2007-08-29 1729024]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2010-09-13 54824]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-09-13 98344]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-09-13 132648]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-09-13 35104]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-09-13 21288]
R3 dc3d;MS Hardware Device Detection Driver (USB); C:\Windows\system32\DRIVERS\dc3d.sys [2009-11-05 27512]
R3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2014-12-19 25640]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-10-21 2013856]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-11-19 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-11-19 181248]
R3 Point64;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point64k.sys [2009-11-05 34160]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-08-20 239616]
R3 teamviewervpn;TeamViewer VPN Adapter; C:\Windows\system32\DRIVERS\teamviewervpn.sys [2013-06-06 35112]
S2 port_nt;port_nt; \??\c:\windows\system32\drivers\port_nt.sys []
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-04-11 110336]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys []
S3 ENTECH64;ENTECH64; \??\C:\Windows\system32\DRIVERS\ENTECH64.sys [2008-04-22 12744]
S3 esgiguard;esgiguard; \??\C:\Pro [2013-05-22 6583664]
S3 etdrv;etdrv; \??\C:\Windows\etdrv.sys [2013-09-07 25640]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-22 48488]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\SysWOW64\FsUsbExDisk.SYS [2013-02-05 37344]
S3 grmnusb;Garmin USB Driver; C:\Windows\system32\drivers\grmnusb.sys [2012-04-18 19304]
S3 GVTDrv64;GVTDrv64; \??\C:\Windows\GVTDrv64.sys [2013-09-07 30528]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-11 26112]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 rt61x64;RT61 Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr6164.sys [2010-04-07 446304]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2009-07-17 201472]
S3 SANDRA;SANDRA; \??\d:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP5\WNt500x64\Sandra.sys []
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-04-11 206080]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudserd.sys [2014-04-11 206080]
S3 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys []
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2013-04-18 17744]
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-01-09 9216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Serial Emulation Driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-01-09 9216]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Pro [2013-05-22 6583664]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-12-19 240640]
R2 AMD FUEL Service;AMD FUEL Service; C:\Pro [2013-05-22 6583664]
R2 Apple Mobile Device;Apple Mobile Device; C:\Pro [2013-05-22 6583664]
R2 avast! Antivirus;avast! Antivirus; C:\Pro [2013-05-22 6583664]
R2 BCUService;Browser Configuration Utility Service; C:\Pro [2013-05-22 6583664]
R2 btwdins;Bluetooth Service; C:\Pro [2013-05-22 6583664]
R2 DraftSight API Service;DraftSight API Service; C:\Pro [2013-05-22 6583664]
R2 ES lite Service;ES lite Service for program management.; C:\Pro [2013-05-22 6583664]
R2 JMB36X;JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [2009-08-06 65536]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Pro [2013-05-22 6583664]
R2 MoboroboDeviceService;Moborobo Device Service; D:\Program Files (x86)\MoboRobo\MoboroboDeviceService.exe [2014-03-28 70952]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Pro [2013-05-22 6583664]
R2 RalinkRegistryWriter64;Ralink Registry Writer 64; C:\Pro [2013-05-22 6583664]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Pro [2013-05-22 6583664]
R2 SamsungAllShareV2.0;Samsung AllShare PC; C:\Pro [2013-05-22 6583664]
R2 TeamViewer8;TeamViewer 8; d:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-10-01 5087584]
R2 TomTomHOMEService;TomTomHOMEService; C:\Pro [2013-05-22 6583664]
S2 CardBusService;CardBusService; C:\Pro [2013-05-22 6583664]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 Garmin Core Update Service;Garmin Core Update Service; C:\Pro [2013-05-22 6583664]
S2 gupdate;Služba Google Update (gupdate); C:\Pro [2013-05-22 6583664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10 267440]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Pro [2013-05-22 6583664]
S3 fsssvc;Windows Live Family Safety Service; C:\Pro [2013-05-22 6583664]
S3 gupdatem;Služba Google Update (gupdatem); C:\Pro [2013-05-22 6583664]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Pro [2013-05-22 6583664]
S3 IDriverT;InstallDriver Table Manager; C:\Pro [2013-05-22 6583664]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Pro [2013-05-22 6583664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Pro [2013-05-22 6583664]
S3 ose;Office Source Engine; C:\Pro [2013-05-22 6583664]
S3 ServiceLayer;ServiceLayer; C:\Pro [2013-05-22 6583664]
S3 SimpleSlideShowServer;SimpleSlideShowServer; C:\Pro [2013-05-22 6583664]
S3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Pro [2013-05-22 6583664]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-07-23 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 19 pro 2014 16:57

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Po spusteni probehne stazeni databaze
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

Kód: Vybrat vše

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Puclik05 · #3 Příspěvek od **Puclik05** » 19 pro 2014 18:45

# AdwCleaner v4.105 - Report created 19/12/2014 at 17:23:26
# Updated 08/12/2014 by Xplode
# Database : 2014-12-16.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : MaM - MAM-PC
# Running from : C:\Users\MaM\Desktop\adwcleaner_4.105.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : BCUService

