Zavirovaný počítač

[Balca]

Zdravím nejspíš jsem si zaviroval PC. Počítač se zpomalil a po hloubkovém testu avastu našel několik virů.Podle mě je ale všechny neodstranil,prosím vás o kontrolu logu.

ZDE LOG:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 18-01-2015
Ran by Pavel (administrator) on PAVEL-HP4510S on 18-01-2015 13:31:28
Running from C:\Users\Pavel\Desktop
Loaded Profiles: Pavel (Available profiles: Pavel)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(ABBYY (BIT Software)) C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
(Autodesk Inc.) C:\Program Files\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-UpdaterService.exe
(PostgreSQL Global Development Group) C:\eISIS\servers\postgresql\bin\pg_ctl.exe
(Apache Software Foundation) C:\eISIS\servers\tomcat\bin\tomcat5.exe
(The Firebird Project) C:\Program Files\Firebird\bin\fbguard.exe
(PostgreSQL Global Development Group) C:\eISIS\servers\postgresql\bin\postgres.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(PostgreSQL Global Development Group) C:\eISIS\servers\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\eISIS\servers\postgresql\bin\postgres.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Safer Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
(BlueStack Systems) C:\Program Files\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files\BlueStacks\HD-SharedFolder.exe
(The Firebird Project) C:\Program Files\Firebird\bin\fbserver.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\avastui.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Akamai Technologies, Inc.) C:\Users\Pavel\AppData\Local\Akamai\netsession_win.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Akamai Technologies, Inc.) C:\Users\Pavel\AppData\Local\Akamai\netsession_win.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Users\Pavel\AppData\Local\MiPhoneManager\main\MiPhoneHelper.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(Mega Limited) C:\Users\Pavel\AppData\Local\MEGAsync\MEGAsync.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Pavel\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [WirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1545512 2009-07-30] (Synaptics Incorporated)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-08-04] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SoundMAX] => C:\Program Files\Analog Devices\SoundMAX\soundmax.exe [3866624 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\windows\KHALMNPR.EXE [55824 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [495616 2014-03-23] (Greenshot)
HKLM\...\Run: [Bonus.SSR.FR11] => C:\Program Files\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [1364496 2013-06-28] (ABBYY Production LLC)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-16] (Hewlett-Packard)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-1953867976-2926967598-2751854961-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Pavel\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1953867976-2926967598-2751854961-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [30873192 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-1953867976-2926967598-2751854961-1001\...\Run: [GoogleChromeAutoLaunch_7629D47B6AAB0AC4663EF6E10C5E858F] => C:\Program Files\Google\Chrome\Application\chrome.exe [856904 2015-01-09] (Google Inc.)
HKU\S-1-5-21-1953867976-2926967598-2751854961-1001\...\Run: [MiPhoneManager] => C:\Users\Pavel\AppData\Local\MiPhoneManager\main\MiPhoneHelper.exe [147728 2015-01-06] ()
HKU\S-1-5-21-1953867976-2926967598-2751854961-1001\...\Policies\Explorer: []
HKU\S-1-5-18\...\Run: [Nokia.PCSync] => C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe [1744896 2007-03-27] (Time Information Services Ltd.)
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1059720 2014-05-01] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk
ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
Startup: C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk
ShortcutTarget: MEGAsync.lnk -> C:\Users\Pavel\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Pavel\AppData\Local\MEGAsync\ShellExtX32.dll ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Pavel\AppData\Local\MEGAsync\ShellExtX32.dll ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Pavel\AppData\Local\MEGAsync\ShellExtX32.dll ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1953867976-2926967598-2751854961-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=UP97&ocid=UP97DHP
HKU\S-1-5-21-1953867976-2926967598-2751854961-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
HKU\S-1-5-21-1953867976-2926967598-2751854961-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKU\S-1-5-21-1953867976-2926967598-2751854961-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKU\S-1-5-21-1953867976-2926967598-2751854961-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
SearchScopes: HKU\S-1-5-21-1953867976-2926967598-2751854961-1001 -> {3128EB66-3E66-4AE8-9C68-BA0A04C046D7} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_14875
SearchScopes: HKU\S-1-5-21-1953867976-2926967598-2751854961-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-1953867976-2926967598-2751854961-1001 -> {6F5BDE0E-17BE-42C7-8408-C11D3695C505} URL = http://www.bing.com/search?FORM=UP97DF& ... -SearchBox
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll No File
BHO: No Name -> {11111111-1111-1111-1111-110611171152} -> No File
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll No File
BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\PROGRA~1\SPYBOT~1\SDHelper.dll No File
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll No File
BHO: Pomocník pro přihlášení ke službě Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll No File
BHO: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files\Evernote\Evernote\EvernoteIE.dll No File
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
Toolbar: HKLM - No Name - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
FF Plugin: @real.com/nppl3260;version=16.0.0.282 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=12.0.1.609 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=12.0.1.609 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=12.0.1.609 -> c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.0.282 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1953867976-2926967598-2751854961-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Pavel\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-04-28]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-04-28]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-05-24]
FF HKLM\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2012-12-24]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.idnes.cz/
CHR StartupUrls: Default -> "hxxp://www.idnes.cz/"
CHR Profile: C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Angry Birds) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2011-12-03]
CHR Extension: (Disk Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-20]
CHR Extension: (YouTube) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-10-28]
CHR Extension: (Vyhledávání Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-10-28]
CHR Extension: (AdBlock) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2011-11-30]
CHR Extension: (Classic) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkacjpbfdknhflllbcmjibkdeoafencn [2012-10-28]
CHR Extension: (RealDownloader) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2012-12-24]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-12-23]
CHR Extension: (Peněženka Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25]
CHR Extension: (Gmail) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-10-28]
CHR Profile: C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Docs) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2013-02-28]
CHR Extension: (Google Drive) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-02-28]
CHR Extension: (YouTube) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-02-28]
CHR Extension: (Google Search) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-02-28]
CHR Extension: (RealDownloader) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-02-28]
CHR Extension: (Skype Click to Call) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-02-28]
CHR Extension: (Google Wallet) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-17]
CHR Extension: (Gmail) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-02-28]
CHR Profile: C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Docs) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2013-02-28]
CHR Extension: (Google Drive) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-02-28]
CHR Extension: (YouTube) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-02-28]
CHR Extension: (Google Search) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-02-28]
CHR Extension: (avast! Online Security) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-17]
CHR Extension: (RealDownloader) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-02-28]
CHR Extension: (Skype Click to Call) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-02-28]
CHR Extension: (Google Wallet) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-17]
CHR Extension: (Gmail) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-02-28]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2014-07-20]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
CHR HKU\S-1-5-21-1953867976-2926967598-2751854961-1001\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Pavel\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-09-20]
CHR HKU\S-1-5-21-1953867976-2926967598-2751854961-1001\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Professional.9.0; C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [660768 2007-12-06] (ABBYY (BIT Software))
R2 AdAppMgrSvc; C:\Program Files\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [597896 2014-09-04] (Autodesk Inc.)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2014-07-20] (AVAST Software)
R2 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [409304 2014-10-07] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [388824 2014-10-07] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files\BlueStacks\HD-UpdaterService.exe [782040 2014-10-07] (BlueStack Systems, Inc.)
R2 eISISPostgreSQL; c:\eISIS\servers\postgresql\bin\pg_ctl.exe [79948 2008-01-04] (PostgreSQL Global Development Group) [File not signed]
R2 eISISTomcat; c:\eISIS\servers\tomcat\bin\tomcat5.exe [57344 2007-08-24] (Apache Software Foundation) [File not signed]
R2 FirebirdGuardianDefaultInstance; C:\Program Files\Firebird\bin\fbguard.exe [65536 2007-12-12] (The Firebird Project) [File not signed]
R3 FirebirdServerDefaultInstance; C:\Program Files\Firebird\bin\fbserver.exe [1531989 2007-12-12] (The Firebird Project) [File not signed]
S3 FlexNet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [1087792 2014-09-18] (Flexera Software LLC)
S2 globalUpdate; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-11-23] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-11-23] (globalUpdate) [File not signed]
R2 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [124928 2009-07-09] (Hewlett-Packard) [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [635416 2009-06-18] (PDF Complete Inc)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
R2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [292864 2007-03-26] (Nokia.) [File not signed]
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3273088 2013-09-16] (Skype Technologies S.A.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 yksvc; C:\windows\System32\yk62x86.dll [364544 2009-09-28] (Marvell)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 androidusb; C:\windows\System32\Drivers\androidusb.sys [31312 2012-01-15] (Google Inc)
R2 aswHwid; C:\windows\system32\drivers\aswHwid.sys [24184 2014-07-20] ()
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [67824 2014-07-20] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [81768 2014-07-20] (AVAST Software)
R0 aswRvrt; C:\windows\system32\Drivers\aswRvrt.sys [49944 2014-07-20] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [779536 2014-11-21] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [414520 2014-07-20] (AVAST Software)
S2 aswStm; C:\windows\system32\drivers\aswStm.sys [71944 2014-07-20] (AVAST Software)
R0 aswVmm; C:\windows\system32\Drivers\aswVmm.sys [192352 2014-07-20] ()
R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [112344 2014-10-07] (BlueStack Systems)
R1 dtsoftbus01; C:\windows\System32\DRIVERS\dtsoftbus01.sys [239168 2011-11-29] (DT Soft Ltd)
S3 k750bus; C:\windows\System32\DRIVERS\k750bus.sys [55216 2005-02-11] (MCCI)
R3 LEqdUsb; C:\windows\System32\Drivers\LEqdUsb.Sys [40720 2009-06-17] (Logitech, Inc.)
R3 LHidEqd; C:\windows\System32\Drivers\LHidEqd.Sys [10384 2009-06-17] (Logitech, Inc.)
S3 MfeAVFK; C:\windows\System32\drivers\MfeAVFK.sys [79816 2009-05-16] (McAfee, Inc.)
S3 MfeBOPK; C:\windows\System32\drivers\MfeBOPK.sys [35272 2009-05-16] (McAfee, Inc.)
R1 mfehidk; C:\windows\System32\drivers\mfehidk.sys [214024 2009-05-16] (McAfee, Inc.)
S3 MfeRKDK; C:\windows\System32\drivers\MfeRKDK.sys [34248 2009-05-16] (McAfee, Inc.)
R1 mfetdik; C:\windows\System32\drivers\mfetdik.sys [55336 2009-05-16] (McAfee, Inc.)
S3 NETw1v32; C:\windows\System32\DRIVERS\NETw1v32.sys [5958656 2009-07-21] (Intel Corporation)
R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [1765168 2009-07-02] ()
S3 upperdev; C:\windows\System32\DRIVERS\usbser_lowerflt.sys [8064 2008-05-02] (Windows (R) Codename Longhorn DDK provider)
S3 UsbserFilt; C:\windows\System32\DRIVERS\usbser_lowerfltj.sys [8064 2008-05-02] (Windows (R) Codename Longhorn DDK provider)
R3 yukonw7; C:\windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-18 13:31 - 2015-01-18 13:32 - 00030639 _____ () C:\Users\Pavel\Desktop\FRST.txt
2015-01-18 13:31 - 2015-01-18 13:31 - 00000000 ____D () C:\FRST
2015-01-18 13:30 - 2015-01-18 13:30 - 00112640 _____ (forum.viry.cz) C:\Users\Pavel\Desktop\FRSTLauncher.exe
2015-01-18 13:29 - 2015-01-18 13:30 - 00112640 _____ (forum.viry.cz) C:\Users\Pavel\Downloads\FRSTLauncher.exe
2015-01-18 13:29 - 2015-01-18 13:29 - 01117696 _____ (Farbar) C:\Users\Pavel\Downloads\FRST.exe
2015-01-18 13:29 - 2015-01-18 13:29 - 01117696 _____ (Farbar) C:\Users\Pavel\Desktop\FRST.exe
2015-01-14 20:35 - 2014-12-19 03:43 - 00164864 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2015-01-14 20:35 - 2014-12-19 02:34 - 00116224 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2015-01-14 20:35 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2015-01-14 20:35 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-01-14 20:35 - 2014-12-11 18:47 - 00046592 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2015-01-14 20:35 - 2014-12-06 04:50 - 00242688 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
2015-01-13 23:13 - 2015-01-13 23:14 - 07027664 _____ () C:\Users\Pavel\Downloads\RUSH HOUR-SD.MP4
2015-01-13 23:11 - 2015-01-13 23:11 - 02352941 _____ () C:\Users\Pavel\Downloads\10551237_10202588192978004_1050271098_n.mp4
2015-01-10 12:51 - 2015-01-15 17:16 - 00000000 ___RD () C:\Users\Pavel\Documents\MEGA
2015-01-10 12:50 - 2015-01-10 12:53 - 00000000 ____D () C:\Users\Pavel\AppData\Local\MEGAsync
2015-01-10 12:50 - 2015-01-10 12:50 - 00001061 _____ () C:\Users\Pavel\Desktop\MEGAsync.lnk
2015-01-10 12:50 - 2015-01-10 12:50 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
2015-01-10 12:50 - 2015-01-10 12:50 - 00000000 ____D () C:\Users\Pavel\AppData\Local\Mega Limited
2015-01-10 12:49 - 2015-01-10 12:49 - 08360152 _____ (MEGA Limited) C:\Users\Pavel\Downloads\MEGAsyncSetup.exe
2015-01-09 21:40 - 2015-01-09 21:40 - 02869233 _____ () C:\Users\Pavel\Downloads\VID-20140213-WA0003 (1).mp4
2015-01-06 17:16 - 2015-01-06 17:16 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2015-01-06 17:15 - 2015-01-06 17:15 - 00001365 _____ () C:\Users\Pavel\Desktop\小米助手.lnk
2015-01-06 17:15 - 2015-01-06 17:15 - 00000000 ____D () C:\Xiaomi
2015-01-06 17:15 - 2015-01-06 17:15 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\小米
2015-01-06 17:15 - 2015-01-06 17:15 - 00000000 ____D () C:\Users\Pavel\.android
2015-01-06 17:14 - 2015-01-06 17:14 - 00851176 _____ (Microsoft Corporation) C:\windows\system32\WinUSBCoInstaller2.dll
2015-01-06 17:14 - 2015-01-06 17:14 - 00000000 ____D () C:\Users\Pavel\AppData\Local\MiPhoneManager
2015-01-06 17:13 - 2015-01-06 17:13 - 00000000 ____D () C:\Users\Public\Thunder Network
2015-01-06 17:13 - 2015-01-06 17:13 - 00000000 ____D () C:\ProgramData\Thunder Network
2015-01-06 17:11 - 2015-01-06 17:11 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Xiaomi
2015-01-06 17:01 - 2015-01-06 17:05 - 412039162 _____ () C:\Users\Pavel\Downloads\xiaomi.eu_multi_cancro_5.1.2_v6-4.4.zip
2015-01-06 09:41 - 2015-01-06 09:41 - 00676007 _____ () C:\Users\Pavel\Downloads\VID-20141121-WA0001.mp4
2015-01-06 09:34 - 2015-01-06 09:34 - 08795640 _____ () C:\Users\Pavel\Downloads\Bolesti hlavy.wmv.wmv
2015-01-05 21:45 - 2014-08-06 21:38 - 00001168 _____ () C:\Users\Pavel\Downloads\standard.ini
2015-01-05 21:45 - 2013-08-19 09:29 - 00001170 _____ () C:\Users\Pavel\Downloads\standard.cfg
2014-12-31 15:31 - 2014-12-31 15:31 - 00000212 _____ () C:\Users\Pavel\Desktop\Counter-Strike.url
2014-12-27 19:34 - 2014-12-27 19:34 - 05954981 _____ () C:\Users\Pavel\Downloads\parachute1 (1).wmv
2014-12-27 18:52 - 2014-12-27 18:52 - 00390993 _____ () C:\Users\Pavel\Downloads\pf2015-exprespneu.cz
2014-12-27 18:49 - 2014-12-27 18:49 - 07750603 _____ () C:\Users\Pavel\Downloads\Mail-Anhang.mp4
2014-12-27 18:48 - 2014-12-27 18:48 - 05802918 _____ () C:\Users\Pavel\Downloads\Christmas_Bounce_1 (2).mp4
2014-12-27 18:47 - 2014-12-27 18:47 - 05802918 _____ () C:\Users\Pavel\Downloads\Christmas_Bounce_1 (1).mp4
2014-12-27 18:45 - 2014-12-27 18:45 - 05954981 _____ () C:\Users\Pavel\Downloads\parachute1.wmv
2014-12-27 18:39 - 2014-12-27 18:40 - 05802918 _____ () C:\Users\Pavel\Downloads\Christmas_Bounce_1.mp4
2014-12-22 11:48 - 2014-12-22 11:48 - 00269188 _____ () C:\Users\Pavel\Downloads\VY_32_INOVACE_10_01.ppsx
2014-12-22 09:04 - 2014-12-22 09:04 - 00367924 _____ () C:\Users\Pavel\Downloads\LBSAM.mp4
2014-12-21 17:14 - 2014-12-21 17:14 - 00047823 _____ () C:\Users\Pavel\Downloads\Kral-Lavra---Borovsky-Karel-Havlicek.epub
2014-12-21 10:21 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-12-21 09:57 - 2014-12-21 09:57 - 00000000 ____D () C:\windows\system32\appraiser

