Vanočni uklid

[Polska Pasha]

Pardon, omlouvam se
log zde:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-12-2014
Ran by Pepik (administrator) on PEPA on 25-12-2014 18:34:10
Running from C:\Users\Pepik\Desktop
Loaded Profile: Pepik (Available profiles: Pepik)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winamp.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831528 2011-05-10] (Acer Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11779176 2011-02-18] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [WindowsDriverScan86] => C:\Program Files (x86)\Adobe Arkalis\Arkalis86.lnk [1501 2014-08-10] ()
HKLM-x32\...\Run: [WindowsDriverScan64] => C:\Program Files (x86)\Adobe Arkalis\Arkalis.lnk [1419 2014-08-10] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\Run: [BitTorrent] => C:\Users\Pepik\AppData\Roaming\BitTorrent\BitTorrent.exe [1388888 2014-11-26] (BitTorrent Inc.)
HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\RunOnce: [Adobe Speed Launcher] => 1419497823
HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 -> {4B036830-04A4-1DEC-89DE-5C185BEE66B1} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2289079560-4057469565-1523236124-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2289079560-4057469565-1523236124-1000 -> {268DDC2E-9AB6-4AF7-A619-699D23176C72} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: No Name -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> No File
BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO-x32: No Name -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> No File
BHO-x32: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO-x32: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File [ ]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.9 212.47.0.7