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\SNT
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\Fighters
Folder Deleted : C:\ProgramData\NeuxtCeoup
Folder Deleted : C:\ProgramData\ssave neti
Folder Deleted : C:\ProgramData\8ab74702bc6fdaa3
Folder Deleted : C:\Program Files (x86)\DeviceVM
Folder Deleted : C:\Program Files (x86)\FlvPlayer
Folder Deleted : C:\Program Files (x86)\LSHunter.TV
Folder Deleted : C:\Program Files (x86)\Mobogenie
Folder Deleted : C:\Program Files (x86)\Optimizer Pro
Folder Deleted : C:\Program Files (x86)\SNT
Folder Deleted : C:\Program Files (x86)\NeuxtCeoup
Folder Deleted : C:\Program Files (x86)\ssave neti
Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\MaM\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\MaM\AppData\Local\Mobogenie
Folder Deleted : C:\Users\MaM\AppData\Local\torch
Folder Deleted : C:\Users\MaM\AppData\Local\CrashRpt
Folder Deleted : C:\Users\MaM\AppData\Roaming\Babylon
Folder Deleted : C:\Users\MaM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Folder Deleted : C:\Users\MaM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahegakingenpnnkbalkfhbaoddddemla
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahegakingenpnnkbalkfhbaoddddemla
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahegakingenpnnkbalkfhbaoddddemla
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\biginnmafciladjeihcnelodljdokpgi
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\biginnmafciladjeihcnelodljdokpgi
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\biginnmafciladjeihcnelodljdokpgi
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oemjmcmibhahebmjlblhiomajhmobpge
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\oemjmcmibhahebmjlblhiomajhmobpge
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\oemjmcmibhahebmjlblhiomajhmobpge
Folder Deleted : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ahegakingenpnnkbalkfhbaoddddemla
Folder Deleted : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ahegakingenpnnkbalkfhbaoddddemla
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ahegakingenpnnkbalkfhbaoddddemla
Folder Deleted : C:\Users\MaM\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ahegakingenpnnkbalkfhbaoddddemla
Folder Deleted : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\biginnmafciladjeihcnelodljdokpgi
Folder Deleted : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\biginnmafciladjeihcnelodljdokpgi
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\biginnmafciladjeihcnelodljdokpgi
Folder Deleted : C:\Users\MaM\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\biginnmafciladjeihcnelodljdokpgi
Folder Deleted : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oemjmcmibhahebmjlblhiomajhmobpge
Folder Deleted : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oemjmcmibhahebmjlblhiomajhmobpge
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oemjmcmibhahebmjlblhiomajhmobpge
Folder Deleted : C:\Users\MaM\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oemjmcmibhahebmjlblhiomajhmobpge
File Deleted : C:\Users\MaM\daemonprocess.txt
File Deleted : C:\Users\MaM\AppData\Roaming\LiveSupport.exe_log.txt
File Deleted : C:\Users\MaM\AppData\Roaming\regsvr32.exe_log.txt
File Deleted : C:\Users\MaM\AppData\Roaming\Mozilla\Firefox\Profiles\auoyazwv.default\bProtector_extensions.rdf
File Deleted : C:\Users\MaM\AppData\Roaming\Mozilla\Firefox\Profiles\auoyazwv.default\invalidprefs.js
File Deleted : C:\Users\MaM\AppData\Roaming\Mozilla\Firefox\Profiles\auoyazwv.default\user.js

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Key Deleted : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook
Key Deleted : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [BCU]
Key Deleted : HKCU\Software\a48cd8b069ec15
Key Deleted : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{77AA6435-2488-4A94-9FE5-49519DD2ED9B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BB7256DD-EBA9-480B-8441-A00388C2BEC3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\DeviceVM
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\vShare.tv
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\DeviceVM
Key Deleted : HKLM\SOFTWARE\dt soft\daemon tools toolbar
Key Deleted : HKLM\SOFTWARE\Myfree Codec
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7DD5E91C-3864-77EC-7635-D14910C2A03E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5B363E1D-8C36-4458-BAE4-D5081999E094}
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

-\\ Mozilla Firefox v34.0 (x86 cs)

[auoyazwv.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename,S", "WebSearch");
[auoyazwv.default\prefs.js] - Line Deleted : user_pref("browser.search.defaulturl", "hxxp://websearch.searchsun.info/?pid=377&r=2014/05/14&hid=15730817704772650190&lg=EN&cc=CZ&unqvl=52&l=1&q=");
[auoyazwv.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "WebSearch");
[auoyazwv.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1,S", "WebSearch");
[auoyazwv.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine,S", "WebSearch");
[auoyazwv.default\prefs.js] - Line Deleted : user_pref("extensions.6kijp.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\"sumorobo.n[...]
[auoyazwv.default\prefs.js] - Line Deleted : user_pref("extensions.DDPZ2N.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\"sumorobo.[...]
[auoyazwv.default\prefs.js] - Line Deleted : user_pref("extensions._nV.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\"sumorobo.net[...]
[auoyazwv.default\prefs.js] - Line Deleted : user_pref("extensions.a5ee763exxW.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\"sumo[...]
[auoyazwv.default\prefs.js] - Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #psa-teoma-result .ptbs .WRCN, #teoma-results .ptbs .WRCN {display:inline !important; background: url(\"IMAGE\") right no-[...]
[auoyazwv.default\prefs.js] - Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
[auoyazwv.default\prefs.js] - Line Deleted : user_pref("extensions.xpRo3Na6w.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\"sumoro[...]

-\\ Google Chrome v34.0.1847.131

[C:\Users\MaM\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : bopakagnckmlgajfccecajhnimjiiedh
[C:\Users\MaM\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
[C:\Users\MaM\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : kpionmjnkbpcdpcflammlgllecmejgjj
[C:\Users\MaM\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : ahegakingenpnnkbalkfhbaoddddemla
[C:\Users\MaM\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : biginnmafciladjeihcnelodljdokpgi

-\\ Comodo Dragon v

*************************

AdwCleaner[R0].txt - [12689 octets] - [19/12/2014 17:04:50]
AdwCleaner[S0].txt - [12551 octets] - [19/12/2014 17:23:26]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [12612 octets] ##########

Puclik05 · #4 Příspěvek od **Puclik05** » 19 pro 2014 18:46

Ještě ZOEK:

Zoek.exe v5.0.0.0 Updated 19-December-2014
Tool run by MaM on p 19.12.2014 at 17:40:36,39.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\MaM\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

19.12.2014 17:43:57 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\COMMON~1\EuroPlus Shared deleted successfully
C:\Program Files\Common Files\Autodesk Shared deleted successfully
C:\PROGRA~3\CorelDRAW Graphics Suite X6 deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\Users\MaM\AppData\Roaming\DBF Manager deleted successfully
C:\Users\MaM\AppData\Roaming\EurekaLog deleted successfully
C:\Users\MaM\AppData\Roaming\Media Player Classic deleted successfully
C:\Users\MaM\AppData\Roaming\NeroDigital(TM) deleted successfully
C:\Users\MaM\AppData\Local\cache deleted successfully
C:\Users\MaM\AppData\Local\calibre-cache deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-4282224533-4207623257-917253334-1000\Software\Microsoft\Internet Explorer\SearchScopes\{D5E19C18-F3AB-493f-8E65-644B834C7878} deleted successfully
HKEY_USERS\S-1-5-21-4282224533-4207623257-917253334-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} deleted successfully
HKEY_USERS\S-1-5-21-4282224533-4207623257-917253334-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} deleted successfully
HKEY_USERS\S-1-5-21-4282224533-4207623257-917253334-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} deleted successfully
HKEY_USERS\S-1-5-21-4282224533-4207623257-917253334-1000\Software\Microsoft\Internet Explorer\Explorer Bars\{21347690-EC41-4F9A-8887-1F4AEE672439} deleted successfully
HKEY_USERS\S-1-5-21-4282224533-4207623257-917253334-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{21347690-EC41-4F9A-8887-1F4AEE672439} deleted successfully
HKEY_USERS\S-1-5-21-4282224533-4207623257-917253334-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9} deleted successfully
HKEY_USERS\S-1-5-21-4282224533-4207623257-917253334-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9} deleted successfully
HKEY_USERS\S-1-5-21-4282224533-4207623257-917253334-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_USERS\S-1-5-21-4282224533-4207623257-917253334-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_USERS\S-1-5-21-4282224533-4207623257-917253334-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully
HKEY_USERS\S-1-5-21-4282224533-4207623257-917253334-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully
HKEY_USERS\S-1-5-21-4282224533-4207623257-917253334-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_USERS\S-1-5-21-4282224533-4207623257-917253334-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_USERS\S-1-5-21-4282224533-4207623257-917253334-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BFC32E1D-EE75-4A48-BC60-104E11EE2431} deleted successfully
HKEY_USERS\S-1-5-21-4282224533-4207623257-917253334-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BFC32E1D-EE75-4A48-BC60-104E11EE2431} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{BFC32E1D-EE75-4A48-BC60-104E11EE2431} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} deleted successfully
HKEY_USERS\S-1-5-21-4282224533-4207623257-917253334-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} deleted successfully
HKEY_USERS\S-1-5-21-4282224533-4207623257-917253334-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} deleted successfully
HKEY_USERS\S-1-5-21-4282224533-4207623257-917253334-1000\Software\Mozilla\Firefox\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{BFC32E1D-EE75-4A48-BC60-104E11EE2431} deleted successfully

