Nahodile restarty PC

Zpráva

greatone · #1 Příspěvek od **greatone** » 30 led 2015 23:19

Dobry den,

prosim o pomoc. Vypina se PC nahodile a porad vyskakuji reklamy.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Honza at 2015-01-30 23:02:34
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 552 GB (77%) free of 715 GB
Total RAM: 3070 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:02:37, on 30.1.2015
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16599)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\conime.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Honza\Desktop\RSIT (1).exe
C:\Program Files\trend micro\Honza.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... JDWQ839240
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... JDWQ839240
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... JDWQ839240
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\RunOnce: [Adobe Speed Launcher] 1422653831
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3177871084-2805199809-1159702625-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser')
O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
O4 - Global Startup: WDSmartWare.lnk = C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: WD SmartWare Drive Manager (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - Fuyu LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe

--
End of file - 5824 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\at245sol.default

prefs.js - "browser.search.useDBForOrder" - true

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"faststartff@gmail.com"=C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\at245sol.default\extensions\faststartff@gmail.com

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.296 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_296.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\at245sol.default\extensions\
faststartff@gmail.com
{ea614400-e918-4741-9a97-7a972ff7c30b}

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2013-10-24 12017368]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 974432]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20 1021128]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2014-12-12 5489944]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2015-01-22 6699800]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Adobe Speed Launcher"=1422653831 []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
WDDMStatus.lnk - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
WDSmartWare.lnk - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-01-30 23:02:34 ----D---- C:\rsit
2015-01-30 22:48:23 ----D---- C:\Users\Honza\AppData\Roaming\SUPERAntiSpyware.com
2015-01-30 22:47:53 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2015-01-30 22:47:53 ----D---- C:\Program Files\SUPERAntiSpyware
2015-01-28 21:21:50 ----D---- C:\Hard Disk Sentinel Pro v4.40.6431 CZ - multilanguage (x86,x64) Portable
2015-01-14 19:22:28 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2015-01-14 19:18:03 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-14 19:18:03 ----A---- C:\Windows\system32\nlaapi.dll
2015-01-14 19:18:03 ----A---- C:\Windows\system32\ncsi.dll
2015-01-14 19:17:50 ----A---- C:\Windows\system32\profsvc.dll
2015-01-09 12:39:15 ----A---- C:\Windows\system32\drivers\{7047c095-7864-4834-9a98-3ed508c00424}Gt.sys
2015-01-09 12:36:34 ----D---- C:\Program Files\globalUpdate
2015-01-09 12:28:29 ----D---- C:\Program Files\Seznam.cz
2015-01-09 12:28:14 ----D---- C:\Users\Honza\AppData\Roaming\Seznam.cz
2015-01-09 12:28:14 ----D---- C:\Users\Honza\AppData\Roaming\PHILIPS RQ 1150 user guide

======List of files/folders modified in the last 1 month======

2015-01-30 23:02:37 ----D---- C:\Program Files\trend micro
2015-01-30 23:02:28 ----D---- C:\Windows\Temp
2015-01-30 22:50:24 ----D---- C:\Windows\Prefetch
2015-01-30 22:48:23 ----HD---- C:\ProgramData
2015-01-30 22:47:53 ----RD---- C:\Program Files
2015-01-30 22:41:46 ----D---- C:\Windows\System32
2015-01-30 22:41:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-01-30 03:15:30 ----SHD---- C:\System Volume Information
2015-01-28 21:20:45 ----D---- C:\Windows\system32\Tasks
2015-01-28 20:03:35 ----D---- C:\Windows
2015-01-28 20:03:31 ----D---- C:\Windows\inf
2015-01-27 18:31:39 ----D---- C:\Windows\Minidump
2015-01-25 19:02:43 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-01-25 14:45:04 ----SHD---- C:\Windows\Installer
2015-01-25 14:45:04 ----D---- C:\Windows\Tasks
2015-01-18 14:11:13 ----D---- C:\Windows\system32\catroot2
2015-01-18 12:37:52 ----D---- C:\Program Files\CCleaner
2015-01-18 12:35:59 ----D---- C:\Windows\Debug
2015-01-18 12:30:23 ----D---- C:\Program Files\SpeedFan
2015-01-18 12:29:29 ----D---- C:\Program Files\Adobe
2015-01-18 12:28:37 ----HD---- C:\Program Files\InstallShield Installation Information
2015-01-15 18:08:16 ----D---- C:\Windows\system32\drivers
2015-01-14 19:22:32 ----D---- C:\Windows\winsxs
2015-01-14 19:22:31 ----D---- C:\Windows\system32\catroot
2015-01-14 19:22:28 ----D---- C:\Windows\system32\MRT
2015-01-14 19:18:29 ----A---- C:\Windows\system32\mrt.exe
2015-01-11 14:45:57 ----D---- C:\Program Files\AGEIA Technologies
2015-01-11 14:34:29 ----A---- C:\Windows\win.ini
2015-01-09 12:30:00 ----SD---- C:\Users\Honza\AppData\Roaming\Microsoft
2015-01-07 10:20:03 ----D---- C:\Windows\system32\WDI
2014-12-31 12:13:47 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 231800]
R1 {4351033a-acd6-47da-b89b-8a65492c9234}Gt;{4351033a-acd6-47da-b89b-8a65492c9234}Gt; C:\Windows\system32\drivers\{4351033a-acd6-47da-b89b-8a65492c9234}Gt.sys [2014-12-12 55864]
R1 {7047c095-7864-4834-9a98-3ed508c00424}Gt;{7047c095-7864-4834-9a98-3ed508c00424}Gt; C:\Windows\system32\drivers\{7047c095-7864-4834-9a98-3ed508c00424}Gt.sys [2015-01-08 55864]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 95920]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2013-12-10 2937432]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2012-12-19 154040]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2013-03-15 8952608]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2012-11-09 454288]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2014-07-23 142648]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 22192]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-03-15 634144]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-03-15 1266464]
R2 WDDMService;WD SmartWare Drive Manager; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2009-10-14 98304]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
R2 WindowsMangerProtect;WindowsMangerProtect Service; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [2014-12-13 485888]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 288120]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-17 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-25 267440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-17 116648]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-01-17 194032]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-12-06 114288]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 30 led 2015 23:26

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Po spusteni probehne stazeni databaze
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

Kód: Vybrat vše

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

greatone · #3 Příspěvek od **greatone** » 01 úno 2015 22:19

Dobry den,

dekuji za pomoc.

Tady je první log

# AdwCleaner v4.109 - Report created 01/02/2015 at 22:06:04
# Updated 24/01/2015 by Xplode
# Database : 2015-01-26.1 [Live]
# Operating System : Windows Vista (TM) Business Service Pack 2 (32 bits)
# Username : Honza - HONZA-PC
# Running from : C:\Users\Honza\Desktop\adwcleaner_4.109.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16599

-\\ Mozilla Firefox v32.0.3 (x86 cs)

-\\ Google Chrome v40.0.2214.93

*************************

AdwCleaner[R0].txt - [5001 octets] - [29/11/2014 20:33:02]
AdwCleaner[R1].txt - [4026 octets] - [30/01/2015 23:35:50]
AdwCleaner[R2].txt - [1036 octets] - [01/02/2015 22:02:45]
AdwCleaner[S0].txt - [5242 octets] - [29/11/2014 20:35:14]
AdwCleaner[S1].txt - [3489 octets] - [31/01/2015 06:05:54]
AdwCleaner[S2].txt - [959 octets] - [01/02/2015 22:06:04]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1018 octets] ##########

#4 Příspěvek od **vyosek** » 02 úno 2015 16:42

Pokracujte Zoekem

greatone · #5 Příspěvek od **greatone** » 03 úno 2015 08:22

Tady je

Zoek.exe v5.0.0.0 Updated 27-01-2015
Tool run by Honza on ne 01.02.2015 at 22:21:16,58.
Microsoft® Windows Vista™ Business 6.0.6002 Service Pack 2 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Honza\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