FireFox:
========
FF ProfilePath: C:\Users\Pepik\AppData\Roaming\Mozilla\Firefox\Profiles\6icesh4i.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchUrl: hxxp://www.google.com/search?btnG=Google+Search&q=
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll No File
FF Plugin HKU\S-1-5-21-2289079560-4057469565-1523236124-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Pepik\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: YouTube mp3 - C:\Users\Pepik\AppData\Roaming\Mozilla\Firefox\Profiles\6icesh4i.default\Extensions\info@youtube-mp3.org.xpi [2014-11-21]
FF Extension: Adblock Plus - C:\Users\Pepik\AppData\Roaming\Mozilla\Firefox\Profiles\6icesh4i.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-14]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-11-09]
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com [2014-04-13]
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2014-04-13]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-31]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-31] (AVAST Software)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-03-12] (Freemake) [File not signed]
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-03-12] (Ellora Assets Corp.) [File not signed]
R2 GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [29696 2011-05-26] (Acer Incorporated) [File not signed]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4460280 2012-09-25] (INCA Internet Co., Ltd.)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75064 2013-08-18] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [214520 2014-12-24] ()
S4 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [620544 2008-11-11] (Nokia.) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 appliand; C:\Windows\System32\DRIVERS\appliand.sys [30304 2013-02-06] (Applian Technologies Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-31] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-31] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-31] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-31] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-31] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-31] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-31] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [270912 2011-11-09] (DT Soft Ltd)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2014-08-14] () [File not signed]
S3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [21504 2008-12-26] (Avnex) [File not signed]
S2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam64.sys [1071032 2012-04-15] (Windows (R) Win 7 DDK provider)
S3 ALSysIO; \??\C:\Users\Pepik\AppData\Local\Temp\ALSysIO64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-25 18:34 - 2014-12-25 18:34 - 00017282 _____ () C:\Users\Pepik\Desktop\FRST.txt
2014-12-25 18:33 - 2014-12-25 18:34 - 00000000 ____D () C:\FRST
2014-12-25 18:33 - 2014-12-25 18:33 - 02122240 _____ (Farbar) C:\Users\Pepik\Desktop\FRST64.exe
2014-12-25 18:05 - 2014-12-25 18:05 - 00001137 _____ () C:\Users\Pepik\Desktop\mbam 25.12.txt
2014-12-25 12:30 - 2014-12-25 12:30 - 00027935 _____ () C:\Users\Pepik\Downloads\mafiadataxtractor.zip
2014-12-25 12:29 - 2014-12-25 12:29 - 01055024 _____ () C:\Users\Pepik\Downloads\FerrariEnzo.rar
2014-12-25 12:25 - 2014-12-25 12:27 - 16373836 _____ () C:\Users\Pepik\Downloads\Mafia-100%-save-game-+-Extremní-jízda-.rar
2014-12-24 18:49 - 2014-12-24 19:33 - 1457200391 _____ () C:\Users\Pepik\Downloads\My Young Girl Obsession 3.mp4
2014-12-24 13:26 - 2014-12-24 13:26 - 00004733 _____ () C:\Users\Pepik\Desktop\mbam 24.12.txt
2014-12-24 10:13 - 2014-12-24 10:13 - 00000194 _____ () C:\Users\Pepik\Desktop\DiskInfo.ini
2014-12-24 10:13 - 2014-12-24 10:13 - 00000000 ____D () C:\Users\Pepik\Desktop\Smart
2014-12-24 10:13 - 2012-06-15 14:08 - 01149912 _____ (Crystal Dew World) C:\Users\Pepik\Desktop\DiskInfo.exe
2014-12-24 10:13 - 2012-05-27 20:28 - 00000000 ____D () C:\Users\Pepik\Desktop\CdiResource
2014-12-24 10:13 - 2012-01-05 14:02 - 00001268 _____ () C:\Users\Pepik\Desktop\COPYRIGHT.txt
2014-12-24 10:13 - 2012-01-05 14:02 - 00001122 _____ () C:\Users\Pepik\Desktop\COPYRIGHT-ja.txt
2014-12-24 10:12 - 2014-12-24 10:12 - 01496172 _____ () C:\Users\Pepik\Downloads\CrystalDiskInfo5_0_0.zip
2014-12-24 09:47 - 2014-12-25 09:55 - 00000224 _____ () C:\Windows\setupact.log
2014-12-24 09:47 - 2014-12-24 09:47 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-24 09:46 - 2014-12-24 14:35 - 00008234 _____ () C:\Windows\PFRO.log
2014-12-24 09:38 - 2014-12-24 09:38 - 02173952 _____ () C:\Users\Pepik\Desktop\adwcleaner_4.106.exe
2014-12-23 21:12 - 2014-12-22 18:33 - 00000000 ____D () C:\Users\Pepik\Downloads\Fetish Fantasies (2014)
2014-12-23 13:08 - 2014-12-23 13:08 - 00000000 ____D () C:\Users\Pepik\Downloads\Kolekce 03
2014-12-23 09:33 - 2014-12-23 13:38 - 00000000 ____D () C:\Users\Pepik\Downloads\CzT
2014-12-22 12:47 - 2014-12-22 12:47 - 00010841 _____ () C:\Users\Pepik\Downloads\Kolekce 02.rar.torrent
2014-12-22 12:12 - 2014-12-22 12:39 - 2156871965 _____ () C:\Users\Pepik\Downloads\Kolekce 02.rar
2014-12-21 19:41 - 2014-12-21 21:27 - 00000000 ____D () C:\Users\Pepik\Downloads\Kolekce 02
2014-12-21 12:50 - 2014-12-21 12:50 - 00000293 _____ () C:\Windows\game.ini
2014-12-21 12:50 - 2014-12-21 12:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
2014-12-21 12:47 - 2014-12-21 12:47 - 00000000 ____D () C:\Program Files (x86)\Activision
2014-12-21 10:49 - 2014-12-21 10:49 - 00011021 _____ () C:\Users\Pepik\Downloads\Kolekce 01.rar.torrent
2014-12-21 10:34 - 2014-12-21 10:43 - 2197025927 _____ () C:\Users\Pepik\Downloads\Kolekce 01.rar
2014-12-20 19:27 - 2014-12-20 21:04 - 00000000 ____D () C:\Users\Pepik\Downloads\Kolekce 01
2014-12-20 16:48 - 2014-12-20 17:14 - 00000000 ___RD () C:\Users\Pepik\Disk Google
2014-12-20 16:47 - 2014-12-20 16:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-12-20 16:45 - 2014-12-25 17:50 - 00000950 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-20 16:45 - 2014-12-25 16:50 - 00000946 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-20 16:45 - 2014-12-20 16:45 - 00003946 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-12-20 16:45 - 2014-12-20 16:45 - 00003694 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-12-16 15:21 - 2014-12-16 15:23 - 00000000 ___RD () C:\Users\Pepik\Dropbox
2014-12-12 19:38 - 2014-12-13 20:53 - 00000000 ____D () C:\Users\Pepik\Desktop\Mody
2014-12-12 17:37 - 2014-12-12 17:38 - 00000000 ____D () C:\Users\Pepik\Desktop\.minecraft
2014-12-12 17:21 - 2014-12-22 15:39 - 00000000 ____D () C:\Users\Pepik\AppData\Roaming\.minecraft
2014-12-09 17:28 - 2014-12-09 17:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-08 15:37 - 2013-02-06 07:25 - 00030304 _____ (Applian Technologies Inc.) C:\Windows\system32\Drivers\appliand.sys
2014-12-08 15:28 - 2014-12-08 15:28 - 00000000 ____D () C:\Users\Pepik\Documents\Applian
2014-12-08 15:28 - 2014-12-08 15:28 - 00000000 ____D () C:\Users\Pepik\AppData\Roaming\Replay Media Catcher 5
2014-12-08 15:28 - 2014-12-08 15:28 - 00000000 ____D () C:\Users\Pepik\AppData\Local\Replay Media Catcher 5
2014-12-08 15:27 - 2014-12-08 15:27 - 00000000 ____D () C:\Users\Pepik\AppData\Local\Applian
2014-12-06 14:43 - 2014-12-06 14:44 - 03107895 _____ () C:\Users\Pepik\Downloads\forge-1.7.10-10.13.2.1240-installer-win.exe
2014-12-06 14:09 - 2014-12-06 14:09 - 00000000 ____D () C:\ProgramData\Caphyon
2014-12-06 14:08 - 2014-12-06 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft Launcher 1.8
2014-12-06 14:08 - 2014-12-06 14:08 - 00000000 ____D () C:\Program Files (x86)\Mojang
2014-12-06 14:08 - 2014-12-06 14:08 - 00000000 ____D () C:\Program Files (x86)\Adobe Arkalis
2014-12-06 14:07 - 2014-12-06 14:07 - 00000000 ____D () C:\Users\Pepik\AppData\Roaming\Mojang
2014-12-06 10:05 - 2014-12-06 10:05 - 00010911 _____ () C:\Users\Pepik\Downloads\Lesbian Touch 2.mp4.torrent
2014-11-29 13:28 - 2014-11-29 13:28 - 00000062 _____ () C:\Windows\SysWOW64\6467.bat
2014-11-29 12:17 - 2014-11-29 12:17 - 00019993 _____ () C:\Users\Pepik\Downloads\Sweetheart Video - Lexi Belle Loves Girls.mp4.torrent
2014-11-28 19:24 - 2014-11-29 17:54 - 00000000 ____D () C:\Users\Pepik\Downloads\Polda a Polda