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\MaM\AppData\Roaming\Mozilla\Firefox\Profiles\auoyazwv.default\prefs.js:
user_pref("browser.startup.homepage", "www.seznam.cz");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\MaM\AppData\Roaming\Mozilla\Firefox\Profiles\auoyazwv.default\prefs.js:

Deleted from C:\Users\MaM\AppData\Roaming\Thunderbird\Profiles\lmc4m6md.default\prefs.js:

Added to C:\Users\MaM\AppData\Roaming\Thunderbird\Profiles\lmc4m6md.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\MaM\AppData\Roaming\TomTom\HOME\Profiles\0ene9v5l.default\prefs.js:

Added to C:\Users\MaM\AppData\Roaming\TomTom\HOME\Profiles\0ene9v5l.default\prefs.js:

ProfilePath: C:\Users\MaM\AppData\Roaming\Mozilla\Firefox\Profiles\auoyazwv.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_19.12.2014_1809_.backup

ProfilePath: C:\Users\MaM\AppData\Roaming\Thunderbird\Profiles\lmc4m6md.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_19.12.2014_1809_.backup

ProfilePath: C:\Users\MaM\AppData\Roaming\TomTom\HOME\Profiles\0ene9v5l.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_19.12.2014_1809_.backup

==== Deleting Files \ Folders ======================

C:\Users\MaM\AppData\LocalLow\{34062F10-1E09-B800-0AD8-BA3CA5E91E61} deleted
C:\Users\MaM\AppData\Local\Packages\windows_ie_ac_001\AC\{34062F10-1E09-B800-0AD8-BA3CA5E91E61} deleted
C:\PROGRA~3\AllaboutApp deleted
C:\PROGRA~3\__wdump.txt deleted
C:\PROGRA~3\xml58F8.tmp deleted
C:\PROGRA~3\xml6355.tmp deleted
C:\PROGRA~3\xml6356.tmp deleted
C:\PROGRA~3\xml6357.tmp deleted
C:\PROGRA~3\ISTask.dll deleted
C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\Package Cache deleted
C:\Windows\wininit.ini deleted
C:\Users\MaM\AppData\Roaming\Mozilla\Firefox\Profiles\auoyazwv.default\jetpack deleted
C:\Users\MaM\Desktop\MRDownloader.exe deleted
"C:\Users\MaM\AppData\Roaming\Temp" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"bkmrksync@nokia.com"="D:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync" [21.09.2012 17:35]

==== Firefox Extensions ======================

ProfilePath: C:\Users\MaM\AppData\Roaming\Mozilla\Firefox\Profiles\auoyazwv.default
- Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF
- Undetermined - {966762eb-7132-4081-ac70-20d20161ad96}
- Undetermined - {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
- Undetermined - wrc@avast.com
- Garmin Communicator - %ProfilePath%\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
- Clip to OneNote - %ProfilePath%\extensions\{966762eb-7132-4081-ac70-20d20161ad96}.xpi

ProfilePath: C:\Users\MaM\AppData\Roaming\Thunderbird\Profiles\lmc4m6md.default
- esk slovnk pro kontrolu pravopisu - %ProfilePath%\extensions\cs@dictionaries.addons.mozilla.org
- Deutsches Wrterbuch - %ProfilePath%\extensions\de-DE@dictionaries.addons.mozilla.org

ProfilePath: C:\Users\MaM\AppData\Roaming\TomTom\HOME\Profiles\0ene9v5l.default
- Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com
- Emulator - %ProfilePath%\extensions\Navcore.8.351.9982@tomtom.com

==== Firefox Plugins ======================

Profilepath: C:\Users\MaM\AppData\Roaming\Mozilla\Firefox\Profiles\auoyazwv.default
424899266BA430CCE5DDB6C1B4BE1B99 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll - Shockwave Flash
9FD6A1990289B9290563CA069CB74EF9 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll - Shockwave Flash
CE252B04FB9F4F773A7DB5338BFEEA5B - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL - CANON iMAGE GATEWAY Album Plugin Utility

==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Administrator\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\Guest\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\Guest\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Guest\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\MaM\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\MaM\AppData\Local\Comodo\Dragon deleted

==== Chromium Look ======================

Google Chrome Version: 34.0.1847.131 (Could not determine latest Stable Version)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx[21.11.2014 13:22]

reddit companion - MaM\AppData\Local\Google\Chrome\User Data\Default\Extensions\algjnflpgoopkdijmkalfcifomdhmcbe

==== Chromium Fix ======================

C:\Users\MaM\AppData\Local\Google\Chrome\User Data\Default\Extensions\algjnflpgoopkdijmkalfcifomdhmcbe deleted successfully
C:\Users\MaM\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_algjnflpgoopkdijmkalfcifomdhmcbe_0.localstorage deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.bing.com/search?q={searchTer ... DF&PC=AV01"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.bing.com/search?q={searchTer ... DF&PC=AV01"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.bing.com/search?q={searchTer ... DF&PC=AV01"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{5BD586AE-019A-4a54-B08B-95BC9E981297} Google Url="http://www.google.com/custom?client=pub ... earchTerms}"
{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} Microsoft (Bing) Url="http://www.bing.com/search?q={searchTer ... DF&PC=AV01"