1.2.2015 22:22:53 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\Program Files\AGEIA Technologies deleted successfully
C:\Program Files\MSXML 4.0 deleted successfully
C:\Program Files\Seznam.cz deleted successfully
C:\Users\Honza\AppData\Local\Samsung deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11E61BB6-B0B2-4BB8-B858-EA59DDE4AAD5} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11FFB453-27AC-47D0-A36F-3B38F7E8CFBE} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{133D6015-CEA1-4EE5-AC11-9E6920E16C97} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{13C66251-C6E6-4EC0-8532-6EC9B66D6B76} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1471AE66-F013-4B66-991A-F35454AA34B3} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1479350F-303B-4151-98F6-AD55A253BA6} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{163EFA3B-C046-4F78-A2BF-29A1F4366414} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{17C54C13-F9F0-4831-BB33-4DBB898DA12C} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{18D00FB4-8659-454A-A433-405E01F917C} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{18EBC8B7-62BF-4A21-88CD-891C52E49DA4} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{18F724EC-1986-4B40-9F11-C0622BB1AD66} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1ABFF9CD-7934-4729-80F0-8D16CCD2DBC7} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B94C1E2-E653-404E-8D4B-135B3996F52} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C61F1E0-FF89-4A30-A1D2-45913355ED90} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F65B2ED-51F2-4273-94A3-6629659554C5} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1FA4C810-7D2F-48B4-96C5-139A6CF93AAD} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2048E59A-6AC3-48F8-8BBD-2D951443031} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{226DAAB8-F813-4095-BBFE-A51276E413D} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2358F8B5-25A-4DE5-A6DC-F723601D8BE} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{25223002-9E14-4E82-9336-398FEC509A6C} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2612B1C-1AF6-4DC9-91DD-D9FAAD154F3A} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27C27E38-3DA6-407F-B3B0-23A0B784C861} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27F8DD65-FFF9-48B6-BE6-9570BBC89F47} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2A2D674E-AAE3-464A-AE86-F88C254A627} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2B55534A-B363-4C27-8655-3D3D478F5AB2} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2BCFAF76-629A-471F-B84F-8D8A5067276} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2C1D0A19-933D-46E5-A68F-C0A0C609D73} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2DF435C0-E089-41EB-A478-E4E66012AD39} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2DF7698D-35EF-4308-8582-B348E31F164B} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2FE744FB-8EE5-4183-A59E-D2D53E4973F8} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31802AFD-6AE7-4E48-8622-62409286853F} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31F35EEB-207-4F6C-97BA-B82F7A669A4B} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3243F936-1990-47F6-97CD-F4B43C60A767} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3312F2F4-D6CA-4915-AA1-FD5AE2FCBDB} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3447D80A-E766-454C-9659-EBC667D74417} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{35F9D00C-C11B-461E-A130-59E9B4115E66} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{39C9CCDC-7967-4149-A23F-289D322F30} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3BD3D14E-B6C5-461A-B053-38F7DBB965} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3C378F84-48A-4B56-8C31-632AFF1C6349} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3C76ABA3-A192-48DC-9FA1-9957EF9F4E} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D4B1AA2-9DF7-45AB-B666-2BED87EEFA2A} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3DE75BDD-23E4-4C10-9EBD-D342332BFAF} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3E2C4E60-41C2-49AC-9ABC-A21179B44959} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3EAD0289-99D8-45DC-9D38-8BBD6BF6DB98} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3F11744-6321-4937-812A-FB98A09F90AB} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{418A4BCD-B918-40A0-8F0-E0499D49B4D0} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{41FA599A-1828-4843-A797-82429B81DFA} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{43716E1-7360-418D-B43-AE885CAE468C} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{478907EC-EF60-46BE-B48A-FE6B6B7544DC} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{497A6B6B-8E1C-4766-89E0-1AC534AE6436} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49BAFE0B-9674-4F23-928D-33B42E79C784} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4D447B2D-A477-4196-860-EE419AF0A0BA} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4D6ADF12-D966-445F-AC39-29E8C8CDA77B} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4F5FDA47-87CA-47BC-91AE-939962C16E} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{506A9891-5A11-49CD-9041-A2C269B5AE2} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{512A13EE-D0FD-4318-936-85B48D5FDC9E} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{52BBF0A8-4ED2-4F8C-8AE5-428AF1492BEF} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{550C993B-5E95-470F-B89D-E0E4126272B5} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5713F387-751-41A7-BC42-AAE4A0FCC7FC} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5AF42227-9B4E-44DA-8852-A4FADC70ABDB} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5B1DF75D-9514-4928-A9AA-9F2324B99AC7} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5B4DF0A0-DDEE-43F8-94CA-72C03CC358B5} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5F588EAF-C025-4B2E-A2D9-4244C71A9FA2} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5F5D5DB8-D84F-4F9A-92DE-6DEDCB14F65D} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60EF4891-B073-4E8A-8CC1-AD98D427EECA} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{615B4125-1683-4D04-A056-065F8BE2BBB} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6175B7CB-E1AB-4F72-BC58-B871F3D87060} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61E2324B-115E-410C-83E8-2D79F7D1394} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6210D4D9-A889-4C77-B189-3DBD56BE5CFB} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62510990-9E30-4486-8CD9-EB34456212D0} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6703C195-B382-4000-AD49-74DF58CDAAA} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{67280C21-1007-43A4-87D-255841D739A} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{67E1C341-F99F-4872-A1A4-F963A084A3} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6870DCFF-F3FF-435C-A547-1CC3A56774DD} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C2C84E6-D4F4-4205-8F3B-1C1AE771771D} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C44098D-642F-47DF-A0EC-CEF7F750C2EF} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6EDBA025-EDD4-4887-9BE0-2631439011EB} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6FDC01F6-2638-4B75-ADBC-30EFF2788463} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{700877CD-8345-4C25-AB7C-715E984B5B40} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{709A576B-1329-4FED-9279-75129C57CA6} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{71B7E7E9-E269-4C0C-85CB-6AA6916FF324} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{732BBB9C-F765-48AD-AF25-A34B357BDF} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{73B22E3F-2D65-4C9B-85B6-A9FEC8BB6DA1} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{75DF86E-41B3-402A-A1CE-B6343B4348B6} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{787332E2-D91F-43C2-9E92-932DDC2A7DFF} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78884553-B3ED-4717-BF3A-DC8CB466FE8C} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78B33B4B-880D-44A2-A51A-9FD13F6FC85} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7ABA8514-A8AB-4EC3-B497-E3A0C99656A} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7E10257-D074-4CF3-94DA-39EC12CBE} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7E39490D-8159-4D2E-9F5B-D92AF3B9EED7} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7EB1766-5704-43BD-94E8-B21449F3A65} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F567036-88E0-4D79-8385-2F37876C98E4} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{81DC8599-B109-406A-BAC7-C790D67C7B8D} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{863826-4B53-4ED1-AF89-2E790E24B7B} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8675E137-B93D-419F-83C3-656EA3615521} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{877B03CD-3F87-4003-847D-DAC96C96A99} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{881DDC81-A84B-4A25-9499-E1F8B237406D} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{890458A9-1860-404F-971E-AD1EDAFBEC77} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{89069850-46BD-4732-B043-4BF3AF20C14F} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8AA5A956-48AE-44E5-9A2B-E2F4B092080} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8BB25A08-7D81-4684-B56C-7150375CD49F} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C8BC2D4-7936-4CC7-B245-48B5C21A438B} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E02B006-8A9E-458E-823E-6B1F41BA8E2} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8FB67397-2712-4599-80BA-6782A0DCEB70} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{908C5D10-53E9-497A-A699-62ACC978EF8F} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{916F630B-F07C-4791-AEED-B2E15A9D2B6} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{93EBD763-95B5-4ECE-8542-95ACC5E1FBB} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{948A5C3C-669B-49BC-9AA9-D62638E26AB1} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{971A422E-F1D-422F-92B7-93E75BDC423} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{97AE30EB-7C11-4118-BF77-144979E1DA1F} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98899BED-5BA-42AE-9AE2-39C594DA47E0} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99B250F2-754F-4D3E-A01E-1A2EDE0B1E9} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9AB2171E-E9D6-4248-879F-2D15AD395D74} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9B835F90-ACE9-4E71-83F3-9E47C05F21FA} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CFC414B-9459-4ED5-B3D4-5C531C98F1} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9D247FD1-38BE-4EEA-AB9F-FBEAB4ADBC78} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9EF4320A-B096-478B-A0E4-40298C53FA6} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A37B8938-A289-425B-9ED8-874381AD89} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A4EE84C3-83CF-4101-A652-4DB20BFD3CE} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A728FE9A-EF3F-4150-8522-18364CF83946} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ADE9A63A-FD15-4F49-A02E-AF523EDF7A} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AEE7EC92-A740-466E-9DE1-F8AC4BC7ABC} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFEFCD0-213B-4180-B484-445E834256A} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B03CF610-90DF-4256-AF21-39F5E2118A5C} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B1B79D0E-E350-4894-B914-9495DCB1DB51} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B1C164A2-A847-468D-BBE-6E44A16943CC} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B37EC11B-90BA-4766-ABB-F2FD422A50D6} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B3E82D28-DE1E-4AB7-97E4-46C9A144D8B0} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B41E092B-5FAB-42F8-8788-ADA63E5273A1} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B4C08C6A-23F2-4A7B-B4CE-BD587C673D96} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B559C111-184D-4432-A711-29A4EAF9917B} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B5645704-FC6A-47E3-B1DC-648DB5F865CF} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B59CEC68-8D6-4979-ACD4-1CADA5E07397} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B8F3D7E3-E10C-4BC4-B1FA-A9B6FC93D7CE} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B948B4CE-3A6C-4F41-80AA-DA174C4293A} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B9EC482F-68C5-4B91-91FB-6BAF82ABDE2F} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BA35532B-7B09-40F3-B41B-360B874D13F} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAE159D2-9EAA-40AF-9289-CC673BCB6E93} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BB66CAED-DADE-4CF1-A577-80C5C55FDE} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BBD84A5F-6A7-4A3A-AD50-156424D9DE7} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD37E47F-C0BA-4FD9-B158-2F3F2AE218BD} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD887142-EC81-41CB-8719-F4CA30B818E} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BE91794-600F-4ACC-9EE1-3E1BB6A061C0} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BEB473DC-7D8A-4A33-80B8-A07F0DCA61} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C0FA85A9-6F09-402C-AB49-35103BD28ABB} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C47CE26F-B8E-4416-8935-8E91F9AA4239} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C54B47C-F977-4531-9749-344F2838E5} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C5CD1D7B-C076-403B-8030-9B64553508A} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CA0D805-F836-4025-B823-F8A3AE93F7BA} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CD53938-995C-4258-B4F9-64BC959A7023} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CED8644D-7084-44DA-A02E-462C7DD3A68} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D27083F8-6CF8-4D84-9FDA-B41D78327BAC} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D37E2F27-E9B1-4F13-A13F-4BB0E4ED5D5F} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D4E7ABE0-A267-4C09-B4A6-CD4D3456FAE} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D4E9217-84C0-44A3-A9D9-3C883199D8A} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D72FE21A-4A8E-4747-ADF5-568325EFA07F} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D883E481-6371-4798-BAC5-FFE389D5C8F9} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D9D9993F-A867-4D73-AFFE-1C712FCAB09D} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DB08BA9A-D8D3-4BDE-84B-857EF3D0768A} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DC090F02-3B16-48EB-9A2D-5B2B5DABB751} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD374BFB-9CE5-4D1D-A5B8-DC3631424ED8} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD714927-9B18-4D17-A07A-EFF3553A5CD4} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E03DF37-ADA2-40C1-A1D2-5AE7D2D2A82} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E1E93B99-D013-424B-8072-817F9BCAFC9} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E85E4F9C-EBB5-4E5B-B335-53F49FFDD4E2} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EAA8A2AC-79C7-408A-905E-36BD556520C0} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EE665CD2-5D1C-4569-B6BD-862ABBCB2A3} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EFFC0BFD-C68C-4408-9AF5-53732DD133E} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F1D2F20F-341E-4B03-9F28-589DD7283F64} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F1D84BE3-97CA-451A-BAB6-F8ED752ED2D5} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F584C7A6-8611-4813-9DF-C131A3AFA25} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F67A3247-38D1-4D9B-B5EE-72DA77E52B95} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F7402FA5-7973-413D-83CD-0DB62F233A4} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F867863-B42-471C-ADFC-B670D38E5B23} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9FA32CD-54F-4515-A321-E95AD646C3BF} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FB4082FD-9573-408C-BFDD-323E2D4CE6A} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD45CEF8-DADF-4652-B988-A6FB527C1DE5} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD770D09-4EDE-4815-A828-469D12688ABF} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FDF2BD97-DDC5-4F91-BA53-4A1011AD4E3A} deleted successfully
HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE64AC2D-A0B9-47B9-8F77-73F76988CBC1} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\at245sol.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.google.com/?trackid=sp-006");
user_pref("browser.search.defaulturl", "https://www.google.com/search/?trackid=sp-006");
user_pref("browser.search.defaultengine", "Google (avast)");
user_pref("browser.search.defaultenginename", "Google (avast)");
user_pref("browser.search.selectedEngine", "Google (avast)");
user_pref("browser.search.order.1", "Google (avast)");
user_pref("keyword.URL", "https://www.google.com/search/?trackid=sp-006");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\at245sol.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\at245sol.default