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-25 18:20 - 2011-11-09 14:41 - 00000000 ____D () C:\Program Files\trend micro
2014-12-25 18:00 - 2011-12-28 13:38 - 01205141 _____ () C:\Windows\WindowsUpdate.log
2014-12-25 17:56 - 2014-11-14 07:26 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-25 12:36 - 2014-10-05 11:34 - 00000000 ____D () C:\Users\Pepik\AppData\Roaming\BitTorrent
2014-12-25 12:36 - 2014-07-15 08:20 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-25 10:03 - 2009-07-14 05:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-25 10:03 - 2009-07-14 05:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-25 09:55 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-24 21:23 - 2011-10-09 17:35 - 00669926 _____ () C:\Windows\system32\perfh005.dat
2014-12-24 21:23 - 2011-10-09 17:35 - 00141526 _____ () C:\Windows\system32\perfc005.dat
2014-12-24 21:23 - 2009-07-14 06:13 - 01586070 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-24 14:21 - 2012-03-05 15:47 - 00214520 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-12-24 14:21 - 2012-03-05 15:47 - 00214520 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-12-24 13:37 - 2014-07-15 08:20 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-24 13:37 - 2009-07-14 05:45 - 00000000 ____D () C:\Windows\Setup
2014-12-24 13:36 - 2014-11-02 12:16 - 00000000 ____D () C:\Program Files (x86)\GetFLV
2014-12-24 13:36 - 2014-08-20 12:46 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-24 13:36 - 2014-08-19 20:41 - 00000000 ____D () C:\Users\Pepik\AppData\Roaming\Imminent
2014-12-24 10:19 - 2014-07-15 08:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-24 10:19 - 2011-12-26 19:49 - 00000000 ___RD () C:\Users\Pepik\Desktop\Programy
2014-12-24 09:46 - 2014-10-10 19:45 - 00000000 ____D () C:\AdwCleaner
2014-12-24 09:37 - 2014-06-03 16:24 - 00000000 ____D () C:\Users\Pepik\AppData\Roaming\Winamp
2014-12-24 09:07 - 2014-05-02 15:03 - 00000000 ____D () C:\Users\Pepik\AppData\Local\CrashDumps
2014-12-24 09:07 - 2011-11-09 14:10 - 00000000 ____D () C:\Users\Pepik\AppData\Roaming\DAEMON Tools Lite
2014-12-24 08:35 - 2012-09-07 10:54 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-23 17:04 - 2011-11-09 12:11 - 00000000 ____D () C:\Users\Pepik\AppData\Roaming\Skype
2014-12-22 08:59 - 2011-07-20 08:59 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-12-21 12:50 - 2012-02-11 19:09 - 00000000 ____D () C:\Hry
2014-12-21 12:50 - 2011-07-20 08:17 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-21 12:21 - 2014-07-29 09:32 - 00000000 ____D () C:\Program Files (x86)\Valve
2014-12-20 16:48 - 2011-11-09 11:19 - 00000000 ____D () C:\Users\Pepik
2014-12-20 16:47 - 2011-12-28 18:21 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-20 16:47 - 2011-12-24 20:20 - 00000000 ____D () C:\Users\Pepik\AppData\Local\Google
2014-12-20 16:20 - 2014-11-13 16:25 - 00000977 _____ () C:\Users\Pepik\Desktop\tyt.txt
2014-12-19 17:51 - 2012-04-28 06:17 - 00000000 ____D () C:\Users\Pepik\AppData\Roaming\Dropbox
2014-12-18 15:08 - 2011-07-20 08:40 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-18 15:08 - 2011-07-20 08:40 - 00000000 ____D () C:\ProgramData\Skype
2014-12-17 15:49 - 2014-06-01 15:39 - 00000132 _____ () C:\Users\Pepik\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2014-12-17 14:26 - 2014-07-19 12:30 - 00003822 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1405769399
2014-12-17 14:26 - 2014-07-19 12:29 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-12-16 15:59 - 2011-11-11 22:48 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 14:52 - 2012-06-26 05:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-09 20:56 - 2014-05-01 18:19 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-09 20:56 - 2012-06-08 05:00 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-09 20:56 - 2011-07-20 09:00 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-08 15:33 - 2013-03-17 17:04 - 00000000 ____D () C:\Program Files (x86)\Applian Technologies
2014-12-08 15:28 - 2013-03-17 17:40 - 00000000 ____D () C:\Users\Pepik\AppData\Local\Jaksta_Technologies_Pty_L
2014-12-08 15:26 - 2013-09-05 16:52 - 00000000 ____D () C:\Windows\Jaksta
2014-12-06 15:00 - 2013-08-23 15:52 - 00000000 ____D () C:\Minecraft_Backup