==== Reset Google Chrome ======================

C:\Users\MaM\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\MaM\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_CURRENT_USER\Software\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7130468A-F53F-4698-8C09-A339EA3B05E6} deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\A8640317F35F8964C8903A93AEB3506E deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SRDownloader deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\MaM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\MaM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\MaM\AppData\Local\Mozilla\Firefox\Profiles\auoyazwv.default\cache2 emptied successfully
C:\Users\MaM\AppData\Roaming\Mozilla\Firefox\Profiles\auoyazwv.default\personas\cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\MaM\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=42 folders=27 49228845 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\MaM\AppData\Local\Temp will be emptied at reboot
C:\Windows\SysNative\config\systemprofile\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\MaM\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on p 19.12.2014 at 18:22:00,70 ======================

#5 Příspěvek od **vyosek** » 19 pro 2014 21:18

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=30&t=133101

Puclik05 · #6 Příspěvek od **Puclik05** » 19 pro 2014 21:54

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-12-2014
Ran by MaM (administrator) on MAM-PC on 19-12-2014 21:48:18
Running from C:\Users\MaM\Desktop
Loaded Profile: MaM (Available profiles: MaM)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
(Piriform Ltd) D:\Program Files (x86)\CCleaner\CCleaner64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(CyberLink) C:\Program Files (x86)\Cyberlink\Power2Go\CLMLSvc.exe
(cyberlink) C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\avastui.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
(Dassault Systèmes) C:\Program Files (x86)\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe
() C:\Windows\SysWOW64\XSrvSetup.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
() D:\Program Files (x86)\MoboRobo\MoboRoboDeviceService.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ovislink\Common\RaRegistry64.exe
() C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
(TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
(forum.viry.cz) C:\Users\MaM\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8306208 2009-10-21] (Realtek Semiconductor)
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [2345848 2009-11-05] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2320752 2009-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM-x32\...\Run: [ATICustomerCare] => C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [311296 2010-03-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Cyberlink\Power2Go\CLMLSvc.exe [103720 2009-06-03] (CyberLink)
HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2009-09-29] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-06-28] (cyberlink)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [5227112 2014-12-14] (AVAST Software)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => D:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AllShareAgent] => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [285072 2012-03-01] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-4282224533-4207623257-917253334-1000\...\Run: [OEXPRESS] => [X]
HKU\S-1-5-21-4282224533-4207623257-917253334-1000\...\Run: [CCleaner Monitoring] => D:\Program Files (x86)\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-4282224533-4207623257-917253334-1000\...\RunOnce: [Adobe Speed Launcher] => 1419014976
HKU\S-1-5-18\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-08-16] (Hewlett-Packard Company)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\MaM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MaM\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MaM\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MaM\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MaM\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [SmartFTP Drop] -> {EA5A76F7-8138-4B53-B0F5-ADCC730CAFBD} => C:\Program Files\SmartFTP Client\sfShellTools.dll (SmartSoft Ltd.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MaM\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MaM\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MaM\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MaM\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-4282224533-4207623257-917253334-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
HKU\S-1-5-21-4282224533-4207623257-917253334-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {61141420-6B81-4432-82F9-1BE3C9F497D2} URL = http://uk.search.yahoo.com/search?p={se ... &type=IEBD
SearchScopes: HKU\.DEFAULT -> {6D6C8272-DCA8-424c-A0F1-24F7195E86B8} URL = http://www.google.com/custom?client=pub ... earchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4282224533-4207623257-917253334-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4282224533-4207623257-917253334-1000 -> {5BD586AE-019A-4a54-B08B-95BC9E981297} URL = http://www.google.com/custom?client=pub ... earchTerms}
SearchScopes: HKU\S-1-5-21-4282224533-4207623257-917253334-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/produ ... wsdc32.cab
DPF: HKLM-x32 {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} http://download.gigabyte.com.tw/object/Dldrv.ocx
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\MaM\AppData\Roaming\Mozilla\Firefox\Profiles\auoyazwv.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BrowserPlugin\npBrowserPlugin.dll (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\MaM\AppData\Roaming\Mozilla\Firefox\Profiles\auoyazwv.default\searchplugins\youtube.xml
FF Extension: Garmin Communicator - C:\Users\MaM\AppData\Roaming\Mozilla\Firefox\Profiles\auoyazwv.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2014-07-23]
FF Extension: Clip to OneNote - C:\Users\MaM\AppData\Roaming\Mozilla\Firefox\Profiles\auoyazwv.default\Extensions\{966762eb-7132-4081-ac70-20d20161ad96}.xpi [2010-08-23]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-06-17]
FF HKLM-x32\...\Firefox\Extensions: [bkmrksync@nokia.com] - D:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync
FF Extension: PC Sync 2 Synchronisation Extension - D:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync [2012-09-21]
FF Extension: No Name - wrc@avast.com [Not Found]
FF StartMenuInternet: FIREFOX.EXE - D:\Program Files (x86)\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR Profile: C:\Users\MaM\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Wallet) - C:\Users\MaM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-23]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2014-11-21]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2014-11-21] (AVAST Software)
S2 CardBusService; C:\Program Files (x86)\Common Files\AVerMedia\Service\CardBusService.exe [188416 2007-04-23] () [File not signed]
R2 DraftSight API Service; C:\Program Files (x86)\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [78336 2012-07-07] (Dassault Systèmes) [File not signed]
R2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] ()
S3 FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [1030600 2010-07-24] (Macrovision Europe Ltd.) [File not signed]
S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-07-23] (Garmin Ltd or its subsidiaries)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [65536 2009-08-06] () [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-08-16] (Hewlett-Packard Company) [File not signed]
R2 MoboroboDeviceService; D:\Program Files (x86)\MoboRobo\MoboroboDeviceService.exe [70952 2014-03-28] ()
R2 RalinkRegistryWriter64; C:\Program Files (x86)\Ovislink\Common\RaRegistry64.exe [212256 2009-12-15] (Ralink Technology, Corp.)
