Pop up spam

Zpráva

Filuto · #1 Příspěvek od **Filuto** » 22 kvě 2015 19:50

Zdravim pred casom mi zacala vyskakovat spamova stranka ked som na inej stranke.... napriklad hrabal som sa na viri cz kliknem a vybehne stranak kde je napisane toto :
Návštevník Viry.cz,

Boli ste osobne vybraní na dnešný prieskum webových stránok: Piatok, Máj 22, 2015
Boli ste vybraní zúčastniť sa nášho prieskumu a prispieť k zlepšeniu Viry.cz. Prosím, zúčastnite sa nášho 30 sekundového prieskumu webových stránok a ako vyjadrenie vďaky budete mať možnosť vyhrať nový Apple iPhone alebo iPad.

stranku som si ulozil do zaloziek a je ulozena normalne ako viry.cz tu je link ako vyzera : [url]hxxp://appscdn.com/srv/static/sk/c2xvdmFraWEgc3VydmV5/srv.php?dom=www.viry.cz&s=223186506[/url]

Dakujem za ochotu

Pc: msi ge 60
OS: windows 7 home premium
browser: google chrome

#2 Příspěvek od **Rudy** » 22 kvě 2015 20:02

Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

Filuto · #3 Příspěvek od **Filuto** » 23 kvě 2015 08:05

tu to je:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-05-2015 01
Ran by Admin (administrator) on ADMIN-MSI on 23-05-2015 08:59:24
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin (Available Profiles: Admin)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\S-Bar\MSIService.exe
(MSI) C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Micro-Star International Co.,Ltd.) C:\Program Files (x86)\S-Bar\S-Bar.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Admin\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12459112 2012-03-27] (Realtek Semiconductor)
HKLM-x32\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2598696 2012-02-29] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IgfxTray] => C:\windows\system32\igfxtray.exe [172144 2012-12-14] (Intel Corporation)
HKLM-x32\...\Run: [HotKeysCmds] => C:\windows\system32\hkcmd.exe [399984 2012-12-14] (Intel Corporation)
HKLM-x32\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-02] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-26] (Intel Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3745232 2015-04-15] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
HKLM-x32\...\Run: [S-Bar] => C:\Program Files (x86)\S-Bar\S-Bar.exe [5499392 2012-04-27] (Micro-Star International Co.,Ltd.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-556878318-500787394-2256771143-1001\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [242688 2013-11-05] (SteelSeries ApS)
HKU\S-1-5-21-556878318-500787394-2256771143-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-556878318-500787394-2256771143-1001\...\MountPoints2: {0b546db1-cd35-11e4-bce7-8c89a50227c5} - H:\startme.exe
HKU\S-1-5-21-556878318-500787394-2256771143-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32: , C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
IFEO\allshare play launcher.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\samsung link menu start.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\srserver.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\windvd.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-556878318-500787394-2256771143-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={1094D630 ... 2015-05-04 13:38:05&v=4.1.0.411&pid=wtu&sg=&sap=hp
SearchScopes: HKLM -> {94E8767C-47FB-43B8-A6D1-88FDD4F3087F} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> {94E8767C-47FB-43B8-A6D1-88FDD4F3087F} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-556878318-500787394-2256771143-1001 -> {B10C2476-3477-4222-949F-9A177584D241} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
SearchScopes: HKU\S-1-5-21-556878318-500787394-2256771143-1001 -> {C245EC8D-4A13-41A8-8EC1-7BC6FA4DF8FE} URL = http://search.us.com/serp?guid={62FF2A5 ... earchTerms}
SearchScopes: HKU\S-1-5-21-556878318-500787394-2256771143-1001 -> {FA66A0F3-0C8D-44C5-9B15-128795AEC288} URL = http://search.yahoo.com/search?p={searc ... type=10583
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2012-08-16] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2012-08-16] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-04] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-04] (Oracle Corporation)
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.co ... 5.15.0.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ioak9l5t.default
FF NetworkProxy: "type",
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.0-git-20130801-0403 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-08-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-06-07] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-556878318-500787394-2256771143-1001: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll No File
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-10-08]
FF Extension: No Name - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release2862\ff [not found]
FF Extension: No Name - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ioak9l5t.default\extensions\magicplayer@acestream.org [not found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]

Chrome:
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Easy Auto Refresh) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2014-12-30]
CHR Extension: (Google Translate) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2014-10-13]
CHR Extension: (Google Slides) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-13]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2014-10-20]
CHR Extension: (YouTube™ Video Grabber) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\acjdkgfelfjfaoaepcokjagbjcbcbocf [2014-10-14]
CHR Extension: (Simple Blocker) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\akfbkbiialncppkngofjpglbbobjoeoe [2015-05-08]
CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-13]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-13]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-13]
CHR Extension: (Google Search) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-13]
CHR Extension: (Always Clear Downloads) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpbmgiffkljiglnpdbljhlenaikojapc [2014-10-20]
CHR Extension: (HTML5 Video Speed Control) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejdipbccipeloijefbkiakckfhdbgocg [2014-12-02]
CHR Extension: (Select Search) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcjoilhmjjhfpeflkmlhejiaadbgfkgn [2014-10-14]
CHR Extension: (Google Sheets) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-13]
CHR Extension: (AdBlock) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-13]
CHR Extension: (Bookmark Manager) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-22]
CHR Extension: (Search Kickass Torrents) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpglelepocjjcbmphmnenipjjhlgifmi [2014-10-14]
CHR Extension: (Youtube Mp3) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbkcgggjcahdlebdgjmaldleegakcgal [2014-10-14]
CHR Extension: (New Tab Page by Speed Dial Team) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\idgeoanibcknhniccgaoaiolihidecjn [2014-10-14]
CHR Extension: (redd) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iejilgbhdenkhibahfmbaobmeigmjfjn [2015-05-22]
CHR Extension: (Looper for YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iggpfpnahkgpnindfkdncknoldgnccdg [2014-12-02]
CHR Extension: (crxMouse Chrome Gestures) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlgkpaicikihijadgifklkbpdajbkhjo [2014-10-14]
CHR Extension: (Zoom) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lajondecmobodlejlcjllhojikagldgd [2014-10-14]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2015-05-21]
CHR Extension: (Incognito This Tab) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhockicmnnjibbhgcpphjicilgcfehdi [2014-11-03]
CHR Extension: (Google Wallet) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-13]
CHR Extension: (Hover Zoom) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2014-10-14]
CHR Extension: (Open Bookmark Manager) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\oalceheiomajabalbakkoeiheiokhdbd [2014-10-14]
CHR Extension: (Context Menu Search) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocpcmghnefmdhljkoiapafejjohldoga [2014-10-14]
CHR Extension: (My Chrome Theme) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2014-10-13]
CHR Extension: (Neater Bookmarks) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofgjggbjanlhbgaemjbkiegeebmccifi [2014-10-14]
CHR Extension: (Click&Clean App) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2014-10-20]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-13]
CHR Extension: (Zoom It!) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjpgkkkhbicgcaknalgdgmkinmhbpcid [2014-10-14]
CHR HKLM-x32\...\Chrome\Extension: [ajmgcoaojhfhmhgaipclmcinpmkjgiec] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode7547\ch\MediaBuzzV1mode7547.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [aphdlmajlpjioppgfehiiiodjhjcgbkm] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta196\ch\VideoPlayerV3beta196.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [cenhlaccnlelpeleeemifmalkhlhelmm] - C:\ProgramData\Codecv\cenhlaccnlelpeleeemifmalkhlhelmm.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [cgehheigkffjmpfmklkifkbeijelcdkg] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home976\ch\MediaWatchV1home976.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [femgboepodmoipgalajpafkgcdfaommi] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha5363\ch\WebexpEnhancedV1alpha5363.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [hjinheglemjlmpllllbccahaalcdbdek] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha7768\ch\MediaViewV1alpha7768.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [ijllmpceobclddbjmibfmbgkcahjhlcj] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release2862\ch\RichMediaViewV1release2862.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [kalondmkendjbjdldhobiebjojalkcgg] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1001\ch\MediaViewV1alpha1001.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [nndjdhafnmipbbeikccndodelhblcomp] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha5953\ch\MediaViewerV1alpha5953.crx [Not Found]

Opera:
=======
StartMenuInternet: (HKLM) Opera - C:\Program Files (x86)\Opera\Opera.exe http://istart.webssearches.com/?type=sc ... DMEHAKDMEX

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3438032 2015-04-15] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [311792 2015-04-15] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 CyberLink PowerDVD 13 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [77576 2013-10-23] (CyberLink)
R2 CyberLink PowerDVD 13 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [327432 2013-10-23] (CyberLink)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG) []
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) []
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) []
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [127320 2012-03-15] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [162648 2012-03-15] (Intel Corporation)
R2 Micro Star SCM; C:\Program Files (x86)\S-Bar\MSIService.exe [160768 2012-04-27] (Micro-Star International Co., Ltd.) []
S3 MSCSPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [45056 2006-12-14] (Sony Corporation) []
R2 MSI Foundation Service; C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe [12800 2010-07-17] (MSI) []
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [138768 2012-01-03] (MSI)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-03-29] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation)
S3 PACSPTISVR; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [57344 2006-12-14] () []
S3 SPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation) []
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2099512 2013-09-23] (AVG)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [620056 2015-05-18] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-03-29] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [284128 2015-04-09] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [213984 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [256992 2015-04-15] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [344544 2015-03-11] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [137184 2015-04-03] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [291296 2015-04-07] (AVG Technologies CZ, s.r.o.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-01-17] (Disc Soft Ltd)
S3 epmntdrv; C:\windows\system32\epmntdrv.sys [16776 2011-03-24] () []
S3 epmntdrv; C:\windows\SysWOW64\epmntdrv.sys [14216 2011-03-24] () []
S3 EuGdiDrv; C:\windows\system32\EuGdiDrv.sys [9096 2011-03-24] () []
S3 EuGdiDrv; C:\windows\SysWOW64\EuGdiDrv.sys [8456 2011-03-24] () []
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [442368 2013-05-07] (Intel(R) Corporation) []
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [14136 2010-01-18] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
R3 SAlphamHid; C:\Windows\System32\DRIVERS\SAlpham64.sys [38016 2013-05-31] (SteelSeries Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2015-01-17] (Duplex Secure Ltd.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2013-09-18] (TuneUp Software)
R2 {09F57980-3432-4AFC-957D-27AC45FAE1F5}; C:\Program Files (x86)\CyberLink\PowerDVD13\Common\NavFilter\000.fcl [130320 2013-10-23] (CyberLink Corp.)
U3 ac6xqiaj; C:\Windows\System32\Drivers\ac6xqiaj.sys [0 ] (Intel Corporation) <==== ATTENTION ( File/Folder)
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 MGHwCtrl; \??\C:\Program Files\MSI\MSI Software Install\MGHwCtrl.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-23 08:59 - 2015-05-23 09:00 - 00032488 _____ () C:\Users\Admin\Desktop\FRST.txt
2015-05-23 08:58 - 2015-05-23 08:58 - 02108416 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2015-05-23 08:55 - 2015-05-23 08:55 - 00112640 _____ (forum.viry.cz) C:\Users\Admin\Desktop\FRSTLauncher.exe
2015-05-22 17:38 - 2015-05-22 17:38 - 00000000 ____D () C:\Users\Admin\Desktop\Microsoft Office 2010 Activator - Any version [VerifiedFiles]
2015-05-22 13:36 - 2015-05-22 14:30 - 974564314 _____ () C:\Users\Admin\Desktop\Horizont-události-(1997)-(CZ)-(Horor,-Sci-Fi,-Thriller,-Mysteriózní)-71%.avi
2015-05-22 06:56 - 2015-05-22 06:56 - 00000000 ____D () C:\Users\Admin\AppData\Local\ESET
2015-05-04 13:38 - 2015-05-04 22:54 - 00000000 ____D () C:\Users\Admin\AppData\Local\AVG Web TuneUp
2015-05-04 13:38 - 2015-05-04 13:38 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp
2015-05-04 13:37 - 2015-05-18 19:06 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp
2015-05-01 17:07 - 2015-05-01 17:07 - 00002293 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2015-05-01 17:07 - 2015-05-01 17:07 - 00000000 ____D () C:\Users\Admin\AppData\Local\WinZip
2015-05-01 17:07 - 2015-05-01 17:07 - 00000000 ____D () C:\ProgramData\WinZip
2015-05-01 17:07 - 2015-05-01 17:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2015-05-01 17:07 - 2015-05-01 17:07 - 00000000 ____D () C:\Program Files\WinZip
2015-05-01 17:04 - 2015-05-01 17:04 - 00000049 _____ () C:\windows\SysWOW64\ScrRecX.log
2015-05-01 17:04 - 2008-08-18 18:18 - 00077824 _____ (Fox Magic Software) C:\windows\SysWOW64\fmcodec.DLL