user.js not found
---- Lines Ttessab removed from prefs.js ----
user_pref("extensions.Ttessab.asul", "1420828053895");
user_pref("extensions.Ttessab.aul", "1420828041583");
user_pref("extensions.Ttessab.irl", true);
user_pref("extensions.Ttessab.is", "asp1fncz");
user_pref("extensions.Ttessab.ug", "D67850B6-C79A-44B8-8B77-CC508DB99A62");
---- FireFox user.js and prefs.js backups ----

prefs_01.02.2015_2246_.backup

==== Deleting Files \ Folders ======================

C:\Users\Honza\Downloads\bsplayer267-1076.exe deleted
C:\Windows\system32\GroupPolicy\Machine deleted
C:\Windows\system32\GroupPolicy\User deleted
C:\Windows\system32\GroupPolicy\gpt.ini deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\at245sol.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [30.01.2015 23:29]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\at245sol.default
- Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\at245sol.default
0FC325593893749364EC4A733E7D9100 - C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_296.dll - Shockwave Flash
39309FEDDFA73FAE29EC99A07A55A3E8 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
647670C013AD60DA6F94B6881E6AC9E4 - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat
D2377C9458EFEB094E38B8C874AA214C - C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll - Google Update
893BF7D2261C56C24F813405D9D018E0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll - Silverlight Plug-In
B6140A0C147234CA38FFB33EA55D3677 - C:\Users\Honza\AppData\Roaming\KB-ext\lib\x86\npPKIComponentNPAPI-kbext.dll - Cryptoplus KB – podepisovací modul
AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation
8DA2ED6B04EA33F2EAE8BA883F903729 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrlui.dll - Microsoft® Silverlight

==== Chromium Look ======================

Google Chrome Version: 40.0.2214.93 (Up to date, latest Stable version: 40.0.2214.93)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[30.01.2015 23:17]

Avast Online Security - Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... urceid=ie7"
{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Unknown Url="Not_Found"
{D6D725B3-9344-4396-A897-A17B25E3325C} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_21882"

==== Reset Google Chrome ======================

C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Policies\Google deleted successfully

==== Empty IE Cache ======================

C:\Users\Honza\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Honza\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Honza\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Honza\AppData\Local\Mozilla\Firefox\Profiles\at245sol.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=5 folders=2 781378 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Honza\AppData\Local\Temp will be emptied at reboot
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Honza\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Honza\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

==== EOF on Łt 03.02.2015 at 8:18:32,76 ======================

#6 Příspěvek od **vyosek** » 03 úno 2015 09:22

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

greatone · #7 Příspěvek od **greatone** » 03 úno 2015 16:50

Zde je další

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-02-2015
Ran by Honza (administrator) on HONZA-PC on 03-02-2015 16:44:38
Running from C:\Users\Honza\Desktop
Loaded Profiles: Honza & UpdatusUser (Available profiles: Honza & UpdatusUser)
Platform: Microsoft® Windows Vista™ Business Service Pack 2 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(Memeo) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12017368 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-30] (AVAST Software)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3177871084-2805199809-1159702625-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-3177871084-2805199809-1159702625-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5489944 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-3177871084-2805199809-1159702625-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6699800 2015-01-22] (SUPERAntiSpyware)
HKU\S-1-5-21-3177871084-2805199809-1159702625-1000\...\MountPoints2: {b9c0684f-224a-11e4-8186-001d92f7e783} - E:\Startme.exe
HKU\S-1-5-21-3177871084-2805199809-1159702625-1000\...\MountPoints2: {c69405e4-a6ba-11e3-8e3a-001d92f7e783} - "I:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-3177871084-2805199809-1159702625-1003\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
ShortcutTarget: WDDMStatus.lnk -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDSmartWare.lnk
ShortcutTarget: WDSmartWare.lnk -> C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Western Digital)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3177871084-2805199809-1159702625-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3177871084-2805199809-1159702625-1000 -> {D6D725B3-9344-4396-A897-A17B25E3325C} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_21882
SearchScopes: HKU\S-1-5-21-3177871084-2805199809-1159702625-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\at245sol.default
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3177871084-2805199809-1159702625-1000: @kb-ext.cz/PKIComponent -> C:\Users\Honza\AppData\Roaming\KB-ext\lib\x86\npPKIComponentNPAPI-kbext.dll (Komerční banka, a.s.)
FF SearchPlugin: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\at245sol.default\searchplugins\google-avast.xml
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-02-01]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-30]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.mystartsearch.com/?type=hp&ts=14184 ... JDWQ839240
CHR StartupUrls: Default -> "hxxp://www.mystartsearch.com/?type=hp&ts=14184 ... JDWQ839240"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-03]
CHR Extension: (Dokumenty Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-17]
CHR Extension: (Disk Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-17]
CHR Extension: (YouTube) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-17]
CHR Extension: (Vyhledávání Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-17]
CHR Extension: (Tabulky Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-03]
CHR Extension: (Avast Online Security) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-30]
CHR Extension: (Peněženka Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-17]
CHR Extension: (Gmail) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-17]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-30]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-23] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-30] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3192344 2015-01-30] (Avast Software)
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [98304 2009-10-14] (WDC) [File not signed]
R2 WDSmartWareBackgroundService; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2015-01-30] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [73480 2015-01-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55240 2015-01-30] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2015-01-30] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2015-01-30] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2015-01-30] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57928 2015-01-30] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2015-01-30] ()
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [218192 2015-01-30] (Avast Software)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S1 MpKslc1b103d2; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9CB57A4C-D61E-423F-B41E-596E00EF8666}\MpKslc1b103d2.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-03 16:44 - 2015-02-03 16:44 - 00013147 _____ () C:\Users\Honza\Desktop\FRST.txt
2015-02-03 16:41 - 2015-02-03 16:41 - 01122304 _____ (Farbar) C:\Users\Honza\Desktop\FRST.exe
2015-02-03 16:41 - 2015-02-03 16:41 - 00000000 ____D () C:\Users\Honza\Desktop\FRST-OlderVersion
2015-02-03 08:20 - 2015-02-03 08:20 - 00000197 _____ () C:\Windows\system32\2015-02-03-07-20-31.074-AvastVBoxSVC.exe-3072.log
2015-02-01 22:49 - 2015-02-01 22:21 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-02-01 22:22 - 2015-02-03 08:18 - 00043509 _____ () C:\zoek-results.log
2015-02-01 22:21 - 2015-01-30 23:37 - 01295360 _____ () C:\Users\Honza\Desktop\zoek.exe
2015-02-01 22:20 - 2015-02-01 22:46 - 00000000 ____D () C:\zoek_backup
2015-02-01 22:15 - 2015-02-01 22:15 - 00000197 _____ () C:\Windows\system32\2015-02-01-21-15-15.052-AvastVBoxSVC.exe-3316.log
2015-01-31 11:56 - 2015-01-31 11:56 - 00000197 _____ () C:\Windows\system32\2015-01-31-10-56-23.059-AvastVBoxSVC.exe-3152.log
2015-01-31 11:50 - 2015-01-31 11:50 - 00000197 _____ () C:\Windows\system32\2015-01-31-10-50-53.065-AvastVBoxSVC.exe-3592.log
2015-01-30 23:55 - 2015-01-30 23:55 - 00000247 _____ () C:\Windows\system32\2015-01-30-22-55-09.065-aswFe.exe-228.log
2015-01-30 23:43 - 2015-01-30 23:54 - 00000247 _____ () C:\Windows\system32\2015-01-30-22-43-42.008-aswFe.exe-3444.log
2015-01-30 23:43 - 2015-01-30 23:43 - 00000197 _____ () C:\Windows\system32\2015-01-30-22-43-35.054-AvastVBoxSVC.exe-3212.log
2015-01-30 23:37 - 2015-01-30 23:37 - 01295360 _____ () C:\Users\Honza\Downloads\zoek.exe
2015-01-30 23:35 - 2015-01-30 23:34 - 02194432 _____ () C:\Users\Honza\Desktop\adwcleaner_4.109.exe
2015-01-30 23:34 - 2015-01-30 23:34 - 02194432 _____ () C:\Users\Honza\Downloads\adwcleaner_4.109.exe
2015-01-30 23:29 - 2015-01-30 23:29 - 00151096 _____ () C:\Windows\Minidump\Mini013015-01.dmp
2015-01-30 23:24 - 2015-01-30 23:24 - 00000000 ____D () C:\Windows\system32\vbox
2015-01-30 23:22 - 2015-01-30 23:22 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\AVAST Software
2015-01-30 23:18 - 2015-01-30 23:18 - 00787800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-01-30 23:18 - 2015-01-30 23:18 - 00423784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2015-01-30 23:18 - 2015-01-30 23:18 - 00291352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-01-30 23:18 - 2015-01-30 23:18 - 00206248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-01-30 23:18 - 2015-01-30 23:18 - 00073480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2015-01-30 23:18 - 2015-01-30 23:18 - 00057928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2015-01-30 23:18 - 2015-01-30 23:18 - 00055240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2015-01-30 23:18 - 2015-01-30 23:18 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-01-30 23:18 - 2015-01-30 23:18 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-01-30 23:18 - 2015-01-30 23:18 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-01-30 23:18 - 2015-01-30 23:18 - 00001871 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-01-30 23:18 - 2015-01-30 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-01-30 23:09 - 2015-01-30 23:09 - 00000000 ____D () C:\Program Files\AVAST Software
2015-01-30 23:08 - 2015-01-30 23:09 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-01-30 23:02 - 2015-01-30 23:02 - 00000000 ____D () C:\rsit
2015-01-30 23:02 - 2015-01-30 23:01 - 00688992 _____ (Swearware) C:\Users\Honza\Desktop\dds.exe
2015-01-30 23:00 - 2015-01-30 23:01 - 00688992 _____ (Swearware) C:\Users\Honza\Downloads\dds.exe
2015-01-30 23:00 - 2015-01-30 23:00 - 01107968 _____ () C:\Users\Honza\Downloads\RSIT (1).exe
2015-01-30 22:59 - 2015-01-30 22:59 - 01121792 _____ (Farbar) C:\Users\Honza\Downloads\FRST (1).exe
2015-01-30 22:56 - 2015-01-30 22:56 - 05006864 _____ (AVAST Software) C:\Users\Honza\Downloads\avast_free_antivirus_setup_online.exe
2015-01-30 22:48 - 2015-01-30 22:48 - 00001800 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2015-01-30 22:48 - 2015-01-30 22:48 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\SUPERAntiSpyware.com
2015-01-30 22:48 - 2015-01-30 22:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-01-30 22:47 - 2015-02-03 16:19 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-01-30 22:47 - 2015-01-30 22:47 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2015-01-30 22:46 - 2015-01-30 22:47 - 21138032 _____ (SUPERAntiSpyware) C:\Users\Honza\Downloads\SUPERAntiSpyware.exe
2015-01-28 21:30 - 2015-01-28 21:30 - 00000288 _____ () C:\Users\Honza\Documents\cc_20150128_213011.reg
2015-01-28 21:21 - 2015-01-28 21:21 - 00000000 ____D () C:\Hard Disk Sentinel Pro v4.40.6431 CZ - multilanguage (x86,x64) Portable
2015-01-28 21:18 - 2015-01-28 21:18 - 00000000 ____D () C:\Users\Honza\Desktop\Hard Disk Sentinel Pro v4.40.6431 CZ - multilanguage (x86,x64) Portable
2015-01-28 20:03 - 2015-01-28 21:18 - 00000888 _____ () C:\Windows\setupact.log
2015-01-28 20:03 - 2015-01-28 20:03 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-27 18:31 - 2015-01-27 18:31 - 00139768 _____ () C:\Windows\Minidump\Mini012715-01.dmp
2015-01-18 14:10 - 2015-01-30 23:29 - 343802014 _____ () C:\Windows\MEMORY.DMP
2015-01-18 14:10 - 2015-01-18 14:10 - 00152216 _____ () C:\Windows\Minidump\Mini011815-01.dmp
2015-01-18 13:29 - 2015-02-03 08:18 - 00002294 _____ () C:\Windows\PFRO.log
2015-01-18 12:37 - 2015-01-18 12:37 - 05317104 _____ (Piriform Ltd) C:\Users\Honza\Downloads\ccsetup501.exe
2015-01-14 19:22 - 2014-12-19 01:25 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 19:18 - 2014-12-06 04:14 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 19:18 - 2014-12-06 04:14 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-14 19:18 - 2014-12-06 04:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-14 19:17 - 2014-12-06 04:14 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-11 13:36 - 2015-01-11 13:36 - 00000000 ____D () C:\Users\Honza\Documents\Nová složka (2)
2015-01-11 13:36 - 2015-01-11 13:36 - 00000000 ____D () C:\Users\Honza\Documents\Nová složka
2015-01-09 12:28 - 2015-01-11 14:44 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Seznam.cz
2015-01-09 12:28 - 2015-01-09 12:28 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\PHILIPS RQ 1150 user guide