R2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [247152 2010-08-19] ()
R2 TeamViewer8; d:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [5087584 2013-10-01] (TeamViewer GmbH)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-21] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-21] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-21] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2010-08-03] ()
R3 AVerBDA3x_x64; C:\Windows\System32\DRIVERS\AVerBDA3x_x64.sys [1729024 2007-08-29] (AVerMedia TECHNOLOGIES, Inc.)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2008-04-22] (EnTech Taiwan)
S3 ENTECH64; C:\Windows\SysWOW64\DRIVERS\ENTECH64.sys [5632 2004-06-22] (EnTech Taiwan) [File not signed]
R1 eusk2par; C:\Windows\system32\Drivers\eusk2par-amd64.sys [32336 2008-12-18] (Aladdin Knowledge Systems Ltd.)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] () [File not signed]
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-09-07] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2010-08-03] ()
S2 port_nt; c:\windows\SysWOW64\drivers\port_nt.sys [2816 2004-10-12] () [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-07-23] () [File not signed]
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [206080 2014-04-11] (DEVGURU Co., LTD.(http://www.devguru.co.kr))
S3 StarOpen; No ImagePath
S3 Tosrfcom; No ImagePath
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}; d:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10\NavFilter\000.fcl [146928 2010-06-28] (CyberLink Corp.)
U3 angs2q3u; C:\Windows\System32\Drivers\angs2q3u.sys [0 ] (Microsoft Corporation)
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 SANDRA; \??\d:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP5\WNt500x64\Sandra.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-19 21:47 - 2014-12-19 21:47 - 02121216 _____ (Farbar) C:\Users\MaM\Downloads\FRST64.exe
2014-12-19 21:47 - 2014-12-19 21:47 - 00112640 _____ (forum.viry.cz) C:\Users\MaM\Downloads\FRSTLauncher.exe
2014-12-19 21:47 - 2014-12-19 21:47 - 00112640 _____ (forum.viry.cz) C:\Users\MaM\Desktop\FRSTLauncher.exe
2014-12-19 21:37 - 2014-12-19 21:48 - 00020929 _____ () C:\Users\MaM\Desktop\FRST.txt
2014-12-19 21:37 - 2014-12-19 21:48 - 00000000 ____D () C:\FRST
2014-12-19 21:31 - 2014-12-19 21:31 - 02121216 _____ (Farbar) C:\Users\MaM\Desktop\FRST64.exe
2014-12-19 20:49 - 2014-12-19 20:49 - 00000760 _____ () C:\Users\MaM\Desktop\Zuzanka – zástupce.lnk
2014-12-19 18:16 - 2014-12-19 17:40 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-12-19 17:43 - 2014-12-19 18:22 - 00019095 _____ () C:\zoek-results.log
2014-12-19 17:40 - 2014-12-19 18:12 - 00000000 ____D () C:\zoek_backup
2014-12-19 17:39 - 2014-12-19 17:39 - 00000000 ____D () C:\Download
2014-12-19 17:37 - 2014-12-19 17:37 - 00012729 _____ () C:\Users\MaM\Desktop\AdwCleaner[S0].txt
2014-12-19 17:35 - 2014-12-19 19:48 - 00000168 _____ () C:\Windows\setupact.log
2014-12-19 17:35 - 2014-12-19 18:21 - 00000890 _____ () C:\Windows\PFRO.log
2014-12-19 17:35 - 2014-12-19 17:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-19 17:22 - 2014-12-19 17:22 - 00000986 _____ () C:\Users\MaM\Desktop\viry2.txt
2014-12-19 17:04 - 2014-12-19 17:23 - 00000000 ____D () C:\AdwCleaner
2014-12-19 17:02 - 2014-12-19 17:02 - 00000181 _____ () C:\Users\MaM\Desktop\viry.txt
2014-12-19 17:01 - 2014-12-19 17:01 - 01295360 _____ () C:\Users\MaM\Desktop\zoek.exe
2014-12-19 17:00 - 2014-12-19 17:00 - 02166272 _____ () C:\Users\MaM\Desktop\adwcleaner_4.105.exe
2014-12-19 13:33 - 2014-12-19 13:33 - 00749250 _____ () C:\Users\MaM\Documents\cc_20141219_133330.reg
2014-12-19 13:19 - 2014-12-19 13:19 - 05317104 _____ (Piriform Ltd) C:\Users\MaM\Downloads\ccsetup501.exe
2014-12-19 13:10 - 2014-12-19 13:39 - 00000000 ____D () C:\Program Files\trend micro
2014-12-19 13:10 - 2014-12-19 13:11 - 00000000 ____D () C:\rsit
2014-12-19 12:58 - 2014-12-19 12:58 - 01222144 _____ () C:\Users\MaM\Downloads\RSITx64(1).exe
2014-12-19 08:25 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-19 08:25 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-10 19:04 - 2014-12-10 19:04 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-09 20:36 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-09 20:36 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-09 20:05 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-09 20:05 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-09 20:05 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-09 20:05 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-09 20:05 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-09 20:05 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-09 20:05 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-09 20:05 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-09 20:05 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-09 20:05 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-09 20:05 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-09 20:05 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-09 20:05 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-09 20:05 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-09 20:05 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-09 20:05 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-09 20:05 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-09 20:05 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-09 20:05 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-09 20:05 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-09 20:05 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-09 20:05 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-09 20:04 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-09 20:04 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-09 20:04 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-09 20:04 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-09 20:04 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-09 20:04 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-09 20:04 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-09 20:04 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-09 20:04 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-09 20:04 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-09 20:04 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-09 20:04 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-09 20:04 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-09 20:04 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-09 20:04 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-09 20:04 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-09 20:04 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-09 20:04 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-09 20:04 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-09 20:04 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-09 20:04 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-09 20:04 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-09 20:04 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-09 20:04 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-09 20:04 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-09 20:04 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-09 20:04 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-09 20:04 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-09 20:04 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-09 20:04 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-09 20:04 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-09 20:04 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-09 20:04 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-09 20:04 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-09 20:04 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-09 20:04 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-09 20:04 