Some content of TEMP:
====================
C:\Users\Pepik\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp7nm5ra.dll
C:\Users\Pepik\AppData\Local\Temp\ExPromo.exe
C:\Users\Pepik\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\Pepik\AppData\Local\Temp\GrLauncherTempSetup.exe
C:\Users\Pepik\AppData\Local\Temp\process.exe
C:\Users\Pepik\AppData\Local\Temp\SIntf16.dll
C:\Users\Pepik\AppData\Local\Temp\SIntf32.dll
C:\Users\Pepik\AppData\Local\Temp\SIntfNT.dll
C:\Users\Pepik\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Pepik\AppData\Local\Temp\tdll.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-15 19:06

==================== End Of Log ============================

[Márty84]

To taky nebylo podle navodu, ale aspon ze tak


Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [WindowsDriverScan86] => C:\Program Files (x86)\Adobe Arkalis\Arkalis86.lnk [1501 2014-08-10] ()
HKLM-x32\...\Run: [WindowsDriverScan64] => C:\Program Files (x86)\Adobe Arkalis\Arkalis.lnk [1419 2014-08-10] ()
HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\Run: [BitTorrent] => C:\Users\Pepik\AppData\Roaming\BitTorrent\BitTorrent.exe [1388888 2014-11-26] (BitTorrent Inc.)
HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\RunOnce: [Adobe Speed Launcher] => 1419497823
HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
BHO-x32: No Name -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> No File
BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO-x32: No Name -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> No File
BHO-x32: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO-x32: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
ShellExecuteHooks-x32: - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File [ ]

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-20 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09 267440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-20 107912]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

S3 ALSysIO; \??\C:\Users\Pepik\AppData\Local\Temp\ALSysIO64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [X]

2014-12-25 18:05 - 2014-12-25 18:05 - 00001137 _____ () C:\Users\Pepik\Desktop\mbam 25.12.txt
2014-12-24 13:26 - 2014-12-24 13:26 - 00004733 _____ () C:\Users\Pepik\Desktop\mbam 24.12.txt
2014-12-20 16:45 - 2014-12-25 17:50 - 00000950 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-20 16:45 - 2014-12-25 16:50 - 00000946 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-25 17:56 - 2014-11-14 07:26 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

[Polska Pasha]

log zde:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-12-2014
Ran by Pepik at 2014-12-26 10:09:28 Run:1
Running from C:\Users\Pepik\Desktop
Loaded Profile: Pepik (Available profiles: Pepik)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [WindowsDriverScan86] => C:\Program Files (x86)\Adobe Arkalis\Arkalis86.lnk [1501 2014-08-10] ()
HKLM-x32\...\Run: [WindowsDriverScan64] => C:\Program Files (x86)\Adobe Arkalis\Arkalis.lnk [1419 2014-08-10] ()
HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\Run: [BitTorrent] => C:\Users\Pepik\AppData\Roaming\BitTorrent\BitTorrent.exe [1388888 2014-11-26] (BitTorrent Inc.)
HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\RunOnce: [Adobe Speed Launcher] => 1419497823
HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
BHO-x32: No Name -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> No File
BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO-x32: No Name -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> No File
BHO-x32: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO-x32: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
ShellExecuteHooks-x32: - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File [ ]

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-20 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09 267440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-20 107912]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

S3 ALSysIO; \??\C:\Users\Pepik\AppData\Local\Temp\ALSysIO64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [X]

2014-12-25 18:05 - 2014-12-25 18:05 - 00001137 _____ () C:\Users\Pepik\Desktop\mbam 25.12.txt
2014-12-24 13:26 - 2014-12-24 13:26 - 00004733 _____ () C:\Users\Pepik\Desktop\mbam 24.12.txt
2014-12-20 16:45 - 2014-12-25 17:50 - 00000950 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-20 16:45 - 2014-12-25 16:50 - 00000946 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-25 17:56 - 2014-11-14 07:26 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\BCSSync => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS6ServiceManager => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\WindowsDriverScan86 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\WindowsDriverScan64 => value deleted successfully.
HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value deleted successfully.
HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\Software\Microsoft\Windows\CurrentVersion\Run\\BitTorrent => value deleted successfully.
HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Adobe Speed Launcher => value deleted successfully.
HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value deleted successfully.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 1 (GFS Unread Stub)" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{99FD978C-D287-4F50-827F-B2C658EDA8E7} => Key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2 (GFS Stub)" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => Key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{920E6DB1-9907-4370-B3A0-BAFC03D81399} => Key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 3 (GFS Folder)" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{16F3DD56-1AF5-4347-846D-7C10C4192619} => Key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 4 (GFS Unread Mark)" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => Key not found.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} => value deleted successfully.
HKCR\Wow6432Node\CLSID\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} => Key not found.
AdobeARMservice => Service deleted successfully.
gupdate => Service deleted successfully.
SkypeUpdate => Service deleted successfully.
AdobeFlashPlayerUpdateSvc => Service deleted successfully.
gupdatem => Service deleted successfully.
SwitchBoard => Service deleted successfully.
ALSysIO => Service deleted successfully.
EagleX64 => Service deleted successfully.
GGSAFERDriver => Service deleted successfully.
WinRing0_1_2_0 => Service deleted successfully.
C:\Users\Pepik\Desktop\mbam 25.12.txt => Moved successfully.
C:\Users\Pepik\Desktop\mbam 24.12.txt => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 517.3 MB temporary data.


The system needed a reboot.

==== End of Fixlog 10:10:53 ====

[Márty84]

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak je na tom pc.

[Polska Pasha]

Vubec mi to nesmazalo adw,rsit a diskinfo.... muzu to smazat ručně?

[Márty84]

ADWCleaner spustte a kliknete na uninstall. Tim program po sobe i uklidi. RSIT i CDI muzete normalne smazat.

[Polska Pasha]

Diky a ještě jsem se chtěl zeptat, nejde nejak zjistit jaky program mi nejvic zpomaluje pc?

[Márty84]

Nenapsal jste, jak je na tom pc.

Kouknete do spravce uloh a tam je vypis procesu, ktere bezi, a tam i zjistite, ktery z nich zere nejvic prostredku (vyuziti RAMky a procesoru).

[Polska Pasha]

pc je na tom ohodně lepe start rychlejsi... kompletni info dam vecer

[Márty84]

OK. Kdyz to jeste nebude v norme, podivame se hloubeji

[Polska Pasha]

Vsechno je ok system nabiha rychle,je to cele takove sviznejsi. Diky za pomoc a štasty novy rok

[Márty84]

To rad slysim, teda vidim

Nemate zac!

Dekuji Vam take vse nej

Mejte se a treba zase nekdy