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-03 16:44 - 2014-11-28 19:51 - 00000000 ____D () C:\FRST
2015-02-03 16:27 - 2008-01-21 02:39 - 02009958 _____ () C:\Windows\WindowsUpdate.log
2015-02-03 16:18 - 2006-11-02 13:47 - 00004096 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-03 16:18 - 2006-11-02 13:47 - 00004096 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-03 16:02 - 2014-01-12 00:12 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-03 08:18 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-03 08:16 - 2006-11-02 14:01 - 00032550 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-02 00:03 - 2014-01-12 23:26 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2015-02-01 22:56 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-02-01 22:46 - 2006-11-02 12:18 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-02-01 22:06 - 2014-11-29 20:32 - 00000000 ____D () C:\AdwCleaner
2015-01-31 12:00 - 2008-01-21 07:02 - 00006566 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-30 23:29 - 2014-07-25 15:50 - 00000000 ____D () C:\Windows\Minidump
2015-01-30 23:25 - 2014-01-12 00:06 - 00001912 _____ () C:\Windows\epplauncher.mif
2015-01-30 23:25 - 2014-01-11 23:59 - 00000834 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-01-30 23:25 - 2014-01-11 23:59 - 00000834 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-30 23:02 - 2014-11-28 20:01 - 00000000 ____D () C:\Program Files\trend micro
2015-01-30 23:00 - 2014-11-30 12:06 - 01107968 _____ () C:\Users\Honza\Desktop\RSIT (1).exe
2015-01-27 17:48 - 2014-01-17 17:50 - 00001971 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-25 19:02 - 2014-01-12 00:12 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-01-25 19:02 - 2014-01-12 00:12 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-01-18 12:38 - 2014-08-09 13:54 - 00000804 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-01-18 12:37 - 2014-08-09 13:54 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-18 12:30 - 2014-12-13 13:56 - 00000000 ____D () C:\Program Files\SpeedFan
2015-01-18 12:29 - 2014-01-12 00:18 - 00000000 ____D () C:\Program Files\Adobe
2015-01-18 12:28 - 2014-01-11 20:28 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-01-14 19:22 - 2014-01-11 22:42 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 19:18 - 2006-11-02 11:24 - 110348472 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-01-12 19:54 - 2014-01-11 19:23 - 00000000 ____D () C:\Users\Honza\AppData\Local\VirtualStore
2015-01-11 14:34 - 2006-11-02 11:23 - 00000246 _____ () C:\Windows\win.ini
2015-01-11 13:39 - 2014-09-08 21:37 - 00000000 ____D () C:\Users\Honza\Desktop\100ANDRO

==================== Files in the root of some directories =======

2014-01-11 19:23 - 2014-01-13 07:46 - 0000680 _____ () C:\Users\Honza\AppData\Local\d3d9caps.dat
2014-01-13 17:37 - 2014-01-13 17:37 - 0004608 _____ () C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-11 22:53 - 2014-01-11 22:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-02-03 08:24

==================== End Of Log ============================

#8 Příspěvek od **vyosek** » 06 úno 2015 22:03

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3177871084-2805199809-1159702625-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-3177871084-2805199809-1159702625-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5489944 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-3177871084-2805199809-1159702625-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6699800 2015-01-22] (SUPERAntiSpyware)
HKU\S-1-5-21-3177871084-2805199809-1159702625-1000\...\MountPoints2: {b9c0684f-224a-11e4-8186-001d92f7e783} - E:\Startme.exe
HKU\S-1-5-21-3177871084-2805199809-1159702625-1000\...\MountPoints2: {c69405e4-a6ba-11e3-8e3a-001d92f7e783} - "I:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-3177871084-2805199809-1159702625-1003\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3177871084-2805199809-1159702625-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

CHR HomePage: Default -> hxxp://www.mystartsearch.com/?type=hp&t ... JDWQ839240
CHR StartupUrls: Default -> "hxxp://www.mystartsearch.com/?type=hp&ts=1418465397&from=sien&uid=SAMSUNGXHD753LJ_S13UJDWQ839240"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}

S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S1 MpKslc1b103d2; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9CB57A4C-D61E-423F-B41E-596E00EF8666}\MpKslc1b103d2.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

2015-02-03 16:44 - 2015-02-03 16:44 - 00013147 _____ () C:\Users\Honza\Desktop\FRST.txt
2015-02-03 16:41 - 2015-02-03 16:41 - 00000000 ____D () C:\Users\Honza\Desktop\FRST-OlderVersion
2015-02-03 08:20 - 2015-02-03 08:20 - 00000197 _____ () C:\Windows\system32\2015-02-03-07-20-31.074-AvastVBoxSVC.exe-3072.log
2015-02-01 22:49 - 2015-02-01 22:21 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-02-01 22:22 - 2015-02-03 08:18 - 00043509 _____ () C:\zoek-results.log
2015-02-01 22:21 - 2015-01-30 23:37 - 01295360 _____ () C:\Users\Honza\Desktop\zoek.exe
2015-02-01 22:20 - 2015-02-01 22:46 - 00000000 ____D () C:\zoek_backup
2015-02-01 22:15 - 2015-02-01 22:15 - 00000197 _____ () C:\Windows\system32\2015-02-01-21-15-15.052-AvastVBoxSVC.exe-3316.log
2015-01-31 11:56 - 2015-01-31 11:56 - 00000197 _____ () C:\Windows\system32\2015-01-31-10-56-23.059-AvastVBoxSVC.exe-3152.log
2015-01-31 11:50 - 2015-01-31 11:50 - 00000197 _____ () C:\Windows\system32\2015-01-31-10-50-53.065-AvastVBoxSVC.exe-3592.log
2015-01-30 23:55 - 2015-01-30 23:55 - 00000247 _____ () C:\Windows\system32\2015-01-30-22-55-09.065-aswFe.exe-228.log
2015-01-30 23:43 - 2015-01-30 23:54 - 00000247 _____ () C:\Windows\system32\2015-01-30-22-43-42.008-aswFe.exe-3444.log
2015-01-30 23:43 - 2015-01-30 23:43 - 00000197 _____ () C:\Windows\system32\2015-01-30-22-43-35.054-AvastVBoxSVC.exe-3212.log
2015-01-30 23:37 - 2015-01-30 23:37 - 01295360 _____ () C:\Users\Honza\Downloads\zoek.exe
2015-01-30 23:35 - 2015-01-30 23:34 - 02194432 _____ () C:\Users\Honza\Desktop\adwcleaner_4.109.exe
2015-01-30 23:34 - 2015-01-30 23:34 - 02194432 _____ () C:\Users\Honza\Downloads\adwcleaner_4.109.exe
2015-01-30 23:02 - 2015-01-30 23:02 - 00000000 ____D () C:\rsit
2015-01-30 23:02 - 2015-01-30 23:01 - 00688992 _____ (Swearware) C:\Users\Honza\Desktop\dds.exe
2015-01-30 23:00 - 2015-01-30 23:01 - 00688992 _____ (Swearware) C:\Users\Honza\Downloads\dds.exe
2015-01-30 23:00 - 2015-01-30 23:00 - 01107968 _____ () C:\Users\Honza\Downloads\RSIT (1).exe
2015-01-30 22:59 - 2015-01-30 22:59 - 01121792 _____ (Farbar) C:\Users\Honza\Downloads\FRST (1).exe
2015-01-30 22:56 - 2015-01-30 22:56 - 05006864 _____ (AVAST Software) C:\Users\Honza\Downloads\avast_free_antivirus_setup_online.exe
2015-01-30 22:46 - 2015-01-30 22:47 - 21138032 _____ (SUPERAntiSpyware) C:\Users\Honza\Downloads\SUPERAntiSpyware.exe

Hosts:
EmptyTemp:
Reboot:
End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

greatone · #9 Příspěvek od **greatone** » 08 úno 2015 21:57

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 08-02-2015
Ran by Honza at 2015-02-08 21:10:56 Run:1
Running from C:\Users\Honza\Desktop
Loaded Profiles: Honza & UpdatusUser (Available profiles: Honza & UpdatusUser)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3177871084-2805199809-1159702625-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-3177871084-2805199809-1159702625-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5489944 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-3177871084-2805199809-1159702625-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6699800 2015-01-22] (SUPERAntiSpyware)
HKU\S-1-5-21-3177871084-2805199809-1159702625-1000\...\MountPoints2: {b9c0684f-224a-11e4-8186-001d92f7e783} - E:\Startme.exe
HKU\S-1-5-21-3177871084-2805199809-1159702625-1000\...\MountPoints2: {c69405e4-a6ba-11e3-8e3a-001d92f7e783} - "I:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-3177871084-2805199809-1159702625-1003\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3177871084-2805199809-1159702625-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

CHR HomePage: Default -> hxxp://www.mystartsearch.com/?type=hp&t ... JDWQ839240
CHR StartupUrls: Default -> "hxxp://www.mystartsearch.com/?type=hp&ts=14184 ... JDWQ839240"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}

S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S1 MpKslc1b103d2; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9CB57A4C-D61E-423F-B41E-596E00EF8666}\MpKslc1b103d2.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

2015-02-03 16:44 - 2015-02-03 16:44 - 00013147 _____ () C:\Users\Honza\Desktop\FRST.txt
2015-02-03 16:41 - 2015-02-03 16:41 - 00000000 ____D () C:\Users\Honza\Desktop\FRST-OlderVersion
2015-02-03 08:20 - 2015-02-03 08:20 - 00000197 _____ () C:\Windows\system32\2015-02-03-07-20-31.074-AvastVBoxSVC.exe-3072.log
2015-02-01 22:49 - 2015-02-01 22:21 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-02-01 22:22 - 2015-02-03 08:18 - 00043509 _____ () C:\zoek-results.log
2015-02-01 22:21 - 2015-01-30 23:37 - 01295360 _____ () C:\Users\Honza\Desktop\zoek.exe
2015-02-01 22:20 - 2015-02-01 22:46 - 00000000 ____D () C:\zoek_backup
2015-02-01 22:15 - 2015-02-01 22:15 - 00000197 _____ () C:\Windows\system32\2015-02-01-21-15-15.052-AvastVBoxSVC.exe-3316.log
2015-01-31 11:56 - 2015-01-31 11:56 - 00000197 _____ () C:\Windows\system32\2015-01-31-10-56-23.059-AvastVBoxSVC.exe-3152.log
2015-01-31 11:50 - 2015-01-31 11:50 - 00000197 _____ () C:\Windows\system32\2015-01-31-10-50-53.065-AvastVBoxSVC.exe-3592.log
2015-01-30 23:55 - 2015-01-30 23:55 - 00000247 _____ () C:\Windows\system32\2015-01-30-22-55-09.065-aswFe.exe-228.log
2015-01-30 23:43 - 2015-01-30 23:54 - 00000247 _____ () C:\Windows\system32\2015-01-30-22-43-42.008-aswFe.exe-3444.log
2015-01-30 23:43 - 2015-01-30 23:43 - 00000197 _____ () C:\Windows\system32\2015-01-30-22-43-35.054-AvastVBoxSVC.exe-3212.log
2015-01-30 23:37 - 2015-01-30 23:37 - 01295360 _____ () C:\Users\Honza\Downloads\zoek.exe
2015-01-30 23:35 - 2015-01-30 23:34 - 02194432 _____ () C:\Users\Honza\Desktop\adwcleaner_4.109.exe
2015-01-30 23:34 - 2015-01-30 23:34 - 02194432 _____ () C:\Users\Honza\Downloads\adwcleaner_4.109.exe
2015-01-30 23:02 - 2015-01-30 23:02 - 00000000 ____D () C:\rsit
2015-01-30 23:02 - 2015-01-30 23:01 - 00688992 _____ (Swearware) C:\Users\Honza\Desktop\dds.exe
2015-01-30 23:00 - 2015-01-30 23:01 - 00688992 _____ (Swearware) C:\Users\Honza\Downloads\dds.exe
2015-01-30 23:00 - 2015-01-30 23:00 - 01107968 _____ () C:\Users\Honza\Downloads\RSIT (1).exe
2015-01-30 22:59 - 2015-01-30 22:59 - 01121792 _____ (Farbar) C:\Users\Honza\Downloads\FRST (1).exe
2015-01-30 22:56 - 2015-01-30 22:56 - 05006864 _____ (AVAST Software) C:\Users\Honza\Downloads\avast_free_antivirus_setup_online.exe
2015-01-30 22:46 - 2015-01-30 22:47 - 21138032 _____ (SUPERAntiSpyware) C:\Users\Honza\Downloads\SUPERAntiSpyware.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run\\WindowsWelcomeCenter => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run\\WindowsWelcomeCenter => value deleted successfully.
HKU\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Windows\CurrentVersion\Run\\WMPNSCFG => value deleted successfully.
HKU\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => Value not found.
HKU\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Windows\CurrentVersion\Run\\SUPERAntiSpyware => Value not found.
"HKU\S-1-5-21-3177871084-2805199809-1159702625-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b9c0684f-224a-11e4-8186-001d92f7e783}" => Key deleted successfully.
HKCR\CLSID\{b9c0684f-224a-11e4-8186-001d92f7e783} => Key not found.
"HKU\S-1-5-21-3177871084-2805199809-1159702625-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c69405e4-a6ba-11e3-8e3a-001d92f7e783}" => Key deleted successfully.
HKCR\CLSID\{c69405e4-a6ba-11e3-8e3a-001d92f7e783} => Key not found.
HKU\S-1-5-21-3177871084-2805199809-1159702625-1003\Software\Microsoft\Windows\CurrentVersion\Run\\WindowsWelcomeCenter => Value not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-21-3177871084-2805199809-1159702625-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
Chrome HomePage deleted successfully.
Chrome StartupUrls deleted successfully.
Chrome DefaultSuggestURL deleted successfully.
IpInIp => Service deleted successfully.
MpKslc1b103d2 => Service not found.
NwlnkFlt => Service deleted successfully.
NwlnkFwd => Service deleted successfully.
C:\Users\Honza\Desktop\FRST.txt => Moved successfully.
"C:\Users\Honza\Desktop\FRST-OlderVersion" => File/Directory not found.
C:\Windows\system32\2015-02-03-07-20-31.074-AvastVBoxSVC.exe-3072.log => Moved successfully.
"C:\Windows\zoek-delete.exe" => File/Directory not found.
C:\zoek-results.log => Moved successfully.
"C:\Users\Honza\Desktop\zoek.exe" => File/Directory not found.
C:\zoek_backup => Moved successfully.
C:\Windows\system32\2015-02-01-21-15-15.052-AvastVBoxSVC.exe-3316.log => Moved successfully.
C:\Windows\system32\2015-01-31-10-56-23.059-AvastVBoxSVC.exe-3152.log => Moved successfully.
C:\Windows\system32\2015-01-31-10-50-53.065-AvastVBoxSVC.exe-3592.log => Moved successfully.
C:\Windows\system32\2015-01-30-22-55-09.065-aswFe.exe-228.log => Moved successfully.
C:\Windows\system32\2015-01-30-22-43-42.008-aswFe.exe-3444.log => Moved successfully.
C:\Windows\system32\2015-01-30-22-43-35.054-AvastVBoxSVC.exe-3212.log => Moved successfully.
"C:\Users\Honza\Downloads\zoek.exe" => File/Directory not found.
"C:\Users\Honza\Desktop\adwcleaner_4.109.exe" => File/Directory not found.
"C:\Users\Honza\Downloads\adwcleaner_4.109.exe" => File/Directory not found.
C:\rsit => Moved successfully.
"C:\Users\Honza\Desktop\dds.exe" => File/Directory not found.
"C:\Users\Honza\Downloads\dds.exe" => File/Directory not found.
"C:\Users\Honza\Downloads\RSIT (1).exe" => File/Directory not found.
"C:\Users\Honza\Downloads\FRST (1).exe" => File/Directory not found.
C:\Users\Honza\Downloads\avast_free_antivirus_setup_online.exe => Moved successfully.
"C:\Users\Honza\Downloads\SUPERAntiSpyware.exe" => File/Directory not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 311.6 MB temporary data.

The system needed a reboot.

==== End of Fixlog 21:16:40 ====

greatone · #10 Příspěvek od **greatone** » 08 úno 2015 22:02

Já se omlouvám, v záchvatu přehnané aktivity jsem zkoušel ještě bod obnovení z doby než to začalo.
Nevím zda jsem tím Vaši práci nenarušil

Bod obnovení jsem provedl před tímto posledním logem.

#11 Příspěvek od **vyosek** » 10 úno 2015 07:41

Bodem obnovy jste vse co jsme udelali poslal do kytek

Dejte novy log z FRST a mrknem na to

greatone · #12 Příspěvek od **greatone** » 10 úno 2015 21:00

Sem blbec :-/ Omlouvám se.

Zde je nový

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-02-2015
Ran by Honza (administrator) on HONZA-PC on 10-02-2015 20:55:47
Running from C:\Users\Honza\Desktop
Loaded Profiles: Honza & UpdatusUser (Available profiles: Honza & UpdatusUser)
Platform: Microsoft® Windows Vista™ Business Service Pack 2 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(Memeo) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Sony) C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Western Digital) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
() C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12017368 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-02-08] (AVAST Software)
HKU\S-1-5-21-3177871084-2805199809-1159702625-1000\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [466144 2014-11-27] (Sony)
HKU\S-1-5-21-3177871084-2805199809-1159702625-1000\...\MountPoints2: {3b7e56c7-7aec-11e3-b90e-806e6f6e6963} - D:\setup.exe
HKU\S-1-5-21-3177871084-2805199809-1159702625-1003\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
ShortcutTarget: WDDMStatus.lnk -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDSmartWare.lnk
ShortcutTarget: WDSmartWare.lnk -> C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Western Digital)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3177871084-2805199809-1159702625-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
SearchScopes: HKU\S-1-5-21-3177871084-2805199809-1159702625-1000 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKU\S-1-5-21-3177871084-2805199809-1159702625-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\at245sol.default
FF DefaultSearchEngine: BS Player ControlBar B Customized Web Search
FF SelectedSearchEngine: BS Player ControlBar B Customized Web Search
FF Homepage: google.cz
FF Keyword.URL: hxxp://trovi.com/ResultsExt.aspx?ctid=CT3329621&SearchSource=2&CUI=UN17402959512515227&UM=4&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3177871084-2805199809-1159702625-1000: @kb-ext.cz/PKIComponent -> C:\Users\Honza\AppData\Roaming\KB-ext\lib\x86\npPKIComponentNPAPI-kbext.dll (Komerční banka, a.s.)
FF SearchPlugin: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\at245sol.default\searchplugins\google-avast.xml
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-01-11]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-30]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome:
=======
CHR Profile: C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-03]
CHR Extension: (Dokumenty Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-17]
CHR Extension: (Disk Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-17]
CHR Extension: (YouTube) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-17]
CHR Extension: (Vyhledávání Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-17]
CHR Extension: (Tabulky Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-03]
CHR Extension: (Avast Online Security) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-02-09]
CHR Extension: (Peněženka Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-17]
CHR Extension: (Gmail) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-17]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-30]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-02-08] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3192344 2015-02-08] (Avast Software)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [98304 2009-10-14] (WDC) [File not signed]
R2 WDSmartWareBackgroundService; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2015-02-08] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [73480 2015-02-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55240 2015-02-08] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2015-02-08] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2015-02-08] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2015-02-08] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57928 2015-02-08] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2015-02-08] ()
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [218192 2015-02-08] (Avast Software)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-10 20:55 - 2015-02-10 20:56 - 00011346 _____ () C:\Users\Honza\Desktop\FRST.txt
2015-02-10 20:55 - 2015-02-10 20:55 - 43874761 _____ () C:\Users\Honza\Downloads\Nepotvrzeno 756267.crdownload
2015-02-09 04:15 - 2015-02-09 04:15 - 00000247 _____ () C:\Windows\system32\2015-02-09-03-15-29.044-aswFe.exe-456.log
2015-02-09 04:06 - 2015-02-09 04:15 - 00000247 _____ () C:\Windows\system32\2015-02-09-03-06-11.013-aswFe.exe-4676.log
2015-02-09 04:06 - 2015-02-09 04:06 - 00000197 _____ () C:\Windows\system32\2015-02-09-03-06-04.091-AvastVBoxSVC.exe-2972.log
2015-02-09 03:59 - 2015-02-09 03:59 - 00000247 _____ () C:\Windows\system32\2015-02-09-02-59-30.039-aswFe.exe-4284.log
2015-02-09 03:59 - 2015-02-09 03:59 - 00000197 _____ () C:\Windows\system32\2015-02-09-02-59-13.066-AvastVBoxSVC.exe-4948.log
2015-02-09 03:25 - 2015-02-09 03:26 - 05006864 _____ (AVAST Software) C:\Users\Honza\Downloads\avast_free_antivirus_setup_online (1).exe
2015-02-08 23:56 - 2015-02-08 23:56 - 00000247 _____ () C:\Windows\system32\2015-02-08-22-56-15.013-aswFe.exe-3892.log
2015-02-08 23:39 - 2015-02-08 23:56 - 00000247 _____ () C:\Windows\system32\2015-02-08-22-39-41.046-aswFe.exe-3904.log
2015-02-08 23:39 - 2015-02-08 23:39 - 00000197 _____ () C:\Windows\system32\2015-02-08-22-39-29.001-AvastVBoxSVC.exe-2136.log
2015-02-08 22:26 - 2014-11-07 02:33 - 00974848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-08 22:03 - 2015-02-08 22:03 - 00000000 ____D () C:\Windows\system32\vbox
2015-02-08 22:02 - 2015-02-08 22:02 - 00001871 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-02-08 22:02 - 2015-02-08 22:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-02-08 22:01 - 2015-02-08 22:02 - 00787800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-02-08 22:01 - 2015-02-08 22:02 - 00423784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2015-02-08 22:01 - 2015-02-08 22:02 - 00073480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2015-02-08 22:01 - 2015-02-08 22:01 - 00291352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-02-08 22:01 - 2015-02-08 22:01 - 00206248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-02-08 22:01 - 2015-02-08 22:01 - 00057928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2015-02-08 22:01 - 2015-02-08 22:01 - 00055240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2015-02-08 22:01 - 2015-02-08 22:01 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-02-08 22:01 - 2015-02-08 22:01 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-02-08 22:01 - 2015-02-08 22:01 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-02-08 21:58 - 2014-12-06 04:14 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-02-08 21:58 - 2014-12-03 03:06 - 00278528 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-08 21:54 - 2015-02-08 21:54 - 05006864 _____ (AVAST Software) C:\Users\Honza\Downloads\avast_free_antivirus_setup_online.exe
2015-02-08 21:14 - 2014-11-24 21:44 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-02-08 21:14 - 2014-11-24 21:41 - 12369920 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-08 21:14 - 2014-11-24 21:40 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-08 21:14 - 2014-11-24 21:37 - 09740800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-08 21:14 - 2014-11-24 21:35 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-08 21:14 - 2014-11-24 21:35 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-08 21:14 - 2014-11-24 21:34 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-08 21:14 - 2014-11-24 21:34 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-02-08 21:14 - 2014-11-24 21:33 - 01802752 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-08 21:14 - 2014-11-24 21:33 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-02-08 21:14 - 2014-11-24 21:33 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-08 21:14 - 2014-11-24 21:33 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-08 21:14 - 2014-11-24 21:33 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-08 21:14 - 2014-11-24 21:33 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-08 21:14 - 2014-11-24 21:33 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-02-08 21:14 - 2014-11-24 21:32 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-08 21:14 - 2014-11-24 21:32 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-08 21:14 - 2014-11-24 21:32 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-08 21:14 - 2014-11-24 21:32 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-08 21:14 - 2014-11-24 21:32 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-08 21:14 - 2014-11-24 21:32 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-02-08 21:14 - 2014-11-24 21:32 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-02-08 21:08 - 2015-02-08 21:08 - 01124352 _____ (Farbar) C:\Users\Honza\Downloads\FRST.exe
2015-02-08 21:08 - 2015-02-08 21:08 - 01124352 _____ (Farbar) C:\Users\Honza\Desktop\FRST.exe
2015-02-08 21:02 - 2014-12-19 01:25 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-02-08 21:01 - 2014-11-04 01:19 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-02-08 21:00 - 2014-12-06 04:14 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-02-08 21:00 - 2014-12-06 04:14 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-02-08 21:00 - 2014-12-06 04:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-02-06 16:47 - 2015-02-08 21:03 - 00126692 _____ () C:\Windows\DpInst.log
2015-02-06 16:45 - 2015-02-06 16:45 - 00000000 ____D () C:\ProgramData\Sony
2015-02-06 16:43 - 2015-02-06 16:43 - 00151048 _____ () C:\Windows\Minidump\Mini020615-01.dmp
2015-02-06 08:08 - 2015-02-06 08:08 - 00000197 _____ () C:\Windows\system32\2015-02-06-07-08-34.060-AvastVBoxSVC.exe-2536.log
2015-02-03 16:49 - 2015-02-03 16:49 - 00005741 _____ () C:\Users\Honza\Desktop\Addition.rar
2015-02-03 16:45 - 2015-02-03 16:45 - 00020172 _____ () C:\Users\Honza\Desktop\Addition.txt
2015-02-01 22:49 - 2015-02-06 08:07 - 00000000 ____D () C:\Users\Honza\AppData\Local\Temp(130)
2015-01-30 23:22 - 2015-01-30 23:22 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\AVAST Software
2015-01-30 23:09 - 2015-01-30 23:09 - 00000000 ____D () C:\Program Files\AVAST Software
2015-01-30 23:08 - 2015-01-30 23:09 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-01-30 22:48 - 2015-01-30 22:48 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\SUPERAntiSpyware.com
2015-01-30 22:47 - 2015-02-06 08:07 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-01-30 22:47 - 2015-01-30 22:47 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2015-01-28 21:21 - 2015-01-28 21:21 - 00000000 ____D () C:\Hard Disk Sentinel Pro v4.40.6431 CZ - multilanguage (x86,x64) Portable
2015-01-28 21:18 - 2015-01-28 21:18 - 00000000 ____D () C:\Users\Honza\Desktop\Hard Disk Sentinel Pro v4.40.6431 CZ - multilanguage (x86,x64) Portable
2015-01-28 20:03 - 2015-01-28 21:18 - 00000888 _____ () C:\Windows\setupact.log
2015-01-28 20:03 - 2015-01-28 20:03 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-18 13:29 - 2015-02-09 03:24 - 00005248 _____ () C:\Windows\PFRO.log
2015-01-11 13:36 - 2015-01-11 13:36 - 00000000 ____D () C:\Users\Honza\Documents\Nová složka (2)
2015-01-11 13:36 - 2015-01-11 13:36 - 00000000 ____D () C:\Users\Honza\Documents\Nová složka

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-10 20:55 - 2014-11-28 19:51 - 00000000 ____D () C:\FRST
2015-02-10 20:42 - 2014-01-17 17:50 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-10 20:03 - 2006-11-02 13:47 - 00004096 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-10 20:03 - 2006-11-02 13:47 - 00004096 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-10 20:02 - 2014-01-12 00:12 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-10 19:55 - 2008-01-21 02:39 - 01585065 _____ () C:\Windows\WindowsUpdate.log
2015-02-09 21:43 - 2014-01-17 17:50 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-09 04:09 - 2008-01-21 07:02 - 01531382 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-09 04:03 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-09 03:23 - 2006-11-02 14:01 - 00032594 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-09 03:06 - 2014-01-11 22:42 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-09 03:01 - 2014-01-12 11:51 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-08 23:06 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\rescache
2015-02-08 23:03 - 2014-01-12 00:12 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-02-08 23:03 - 2014-01-12 00:12 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-02-08 22:37 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-02-08 22:06 - 2014-01-12 00:06 - 00002086 _____ () C:\Windows\epplauncher.mif
2015-02-08 21:05 - 2014-01-17 17:50 - 00001971 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-06 16:59 - 2014-01-17 17:50 - 00000000 ____D () C:\Program Files\Google
2015-02-06 16:55 - 2014-01-17 17:50 - 00000000 ____D () C:\Users\Honza\AppData\Local\Google
2015-02-06 16:55 - 2014-01-17 17:50 - 00000000 ____D () C:\ProgramData\Google
2015-02-06 16:50 - 2014-01-12 00:18 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-02-06 16:47 - 2014-08-12 19:58 - 00001879 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2015-02-06 16:47 - 2014-08-12 19:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-02-06 16:47 - 2014-01-11 20:28 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-02-06 16:45 - 2014-01-11 19:23 - 00075728 _____ () C:\Users\Honza\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-06 16:43 - 2014-11-20 19:50 - 214331502 _____ () C:\Windows\MEMORY.DMP
2015-02-06 16:43 - 2014-07-25 15:50 - 00000000 ____D () C:\Windows\Minidump
2015-02-06 16:36 - 2014-09-06 14:39 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-02-06 16:36 - 2014-08-09 13:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-02-06 16:36 - 2014-08-09 13:54 - 00000000 ____D () C:\Program Files\CCleaner
2015-02-06 16:36 - 2014-03-19 09:11 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\.RTS
2015-02-06 16:36 - 2014-01-17 17:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-06 16:36 - 2014-01-12 00:05 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-02-06 16:36 - 2014-01-11 23:59 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-02-06 16:36 - 2014-01-11 19:23 - 00000000 ____D () C:\Users\Honza
2015-02-06 16:36 - 2006-11-02 12:18 - 00000000 __RSD () C:\Windows\Media
2015-02-06 16:36 - 2006-11-02 12:18 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-02-06 16:36 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\spool
2015-02-06 16:36 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\Msdtc
2015-02-06 16:36 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\registration
2015-02-06 16:36 - 2006-11-02 11:22 - 38797312 _____ () C:\Windows\system32\config\software_previous
2015-02-06 16:36 - 2006-11-02 11:22 - 24117248 _____ () C:\Windows\system32\config\system_previous
2015-02-06 16:34 - 2014-10-02 18:19 - 00000000 ____D () C:\Users\Honza\AppData\Local\Tbccint
2015-02-06 16:32 - 2014-10-02 18:19 - 00000000 ____D () C:\ProgramData\Tbccint
2015-02-06 16:31 - 2014-08-12 19:58 - 00000000 ____D () C:\Program Files\Sony
2015-02-06 16:20 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\LogFiles
2015-02-06 16:15 - 2006-11-02 11:22 - 00262144 _____ () C:\Windows\system32\config\sam_previous
2015-02-06 08:07 - 2006-11-02 11:22 - 43778048 _____ () C:\Windows\system32\config\components_previous
2015-02-06 08:07 - 2006-11-02 11:22 - 00262144 _____ () C:\Windows\system32\config\security_previous
2015-02-06 08:07 - 2006-11-02 11:22 - 00262144 _____ () C:\Windows\system32\config\default_previous
2015-02-01 22:06 - 2014-11-29 20:32 - 00000000 ____D () C:\AdwCleaner
2015-01-30 23:02 - 2014-11-28 20:01 - 00000000 ____D () C:\Program Files\trend micro
2015-01-18 12:29 - 2014-01-12 00:18 - 00000000 ____D () C:\Program Files\Adobe
2015-01-12 19:54 - 2014-01-11 19:23 - 00000000 ____D () C:\Users\Honza\AppData\Local\VirtualStore
2015-01-11 14:44 - 2015-01-09 12:28 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Seznam.cz
2015-01-11 13:39 - 2014-09-08 21:37 - 00000000 ____D () C:\Users\Honza\Desktop\100ANDRO

==================== Files in the root of some directories =======

2014-01-11 19:23 - 2014-01-13 07:46 - 0000680 _____ () C:\Users\Honza\AppData\Local\d3d9caps.dat
2014-01-13 17:37 - 2014-01-13 17:37 - 0004608 _____ () C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-11 22:53 - 2014-01-11 22:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-02-10 16:17

==================== End Of Log ============================

greatone · #13 Příspěvek od **greatone** » 10 úno 2015 21:02

Addition mi nelze vložit k příspěvku. Píše nepovolený formát *.txt
Předtím to prolezlo, a teď už ne. Mohu vložit jako obyčejný log ?

#14 Příspěvek od **vyosek** » 11 úno 2015 13:35

Dejte to jako text prispevku

greatone · #15 Příspěvek od **greatone** » 14 úno 2015 15:21

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 08-02-2015
Ran by Honza at 2015-02-10 20:56:25
Running from C:\Users\Honza\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AA1000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Aktualizace NVIDIA 1.12.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.12.12 - NVIDIA Corporation)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.0.2208 - AVAST Software)
BS.Player FREE (HKLM\...\BSPlayerf) (Version: 2.67.1076 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Ekonomický systém Money S3 (HKLM\...\Money S3) (Version: 14.051 (20131218_08) - CÍGLER SOFTWARE, a.s.)
Google Chrome (HKLM\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
K-Lite Codec Pack 10.2.0 Basic (HKLM\...\KLiteCodecPack_is1) (Version: 10.2.0 - )
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 cs) (HKLM\...\Mozilla Firefox 31.0 (x86 cs)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-3177871084-2805199809-1159702625-1000\...\MyFreeCodec) (Version: - )
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.11.9621 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.23.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.23.1 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 314.22 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 314.22 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
Ovládací panel NVIDIA 314.22 (Version: 314.22 - NVIDIA Corporation) Hidden
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 6.252.1109.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7111 - Realtek Semiconductor Corp.)
Samsung Kies3 (HKLM\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14013.45 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (Version: 3.2.14013.45 - Samsung Electronics Co., Ltd.) Hidden
Sony PC Companion 2.10.245 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.245 - Sony)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
WD SmartWare (HKLM\...\{CD0DC280-2489-4464-A2FC-16104676394A}) (Version: 1.1.1.6 - Western Digital)
WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3177871084-2805199809-1159702625-1000_Classes\CLSID\{1BBF13E0-551E-42DD-91F4-1A547443FFDA}\InprocServer32 -> C:\Users\Honza\AppData\Local\Tbccint\Community Alerts\Alert.dll (ClientConnect Ltd.)
CustomCLSID: HKU\S-1-5-21-3177871084-2805199809-1159702625-1000_Classes\CLSID\{be328dbe-9f5b-407f-BAFF-827fc6db1aa4}\InprocServer32 -> C:\Users\Honza\AppData\Roaming\KB-ext\lib\x86\PKIComponentAX-kbext.dll (Komerční banka, a.s.)

==================== Restore Points =========================

20-11-2014 18:41:05 Windows Update
21-11-2014 16:59:38 Naplánovaný kontrolní bod
23-11-2014 10:29:11 Naplánovaný kontrolní bod
24-11-2014 17:25:55 Windows Update
28-11-2014 19:20:11 Windows Update
28-11-2014 19:34:16 Windows Update
02-12-2014 19:19:08 Sony Ericsson PC Suite Drivers
02-12-2014 19:30:31 Windows Update
03-12-2014 18:57:42 Naplánovaný kontrolní bod
04-12-2014 19:48:15 Naplánovaný kontrolní bod
06-12-2014 12:46:41 Windows Update
07-12-2014 15:43:28 Naplánovaný kontrolní bod
09-12-2014 17:01:06 Naplánovaný kontrolní bod
10-12-2014 12:33:16 Windows Update
10-12-2014 15:06:45 Windows Update
13-12-2014 10:39:49 Naplánovaný kontrolní bod
13-12-2014 13:36:44 Windows Update
14-12-2014 12:36:38 Naplánovaný kontrolní bod
17-12-2014 18:56:08 Windows Update
20-12-2014 11:43:16 Naplánovaný kontrolní bod
21-12-2014 20:13:32 Windows Update
26-12-2014 13:10:07 Windows Update
27-12-2014 09:27:06 Naplánovaný kontrolní bod
28-12-2014 12:11:45 Naplánovaný kontrolní bod
29-12-2014 17:20:07 Windows Update
01-01-2015 11:29:08 Naplánovaný kontrolní bod
02-01-2015 15:03:27 Windows Update
05-01-2015 15:25:24 Windows Update
07-01-2015 11:30:37 Naplánovaný kontrolní bod
08-01-2015 17:36:09 Windows Update
08-01-2015 17:50:39 Windows Update
12-01-2015 12:50:11 Windows Update
12-01-2015 16:01:16 Windows Update
13-01-2015 16:53:23 Naplánovaný kontrolní bod
14-01-2015 19:17:19 Windows Update
16-01-2015 17:43:55 Naplánovaný kontrolní bod
17-01-2015 23:08:33 Windows Update
22-01-2015 18:47:28 Windows Update
27-01-2015 18:15:44 Windows Update
30-01-2015 02:55:45 Naplánovaný kontrolní bod
30-01-2015 23:09:13 avast! antivirus system restore point
30-01-2015 23:14:02 avast! antivirus system restore point
30-01-2015 23:57:16 Windows Update
31-01-2015 12:43:08 Naplánovaný kontrolní bod
01-02-2015 22:04:56 Windows Update
01-02-2015 22:22:25 zoek.exe restore point
03-02-2015 00:00:00 Naplánovaný kontrolní bod
05-02-2015 06:11:39 Naplánovaný kontrolní bod
06-02-2015 00:00:01 Naplánovaný kontrolní bod
06-02-2015 16:47:35 Sony Ericsson PC Suite Drivers
08-02-2015 20:58:31 Sony PC Companion
08-02-2015 21:03:03 Sony PC Companion
08-02-2015 21:06:32 avast! antivirus system restore point
08-02-2015 21:10:59 Restore Point Created by FRST
08-02-2015 21:56:29 avast! antivirus system restore point
08-02-2015 21:57:51 Windows Update
09-02-2015 03:00:19 Windows Update
10-02-2015 00:00:01 Naplánovaný kontrolní bod

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 11:23 - 2015-02-08 21:16 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1AC85BB8-D185-40A1-BBBF-C89A5076AED1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-17] (Google Inc.)
Task: {1DA51782-092C-414D-A2BA-AECA6CD8BFA6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-17] (Google Inc.)
Task: {2E6CDC2C-FFE8-4495-9FFE-95A699C3FE72} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {8A4AEB9C-4A3D-414C-B18A-47DC38104B57} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2008-01-21] (Společnost Microsoft)
Task: {CDD49A75-C500-4AB5-85A5-52F3A943EBA8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-08] (Adobe Systems Incorporated)
Task: {D58A8CBA-30BF-433E-872A-B6F46750417B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-02-08] (AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2015-02-08 22:01 - 2015-02-08 22:01 - 02151544 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxVMM.dll
2015-02-08 22:01 - 2015-02-08 22:01 - 00021488 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxREM.dll
2015-02-08 22:01 - 2015-02-08 22:01 - 04474224 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2015-02-10 20:07 - 2015-02-10 20:07 - 02912768 _____ () C:\Program Files\AVAST Software\Avast\defs\15021001\algo.dll
2015-02-08 22:01 - 2015-02-08 22:01 - 00317632 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2015-02-08 22:01 - 2015-02-08 22:01 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-08-12 19:58 - 2012-04-30 10:57 - 00039936 _____ () C:\Program Files\Sony\Sony PC Companion\TMonitorAPI.dll
2014-08-12 19:58 - 2014-12-04 14:18 - 00241152 _____ () C:\Program Files\Sony\Sony PC Companion\MExplorer.dll
2009-08-19 16:49 - 2009-08-19 16:49 - 00049152 _____ () C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Memeo.API.dll
2009-07-29 16:24 - 2009-07-29 16:24 - 00504293 _____ () C:\Program Files\Western Digital\WD SmartWare\Front Parlor\sqlite3.dll
2014-08-12 19:58 - 2014-06-23 08:07 - 00113376 _____ () C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
2015-02-08 21:05 - 2015-02-04 10:02 - 09170760 _____ () C:\Program Files\Google\Chrome\Application\40.0.2214.111\pdf.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Honza\Desktop\nabídka.JPG:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Honza\Desktop\nabídka.JPG:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Honza\Desktop\ob.JPG:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Honza\Desktop\ob.JPG:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Honza\Desktop\ro.JPG:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Honza\Desktop\ro.JPG:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Honza\Desktop\TP 1.JPG:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Honza\Desktop\TP 1.JPG:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Honza\Desktop\TP 2.JPG:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Honza\Desktop\TP 2.JPG:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Honza\Desktop\TP 3.JPG:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Honza\Desktop\TP 3.JPG:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Honza\Desktop\TP 4.JPG:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Honza\Desktop\TP 4.JPG:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Other Registry Areas =====================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3177871084-2805199809-1159702625-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\Wallpaper\img24.jpg
HKU\S-1-5-21-3177871084-2805199809-1159702625-1003\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\img24.jpg

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== Accounts: =============================

Administrator (S-1-5-21-3177871084-2805199809-1159702625-500 - Administrator - Disabled)
Guest (S-1-5-21-3177871084-2805199809-1159702625-501 - Limited - Disabled)
Honza (S-1-5-21-3177871084-2805199809-1159702625-1000 - Administrator - Enabled) => C:\Users\Honza
UpdatusUser (S-1-5-21-3177871084-2805199809-1159702625-1003 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (02/09/2015 04:03:52 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/09/2015 03:25:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/09/2015 03:05:57 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (02/09/2015 03:05:57 AM) (Source: Perflib) (EventID: 1010) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (02/08/2015 10:14:16 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: NT AUTHORITY)
Description: 0C:\Program Files\AVAST Software\Avast\AvastSvc.exeavast! Antivirus03026216157760

Error: (02/08/2015 10:13:56 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: NT AUTHORITY)
Description: 0C:\Program Files\AVAST Software\Avast\AvastSvc.exeavast! Antivirus0302621615776143003A005C00570069006E0064006F00770073005C004D006900630072006F0073006F00660074002E004E00450054005C004600720061006D00650077006F0072006B005C00760034002E0030002E00330030003300310039005C0053006500740075007000430061006300680065005C00760034002E0035002E00350030003900330038005C004E0065007400460078005F00460075006C006C005F004700440052005F007800380036002E006D00730069000000

Error: (02/08/2015 10:06:35 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: Honza-PC)
Description: HRESULT:0x8004FF80
Description:Cannot complete uninstall wizard. An error has prevented the Security Essentials Uninstall Wizard from continuing. Please restart your computer and try again. Error code:0x8004FF80.

Error: (02/08/2015 10:02:48 PM) (Source: MsiInstaller) (EventID: 11921) (User: Honza-PC)
Description: Product: Microsoft Security Client -- Error 1921. Service 'Microsoft Antimalware Service' (MsMpSvc) could not be stopped. Verify that you have sufficient privileges to stop system services.

Error: (02/08/2015 09:56:25 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.

Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {0b00affd-d49d-47ae-8025-7790a3bfec42}

Error: (02/08/2015 09:48:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (02/09/2015 04:03:26 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (4:01:05, 9.2.2015) bylo neočekávané.

Error: (02/09/2015 03:01:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Windows Search%%1053

Error: (02/09/2015 03:01:32 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Windows Search

Error: (02/09/2015 03:01:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Windows Search%%1053

Error: (02/09/2015 03:01:31 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Windows Search

Error: (02/08/2015 10:27:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Windows Search%%1053

Error: (02/08/2015 10:27:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Windows Search

Error: (02/08/2015 10:27:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Windows Search%%1053

Error: (02/08/2015 10:27:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Windows Search

Error: (02/08/2015 10:26:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Windows Search%%1053

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2014-01-12 11:07:08.753
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-01-12 11:07:08.675
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-01-12 11:07:08.597
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-01-12 11:07:08.503
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-01-12 11:07:08.410
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

VIRY.CZ

Nahodile restarty PC

Nahodile restarty PC

Re: Nahodile restarty PC

Re: Nahodile restarty PC

Re: Nahodile restarty PC

Re: Nahodile restarty PC

Re: Nahodile restarty PC

Re: Nahodile restarty PC

Re: Nahodile restarty PC

Re: Nahodile restarty PC

Re: Nahodile restarty PC

Re: Nahodile restarty PC

Re: Nahodile restarty PC

Re: Nahodile restarty PC

Re: Nahodile restarty PC

Re: Nahodile restarty PC