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-09 20:04 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-09 20:04 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-09 20:04 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-09 20:04 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-09 20:04 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-09 20:04 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-09 20:00 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-09 20:00 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-09 20:00 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-09 20:00 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-09 20:00 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-09 20:00 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-09 20:00 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-09 20:00 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-09 20:00 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-09 20:00 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-09 20:00 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-09 20:00 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-09 20:00 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-09 20:00 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-06 14:59 - 2014-12-06 15:01 - 613584204 _____ () C:\Users\MaM\Documents\dětské písničky.nrg
2014-12-06 14:57 - 2014-12-06 14:57 - 00003017 _____ () C:\Users\Public\Desktop\Nero StartSmart 10.lnk
2014-12-06 14:09 - 2014-12-06 14:14 - 79616518 _____ () C:\Users\MaM\Downloads\DĚTSKÉ--PÍSNIČKY.rar
2014-12-05 19:49 - 2014-12-05 19:49 - 00000130 _____ () C:\Users\MaM\Desktop\Angličtina.url
2014-11-24 08:09 - 2014-11-24 08:09 - 00000000 __SHD () C:\Users\MaM\AppData\Local\EmieBrowserModeList
2014-11-23 19:57 - 2014-11-23 19:57 - 00028248 _____ () C:\Users\MaM\Downloads\The.Big.Bang.Theory.S08E10.720p.HDTV.X264-DIMENSION.srt
2014-11-22 22:46 - 2014-11-23 00:17 - 00035822 _____ () C:\Users\MaM\Downloads\Graf_diplomka.xlsx
2014-11-21 13:23 - 2014-11-21 13:23 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-11-21 13:23 - 2014-11-21 13:23 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-11-21 13:23 - 2014-11-21 13:23 - 00001935 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-11-19 10:36 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 10:36 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 10:36 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 10:36 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-19 21:30 - 2010-09-06 21:32 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-19 21:15 - 2010-07-19 09:44 - 00000309 _____ () C:\service.log
2014-12-19 21:02 - 2012-04-03 16:20 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-19 19:58 - 2009-07-14 05:45 - 00023392 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-19 19:58 - 2009-07-14 05:45 - 00023392 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-19 19:57 - 2010-07-19 09:34 - 01699517 _____ () C:\Windows\WindowsUpdate.log
2014-12-19 19:50 - 2012-07-09 17:49 - 00004184 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-19 19:49 - 2010-10-16 22:45 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-12-19 19:49 - 2010-09-06 21:32 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-19 19:49 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-19 18:31 - 2013-05-22 20:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-12-19 18:25 - 2010-09-06 21:32 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-12-19 18:25 - 2010-09-06 21:32 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-12-19 18:12 - 2014-05-14 19:59 - 00000000 ____D () C:\Users\MaM\AppData\Local\Comodo
2014-12-19 18:12 - 2014-05-14 19:59 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-12-19 18:12 - 2014-05-14 19:59 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-12-19 18:12 - 2014-05-14 19:59 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-12-19 18:12 - 2014-05-14 19:59 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-12-19 18:12 - 2014-05-14 19:59 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-12-19 18:12 - 2014-05-14 19:59 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-12-19 18:12 - 2010-09-06 21:32 - 00000000 ____D () C:\Users\MaM\AppData\Local\Google
2014-12-19 17:23 - 2010-07-22 20:11 - 00000000 ____D () C:\Users\MaM
2014-12-19 16:40 - 2010-07-23 18:39 - 00000000 ____D () C:\Users\MaM\AppData\Roaming\DAEMON Tools Lite
2014-12-19 13:21 - 2013-04-07 05:55 - 00000000 ____D () C:\Users\MaM\Documents\Dokumenty - ostatní
2014-12-19 13:21 - 2013-04-07 05:50 - 00000000 ____D () C:\Users\MaM\Desktop\Mobil + TV
2014-12-19 13:21 - 2013-04-07 05:46 - 00000000 ___RD () C:\Users\MaM\Desktop\Foto+Video - tvorba a přehrávače
2014-12-19 13:21 - 2012-08-30 14:52 - 00000000 ____D () C:\Users\MaM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player
2014-12-19 13:20 - 2011-08-02 20:09 - 00000718 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-12-19 11:04 - 2009-07-14 16:18 - 00668882 _____ () C:\Windows\system32\perfh005.dat
2014-12-19 11:04 - 2009-07-14 16:18 - 00141542 _____ () C:\Windows\system32\perfc005.dat
2014-12-19 11:04 - 2009-07-14 06:13 - 01584626 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-19 10:07 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\addins
2014-12-16 22:37 - 2014-03-16 20:47 - 00001080 _____ () C:\Users\MaM\AppData\Local\MRDownloader.nast
2014-12-15 18:39 - 2013-03-13 11:51 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-12-15 18:39 - 2013-03-13 11:51 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-12-15 12:17 - 2013-03-13 11:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-12-10 22:52 - 2012-02-19 11:54 - 00492242 _____ () C:\Users\MaM\Documents\ep_kalendar.xlsm
2014-12-10 22:05 - 2014-09-01 19:10 - 00000000 ____D () C:\Users\MaM\AppData\Local\Adobe
2014-12-10 22:04 - 2012-04-03 16:20 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-10 22:04 - 2012-04-03 16:20 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-10 22:04 - 2011-06-06 15:10 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-10 20:33 - 2014-04-10 11:04 - 00000000 ____D () C:\Windows\rescache
2014-12-10 19:04 - 2014-05-09 21:11 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-10 19:04 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-10 19:04 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-09 20:43 - 2010-07-19 10:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-09 20:42 - 2013-07-13 21:48 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-09 20:37 - 2010-07-23 14:16 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-09 19:51 - 2014-11-11 13:43 - 00002471 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-08 20:46 - 2014-07-10 20:51 - 00000000 ____D () C:\Users\MaM\.freemind
2014-12-06 14:08 - 2014-03-18 19:02 - 00029310 _____ () C:\Users\MaM\AppData\Local\MRDownloader.err
2014-12-04 17:58 - 2013-09-17 19:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-29 22:29 - 2012-02-02 20:02 - 00000000 ____D () C:\Users\MaM\Documents\AVerTV
2014-11-24 14:04 - 2010-07-23 13:58 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-22 20:34 - 2011-06-17 13:41 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-21 16:59 - 2011-06-06 16:24 - 00672400 _____ () C:\Users\MaM\Documents\Sešit1.xlsx
2014-11-21 13:23 - 2014-04-30 10:51 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-11-21 13:23 - 2014-01-03 21:51 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-11-21 13:23 - 2013-04-28 09:35 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-11-21 13:23 - 2013-04-28 09:35 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-11-21 13:23 - 2012-03-25 15:58 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-11-21 13:23 - 2010-07-23 13:50 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-11-21 13:23 - 2010-07-23 13:50 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-12-15 19:57