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-23 08:59 - 2013-11-10 20:56 - 00000000 ____D () C:\FRST
2015-05-23 08:55 - 2009-07-14 06:45 - 00031712 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-23 08:55 - 2009-07-14 06:45 - 00031712 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-23 08:53 - 2012-06-28 17:19 - 01590902 _____ () C:\windows\WindowsUpdate.log
2015-05-23 08:52 - 2014-10-13 23:33 - 00000936 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-23 08:49 - 2012-06-28 18:47 - 00000000 ____D () C:\ProgramData\MFAData
2015-05-23 08:46 - 2014-10-19 11:18 - 00050805 _____ () C:\windows\setupact.log
2015-05-23 08:46 - 2014-10-13 23:32 - 00000932 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-23 08:46 - 2012-05-15 18:43 - 00000828 _____ () C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2015-05-23 08:46 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-05-22 22:18 - 2012-06-30 22:11 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-05-22 22:18 - 2012-06-28 19:00 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\uTorrent
2015-05-22 21:00 - 2012-06-29 07:26 - 00000000 ____D () C:\Users\Admin\Documents\uTorrent
2015-05-22 18:58 - 2012-05-15 18:43 - 00000830 _____ () C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2015-05-22 17:39 - 2015-01-05 10:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S-Bar
2015-05-22 17:39 - 2012-05-15 19:34 - 00000000 ____D () C:\Program Files (x86)\S-Bar
2015-05-22 12:02 - 2014-11-20 10:27 - 00000000 ____D () C:\Users\Admin\Documents\Assassin's Creed Unity
2015-05-22 07:53 - 2015-01-29 16:47 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\ViberPC
2015-05-22 07:53 - 2015-01-29 16:46 - 00000000 ____D () C:\Users\Admin\AppData\Local\Viber
2015-05-21 23:37 - 2014-12-28 19:10 - 00000000 ___RD () C:\Users\Admin\Desktop\Exiled Bot Beta v0.25h
2015-05-21 22:17 - 2009-07-14 07:13 - 00797850 _____ () C:\windows\system32\PerfStringBackup.INI
2015-05-21 13:30 - 2015-03-29 22:13 - 00000000 ____D () C:\AdwCleaner
2015-05-20 13:47 - 2014-10-13 23:33 - 00003932 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-20 13:47 - 2014-10-13 23:32 - 00003680 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-20 08:12 - 2014-10-19 11:18 - 00193158 _____ () C:\windows\PFRO.log
2015-05-19 21:57 - 2012-11-17 17:43 - 00003694 _____ () C:\windows\System32\Tasks\Adobe online update program
2015-05-15 09:53 - 2014-09-02 14:11 - 00000000 ___RD () C:\Users\Admin\Desktop\6rocik
2015-05-13 12:59 - 2014-11-21 16:57 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-12 07:31 - 2012-10-24 15:47 - 00000517 _____ () C:\windows\system32\Drivers\etc\hosts.ics
2015-05-12 06:56 - 2013-09-28 10:47 - 00000000 ____D () C:\ProgramData\VirtualWifiRouter
2015-05-10 13:45 - 2015-04-02 09:54 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2015-05-06 19:21 - 2012-12-20 16:43 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-05-01 21:14 - 2014-11-18 16:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2015-05-01 21:14 - 2012-10-16 21:03 - 00000000 ____D () C:\Users\Admin\AppData\Local\SKIDROW
2015-05-01 17:04 - 2014-06-20 21:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2015-04-26 21:39 - 2014-04-01 09:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-04-23 18:09 - 2012-10-28 16:14 - 00121856 ___SH () C:\Users\Admin\Thumbs.db

==================== Files in the root of some directories =======

2014-06-23 18:36 - 2014-06-23 18:36 - 0000000 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2015-03-11 01:03 - 2015-03-11 01:03 - 0000040 _____ () C:\Users\Admin\AppData\Roaming\cdr.ini
2014-09-29 16:15 - 2014-09-29 16:15 - 0013674 _____ () C:\Users\Admin\AppData\Roaming\Winhotspot.log
2012-08-02 10:48 - 2012-08-02 10:48 - 0001205 _____ () C:\Users\Admin\AppData\Local\CleanupUninstall.txt
2013-10-25 11:38 - 2013-10-25 11:42 - 0007598 _____ () C:\Users\Admin\AppData\Local\Resmon.ResmonCfg
2012-06-28 17:41 - 2013-10-31 09:07 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.9268.dll

Some files in TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\InstHelper.exe
C:\Users\Admin\AppData\Local\Temp\Quarantine.exe
C:\Users\Admin\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-05-14 21:30

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (OS_Install) (Fixed) (Total:109.04 GB) (Free:19.19 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:577.06 GB) (Free:56.89 GB) NTFS

Available physical RAM: 4998.34 MB
Total physical RAM: 8088.96 MB
Percentage of memory in use: 38%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: D670E16B)
Partition 1: (Not Active) - (Size=12.4 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=27)
Partition 3: (Not Active) - (Size=109 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=577.1 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Admin\Desktop" je 4064 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AceStream
C:\Users\Admin\AppData\Roaming\ACEStream\engine\ace_engine.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AllShare Play
C:\Program Files\Samsung\AllShare Play\utils\AllShare Play Launcher.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync
"C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BLEServicesCtrl
C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent
C:\Program Files (x86)\BlueStacks\HD-Agent.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer
C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage
C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload
C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Download Assistant
C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence
C:\windows\system32\igfxpers.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerDVD13Agent
"C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC
C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Samsung Link
"C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
"C:\Program Files (x86)\Steam\Steam.exe" -silent [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Super-Charger
C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Viber
"C:\Users\Admin\AppData\Local\Viber\Viber.exe" StartMinimized [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt
"C:\Program Files (x86)\AVG Secure Search\vprot.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Mirage
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Tray
"C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe" /s [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Virtual Router Manager.lnk
C:\windows\Installer\{8DB05F7E-1F7A-4CC0-882F-375B97F04CD4}\_E6D9769DD20AF384865041.exe /min [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xfire.lnk
C:\PROGRA~2\Xfire\Xfire.exe [x]

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#4 Příspěvek od **Rudy** » 23 kvě 2015 10:09

Teď spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Filuto · #5 Příspěvek od **Filuto** » 23 kvě 2015 10:47

# AdwCleaner v4.205 - Log vytvorený 23/05/2015 at 11:44:23
# Aktualizované 21/05/2015 by Xplode
# Databáza : 2015-05-21.2 [Server]
# Operačný systém : Windows 7 Home Premium Service Pack 1 (x64)
# Uživateľské meno : Admin - ADMIN-MSI
# Spustené z : C:\Users\Admin\Desktop\adwcleaner_4.205.exe
# Nastavenia : Čistenie

***** [ Služby ] *****

***** [ Súbory / Priečinky ] *****

Priečinok Zmazané : C:\ProgramData\Avg_Update_0814tb

***** [ Naplánované úlohy ] *****

***** [ Zástupcovia ] *****

***** [ Registre ] *****

Kľúč registra Zmazané : HKCU\Software\Conduit
Kľúč registra Zmazané : HKU\.DEFAULT\Software\AskPartnerNetwork
Kľúč registra Zmazané : HKU\.DEFAULT\Software\AVG Secure Search

***** [ Webové prehliadače ] *****

-\\ Internet Explorer v11.0.9600.17496

-\\ Mozilla Firefox v

-\\ Google Chrome v43.0.2357.65

[C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Zmazané [Search Provider] : hxxp://isearch.avg.com/search?cid={CA428992-03C1-4AFA-8789-14B0B0013279}&mid=a293e50df74047d0a8b15dc0e3e6ce36-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=sk&ds=AVG&pr=fr&d=2012-06-28%2018:51:44&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
[C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Zmazané [Search Provider] : hxxp://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=F83900FF69EC3DB4&affID=119982&tsp=5003
[C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Zmazané [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}

-\\ Chromium v

*************************

AdwCleaner[R0].txt - [19275 bajtov] - [29/03/2015 22:13:20]
AdwCleaner[R1].txt - [1905 bajtov] - [30/03/2015 19:40:05]
AdwCleaner[R2].txt - [3525 bajtov] - [21/05/2015 13:29:06]
AdwCleaner[R3].txt - [2114 bajtov] - [23/05/2015 11:40:59]
AdwCleaner[S0].txt - [18470 bajtov] - [29/03/2015 22:14:51]
AdwCleaner[S1].txt - [3533 bajtov] - [21/05/2015 13:30:19]
AdwCleaner[S2].txt - [1981 bajtov] - [23/05/2015 11:44:23]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [2041 bajtov] ##########

#6 Příspěvek od **Rudy** » 23 kvě 2015 11:21

Dejte nový log FRST.

Filuto · #7 Příspěvek od **Filuto** » 23 kvě 2015 12:29

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-05-2015 01
Ran by Admin (administrator) on ADMIN-MSI on 23-05-2015 13:27:43
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin (Available Profiles: Admin)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\S-Bar\MSIService.exe
(MSI) C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Micro-Star International Co.,Ltd.) C:\Program Files (x86)\S-Bar\S-Bar.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(BitTorrent Inc.) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
(forum.viry.cz) C:\Users\Admin\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12459112 2012-03-27] (Realtek Semiconductor)
HKLM-x32\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2598696 2012-02-29] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IgfxTray] => C:\windows\system32\igfxtray.exe [172144 2012-12-14] (Intel Corporation)
HKLM-x32\...\Run: [HotKeysCmds] => C:\windows\system32\hkcmd.exe [399984 2012-12-14] (Intel Corporation)
HKLM-x32\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-02] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-26] (Intel Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3745744 2015-05-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
HKLM-x32\...\Run: [S-Bar] => C:\Program Files (x86)\S-Bar\S-Bar.exe [5499392 2012-04-27] (Micro-Star International Co.,Ltd.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-556878318-500787394-2256771143-1001\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [242688 2013-11-05] (SteelSeries ApS)
HKU\S-1-5-21-556878318-500787394-2256771143-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-556878318-500787394-2256771143-1001\...\MountPoints2: {0b546db1-cd35-11e4-bce7-8c89a50227c5} - H:\startme.exe
HKU\S-1-5-21-556878318-500787394-2256771143-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32: , C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
IFEO\allshare play launcher.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\samsung link menu start.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\srserver.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\windvd.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-556878318-500787394-2256771143-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={1094D630 ... 2015-05-04 13:38:05&v=4.1.0.411&pid=wtu&sg=&sap=hp
SearchScopes: HKLM -> {94E8767C-47FB-43B8-A6D1-88FDD4F3087F} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> {94E8767C-47FB-43B8-A6D1-88FDD4F3087F} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-556878318-500787394-2256771143-1001 -> {B10C2476-3477-4222-949F-9A177584D241} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
SearchScopes: HKU\S-1-5-21-556878318-500787394-2256771143-1001 -> {C245EC8D-4A13-41A8-8EC1-7BC6FA4DF8FE} URL = http://search.us.com/serp?guid={62FF2A5 ... earchTerms}
SearchScopes: HKU\S-1-5-21-556878318-500787394-2256771143-1001 -> {FA66A0F3-0C8D-44C5-9B15-128795AEC288} URL = http://search.yahoo.com/search?p={searc ... type=10583
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2012-08-16] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2012-08-16] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-04] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-04] (Oracle Corporation)
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.co ... 5.15.0.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ioak9l5t.default
FF NetworkProxy: "type",
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.0-git-20130801-0403 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-08-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-06-07] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-556878318-500787394-2256771143-1001: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll No File
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-10-08]
FF Extension: No Name - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release2862\ff [not found]
FF Extension: No Name - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ioak9l5t.default\extensions\magicplayer@acestream.org [not found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]

Chrome:
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Easy Auto Refresh) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2014-12-30]
CHR Extension: (Google Translate) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2014-10-13]
CHR Extension: (Google Slides) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-13]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2014-10-20]
CHR Extension: (YouTube™ Video Grabber) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\acjdkgfelfjfaoaepcokjagbjcbcbocf [2014-10-14]
CHR Extension: (Simple Blocker) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\akfbkbiialncppkngofjpglbbobjoeoe [2015-05-08]
CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-13]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-13]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-13]
CHR Extension: (Google Search) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-13]
CHR Extension: (Always Clear Downloads) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpbmgiffkljiglnpdbljhlenaikojapc [2014-10-20]
CHR Extension: (HTML5 Video Speed Control) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejdipbccipeloijefbkiakckfhdbgocg [2014-12-02]
CHR Extension: (Select Search) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcjoilhmjjhfpeflkmlhejiaadbgfkgn [2014-10-14]
CHR Extension: (Google Sheets) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-13]
CHR Extension: (AdBlock) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-13]
CHR Extension: (Bookmark Manager) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-22]
CHR Extension: (Search Kickass Torrents) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpglelepocjjcbmphmnenipjjhlgifmi [2014-10-14]
CHR Extension: (Youtube Mp3) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbkcgggjcahdlebdgjmaldleegakcgal [2014-10-14]
CHR Extension: (New Tab Page by Speed Dial Team) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\idgeoanibcknhniccgaoaiolihidecjn [2014-10-14]
CHR Extension: (redd) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iejilgbhdenkhibahfmbaobmeigmjfjn [2015-05-22]
CHR Extension: (Looper for YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iggpfpnahkgpnindfkdncknoldgnccdg [2014-12-02]
CHR Extension: (crxMouse Chrome Gestures) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlgkpaicikihijadgifklkbpdajbkhjo [2014-10-14]
CHR Extension: (Zoom) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lajondecmobodlejlcjllhojikagldgd [2014-10-14]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2015-05-21]
CHR Extension: (Incognito This Tab) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhockicmnnjibbhgcpphjicilgcfehdi [2014-11-03]
CHR Extension: (Google Wallet) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-13]
CHR Extension: (Hover Zoom) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2014-10-14]
CHR Extension: (Open Bookmark Manager) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\oalceheiomajabalbakkoeiheiokhdbd [2014-10-14]
CHR Extension: (Context Menu Search) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocpcmghnefmdhljkoiapafejjohldoga [2014-10-14]
CHR Extension: (My Chrome Theme) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2014-10-13]
CHR Extension: (Neater Bookmarks) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofgjggbjanlhbgaemjbkiegeebmccifi [2014-10-14]
CHR Extension: (Click&Clean App) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2014-10-20]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-13]
CHR Extension: (Zoom It!) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjpgkkkhbicgcaknalgdgmkinmhbpcid [2014-10-14]
CHR HKLM-x32\...\Chrome\Extension: [ajmgcoaojhfhmhgaipclmcinpmkjgiec] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode7547\ch\MediaBuzzV1mode7547.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [aphdlmajlpjioppgfehiiiodjhjcgbkm] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta196\ch\VideoPlayerV3beta196.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [cenhlaccnlelpeleeemifmalkhlhelmm] - C:\ProgramData\Codecv\cenhlaccnlelpeleeemifmalkhlhelmm.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [cgehheigkffjmpfmklkifkbeijelcdkg] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home976\ch\MediaWatchV1home976.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [femgboepodmoipgalajpafkgcdfaommi] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha5363\ch\WebexpEnhancedV1alpha5363.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [hjinheglemjlmpllllbccahaalcdbdek] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha7768\ch\MediaViewV1alpha7768.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [ijllmpceobclddbjmibfmbgkcahjhlcj] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release2862\ch\RichMediaViewV1release2862.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [kalondmkendjbjdldhobiebjojalkcgg] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1001\ch\MediaViewV1alpha1001.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [nndjdhafnmipbbeikccndodelhblcomp] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha5953\ch\MediaViewerV1alpha5953.crx [Not Found]

Opera:
=======
StartMenuInternet: (HKLM) Opera - C:\Program Files (x86)\Opera\Opera.exe http://istart.webssearches.com/?type=sc ... DMEHAKDMEX

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3438544 2015-05-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [311792 2015-05-18] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 CyberLink PowerDVD 13 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [77576 2013-10-23] (CyberLink)
R2 CyberLink PowerDVD 13 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [327432 2013-10-23] (CyberLink)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) []
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [127320 2012-03-15] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [162648 2012-03-15] (Intel Corporation)
R2 Micro Star SCM; C:\Program Files (x86)\S-Bar\MSIService.exe [160768 2012-04-27] (Micro-Star International Co., Ltd.) []
S3 MSCSPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [45056 2006-12-14] (Sony Corporation) []
R2 MSI Foundation Service; C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe [12800 2010-07-17] (MSI) []
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [138768 2012-01-03] (MSI)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-03-29] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation)
S3 PACSPTISVR; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [57344 2006-12-14] () []
S3 SPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation) []
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2099512 2013-09-23] (AVG)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [620056 2015-05-18] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-03-29] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [284128 2015-04-27] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [253920 2015-05-07] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [256992 2015-04-15] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [220128 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [291296 2015-05-04] (AVG Technologies CZ, s.r.o.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-01-17] (Disc Soft Ltd)
S3 epmntdrv; C:\windows\system32\epmntdrv.sys [16776 2011-03-24] () []
S3 epmntdrv; C:\windows\SysWOW64\epmntdrv.sys [14216 2011-03-24] () []
S3 EuGdiDrv; C:\windows\system32\EuGdiDrv.sys [9096 2011-03-24] () []
S3 EuGdiDrv; C:\windows\SysWOW64\EuGdiDrv.sys [8456 2011-03-24] () []
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [442368 2013-05-07] (Intel(R) Corporation) []
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [14136 2010-01-18] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
R3 SAlphamHid; C:\Windows\System32\DRIVERS\SAlpham64.sys [38016 2013-05-31] (SteelSeries Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2015-01-17] (Duplex Secure Ltd.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2013-09-18] (TuneUp Software)
R2 {09F57980-3432-4AFC-957D-27AC45FAE1F5}; C:\Program Files (x86)\CyberLink\PowerDVD13\Common\NavFilter\000.fcl [130320 2013-10-23] (CyberLink Corp.)
U3 a7jvvmpw; C:\Windows\System32\Drivers\a7jvvmpw.sys [0 ] (Intel Corporation) <==== ATTENTION ( File/Folder)
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 MGHwCtrl; \??\C:\Program Files\MSI\MSI Software Install\MGHwCtrl.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-23 13:25 - 2015-05-23 13:25 - 00112640 _____ (forum.viry.cz) C:\Users\Admin\Desktop\FRSTLauncher.exe
2015-05-23 11:52 - 2015-05-23 11:52 - 00000000 ____D () C:\Users\Admin\AppData\Local\Avg
2015-05-23 11:42 - 2015-05-23 11:42 - 00002114 _____ () C:\Users\Admin\Desktop\AdwCleaner[R3].txt
2015-05-23 11:40 - 2015-05-23 11:40 - 02223104 _____ () C:\Users\Admin\Desktop\adwcleaner_4.205.exe
2015-05-23 08:59 - 2015-05-23 13:27 - 00030643 _____ () C:\Users\Admin\Desktop\FRST.txt
2015-05-23 08:58 - 2015-05-23 08:58 - 02108416 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2015-05-22 13:36 - 2015-05-22 14:30 - 974564314 _____ () C:\Users\Admin\Desktop\Horizont-události-(1997)-(CZ)-(Horor,-Sci-Fi,-Thriller,-Mysteriózní)-71%.avi
2015-05-22 06:56 - 2015-05-22 06:56 - 00000000 ____D () C:\Users\Admin\AppData\Local\ESET
2015-05-07 13:50 - 2015-05-07 13:50 - 00378336 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgloga.sys
2015-05-07 13:49 - 2015-05-07 13:49 - 00253920 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsha.sys
2015-05-07 13:49 - 2015-05-07 13:49 - 00220128 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgmfx64.sys
2015-05-04 14:14 - 2015-05-04 14:14 - 00291296 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgtdia.sys
2015-05-04 13:38 - 2015-05-04 22:54 - 00000000 ____D () C:\Users\Admin\AppData\Local\AVG Web TuneUp
2015-05-04 13:38 - 2015-05-04 13:38 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp
2015-05-04 13:37 - 2015-05-18 19:06 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp
2015-05-01 17:07 - 2015-05-01 17:07 - 00002293 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2015-05-01 17:07 - 2015-05-01 17:07 - 00000000 ____D () C:\Users\Admin\AppData\Local\WinZip
2015-05-01 17:07 - 2015-05-01 17:07 - 00000000 ____D () C:\ProgramData\WinZip
2015-05-01 17:07 - 2015-05-01 17:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2015-05-01 17:07 - 2015-05-01 17:07 - 00000000 ____D () C:\Program Files\WinZip
2015-05-01 17:04 - 2015-05-01 17:04 - 00000049 _____ () C:\windows\SysWOW64\ScrRecX.log
2015-05-01 17:04 - 2008-08-18 18:18 - 00077824 _____ (Fox Magic Software) C:\windows\SysWOW64\fmcodec.DLL
2015-04-27 13:19 - 2015-04-27 13:19 - 00284128 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsdrivera.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-23 13:27 - 2013-11-10 20:56 - 00000000 ____D () C:\FRST
2015-05-23 13:27 - 2012-06-28 19:00 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\uTorrent
2015-05-23 13:23 - 2012-06-29 07:26 - 00000000 ____D () C:\Users\Admin\Documents\uTorrent
2015-05-23 13:10 - 2012-06-28 17:19 - 01625854 _____ () C:\windows\WindowsUpdate.log
2015-05-23 13:09 - 2012-06-30 22:11 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-05-23 12:52 - 2014-10-13 23:33 - 00000936 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-23 12:03 - 2014-11-20 10:27 - 00000000 ____D () C:\Users\Admin\Documents\Assassin's Creed Unity
2015-05-23 11:58 - 2012-06-28 17:25 - 00000000 ____D () C:\ProgramData\MAGIX
2015-05-23 11:58 - 2012-06-28 17:25 - 00000000 ____D () C:\Program Files (x86)\MAGIX
2015-05-23 11:53 - 2014-04-01 09:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-05-23 11:53 - 2012-06-28 18:47 - 00000000 ____D () C:\ProgramData\MFAData
2015-05-23 11:53 - 2009-07-14 06:45 - 00031712 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-23 11:53 - 2009-07-14 06:45 - 00031712 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-23 11:46 - 2014-10-13 23:32 - 00000932 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-23 11:46 - 2012-05-15 18:43 - 00000828 _____ () C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2015-05-23 11:45 - 2014-10-19 11:18 - 00050973 _____ () C:\windows\setupact.log
2015-05-23 11:45 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-05-23 11:44 - 2015-03-29 22:13 - 00000000 ____D () C:\AdwCleaner
2015-05-23 10:22 - 2015-01-29 16:47 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\ViberPC
2015-05-23 10:22 - 2015-01-29 16:46 - 00000000 ____D () C:\Users\Admin\AppData\Local\Viber
2015-05-22 18:58 - 2012-05-15 18:43 - 00000830 _____ () C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2015-05-22 17:39 - 2015-01-05 10:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S-Bar
2015-05-22 17:39 - 2012-05-15 19:34 - 00000000 ____D () C:\Program Files (x86)\S-Bar
2015-05-21 23:37 - 2014-12-28 19:10 - 00000000 ___RD () C:\Users\Admin\Desktop\Exiled Bot Beta v0.25h
2015-05-21 22:17 - 2009-07-14 07:13 - 00797850 _____ () C:\windows\system32\PerfStringBackup.INI
2015-05-20 13:47 - 2014-10-13 23:33 - 00003932 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-20 13:47 - 2014-10-13 23:32 - 00003680 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-20 08:12 - 2014-10-19 11:18 - 00193158 _____ () C:\windows\PFRO.log
2015-05-19 21:57 - 2012-11-17 17:43 - 00003694 _____ () C:\windows\System32\Tasks\Adobe online update program
2015-05-15 09:53 - 2014-09-02 14:11 - 00000000 ___RD () C:\Users\Admin\Desktop\6rocik
2015-05-13 12:59 - 2014-11-21 16:57 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-12 07:31 - 2012-10-24 15:47 - 00000517 _____ () C:\windows\system32\Drivers\etc\hosts.ics
2015-05-12 06:56 - 2013-09-28 10:47 - 00000000 ____D () C:\ProgramData\VirtualWifiRouter
2015-05-10 13:45 - 2015-04-02 09:54 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2015-05-06 19:21 - 2012-12-20 16:43 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-05-01 21:14 - 2014-11-18 16:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2015-05-01 21:14 - 2012-10-16 21:03 - 00000000 ____D () C:\Users\Admin\AppData\Local\SKIDROW
2015-05-01 17:04 - 2014-06-20 21:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2015-04-23 18:09 - 2012-10-28 16:14 - 00121856 ___SH () C:\Users\Admin\Thumbs.db

==================== Files in the root of some directories =======

2014-06-23 18:36 - 2014-06-23 18:36 - 0000000 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2015-03-11 01:03 - 2015-03-11 01:03 - 0000040 _____ () C:\Users\Admin\AppData\Roaming\cdr.ini
2014-09-29 16:15 - 2014-09-29 16:15 - 0013674 _____ () C:\Users\Admin\AppData\Roaming\Winhotspot.log
2012-08-02 10:48 - 2012-08-02 10:48 - 0001205 _____ () C:\Users\Admin\AppData\Local\CleanupUninstall.txt
2013-10-25 11:38 - 2013-10-25 11:42 - 0007598 _____ () C:\Users\Admin\AppData\Local\Resmon.ResmonCfg
2012-06-28 17:41 - 2013-10-31 09:07 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.9268.dll

Some files in TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\GLB1A2B.EXE
C:\Users\Admin\AppData\Local\Temp\InstHelper.exe
C:\Users\Admin\AppData\Local\Temp\Quarantine.exe
C:\Users\Admin\AppData\Local\Temp\sqlite3.dll
C:\Users\Admin\AppData\Local\Temp\unwise.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-05-14 21:30

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (OS_Install) (Fixed) (Total:109.04 GB) (Free:19.34 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:577.06 GB) (Free:56.52 GB) NTFS

Available physical RAM: 5390.66 MB
Total physical RAM: 8088.96 MB
Percentage of memory in use: 33%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: D670E16B)
Partition 1: (Not Active) - (Size=12.4 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=27)
Partition 3: (Not Active) - (Size=109 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=577.1 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Admin\Desktop" je 4066 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AceStream
C:\Users\Admin\AppData\Roaming\ACEStream\engine\ace_engine.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AllShare Play
C:\Program Files\Samsung\AllShare Play\utils\AllShare Play Launcher.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync
"C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BLEServicesCtrl
C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent
C:\Program Files (x86)\BlueStacks\HD-Agent.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer
C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage
C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload
C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Download Assistant
C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence
C:\windows\system32\igfxpers.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerDVD13Agent
"C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC
C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Samsung Link
"C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
"C:\Program Files (x86)\Steam\Steam.exe" -silent [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Super-Charger
C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Viber
"C:\Users\Admin\AppData\Local\Viber\Viber.exe" StartMinimized [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt
"C:\Program Files (x86)\AVG Secure Search\vprot.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Mirage
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Tray
"C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe" /s [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Virtual Router Manager.lnk
C:\windows\Installer\{8DB05F7E-1F7A-4CC0-882F-375B97F04CD4}\_E6D9769DD20AF384865041.exe /min [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xfire.lnk
C:\PROGRA~2\Xfire\Xfire.exe [x]

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#8 Příspěvek od **Rudy** » 23 kvě 2015 17:03

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [S-Bar] => C:\Program Files (x86)\S-Bar\S-Bar.exe [5499392 2012-04-27] (Micro-Star International Co.,Ltd.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-556878318-500787394-2256771143-1001\...\MountPoints2: {0b546db1-cd35-11e4-bce7-8c89a50227c5} - H:\startme.exe
IFEO\allshare play launcher.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\samsung link menu start.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\srserver.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\windvd.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
HKU\S-1-5-21-556878318-500787394-2256771143-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={1094D630 ... 2015-05-04 13:38:05&v=4.1.0.411&pid=wtu&sg=&sap=hp
SearchScopes: HKLM -> {94E8767C-47FB-43B8-A6D1-88FDD4F3087F} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> {94E8767C-47FB-43B8-A6D1-88FDD4F3087F} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Extension: No Name - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release2862\ff [not found]
FF Extension: No Name - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ioak9l5t.default\extensions\magicplayer@acestream.org [not found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
CHR Extension: (Search Kickass Torrents) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpglelepocjjcbmphmnenipjjhlgifmi [2014-10-14]
CHR Extension: (redd) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iejilgbhdenkhibahfmbaobmeigmjfjn [2015-05-22]
CHR Extension: (Neater Bookmarks) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofgjggbjanlhbgaemjbkiegeebmccifi [2014-10-14]
HR HKLM-x32\...\Chrome\Extension: [ajmgcoaojhfhmhgaipclmcinpmkjgiec] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode7547\ch\MediaBuzzV1mode7547.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [aphdlmajlpjioppgfehiiiodjhjcgbkm] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta196\ch\VideoPlayerV3beta196.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [cenhlaccnlelpeleeemifmalkhlhelmm] - C:\ProgramData\Codecv\cenhlaccnlelpeleeemifmalkhlhelmm.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [cgehheigkffjmpfmklkifkbeijelcdkg] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home976\ch\MediaWatchV1home976.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [femgboepodmoipgalajpafkgcdfaommi] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha5363\ch\WebexpEnhancedV1alpha5363.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [hjinheglemjlmpllllbccahaalcdbdek] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha7768\ch\MediaViewV1alpha7768.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [ijllmpceobclddbjmibfmbgkcahjhlcj] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release2862\ch\RichMediaViewV1release2862.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [kalondmkendjbjdldhobiebjojalkcgg] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1001\ch\MediaViewV1alpha1001.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [nndjdhafnmipbbeikccndodelhblcomp] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha5953\ch\MediaViewerV1alpha5953.crx [Not Found]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\KGyGaAvL.sys
C:\Users\Public\AlexaNSISPlugin.9268.dll
C:\Users\Admin\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Na ploše je příliš mnoho dat (>4GB). Toto množství již může nepříznivě ovlivňovat délku startu systém. Vytvořte v profilu C:\Users\Admin nový adresář a do něj data (s vyjímkou zástupců) přesuňte. Na plochu dejte pouze zástupce pro snazší přístup.

Filuto · #9 Příspěvek od **Filuto** » 23 kvě 2015 17:40

dakujem za radu s plochou som si ani neuvedomil ze tam mam zlozku co ma 3,5 Gb

a tu je log

Fix result of Farbar Recovery Scan Tool (x64) Version: 22-05-2015 01
Ran by Admin at 2015-05-23 18:34:16 Run:2
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin (Available Profiles: Admin)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [S-Bar] => C:\Program Files (x86)\S-Bar\S-Bar.exe [5499392 2012-04-27] (Micro-Star International Co.,Ltd.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-556878318-500787394-2256771143-1001\...\MountPoints2: {0b546db1-cd35-11e4-bce7-8c89a50227c5} - H:\startme.exe
IFEO\allshare play launcher.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\samsung link menu start.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\srserver.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\windvd.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
HKU\S-1-5-21-556878318-500787394-2256771143-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={1094D630 ... 2015-05-04 13:38:05&v=4.1.0.411&pid=wtu&sg=&sap=hp
SearchScopes: HKLM -> {94E8767C-47FB-43B8-A6D1-88FDD4F3087F} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> {94E8767C-47FB-43B8-A6D1-88FDD4F3087F} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Extension: No Name - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release2862\ff [not found]
FF Extension: No Name - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ioak9l5t.default\extensions\magicplayer@acestream.org [not found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
CHR Extension: (Search Kickass Torrents) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpglelepocjjcbmphmnenipjjhlgifmi [2014-10-14]
CHR Extension: (redd) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iejilgbhdenkhibahfmbaobmeigmjfjn [2015-05-22]
CHR Extension: (Neater Bookmarks) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofgjggbjanlhbgaemjbkiegeebmccifi [2014-10-14]
HR HKLM-x32\...\Chrome\Extension: [ajmgcoaojhfhmhgaipclmcinpmkjgiec] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode7547\ch\MediaBuzzV1mode7547.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [aphdlmajlpjioppgfehiiiodjhjcgbkm] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta196\ch\VideoPlayerV3beta196.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [cenhlaccnlelpeleeemifmalkhlhelmm] - C:\ProgramData\Codecv\cenhlaccnlelpeleeemifmalkhlhelmm.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [cgehheigkffjmpfmklkifkbeijelcdkg] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home976\ch\MediaWatchV1home976.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [femgboepodmoipgalajpafkgcdfaommi] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha5363\ch\WebexpEnhancedV1alpha5363.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [hjinheglemjlmpllllbccahaalcdbdek] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha7768\ch\MediaViewV1alpha7768.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [ijllmpceobclddbjmibfmbgkcahjhlcj] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release2862\ch\RichMediaViewV1release2862.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [kalondmkendjbjdldhobiebjojalkcgg] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1001\ch\MediaViewV1alpha1001.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [nndjdhafnmipbbeikccndodelhblcomp] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha5953\ch\MediaViewerV1alpha5953.crx [Not Found]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\KGyGaAvL.sys
C:\Users\Public\AlexaNSISPlugin.9268.dll
C:\Users\Admin\AppData\Local\Temp
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\S-Bar => value Removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui" => key Removed successfully
"HKU\S-1-5-21-556878318-500787394-2256771143-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0b546db1-cd35-11e4-bce7-8c89a50227c5}" => key Removed successfully
HKCR\CLSID\{0b546db1-cd35-11e4-bce7-8c89a50227c5} => key not found.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\allshare play launcher.exe" => key Removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\samsung link menu start.exe" => key Removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\srserver.exe" => key Removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\windvd.exe => key not found.
C:\windows\system32\GroupPolicy\Machine => Moved successfully.
C:\windows\system32\GroupPolicy\GPT.ini => Moved successfully.
C:\windows\SysWOW64\GroupPolicy\GPT.ini => Moved successfully.
HKU\S-1-5-21-556878318-500787394-2256771143-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{94E8767C-47FB-43B8-A6D1-88FDD4F3087F}" => key Removed successfully
HKCR\CLSID\{94E8767C-47FB-43B8-A6D1-88FDD4F3087F} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{94E8767C-47FB-43B8-A6D1-88FDD4F3087F}" => key Removed successfully
HKCR\Wow6432Node\CLSID\{94E8767C-47FB-43B8-A6D1-88FDD4F3087F} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value Removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value Removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value Removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key Removed successfully
"HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key Removed successfully
C:\Program Files (x86)\Skype\Toolbars => Moved successfully.
"HKCR\PROTOCOLS\Handler\skypec2c" => key Removed successfully
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key Removed successfully
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key Removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key Removed successfully
C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release2862\ff not found.
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ioak9l5t.default\extensions\magicplayer@acestream.org not found.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} not found.
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpglelepocjjcbmphmnenipjjhlgifmi => Moved successfully.
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iejilgbhdenkhibahfmbaobmeigmjfjn => Moved successfully.
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofgjggbjanlhbgaemjbkiegeebmccifi => Moved successfully.
HR HKLM-x32\...\Chrome\Extension: [ajmgcoaojhfhmhgaipclmcinpmkjgiec] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode7547\ch\MediaBuzzV1mode7547.crx [Not Found] => Error: No automatic fix ' & $found1 & ' for this entry.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aphdlmajlpjioppgfehiiiodjhjcgbkm" => key Removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cenhlaccnlelpeleeemifmalkhlhelmm" => key Removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cgehheigkffjmpfmklkifkbeijelcdkg" => key Removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\femgboepodmoipgalajpafkgcdfaommi" => key Removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\hjinheglemjlmpllllbccahaalcdbdek" => key Removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ijllmpceobclddbjmibfmbgkcahjhlcj" => key Removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kalondmkendjbjdldhobiebjojalkcgg" => key Removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nndjdhafnmipbbeikccndodelhblcomp" => key Removed successfully
c2cautoupdatesvc => Service stopped successfully.
c2cautoupdatesvc => Service Removed successfully
c2cpnrsvc => Service stopped successfully.
c2cpnrsvc => Service Removed successfully
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA => Moved successfully.
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore => Moved successfully.
C:\ProgramData\KGyGaAvL.sys => Moved successfully.
C:\Users\Public\AlexaNSISPlugin.9268.dll => Moved successfully.

"C:\Users\Admin\AppData\Local\Temp" folder move:

Could not move "C:\Users\Admin\AppData\Local\Temp" folder => Scheduled to move on reboot.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-05-23 18:36:12)<=

"C:\Users\Admin\AppData\Local\Temp" => Could not move

==== End of Fixlog 18:36:14 ====

#10 Příspěvek od **Rudy** » 23 kvě 2015 18:12

Smazáno. Nastala nějaká změna?

Filuto · #11 Příspěvek od **Filuto** » 23 kvě 2015 19:02

Dakujem za radu a ochotu ... popravde povedat neviem ten spam skakal nahodne nie zakazdym ked som klikol na nejakej sranke na dajaky odkaz ... skusal som teraz nahodne stranky a zatial nic tak dufam ze to uz funguje.

#12 Příspěvek od **Rudy** » 23 kvě 2015 20:22

OK, nemáte zač!

V případě potřeby se ozvěte.

VIRY.CZ

Pop up spam

Pop up spam

Re: Pop up spam

Re: Pop up spam

Re: Pop up spam

Re: Pop up spam

Re: Pop up spam

Re: Pop up spam

Re: Pop up spam

Re: Pop up spam

Re: Pop up spam

Re: Pop up spam

Re: Pop up spam