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-18 13:29 - 2010-06-12 16:13 - 00000940 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-18 13:26 - 2014-10-20 19:38 - 01740163 _____ () C:\windows\WindowsUpdate.log
2015-01-18 13:26 - 2009-07-14 05:34 - 00022688 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-18 13:26 - 2009-07-14 05:34 - 00022688 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-18 13:23 - 2010-02-04 12:00 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Skype
2015-01-18 13:21 - 2014-11-23 12:21 - 00005490 _____ () C:\windows\Tasks\2518b31e-9097-4a1c-95a2-7be63840355e-6.job
2015-01-18 13:21 - 2010-06-12 16:13 - 00000936 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-18 13:20 - 2014-12-14 12:08 - 00006818 _____ () C:\windows\setupact.log
2015-01-18 13:20 - 2014-11-23 12:22 - 00003086 _____ () C:\windows\Tasks\2518b31e-9097-4a1c-95a2-7be63840355e-1.job
2015-01-18 13:20 - 2014-11-23 12:22 - 00002418 _____ () C:\windows\Tasks\2518b31e-9097-4a1c-95a2-7be63840355e-5_user.job
2015-01-18 13:20 - 2014-11-23 12:22 - 00002418 _____ () C:\windows\Tasks\2518b31e-9097-4a1c-95a2-7be63840355e-5.job
2015-01-18 13:20 - 2014-11-23 12:22 - 00002082 _____ () C:\windows\Tasks\2518b31e-9097-4a1c-95a2-7be63840355e-2.job
2015-01-18 13:20 - 2014-11-23 12:21 - 00005154 _____ () C:\windows\Tasks\2518b31e-9097-4a1c-95a2-7be63840355e-7.job
2015-01-18 13:20 - 2014-11-23 12:21 - 00004812 _____ () C:\windows\Tasks\2518b31e-9097-4a1c-95a2-7be63840355e-11.job
2015-01-18 13:20 - 2014-11-23 12:21 - 00004130 _____ () C:\windows\Tasks\2518b31e-9097-4a1c-95a2-7be63840355e-4.job
2015-01-18 13:20 - 2014-11-23 12:21 - 00000910 _____ () C:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-01-18 13:20 - 2009-07-14 05:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-01-18 05:10 - 2012-05-03 08:36 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-01-18 03:03 - 2013-12-29 17:58 - 00000928 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1953867976-2926967598-2751854961-1001UA.job
2015-01-18 00:35 - 2009-09-20 08:18 - 00000000 ____D () C:\ProgramData\PDFC
2015-01-18 00:26 - 2014-11-23 12:21 - 00000914 _____ () C:\windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-01-17 18:12 - 2013-12-05 19:10 - 00000000 ____D () C:\Program Files\Steam
2015-01-17 18:03 - 2013-12-29 17:58 - 00000906 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1953867976-2926967598-2751854961-1001Core.job
2015-01-16 09:47 - 2010-03-02 11:30 - 00000052 _____ () C:\windows\system32\DOErrors.log
2015-01-15 00:41 - 2013-08-17 21:35 - 00000000 ____D () C:\windows\system32\MRT
2015-01-15 00:34 - 2010-02-04 11:46 - 110348472 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-01-14 21:10 - 2012-05-03 08:36 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2015-01-14 21:10 - 2011-05-23 18:51 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2015-01-13 20:46 - 2010-02-11 15:42 - 00000328 _____ () C:\windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job
2015-01-13 16:17 - 2009-09-20 08:17 - 01593150 _____ () C:\windows\system32\PerfStringBackup.INI
2015-01-13 16:00 - 2010-09-13 15:59 - 00000314 _____ () C:\windows\Tasks\Spybot - Search & Destroy Updater - Scheduled Task.job
2015-01-10 14:37 - 2012-05-03 09:16 - 00000000 ____D () C:\Users\Pavel\Documents\Calibre knihovna
2015-01-10 14:26 - 2011-08-15 09:50 - 00000000 ____D () C:\windows\pss
2015-01-10 14:26 - 2011-07-20 12:38 - 00000000 ___RD () C:\Users\Pavel\Dropbox
2015-01-10 12:37 - 2011-07-20 12:37 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Dropbox
2015-01-07 18:51 - 2010-02-04 12:00 - 00000000 ___RD () C:\Program Files\Skype
2015-01-07 18:51 - 2010-02-03 14:09 - 00000000 ____D () C:\ProgramData\Skype
2015-01-06 17:15 - 2010-02-03 13:59 - 00000000 ____D () C:\Users\Pavel
2015-01-06 17:13 - 2009-07-14 03:37 - 00000000 ___RD () C:\Users\Public
2015-01-06 04:36 - 2010-02-04 12:43 - 00249488 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2015-01-05 02:13 - 2011-07-17 10:55 - 00000000 ____D () C:\Users\Pavel\Desktop\FOTO
2014-12-31 15:31 - 2013-12-05 19:17 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-26 16:00 - 2010-02-11 15:28 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-12-26 15:40 - 2014-09-20 14:23 - 00000000 ___RD () C:\Users\Pavel\Disk Google
2014-12-22 20:07 - 2010-02-11 15:56 - 00000000 ____D () C:\Users\Pavel\Desktop\MS OFFICE
2014-12-21 14:28 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\rescache
2014-12-21 10:09 - 2011-07-20 12:37 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-21 09:57 - 2014-05-06 17:28 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-12-21 09:57 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\AppCompat

==================== Files in the root of some directories =======
2010-10-15 09:45 - 2010-10-15 09:45 - 1357587 _____ () C:\Program Files\KARPINA---Reklama---Kristova-[HD]-(NECENZUROVANE).wmv
2010-02-16 10:31 - 2010-02-16 10:31 - 0014246 _____ () C:\Program Files\settings.dat
2010-09-13 16:55 - 2010-09-13 16:55 - 2314424 _____ () C:\Program Files\TeamViewerQS.exe
2012-12-24 15:15 - 2014-09-20 14:44 - 1178624 _____ (CPUID) C:\Users\Pavel\AppData\Roaming\siw_sdk.dll
2014-09-20 14:17 - 2014-09-20 14:17 - 0008704 ___SH () C:\Users\Pavel\AppData\Roaming\Thumbs.db
2010-03-06 15:07 - 2010-03-06 15:07 - 0033134 _____ () C:\Users\Pavel\AppData\Roaming\UserTile.png
2010-02-03 14:13 - 2010-02-03 14:13 - 0000000 _____ () C:\Users\Pavel\AppData\Local\AtStart.txt
2012-01-03 15:42 - 2012-01-03 15:42 - 0003584 _____ () C:\Users\Pavel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-02-03 14:13 - 2010-02-03 14:13 - 0000000 _____ () C:\Users\Pavel\AppData\Local\DSwitch.txt
2010-02-03 14:13 - 2010-02-03 14:13 - 0000000 _____ () C:\Users\Pavel\AppData\Local\QSwitch.txt
2009-09-20 08:39 - 2015-01-18 13:22 - 0000176 _____ () C:\ProgramData\HPWALog.txt
2014-09-18 18:40 - 2014-09-18 18:40 - 0000147 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Some content of TEMP:
====================
C:\Users\Pavel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzjeqvq.dll
C:\Users\Pavel\AppData\Local\Temp\MiSetupFullPackage.exe
C:\Users\Pavel\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\2518b31e-9097-4a1c-95a2-7be63840355e-1.job => C:\Program Files\Shopp_Upe_1.8\Shopp_Upe_1.8-codedownloader.exe <==== ATTENTION
Task: C:\windows\Tasks\2518b31e-9097-4a1c-95a2-7be63840355e-11.job => C:\Program Files\Shopp_Upe_1.8\2518b31e-9097-4a1c-95a2-7be63840355e-11.exe <==== ATTENTION
Task: C:\windows\Tasks\2518b31e-9097-4a1c-95a2-7be63840355e-2.job => C:\Program Files\Shopp_Upe_1.8\2518b31e-9097-4a1c-95a2-7be63840355e-2.exe <==== ATTENTION
Task: C:\windows\Tasks\2518b31e-9097-4a1c-95a2-7be63840355e-4.job => C:\Program Files\Shopp_Upe_1.8\2518b31e-9097-4a1c-95a2-7be63840355e-4.exe <==== ATTENTION
Task: C:\windows\Tasks\2518b31e-9097-4a1c-95a2-7be63840355e-5.job => C:\Program Files\Shopp_Upe_1.8\2518b31e-9097-4a1c-95a2-7be63840355e-5.exe <==== ATTENTION
Task: C:\windows\Tasks\2518b31e-9097-4a1c-95a2-7be63840355e-5_user.job => C:\Program Files\Shopp_Upe_1.8\2518b31e-9097-4a1c-95a2-7be63840355e-5.exe <==== ATTENTION
Task: C:\windows\Tasks\2518b31e-9097-4a1c-95a2-7be63840355e-6.job => C:\Program Files\Shopp_Upe_1.8\2518b31e-9097-4a1c-95a2-7be63840355e-6.exe <==== ATTENTION
Task: C:\windows\Tasks\2518b31e-9097-4a1c-95a2-7be63840355e-7.job => C:\Program Files\Shopp_Upe_1.8\2518b31e-9097-4a1c-95a2-7be63840355e-7.exe <==== ATTENTION
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1953867976-2926967598-2751854961-1001Core.job => C:\Users\Pavel\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1953867976-2926967598-2751854961-1001UA.job => C:\Users\Pavel\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job => C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
Task: C:\windows\Tasks\Spybot - Search & Destroy Updater - Scheduled Task.job => C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Pavel\Desktop" je 20064 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSKAppManager
"C:\Program Files\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autodesk Sync
C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent
"C:\Program Files\BitTorrent\BitTorrent.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent
C:\Program Files\BlueStacks\HD-Agent.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update
"C:\Users\Pavel\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleDriveSync
"C:\Program Files\Google\Drive\googledrivesync.exe" /autostart [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files\QuickTime\QTTask.exe" -atboottime [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify
"C:\Users\Pavel\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper
"C:\Users\Pavel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe
"C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center
%windir%\WindowsMobile\wmdc.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Pavel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk
C:\Users\Pavel\AppData\Roaming\Dropbox\bin\Dropbox.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Pavel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk
C:\PROGRA~1\Evernote\Evernote\EVERNO~2.EXE


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000001


==================== End Of Log ==============================

[altrok]

Zdravim

Odinstalujte Skype Click to Call a Spybot - Search & Destroy

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/

• ukoncete vsechny programy
• kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
• kliknete na Scan, pote na Clean
• po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

[Balca]

ZDE LOG Z ADW:

# AdwCleaner v4.108 - Report created 18/01/2015 at 15:23:12
# Updated 17/01/2015 by Xplode
# Database : 2015-01-13.2 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Pavel - PAVEL-HP4510S
# Running from : C:\Users\Pavel\Desktop\adwcleaner_4.108.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\globalUpdate
Folder Deleted : C:\Users\Pavel\AppData\Local\globalUpdate
File Deleted : C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal
File Deleted : C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****

Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : 2518b31e-9097-4a1c-95a2-7be63840355e-1
Task Deleted : 2518b31e-9097-4a1c-95a2-7be63840355e-11
Task Deleted : 2518b31e-9097-4a1c-95a2-7be63840355e-2
Task Deleted : 2518b31e-9097-4a1c-95a2-7be63840355e-4
Task Deleted : 2518b31e-9097-4a1c-95a2-7be63840355e-5
Task Deleted : 2518b31e-9097-4a1c-95a2-7be63840355e-5_user
Task Deleted : 2518b31e-9097-4a1c-95a2-7be63840355e-6
Task Deleted : 2518b31e-9097-4a1c-95a2-7be63840355e-7

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v


-\\ Google Chrome v39.0.2171.99


*************************

AdwCleaner[R0].txt - [9447 octets] - [21/09/2014 15:13:44]
AdwCleaner[R1].txt - [6930 octets] - [18/01/2015 15:21:03]
AdwCleaner[S0].txt - [9659 octets] - [21/09/2014 15:16:56]
AdwCleaner[S1].txt - [7017 octets] - [18/01/2015 15:23:12]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [7077 octets] ##########

[altrok]

Dejte novy log FRST.txt, prilozte i Addition.txt. Pri druhem a dalsim spusteni FRST je nutne explicitne zatrhnout volbu Addition - http://forum.viry.cz/viewtopic.php?f=30&t=133101

[Balca]

ZDE LOG:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 18-01-2015
Ran by Pavel (administrator) on PAVEL-HP4510S on 18-01-2015 15:55:43
Running from C:\Users\Pavel\Desktop
Loaded Profiles: Pavel (Available profiles: Pavel)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(ABBYY (BIT Software)) C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
(Autodesk Inc.) C:\Program Files\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-UpdaterService.exe
(PostgreSQL Global Development Group) C:\eISIS\servers\postgresql\bin\pg_ctl.exe
(Apache Software Foundation) C:\eISIS\servers\tomcat\bin\tomcat5.exe
(PostgreSQL Global Development Group) C:\eISIS\servers\postgresql\bin\postgres.exe
(The Firebird Project) C:\Program Files\Firebird\bin\fbguard.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(PostgreSQL Global Development Group) C:\eISIS\servers\postgresql\bin\postgres.exe
(PostgreSQL Global Development Group) C:\eISIS\servers\postgresql\bin\postgres.exe
(The Firebird Project) C:\Program Files\Firebird\bin\fbserver.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\avastui.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Akamai Technologies, Inc.) C:\Users\Pavel\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Pavel\AppData\Local\Akamai\netsession_win.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Users\Pavel\AppData\Local\MiPhoneManager\main\MiPhoneHelper.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(Mega Limited) C:\Users\Pavel\AppData\Local\MEGAsync\MEGAsync.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(forum.viry.cz) C:\Users\Pavel\Desktop\FRSTLauncher (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [WirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1545512 2009-07-30] (Synaptics Incorporated)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-08-04] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SoundMAX] => C:\Program Files\Analog Devices\SoundMAX\soundmax.exe [3866624 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\windows\KHALMNPR.EXE [55824 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [495616 2014-03-23] (Greenshot)
HKLM\...\Run: [Bonus.SSR.FR11] => C:\Program Files\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [1364496 2013-06-28] (ABBYY Production LLC)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-16] (Hewlett-Packard)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-1953867976-2926967598-2751854961-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Pavel\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1953867976-2926967598-2751854961-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [30873192 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-1953867976-2926967598-2751854961-1001\...\Run: [GoogleChromeAutoLaunch_7629D47B6AAB0AC4663EF6E10C5E858F] => C:\Program Files\Google\Chrome\Application\chrome.exe [856904 2015-01-09] (Google Inc.)
HKU\S-1-5-21-1953867976-2926967598-2751854961-1001\...\Run: [MiPhoneManager] => C:\Users\Pavel\AppData\Local\MiPhoneManager\main\MiPhoneHelper.exe [147728 2015-01-06] ()
HKU\S-1-5-21-1953867976-2926967598-2751854961-1001\...\Policies\Explorer: []
HKU\S-1-5-18\...\Run: [Nokia.PCSync] => C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe [1744896 2007-03-27] (Time Information Services Ltd.)
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1059720 2014-05-01] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk
ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
Startup: C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk
ShortcutTarget: MEGAsync.lnk -> C:\Users\Pavel\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Pavel\AppData\Local\MEGAsync\ShellExtX32.dll ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Pavel\AppData\Local\MEGAsync\ShellExtX32.dll ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Pavel\AppData\Local\MEGAsync\ShellExtX32.dll ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1953867976-2926967598-2751854961-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=UP97&ocid=UP97DHP
HKU\S-1-5-21-1953867976-2926967598-2751854961-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
HKU\S-1-5-21-1953867976-2926967598-2751854961-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKU\S-1-5-21-1953867976-2926967598-2751854961-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKU\S-1-5-21-1953867976-2926967598-2751854961-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1953867976-2926967598-2751854961-1001 -> {3128EB66-3E66-4AE8-9C68-BA0A04C046D7} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_14875
SearchScopes: HKU\S-1-5-21-1953867976-2926967598-2751854961-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-1953867976-2926967598-2751854961-1001 -> {6F5BDE0E-17BE-42C7-8408-C11D3695C505} URL = http://www.bing.com/search?FORM=UP97DF& ... -SearchBox
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll No File
BHO: No Name -> {11111111-1111-1111-1111-110611171152} -> No File
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll No File
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll No File
BHO: Pomocník pro přihlášení ke službě Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll No File
BHO: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files\Evernote\Evernote\EvernoteIE.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
Toolbar: HKLM - No Name - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
FF Plugin: @real.com/nppl3260;version=16.0.0.282 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=12.0.1.609 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=12.0.1.609 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=12.0.1.609 -> c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.0.282 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1953867976-2926967598-2751854961-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Pavel\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-05-24]
FF HKLM\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2012-12-24]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.idnes.cz/
CHR StartupUrls: Default -> "hxxp://www.idnes.cz/"
CHR Profile: C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Angry Birds) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2011-12-03]
CHR Extension: (Disk Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-20]
CHR Extension: (YouTube) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-10-28]
CHR Extension: (Vyhledávání Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-10-28]
CHR Extension: (AdBlock) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2011-11-30]
CHR Extension: (Classic) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkacjpbfdknhflllbcmjibkdeoafencn [2012-10-28]
CHR Extension: (RealDownloader) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2012-12-24]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-12-23]
CHR Extension: (Peněženka Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25]
CHR Extension: (Gmail) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-10-28]
CHR Profile: C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Docs) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2013-02-28]
CHR Extension: (Google Drive) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-02-28]
CHR Extension: (YouTube) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-02-28]
CHR Extension: (Google Search) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-02-28]
CHR Extension: (RealDownloader) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-02-28]
CHR Extension: (Skype Click to Call) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-02-28]
CHR Extension: (Google Wallet) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-17]
CHR Extension: (Gmail) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-02-28]
CHR Profile: C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Docs) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2013-02-28]
CHR Extension: (Google Drive) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-02-28]
CHR Extension: (YouTube) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-02-28]
CHR Extension: (Google Search) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-02-28]
CHR Extension: (avast! Online Security) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-17]
CHR Extension: (RealDownloader) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-02-28]
CHR Extension: (Skype Click to Call) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-02-28]
CHR Extension: (Google Wallet) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-17]
CHR Extension: (Gmail) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-02-28]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2014-07-20]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]
CHR HKU\S-1-5-21-1953867976-2926967598-2751854961-1001\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Pavel\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-09-20]
CHR HKU\S-1-5-21-1953867976-2926967598-2751854961-1001\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Professional.9.0; C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [660768 2007-12-06] (ABBYY (BIT Software))
R2 AdAppMgrSvc; C:\Program Files\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [597896 2014-09-04] (Autodesk Inc.)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2014-07-20] (AVAST Software)
S2 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [409304 2014-10-07] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [388824 2014-10-07] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files\BlueStacks\HD-UpdaterService.exe [782040 2014-10-07] (BlueStack Systems, Inc.)
R2 eISISPostgreSQL; c:\eISIS\servers\postgresql\bin\pg_ctl.exe [79948 2008-01-04] (PostgreSQL Global Development Group) [File not signed]
R2 eISISTomcat; c:\eISIS\servers\tomcat\bin\tomcat5.exe [57344 2007-08-24] (Apache Software Foundation) [File not signed]
R2 FirebirdGuardianDefaultInstance; C:\Program Files\Firebird\bin\fbguard.exe [65536 2007-12-12] (The Firebird Project) [File not signed]
R3 FirebirdServerDefaultInstance; C:\Program Files\Firebird\bin\fbserver.exe [1531989 2007-12-12] (The Firebird Project) [File not signed]
S3 FlexNet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [1087792 2014-09-18] (Flexera Software LLC)
R2 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [124928 2009-07-09] (Hewlett-Packard) [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [635416 2009-06-18] (PDF Complete Inc)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [292864 2007-03-26] (Nokia.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 yksvc; C:\windows\System32\yk62x86.dll [364544 2009-09-28] (Marvell)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 androidusb; C:\windows\System32\Drivers\androidusb.sys [31312 2012-01-15] (Google Inc)
R2 aswHwid; C:\windows\system32\drivers\aswHwid.sys [24184 2014-07-20] ()
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [67824 2014-07-20] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [81768 2014-07-20] (AVAST Software)
R0 aswRvrt; C:\windows\system32\Drivers\aswRvrt.sys [49944 2014-07-20] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [779536 2014-11-21] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [414520 2014-07-20] (AVAST Software)
S2 aswStm; C:\windows\system32\drivers\aswStm.sys [71944 2014-07-20] (AVAST Software)
R0 aswVmm; C:\windows\system32\Drivers\aswVmm.sys [192352 2014-07-20] ()
R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [112344 2014-10-07] (BlueStack Systems)
R1 dtsoftbus01; C:\windows\System32\DRIVERS\dtsoftbus01.sys [239168 2011-11-29] (DT Soft Ltd)
S3 k750bus; C:\windows\System32\DRIVERS\k750bus.sys [55216 2005-02-11] (MCCI)
R3 LEqdUsb; C:\windows\System32\Drivers\LEqdUsb.Sys [40720 2009-06-17] (Logitech, Inc.)
R3 LHidEqd; C:\windows\System32\Drivers\LHidEqd.Sys [10384 2009-06-17] (Logitech, Inc.)
S3 MfeAVFK; C:\windows\System32\drivers\MfeAVFK.sys [79816 2009-05-16] (McAfee, Inc.)
S3 MfeBOPK; C:\windows\System32\drivers\MfeBOPK.sys [35272 2009-05-16] (McAfee, Inc.)
R1 mfehidk; C:\windows\System32\drivers\mfehidk.sys [214024 2009-05-16] (McAfee, Inc.)
S3 MfeRKDK; C:\windows\System32\drivers\MfeRKDK.sys [34248 2009-05-16] (McAfee, Inc.)
R1 mfetdik; C:\windows\System32\drivers\mfetdik.sys [55336 2009-05-16] (McAfee, Inc.)
S3 NETw1v32; C:\windows\System32\DRIVERS\NETw1v32.sys [5958656 2009-07-21] (Intel Corporation)
R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [1765168 2009-07-02] ()
S3 upperdev; C:\windows\System32\DRIVERS\usbser_lowerflt.sys [8064 2008-05-02] (Windows (R) Codename Longhorn DDK provider)
S3 UsbserFilt; C:\windows\System32\DRIVERS\usbser_lowerfltj.sys [8064 2008-05-02] (Windows (R) Codename Longhorn DDK provider)
R3 yukonw7; C:\windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-18 15:55 - 2015-01-18 15:56 - 00028798 _____ () C:\Users\Pavel\Desktop\FRST.txt
2015-01-18 15:54 - 2015-01-18 15:54 - 00112640 _____ (forum.viry.cz) C:\Users\Pavel\Desktop\FRSTLauncher (1).exe
2015-01-18 15:53 - 2015-01-18 15:54 - 00112640 _____ (forum.viry.cz) C:\Users\Pavel\Downloads\FRSTLauncher (1).exe
2015-01-18 15:24 - 2015-01-18 15:24 - 00000310 _____ () C:\windows\PFRO.log
2015-01-18 15:20 - 2015-01-18 15:20 - 02186752 _____ () C:\Users\Pavel\Downloads\adwcleaner_4.108.exe
2015-01-18 15:20 - 2015-01-18 15:20 - 02186752 _____ () C:\Users\Pavel\Desktop\adwcleaner_4.108.exe
2015-01-18 13:39 - 2015-01-18 13:39 - 00005978 _____ () C:\Users\Pavel\Desktop\Addition.zip
2015-01-18 13:31 - 2015-01-18 15:55 - 00000000 ____D () C:\FRST
2015-01-18 13:29 - 2015-01-18 13:30 - 00112640 _____ (forum.viry.cz) C:\Users\Pavel\Downloads\FRSTLauncher.exe
2015-01-18 13:29 - 2015-01-18 13:29 - 01117696 _____ (Farbar) C:\Users\Pavel\Downloads\FRST.exe
2015-01-18 13:29 - 2015-01-18 13:29 - 01117696 _____ (Farbar) C:\Users\Pavel\Desktop\FRST.exe
2015-01-14 20:35 - 2014-12-19 03:43 - 00164864 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2015-01-14 20:35 - 2014-12-19 02:34 - 00116224 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2015-01-14 20:35 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2015-01-14 20:35 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-01-14 20:35 - 2014-12-11 18:47 - 00046592 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2015-01-14 20:35 - 2014-12-06 04:50 - 00242688 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
2015-01-13 23:13 - 2015-01-13 23:14 - 07027664 _____ () C:\Users\Pavel\Downloads\RUSH HOUR-SD.MP4
2015-01-13 23:11 - 2015-01-13 23:11 - 02352941 _____ () C:\Users\Pavel\Downloads\10551237_10202588192978004_1050271098_n.mp4
2015-01-10 12:51 - 2015-01-15 17:16 - 00000000 ___RD () C:\Users\Pavel\Documents\MEGA
2015-01-10 12:50 - 2015-01-10 12:53 - 00000000 ____D () C:\Users\Pavel\AppData\Local\MEGAsync
2015-01-10 12:50 - 2015-01-10 12:50 - 00001061 _____ () C:\Users\Pavel\Desktop\MEGAsync.lnk
2015-01-10 12:50 - 2015-01-10 12:50 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
2015-01-10 12:50 - 2015-01-10 12:50 - 00000000 ____D () C:\Users\Pavel\AppData\Local\Mega Limited
2015-01-10 12:49 - 2015-01-10 12:49 - 08360152 _____ (MEGA Limited) C:\Users\Pavel\Downloads\MEGAsyncSetup.exe
2015-01-09 21:40 - 2015-01-09 21:40 - 02869233 _____ () C:\Users\Pavel\Downloads\VID-20140213-WA0003 (1).mp4
2015-01-06 17:16 - 2015-01-06 17:16 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2015-01-06 17:15 - 2015-01-06 17:15 - 00001365 _____ () C:\Users\Pavel\Desktop\小米助手.lnk
2015-01-06 17:15 - 2015-01-06 17:15 - 00000000 ____D () C:\Xiaomi
2015-01-06 17:15 - 2015-01-06 17:15 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\小米
2015-01-06 17:15 - 2015-01-06 17:15 - 00000000 ____D () C:\Users\Pavel\.android
2015-01-06 17:14 - 2015-01-06 17:14 - 00851176 _____ (Microsoft Corporation) C:\windows\system32\WinUSBCoInstaller2.dll
2015-01-06 17:14 - 2015-01-06 17:14 - 00000000 ____D () C:\Users\Pavel\AppData\Local\MiPhoneManager
2015-01-06 17:13 - 2015-01-06 17:13 - 00000000 ____D () C:\Users\Public\Thunder Network
2015-01-06 17:13 - 2015-01-06 17:13 - 00000000 ____D () C:\ProgramData\Thunder Network
2015-01-06 17:11 - 2015-01-06 17:11 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Xiaomi
2015-01-06 17:01 - 2015-01-06 17:05 - 412039162 _____ () C:\Users\Pavel\Downloads\xiaomi.eu_multi_cancro_5.1.2_v6-4.4.zip
2015-01-06 09:41 - 2015-01-06 09:41 - 00676007 _____ () C:\Users\Pavel\Downloads\VID-20141121-WA0001.mp4
2015-01-06 09:34 - 2015-01-06 09:34 - 08795640 _____ () C:\Users\Pavel\Downloads\Bolesti hlavy.wmv.wmv
2015-01-05 21:45 - 2014-08-06 21:38 - 00001168 _____ () C:\Users\Pavel\Downloads\standard.ini
2015-01-05 21:45 - 2013-08-19 09:29 - 00001170 _____ () C:\Users\Pavel\Downloads\standard.cfg
2014-12-31 15:31 - 2014-12-31 15:31 - 00000212 _____ () C:\Users\Pavel\Desktop\Counter-Strike.url
2014-12-27 19:34 - 2014-12-27 19:34 - 05954981 _____ () C:\Users\Pavel\Downloads\parachute1 (1).wmv
2014-12-27 18:52 - 2014-12-27 18:52 - 00390993 _____ () C:\Users\Pavel\Downloads\pf2015-exprespneu.cz
2014-12-27 18:49 - 2014-12-27 18:49 - 07750603 _____ () C:\Users\Pavel\Downloads\Mail-Anhang.mp4
2014-12-27 18:48 - 2014-12-27 18:48 - 05802918 _____ () C:\Users\Pavel\Downloads\Christmas_Bounce_1 (2).mp4
2014-12-27 18:47 - 2014-12-27 18:47 - 05802918 _____ () C:\Users\Pavel\Downloads\Christmas_Bounce_1 (1).mp4
2014-12-27 18:45 - 2014-12-27 18:45 - 05954981 _____ () C:\Users\Pavel\Downloads\parachute1.wmv
2014-12-27 18:39 - 2014-12-27 18:40 - 05802918 _____ () C:\Users\Pavel\Downloads\Christmas_Bounce_1.mp4
2014-12-22 11:48 - 2014-12-22 11:48 - 00269188 _____ () C:\Users\Pavel\Downloads\VY_32_INOVACE_10_01.ppsx
2014-12-22 09:04 - 2014-12-22 09:04 - 00367924 _____ () C:\Users\Pavel\Downloads\LBSAM.mp4
2014-12-21 17:14 - 2014-12-21 17:14 - 00047823 _____ () C:\Users\Pavel\Downloads\Kral-Lavra---Borovsky-Karel-Havlicek.epub
2014-12-21 10:21 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-12-21 09:57 - 2014-12-21 09:57 - 00000000 ____D () C:\windows\system32\appraiser

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-18 15:51 - 2010-02-04 12:00 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Skype
2015-01-18 15:32 - 2009-07-14 05:34 - 00022688 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-18 15:32 - 2009-07-14 05:34 - 00022688 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-18 15:29 - 2014-10-20 19:38 - 01753508 _____ () C:\windows\WindowsUpdate.log
2015-01-18 15:29 - 2010-06-12 16:13 - 00000940 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-18 15:24 - 2014-12-14 12:08 - 00006874 _____ () C:\windows\setupact.log
2015-01-18 15:24 - 2010-06-12 16:13 - 00000936 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-18 15:24 - 2009-07-14 05:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-01-18 15:23 - 2014-09-21 15:13 - 00000000 ____D () C:\AdwCleaner
2015-01-18 15:19 - 2010-02-11 15:28 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-01-18 15:19 - 2010-02-11 15:28 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy
2015-01-18 15:17 - 2010-02-04 12:18 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-01-18 15:17 - 2010-02-04 12:00 - 00000000 ___RD () C:\Program Files\Skype
2015-01-18 15:17 - 2010-02-03 14:09 - 00000000 ____D () C:\ProgramData\Skype
2015-01-18 15:10 - 2012-05-03 08:36 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-01-18 15:03 - 2013-12-29 17:58 - 00000928 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1953867976-2926967598-2751854961-1001UA.job
2015-01-18 00:35 - 2009-09-20 08:18 - 00000000 ____D () C:\ProgramData\PDFC
2015-01-17 18:12 - 2013-12-05 19:10 - 00000000 ____D () C:\Program Files\Steam
2015-01-17 18:03 - 2013-12-29 17:58 - 00000906 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1953867976-2926967598-2751854961-1001Core.job
2015-01-16 09:47 - 2010-03-02 11:30 - 00000052 _____ () C:\windows\system32\DOErrors.log
2015-01-15 00:41 - 2013-08-17 21:35 - 00000000 ____D () C:\windows\system32\MRT
2015-01-15 00:34 - 2010-02-04 11:46 - 110348472 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-01-14 21:10 - 2012-05-03 08:36 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2015-01-14 21:10 - 2011-05-23 18:51 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2015-01-13 20:46 - 2010-02-11 15:42 - 00000328 _____ () C:\windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job
2015-01-13 16:17 - 2009-09-20 08:17 - 01593150 _____ () C:\windows\system32\PerfStringBackup.INI
2015-01-13 16:00 - 2010-09-13 15:59 - 00000314 _____ () C:\windows\Tasks\Spybot - Search & Destroy Updater - Scheduled Task.job
2015-01-10 14:37 - 2012-05-03 09:16 - 00000000 ____D () C:\Users\Pavel\Documents\Calibre knihovna
2015-01-10 14:26 - 2011-08-15 09:50 - 00000000 ____D () C:\windows\pss
2015-01-10 14:26 - 2011-07-20 12:38 - 00000000 ___RD () C:\Users\Pavel\Dropbox
2015-01-10 12:37 - 2011-07-20 12:37 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Dropbox
2015-01-06 17:15 - 2010-02-03 13:59 - 00000000 ____D () C:\Users\Pavel
2015-01-06 17:13 - 2009-07-14 03:37 - 00000000 ___RD () C:\Users\Public
2015-01-06 04:36 - 2010-02-04 12:43 - 00249488 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2015-01-05 02:13 - 2011-07-17 10:55 - 00000000 ____D () C:\Users\Pavel\Desktop\FOTO
2014-12-31 15:31 - 2013-12-05 19:17 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-26 15:40 - 2014-09-20 14:23 - 00000000 ___RD () C:\Users\Pavel\Disk Google
2014-12-22 20:07 - 2010-02-11 15:56 - 00000000 ____D () C:\Users\Pavel\Desktop\MS OFFICE
2014-12-21 14:28 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\rescache
2014-12-21 10:09 - 2011-07-20 12:37 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-21 09:57 - 2014-05-06 17:28 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-12-21 09:57 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\AppCompat

==================== Files in the root of some directories =======
2010-10-15 09:45 - 2010-10-15 09:45 - 1357587 _____ () C:\Program Files\KARPINA---Reklama---Kristova-[HD]-(NECENZUROVANE).wmv
2010-02-16 10:31 - 2010-02-16 10:31 - 0014246 _____ () C:\Program Files\settings.dat
2010-09-13 16:55 - 2010-09-13 16:55 - 2314424 _____ () C:\Program Files\TeamViewerQS.exe
2012-12-24 15:15 - 2014-09-20 14:44 - 1178624 _____ (CPUID) C:\Users\Pavel\AppData\Roaming\siw_sdk.dll
2014-09-20 14:17 - 2014-09-20 14:17 - 0008704 ___SH () C:\Users\Pavel\AppData\Roaming\Thumbs.db
2010-03-06 15:07 - 2010-03-06 15:07 - 0033134 _____ () C:\Users\Pavel\AppData\Roaming\UserTile.png
2010-02-03 14:13 - 2010-02-03 14:13 - 0000000 _____ () C:\Users\Pavel\AppData\Local\AtStart.txt
2012-01-03 15:42 - 2012-01-03 15:42 - 0003584 _____ () C:\Users\Pavel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-02-03 14:13 - 2010-02-03 14:13 - 0000000 _____ () C:\Users\Pavel\AppData\Local\DSwitch.txt
2010-02-03 14:13 - 2010-02-03 14:13 - 0000000 _____ () C:\Users\Pavel\AppData\Local\QSwitch.txt
2009-09-20 08:39 - 2015-01-18 15:25 - 0000176 _____ () C:\ProgramData\HPWALog.txt
2014-09-18 18:40 - 2014-09-18 18:40 - 0000147 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Some content of TEMP:
====================
C:\Users\Pavel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzjeqvq.dll
C:\Users\Pavel\AppData\Local\Temp\MiSetupFullPackage.exe
C:\Users\Pavel\AppData\Local\Temp\Quarantine.exe
C:\Users\Pavel\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Pavel\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1953867976-2926967598-2751854961-1001Core.job => C:\Users\Pavel\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1953867976-2926967598-2751854961-1001UA.job => C:\Users\Pavel\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job => C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
Task: C:\windows\Tasks\Spybot - Search & Destroy Updater - Scheduled Task.job => C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Pavel\Desktop" je 20066 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSKAppManager
"C:\Program Files\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autodesk Sync
C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent
"C:\Program Files\BitTorrent\BitTorrent.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent
C:\Program Files\BlueStacks\HD-Agent.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update
"C:\Users\Pavel\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleDriveSync
"C:\Program Files\Google\Drive\googledrivesync.exe" /autostart [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files\QuickTime\QTTask.exe" -atboottime [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify
"C:\Users\Pavel\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper
"C:\Users\Pavel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe
"C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center
%windir%\WindowsMobile\wmdc.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Pavel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk
C:\Users\Pavel\AppData\Roaming\Dropbox\bin\Dropbox.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Pavel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk
C:\PROGRA~1\Evernote\Evernote\EVERNO~2.EXE


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000001


==================== End Of Log ==============================

[altrok]

Velikost plochy by nemela presahovat 200 MB. Snizuje se pak start i samotny chod celeho PC.

• Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
• ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
• znovu spustte FRST a kliknete na Fix
• po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi

  Kód: Vybrat vše

  Start
  CloseProcesses:
  HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
  HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
  HKU\S-1-5-21-1953867976-2926967598-2751854961-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Pavel\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
  HKU\S-1-5-21-1953867976-2926967598-2751854961-1001\...\Policies\Explorer: []
  HKU\S-1-5-18\...\Run: [Nokia.PCSync] => C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe [1744896 2007-03-27] (Time Information Services Ltd.)
  HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
  SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll No File
  BHO: No Name -> {11111111-1111-1111-1111-110611171152} -> No File
  BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
  Toolbar: HKLM - No Name - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File
  
  FF Plugin: @microsoft.com/GENUINE -> disabled No File
  FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
  FF Plugin HKU\S-1-5-21-1953867976-2926967598-2751854961-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Pavel\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
  CHR HKU\S-1-5-21-1953867976-2926967598-2751854961-1001\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path
  
  S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
  
  2015-01-18 15:55 - 2015-01-18 15:56 - 00028798 _____ () C:\Users\Pavel\Desktop\FRST.txt
  2015-01-18 15:54 - 2015-01-18 15:54 - 00112640 _____ (forum.viry.cz) C:\Users\Pavel\Desktop\FRSTLauncher (1).exe
  2015-01-18 15:53 - 2015-01-18 15:54 - 00112640 _____ (forum.viry.cz) C:\Users\Pavel\Downloads\FRSTLauncher (1).exe
  2015-01-18 15:24 - 2015-01-18 15:24 - 00000310 _____ () C:\windows\PFRO.log
  2015-01-18 15:20 - 2015-01-18 15:20 - 02186752 _____ () C:\Users\Pavel\Downloads\adwcleaner_4.108.exe
  2015-01-18 15:20 - 2015-01-18 15:20 - 02186752 _____ () C:\Users\Pavel\Desktop\adwcleaner_4.108.exe
  2015-01-18 13:39 - 2015-01-18 13:39 - 00005978 _____ () C:\Users\Pavel\Desktop\Addition.zip
  2015-01-18 13:29 - 2015-01-18 13:30 - 00112640 _____ (forum.viry.cz) C:\Users\Pavel\Downloads\FRSTLauncher.exe
  2015-01-18 15:23 - 2014-09-21 15:13 - 00000000 ____D () C:\AdwCleaner
  2015-01-18 15:19 - 2010-02-11 15:28 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
  2015-01-18 15:19 - 2010-02-11 15:28 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy
  
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe" /f
  
  Task: {4CB1FED3-B014-48D2-86B8-5BC39D027AC7} - System32\Tasks\Spybot - Search & Destroy Updater -  Scheduled Task => C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe
  Task: {A96C69EE-261C-4861-B06B-F81CE4A60083} - System32\Tasks\Spybot - Search & Destroy -  Scheduled Task => C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
  Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1953867976-2926967598-2751854961-1001Core.job => C:\Users\Pavel\AppData\Local\Facebook\Update\FacebookUpdate.exe
  Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1953867976-2926967598-2751854961-1001UA.job => C:\Users\Pavel\AppData\Local\Facebook\Update\FacebookUpdate.exe
  Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  Task: C:\windows\Tasks\Spybot - Search & Destroy -  Scheduled Task.job => C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
  Task: C:\windows\Tasks\Spybot - Search & Destroy Updater -  Scheduled Task.job => C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe
  
  REG: reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore" /v "Generalize_DisableSR" /t "REG_DWORD" /d "00000000"
  
  C:\Users\Pavel\AppData\Local\Akamai
  EmptyTemp:
  End
  

[Balca]

Takže ohledně té plochy do 200 MB-stačí když si např. složky s fotkami přesunu do Dokumentů ?

---

Zde log:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 18-01-2015
Ran by Pavel at 2015-01-18 16:23:22 Run:1
Running from C:\Users\Pavel\Desktop
Loaded Profiles: Pavel (Available profiles: Pavel)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKU\S-1-5-21-1953867976-2926967598-2751854961-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Pavel\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1953867976-2926967598-2751854961-1001\...\Policies\Explorer: []
HKU\S-1-5-18\...\Run: [Nokia.PCSync] => C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe [1744896 2007-03-27] (Time Information Services Ltd.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll No File
BHO: No Name -> {11111111-1111-1111-1111-110611171152} -> No File
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
Toolbar: HKLM - No Name - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File

FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
FF Plugin HKU\S-1-5-21-1953867976-2926967598-2751854961-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Pavel\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
CHR HKU\S-1-5-21-1953867976-2926967598-2751854961-1001\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path

S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

2015-01-18 15:55 - 2015-01-18 15:56 - 00028798 _____ () C:\Users\Pavel\Desktop\FRST.txt
2015-01-18 15:54 - 2015-01-18 15:54 - 00112640 _____ (forum.viry.cz) C:\Users\Pavel\Desktop\FRSTLauncher (1).exe
2015-01-18 15:53 - 2015-01-18 15:54 - 00112640 _____ (forum.viry.cz) C:\Users\Pavel\Downloads\FRSTLauncher (1).exe
2015-01-18 15:24 - 2015-01-18 15:24 - 00000310 _____ () C:\windows\PFRO.log
2015-01-18 15:20 - 2015-01-18 15:20 - 02186752 _____ () C:\Users\Pavel\Downloads\adwcleaner_4.108.exe
2015-01-18 15:20 - 2015-01-18 15:20 - 02186752 _____ () C:\Users\Pavel\Desktop\adwcleaner_4.108.exe
2015-01-18 13:39 - 2015-01-18 13:39 - 00005978 _____ () C:\Users\Pavel\Desktop\Addition.zip
2015-01-18 13:29 - 2015-01-18 13:30 - 00112640 _____ (forum.viry.cz) C:\Users\Pavel\Downloads\FRSTLauncher.exe
2015-01-18 15:23 - 2014-09-21 15:13 - 00000000 ____D () C:\AdwCleaner
2015-01-18 15:19 - 2010-02-11 15:28 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-01-18 15:19 - 2010-02-11 15:28 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe" /f

Task: {4CB1FED3-B014-48D2-86B8-5BC39D027AC7} - System32\Tasks\Spybot - Search & Destroy Updater - Scheduled Task => C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe
Task: {A96C69EE-261C-4861-B06B-F81CE4A60083} - System32\Tasks\Spybot - Search & Destroy - Scheduled Task => C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1953867976-2926967598-2751854961-1001Core.job => C:\Users\Pavel\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1953867976-2926967598-2751854961-1001UA.job => C:\Users\Pavel\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job => C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
Task: C:\windows\Tasks\Spybot - Search & Destroy Updater - Scheduled Task.job => C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe

REG: reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore" /v "Generalize_DisableSR" /t "REG_DWORD" /d "00000000"

C:\Users\Pavel\AppData\Local\Akamai
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => value deleted successfully.
HKU\S-1-5-21-1953867976-2926967598-2751854961-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => value deleted successfully.
HKU\S-1-5-21-1953867976-2926967598-2751854961-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\Nokia.PCSync => value deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}" => Key deleted successfully.
"HKCR\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611171152}" => Key deleted successfully.
HKCR\CLSID\{11111111-1111-1111-1111-110611171152} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}" => Key deleted successfully.
HKCR\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{0BF43445-2F28-4351-9252-17FE6E806AA0} => value deleted successfully.
HKCR\CLSID\{0BF43445-2F28-4351-9252-17FE6E806AA0} => Key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0" => Key deleted successfully.
"HKU\S-1-5-21-1953867976-2926967598-2751854961-1001\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin" => Key deleted successfully.
C:\Users\Pavel\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll not found.
"HKU\S-1-5-21-1953867976-2926967598-2751854961-1001\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh" => Key deleted successfully.
VBoxNetFlt => Service deleted successfully.
"C:\Users\Pavel\Desktop\FRST.txt" => File/Directory not found.
C:\Users\Pavel\Desktop\FRSTLauncher (1).exe => Moved successfully.
C:\Users\Pavel\Downloads\FRSTLauncher (1).exe => Moved successfully.
C:\windows\PFRO.log => Moved successfully.
C:\Users\Pavel\Downloads\adwcleaner_4.108.exe => Moved successfully.
C:\Users\Pavel\Desktop\adwcleaner_4.108.exe => Moved successfully.
C:\Users\Pavel\Desktop\Addition.zip => Moved successfully.
C:\Users\Pavel\Downloads\FRSTLauncher.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\ProgramData\Spybot - Search & Destroy => Moved successfully.
C:\Program Files\Spybot - Search & Destroy => Moved successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4CB1FED3-B014-48D2-86B8-5BC39D027AC7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4CB1FED3-B014-48D2-86B8-5BC39D027AC7}" => Key deleted successfully.
C:\Windows\System32\Tasks\Spybot - Search & Destroy Updater - Scheduled Task => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Spybot - Search & Destroy Updater - Scheduled Task" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A96C69EE-261C-4861-B06B-F81CE4A60083}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A96C69EE-261C-4861-B06B-F81CE4A60083}" => Key deleted successfully.
C:\Windows\System32\Tasks\Spybot - Search & Destroy - Scheduled Task => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Spybot - Search & Destroy - Scheduled Task" => Key deleted successfully.
C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1953867976-2926967598-2751854961-1001Core.job => Moved successfully.
C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1953867976-2926967598-2751854961-1001UA.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job => Moved successfully.
C:\windows\Tasks\Spybot - Search & Destroy Updater - Scheduled Task.job => Moved successfully.

========= reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore" /v "Generalize_DisableSR" /t "REG_DWORD" /d "00000000" =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========

C:\Users\Pavel\AppData\Local\Akamai => Moved successfully.
EmptyTemp: => Removed 975.7 MB temporary data.


The system needed a reboot.

==== End of Fixlog 16:23:52 ====

[altrok]

Do Dokumentu idealni a na plochu dejte jen zastupce (pravej klik a vytvorit zastupce, ktereho date na plochu)

Takze jeste uklidime.

• Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
• Oznacte jen moznost "Remove disinfection tools"
• kliknete na Run

A pokud nejsou dotazy ci jine problemy, je to ode mne vse.

[Balca]

Skvělé moc vám děkuji.
Jen mám ještě dotazy.. Zde na foru jsem se dočetl,že je lepší používat Avast v anglické verzi-Co je na tom pravdy ?
A ještě pokud odinstaluji jakýkoli program je dobré po něm uklidit pomocí Revo Uninstaller ?
Je prospěšné pro PC používat CCleaner a hledat chyby v registrech ?
Díky

[altrok]

Nemate zac

antivir v jakekoliv jazykove distribuci se chova stejne, takze toto je nesmysl... navic avast je od pocatku cesko-slovenska firma

pokud jsou problemy s odinstalaci nejakeho programu, Revo Uninstaller je casto doporucovany (ja osobne s nim zkusenost nemam)

CCleaner snad jako jediny cistic zde doporucujeme i na automaticke cisteni registru pro nezkusene uzivatele - pro jistotu delejte zalohy, ktere Vam CCleaner nabizi, ale jeste jsme zde neresili jediny pripad, kdy by CCleaner uskodil (narozdil od jinych urychlovacu typu IObit - Advanced System Care apod... temto se vyhnete velikym obloukem)

[Balca]

Děkuji můžete téma uzavřít

[altrok]

Nemate zac, rad jsem pomohl


Mejte se krasne a treba zase nekdy