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:97.66 GB) (Free:16.57 GB) NTFS
Drive d: () (Fixed) (Total:416.88 GB) (Free:296.32 GB) NTFS
Drive e: () (Fixed) (Total:416.88 GB) (Free:13.5 GB) NTFS
Drive i: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Available physical RAM: 2650.05 MB
Total physical RAM: 4094.49 MB
Percentage of memory in use: 35%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 1F230B75)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=416.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=416.9 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Windows:AstInfo
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:8FF81EB0

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\MaM\Desktop" je 153 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu
C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarminExpressTrayApp
"C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent
"C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSU_agent
"C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10
"d:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10\PDVD10Serv.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu
"C:\Program Files (x86)\Cyberlink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut
"C:\Program Files (x86)\Cyberlink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut
"C:\Program Files (x86)\Cyberlink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePPShortCut
"C:\Program Files (x86)\Cyberlink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ImageMixer 3 SE Camera Monitor Ver.4.5.lnk
D:\PROGRA~1\PIXELA\IMAGEM~1.5\TRANSF~1\CAMERA~1.EXE

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#7 Příspěvek od **vyosek** » 19 pro 2014 22:46

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Cyberlink\Power2Go\CLMLSvc.exe [103720 2009-06-03] (CyberLink)
HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2009-09-29] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-06-28] (cyberlink)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => D:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AllShareAgent] => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [285072 2012-03-01] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-4282224533-4207623257-917253334-1000\...\Run: [OEXPRESS] => [X]
HKU\S-1-5-21-4282224533-4207623257-917253334-1000\...\RunOnce: [Adobe Speed Launcher] => 1419014976

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-4282224533-4207623257-917253334-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-4282224533-4207623257-917253334-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> {61141420-6B81-4432-82F9-1BE3C9F497D2} URL = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
SearchScopes: HKU\.DEFAULT -> {6D6C8272-DCA8-424c-A0F1-24F7195E86B8} URL = http://www.google.com/custom?client=pub ... 1&hl=cs&q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File

S3 StarOpen; No ImagePath
S3 Tosrfcom; No ImagePath
U3 angs2q3u; C:\Windows\System32\Drivers\angs2q3u.sys [0 ] (Microsoft Corporation)
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 SANDRA; \??\d:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP5\WNt500x64\Sandra.sys [X]

2014-12-19 21:47 - 2014-12-19 21:47 - 00112640 _____ (forum.viry.cz) C:\Users\MaM\Downloads\FRSTLauncher.exe
2014-12-19 21:47 - 2014-12-19 21:47 - 00112640 _____ (forum.viry.cz) C:\Users\MaM\Desktop\FRSTLauncher.exe
2014-12-19 21:37 - 2014-12-19 21:48 - 00020929 _____ () C:\Users\MaM\Desktop\FRST.txt
2014-12-19 18:16 - 2014-12-19 17:40 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-12-19 17:43 - 2014-12-19 18:22 - 00019095 _____ () C:\zoek-results.log
2014-12-19 17:40 - 2014-12-19 18:12 - 00000000 ____D () C:\zoek_backup
2014-12-19 17:37 - 2014-12-19 17:37 - 00012729 _____ () C:\Users\MaM\Desktop\AdwCleaner[S0].txt
2014-12-19 17:35 - 2014-12-19 19:48 - 00000168 _____ () C:\Windows\setupact.log
2014-12-19 17:35 - 2014-12-19 18:21 - 00000890 _____ () C:\Windows\PFRO.log
2014-12-19 17:35 - 2014-12-19 17:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-19 17:22 - 2014-12-19 17:22 - 00000986 _____ () C:\Users\MaM\Desktop\viry2.txt
2014-12-19 17:04 - 2014-12-19 17:23 - 00000000 ____D () C:\AdwCleaner
2014-12-19 17:02 - 2014-12-19 17:02 - 00000181 _____ () C:\Users\MaM\Desktop\viry.txt
2014-12-19 17:01 - 2014-12-19 17:01 - 01295360 _____ () C:\Users\MaM\Desktop\zoek.exe
2014-12-19 17:00 - 2014-12-19 17:00 - 02166272 _____ () C:\Users\MaM\Desktop\adwcleaner_4.105.exe
2014-12-19 13:33 - 2014-12-19 13:33 - 00749250 _____ () C:\Users\MaM\Documents\cc_20141219_133330.reg
2014-12-19 13:19 - 2014-12-19 13:19 - 05317104 _____ (Piriform Ltd) C:\Users\MaM\Downloads\ccsetup501.exe
2014-12-19 13:10 - 2014-12-19 13:39 - 00000000 ____D () C:\Program Files\trend micro
2014-12-19 13:10 - 2014-12-19 13:11 - 00000000 ____D () C:\rsit
2014-12-19 12:58 - 2014-12-19 12:58 - 01222144 _____ () C:\Users\MaM\Downloads\RSITx64(1).exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\Windows:AstInfo
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:8FF81EB0

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSU_agent" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePPShortCut" /f

Hosts:
EmptyTemp:
Reboot:
End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Puclik05 · #8 Příspěvek od **Puclik05** » 19 pro 2014 23:06

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-12-2014
Ran by MaM at 2014-12-19 22:56:35 Run:1
Running from C:\Users\MaM\Desktop
Loaded Profile: MaM (Available profiles: MaM)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Cyberlink\Power2Go\CLMLSvc.exe [103720 2009-06-03] (CyberLink)
HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2009-09-29] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-06-28] (cyberlink)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => D:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AllShareAgent] => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [285072 2012-03-01] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-4282224533-4207623257-917253334-1000\...\Run: [OEXPRESS] => [X]
HKU\S-1-5-21-4282224533-4207623257-917253334-1000\...\RunOnce: [Adobe Speed Launcher] => 1419014976

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-4282224533-4207623257-917253334-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
HKU\S-1-5-21-4282224533-4207623257-917253334-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {61141420-6B81-4432-82F9-1BE3C9F497D2} URL = http://uk.search.yahoo.com/search?p={se ... &type=IEBD
SearchScopes: HKU\.DEFAULT -> {6D6C8272-DCA8-424c-A0F1-24F7195E86B8} URL = http://www.google.com/custom?client=pub ... 1&hl=cs&q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File

S3 StarOpen; No ImagePath
S3 Tosrfcom; No ImagePath
U3 angs2q3u; C:\Windows\System32\Drivers\angs2q3u.sys [0 ] (Microsoft Corporation)
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 SANDRA; \??\d:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP5\WNt500x64\Sandra.sys [X]

2014-12-19 21:47 - 2014-12-19 21:47 - 00112640 _____ (forum.viry.cz) C:\Users\MaM\Downloads\FRSTLauncher.exe
2014-12-19 21:47 - 2014-12-19 21:47 - 00112640 _____ (forum.viry.cz) C:\Users\MaM\Desktop\FRSTLauncher.exe
2014-12-19 21:37 - 2014-12-19 21:48 - 00020929 _____ () C:\Users\MaM\Desktop\FRST.txt
2014-12-19 18:16 - 2014-12-19 17:40 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-12-19 17:43 - 2014-12-19 18:22 - 00019095 _____ () C:\zoek-results.log
2014-12-19 17:40 - 2014-12-19 18:12 - 00000000 ____D () C:\zoek_backup
2014-12-19 17:37 - 2014-12-19 17:37 - 00012729 _____ () C:\Users\MaM\Desktop\AdwCleaner[S0].txt
2014-12-19 17:35 - 2014-12-19 19:48 - 00000168 _____ () C:\Windows\setupact.log
2014-12-19 17:35 - 2014-12-19 18:21 - 00000890 _____ () C:\Windows\PFRO.log
2014-12-19 17:35 - 2014-12-19 17:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-19 17:22 - 2014-12-19 17:22 - 00000986 _____ () C:\Users\MaM\Desktop\viry2.txt
2014-12-19 17:04 - 2014-12-19 17:23 - 00000000 ____D () C:\AdwCleaner
2014-12-19 17:02 - 2014-12-19 17:02 - 00000181 _____ () C:\Users\MaM\Desktop\viry.txt
2014-12-19 17:01 - 2014-12-19 17:01 - 01295360 _____ () C:\Users\MaM\Desktop\zoek.exe
2014-12-19 17:00 - 2014-12-19 17:00 - 02166272 _____ () C:\Users\MaM\Desktop\adwcleaner_4.105.exe
2014-12-19 13:33 - 2014-12-19 13:33 - 00749250 _____ () C:\Users\MaM\Documents\cc_20141219_133330.reg
2014-12-19 13:19 - 2014-12-19 13:19 - 05317104 _____ (Piriform Ltd) C:\Users\MaM\Downloads\ccsetup501.exe
2014-12-19 13:10 - 2014-12-19 13:39 - 00000000 ____D () C:\Program Files\trend micro
2014-12-19 13:10 - 2014-12-19 13:11 - 00000000 ____D () C:\rsit
2014-12-19 12:58 - 2014-12-19 12:58 - 01222144 _____ () C:\Users\MaM\Downloads\RSITx64(1).exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\Windows:AstInfo
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:8FF81EB0

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSU_agent" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePPShortCut" /f

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\CLMLServer => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\UpdatePSTShortCut => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\BDRegion => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AllShareAgent => value deleted successfully.
HKU\S-1-5-21-4282224533-4207623257-917253334-1000\Software\Microsoft\Windows\CurrentVersion\Run\\OEXPRESS => value deleted successfully.
HKU\S-1-5-21-4282224533-4207623257-917253334-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Adobe Speed Launcher => value deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKU\S-1-5-21-4282224533-4207623257-917253334-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKU\S-1-5-21-4282224533-4207623257-917253334-1000\Software\Microsoft\Internet Explorer\Main\\Search Bar => value deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}" => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{61141420-6B81-4432-82F9-1BE3C9F497D2}" => Key deleted successfully.
"HKCR\CLSID\{61141420-6B81-4432-82F9-1BE3C9F497D2}" => Key not found.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6D6C8272-DCA8-424c-A0F1-24F7195E86B8}" => Key deleted successfully.
"HKCR\CLSID\{6D6C8272-DCA8-424c-A0F1-24F7195E86B8}" => Key not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value deleted successfully.
"HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully.
"HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => Key not found.
StarOpen => Service deleted successfully.
Tosrfcom => Service deleted successfully.
angs2q3u => Service deleted successfully.
dgderdrv => Service deleted successfully.
esgiguard => Service deleted successfully.
SANDRA => Service deleted successfully.
C:\Users\MaM\Downloads\FRSTLauncher.exe => Moved successfully.
C:\Users\MaM\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Users\MaM\Desktop\FRST.txt => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\MaM\Desktop\AdwCleaner[S0].txt => Moved successfully.
C:\Windows\setupact.log => Moved successfully.
C:\Windows\PFRO.log => Moved successfully.
C:\Windows\setuperr.log => Moved successfully.
C:\Users\MaM\Desktop\viry2.txt => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\MaM\Desktop\viry.txt => Moved successfully.
C:\Users\MaM\Desktop\zoek.exe => Moved successfully.
C:\Users\MaM\Desktop\adwcleaner_4.105.exe => Moved successfully.
C:\Users\MaM\Documents\cc_20141219_133330.reg => Moved successfully.
C:\Users\MaM\Downloads\ccsetup501.exe => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\rsit => Moved successfully.
C:\Users\MaM\Downloads\RSITx64(1).exe => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows => ":AstInfo" ADS removed successfully.
C:\ProgramData\TEMP => ":373E1720" ADS removed successfully.
C:\ProgramData\TEMP => ":8FF81EB0" ADS removed successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSU_agent" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePPShortCut" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 195.6 MB temporary data.

The system needed a reboot.

==== End of Fixlog ====

#9 Příspěvek od **vyosek** » 19 pro 2014 23:08

Jak se chova PC???

Puclik05 · #10 Příspěvek od **Puclik05** » 19 pro 2014 23:35

Samotná práce v PC se mi zdá lepší, ale start PC se moc nezlepšil. V průběhu startu 2x zmizí ikony z plochy, OS pořád načítá nějaká data z HDD. Start trval cca 5 minut než byl PC připraven. Dá se s tím prosím ještě něco dělat? Díky

Puclik05 · #11 Příspěvek od **Puclik05** » 20 pro 2014 20:23

Myslím, že dnes po delším testování můžu říct, že je počítač svižnější a pracuje mnohem líp. Jen ten start se mi zdá pořád pomalý. Jinak jsem s pomocí moc spokojen a posílám sms. Díky moc.

#12 Příspěvek od **vyosek** » 20 pro 2014 20:26

DelFix https://toolslib.net/downloads/finish/2/

Stahnete a spustte
Ponechte zatrzitkou pouze u volby Remote disinfection tools
Kliknete na Run

Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standard
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Dle kolegy zkuste defragmetaci

cernohous13 píše: Po vyčištění by se hodila defragmentace
http://www.filehippo.com/download_defraggler

Za podporu fora jmenem celeho tymu dekuji

Puclik05 · #13 Příspěvek od **Puclik05** » 22 pro 2014 22:50

Po provedených čištěních se start zrychlil. Díky

#14 Příspěvek od **vyosek** » 22 pro 2014 23:10

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

Pekne svatky vanocni Obrázek

A na zaklade Pravidla o zamykani temat

VIRY.CZ

Prosím o kontrolu

Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu