Pomalý počítač a vyskakovací okna - ADS By Helper

[Bagr.George]

Dobrý den,
kamarádka mi donesla notebook synka, že ho má zavirovaný.

NTB je pomalý, vyskakují okýnka ADS By Helper, samy se otevírají záložky, nejde vůbec spustit Internet Explorer.

Projel jsem jej ESET on-line, AdwCleanerem a jsem udělal log v FRST.

Prosím moc o pomoc

Jirka

Log z FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-07-2015
Ran by Vojta (administrator) on VOJTA-PC on 13-07-2015 23:04:29
Running from C:\Users\Vojta\Desktop
Loaded Profiles: UpdatusUser & Vojta (Available Profiles: UpdatusUser & Vojta)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Vojta\Desktop\FRSTLauncher (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-2481163647-550643762-1494268911-1001\...\MountPoints2: {0dfe8100-fd40-11e3-837a-b888e309ba37} - F:\MafiaLauncher.EXE
HKU\S-1-5-21-2481163647-550643762-1494268911-1001\...\MountPoints2: {0dfe8105-fd40-11e3-837a-b888e309ba37} - G:\Setup.exe
HKU\S-1-5-21-2481163647-550643762-1494268911-1001\...\MountPoints2: {409a0cbd-ba5d-11e1-aea8-806e6f6e6963} - D:\autorun.exe
HKU\S-1-5-21-2481163647-550643762-1494268911-1001\...\MountPoints2: {a60e1717-dac0-11e3-a19f-b888e309ba37} - E:\MafiaLauncher.EXE
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
URLSearchHook: HKU\S-1-5-21-2481163647-550643762-1494268911-1001 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-2481163647-550643762-1494268911-1001 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2014-06-30] (McAfee, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2014-06-30] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25] (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2014-06-30] (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2014-06-30] (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2014-06-30] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2014-06-30] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2014-06-30] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2014-06-30] (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.200.1.1 8.8.8.8
Tcpip\..\Interfaces\{33B7A10B-0CBA-4D1B-89E6-4488C4D31D5B}: [DhcpNameServer] 10.200.1.1 8.8.8.8
Tcpip\..\Interfaces\{425A1498-80EA-4D3C-AE21-CE2B95C16894}: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Vojta\AppData\Roaming\Mozilla\Firefox\Profiles\a9q67czb.default
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @live.heroesandgenerals.com/npretox -> C:\Program Files (x86)\Heroes & Generals\live\npretox-1.0.6.1\npretoxlive-1.0.6.1.dll [2014-10-20] (Reto-Moto ApS)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2012-10-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2481163647-550643762-1494268911-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Vojta\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-04-02] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppluginrichmediaplayer.dll [2013-03-12] ()
FF Extension: firepickerthedarkone - C:\Users\Vojta\AppData\Roaming\Mozilla\Firefox\Profiles\a9q67czb.default\Extensions\firepicker@thedarkone [2015-06-02]
FF Extension: Rise Gaming Store - C:\Users\Vojta\AppData\Roaming\Mozilla\Firefox\Profiles\a9q67czb.default\Extensions\s4LVk@gmail.com [2015-06-02]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2012-01-19]

Chrome:
=======
CHR HomePage: Default -> https://www.google.cz/
CHR Profile: C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-04]
CHR Extension: (Google Docs) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-04]
CHR Extension: (Google Drive) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-04]
CHR Extension: (YouTube) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-04]
CHR Extension: (cfhdojbkjhnklbpkdaibdccddilifddb) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-06-02]
CHR Extension: (Google Search) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-04]
CHR Extension: (Google Sheets) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-04]
CHR Extension: (SiteAdvisor) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-03-27]
CHR Extension: (Heroes & Generals) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbophcdhblbipoaacgchllkobdaolpge [2015-03-05]
CHR Extension: (Rise Gaming Store) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdlmjkfoidldghacbhdinlbmgpcplpal [2015-06-02]
CHR Extension: (Google Wallet) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Air Globe) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogcbggiopalifiakkabfhjbbkpjmjogo [2015-05-21]
CHR Extension: (Gmail) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-04]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-08-19]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-05-23] (BitRaider, LLC)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1997168 2015-06-23] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-06-16] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 McAfee SiteAdvisor Service; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2014-05-24] (BitRaider)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-26] (Disc Soft Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-13 23:04 - 2015-07-13 23:05 - 00015956 _____ C:\Users\Vojta\Desktop\FRST.txt
2015-07-13 23:03 - 2015-07-13 23:04 - 00000000 ____D C:\FRST
2015-07-13 23:02 - 2015-07-13 23:02 - 00112640 _____ (forum.viry.cz) C:\Users\Vojta\Desktop\FRSTLauncher (1).exe
2015-07-13 22:58 - 2015-07-13 22:58 - 00112640 _____ (forum.viry.cz) C:\Users\Vojta\Downloads\Nepotvrzeno 858228.crdownload
2015-07-13 22:50 - 2015-07-13 22:50 - 02133504 _____ (Farbar) C:\Users\Vojta\Desktop\FRST64.exe
2015-07-13 22:30 - 2015-07-13 22:30 - 00037534 _____ C:\Users\Vojta\Desktop\AdwCleaner[S0].txt
2015-07-13 22:19 - 2015-07-13 22:19 - 00107046 _____ C:\Users\Vojta\Desktop\viry.txt
2015-07-13 13:25 - 2015-07-13 22:26 - 00000000 ____D C:\AdwCleaner
2015-07-13 13:24 - 2015-07-13 13:24 - 02248704 _____ C:\Users\Vojta\Downloads\adwcleaner_4.208.exe
2015-07-13 13:08 - 2015-07-13 13:08 - 00000000 ____D C:\Program Files (x86)\ESET
2015-07-13 13:07 - 2015-07-13 13:07 - 02870984 _____ (ESET) C:\Users\Vojta\Downloads\esetsmartinstaller_csy.exe
2015-07-11 21:22 - 2015-07-11 21:22 - 01406401 _____ C:\Users\Vojta\Downloads\mu0v3-36.zip
2015-07-11 21:15 - 2015-07-11 21:15 - 01774247 _____ C:\Users\Vojta\Downloads\mu4v3-36.zip
2015-06-24 16:55 - 2015-06-24 16:55 - 00001340 _____ C:\Users\Vojta\Desktop\Men of War. Condemned Heroes.lnk
2015-06-24 15:43 - 2015-06-24 15:43 - 00000000 ____D C:\Users\Vojta\minecraft
2015-06-22 15:04 - 2015-06-22 15:04 - 00000000 ____D C:\Windows\TempAB899B82-FD6D-22FF-FE03-BDCBBC0B52BF-Signatures
2015-06-19 13:01 - 2015-06-19 13:01 - 00000000 ____D C:\1fa629e8bc87a2777b8391a4d76bc262
2015-06-15 19:02 - 2015-06-15 19:02 - 00000000 ____D C:\Windows\Temp10C3E64C-C0A2-DD0B-280E-2575F113FA3B-Signatures

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-13 22:41 - 2014-08-20 16:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-07-13 22:41 - 2012-01-19 14:19 - 00000000 ____D C:\ProgramData\McAfee
2015-07-13 22:39 - 2012-06-20 00:25 - 02085887 _____ C:\Windows\WindowsUpdate.log
2015-07-13 22:38 - 2012-06-20 00:46 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-07-13 22:38 - 2009-07-14 06:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-13 22:38 - 2009-07-14 06:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-13 22:35 - 2015-04-17 18:59 - 00000000 ____D C:\Program Files (x86)\microsoft office 2013 plna verze cz zdarma
2015-07-13 22:30 - 2012-11-10 11:38 - 00000000 ____D C:\ProgramData\clear.fi
2015-07-13 22:28 - 2014-08-20 16:53 - 00037652 _____ C:\Windows\setupact.log
2015-07-13 22:28 - 2010-11-21 05:47 - 00140472 _____ C:\Windows\PFRO.log
2015-07-13 22:28 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-13 22:26 - 2013-09-26 17:23 - 00000601 _____ C:\Users\Vojta\Desktop\Search.lnk
2015-07-13 22:26 - 2012-11-09 19:34 - 00000000 ____D C:\Users\Vojta
2015-07-13 22:26 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\System
2015-07-13 22:08 - 2013-05-18 18:19 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-13 22:00 - 2015-06-01 19:33 - 00000000 ____D C:\Users\Vojta\AppData\Roaming\MiUi-temp
2015-07-13 22:00 - 2013-05-25 20:44 - 00000000 ____D C:\Users\Vojta\AppData\Roaming\uTorrent
2015-07-13 21:58 - 2014-02-02 17:30 - 00000000 ____D C:\ProgramData\YTAedRaemoval
2015-07-13 21:58 - 2013-09-26 17:22 - 00000000 ____D C:\Program Files (x86)\Zula Games
2015-07-13 21:57 - 2015-06-02 20:04 - 00000000 ____D C:\Program Files (x86)\Rise Gaming Store
2015-07-13 21:09 - 2009-07-14 04:34 - 00000612 _____ C:\Windows\win.ini
2015-07-13 13:02 - 2015-04-12 11:39 - 00000000 ____D C:\ProgramData\Datamngr
2015-07-13 13:01 - 2014-06-25 18:43 - 00000000 ____D C:\Program Files (x86)\2K Games
2015-07-13 13:01 - 2013-11-17 00:19 - 00000000 ____D C:\Program Files (x86)\1C Company
2015-07-13 12:56 - 2015-05-21 20:32 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-07-13 12:56 - 2014-09-22 19:11 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-07-13 12:56 - 2013-10-27 18:58 - 00001105 _____ C:\Users\Public\Desktop\WarThunder.lnk
2015-07-13 12:56 - 2012-11-09 19:37 - 00001397 _____ C:\Users\Vojta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-07-13 12:56 - 2012-11-09 19:37 - 00001363 _____ C:\Users\Vojta\Desktop\Internet Explorer (64-bit).lnk
2015-07-13 10:36 - 2015-04-17 20:48 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-07-13 10:12 - 2013-11-19 23:35 - 00488245 _____ C:\Windows\IE11_main.log
2015-07-13 10:11 - 2014-08-20 16:50 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2015-07-13 10:11 - 2014-08-20 16:49 - 00002113 _____ C:\Windows\epplauncher.mif
2015-07-13 10:11 - 2014-08-20 16:49 - 00000000 ____D C:\Program Files\Microsoft Security Client
2015-07-13 09:59 - 2015-04-25 19:57 - 00000000 _____ C:\Users\Vojta\rgmnr
2015-07-12 20:54 - 2013-01-05 19:44 - 00000000 ____D C:\Users\Vojta\AppData\Local\ArmA 2 OA
2015-07-11 20:11 - 2013-05-18 18:19 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-11 20:11 - 2013-05-18 18:19 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-11 20:11 - 2012-01-19 14:47 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-05 12:08 - 2010-11-21 05:27 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-06-27 18:23 - 2013-10-20 13:47 - 00000000 ____D C:\Users\Vojta\Documents\Euro Truck Simulator 2
2015-06-27 15:11 - 2013-05-02 15:15 - 00000000 ____D C:\ProgramData\Origin
2015-06-26 11:27 - 2013-10-27 18:58 - 00000000 ____D C:\Program Files (x86)\WarThunder
2015-06-24 18:28 - 2012-11-09 22:33 - 00000000 ____D C:\Users\Vojta\AppData\Roaming\Skype
2015-06-24 16:57 - 2012-12-16 13:09 - 00000000 ____D C:\Users\Vojta\Documents\My Games
2015-06-24 16:55 - 2013-01-20 21:45 - 00000000 ___HD C:\Windows\msdownld.tmp
2015-06-24 16:55 - 2013-01-20 21:45 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-06-24 16:55 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-06-24 16:54 - 2014-01-11 21:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1C Company
2015-06-24 15:45 - 2015-05-06 20:54 - 00000000 ____D C:\Users\Vojta\Desktop\Vojta
2015-06-23 20:51 - 2013-05-02 15:18 - 00000000 ____D C:\Users\Vojta\AppData\Roaming\Origin
2015-06-23 20:04 - 2013-05-02 15:14 - 00000000 ____D C:\Program Files (x86)\Origin

==================== Files in the root of some directories =======

2003-04-16 14:49 - 2003-04-16 14:49 - 0233472 ____R () C:\Users\Vojta\AppData\Roaming\MafiaSetup.exe
2012-06-20 00:52 - 2012-06-20 00:55 - 0015222 _____ () C:\ProgramData\ArcadeDeluxe5.log

Some files in TEMP:
====================
C:\Users\Vojta\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Vojta\AppData\Local\Temp\drm_dyndata_7310011.dll
C:\Users\Vojta\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Vojta\AppData\Local\Temp\ose00000.exe
C:\Users\Vojta\AppData\Local\Temp\Quarantine.exe
C:\Users\Vojta\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Vojta\AppData\Local\Temp\sqlite3.dll
C:\Users\Vojta\AppData\Local\Temp\TsuA35C02E6.dll
C:\Users\Vojta\AppData\Local\Temp\_isCB3A.exe
C:\Users\Vojta\AppData\Local\Temp\_isDEEA.exe
C:\Users\Vojta\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0408b82623e6b.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0408b8301b510.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Vojta\Desktop" je 32881 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcadeMovieService
"C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BackupManagerTray
"C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dolby Advanced Audio v2
"C:\Dolby PCEE4\pcee4.exe" -autostart [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM
"C:\Program Files (x86)\Origin\Origin.exe" -AutoStart [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDCtrl
%ProgramFiles%\Elantech\ETDCtrl.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
"C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds
C:\Windows\system32\hkcmd.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray
C:\Windows\system32\igfxtray.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iLivid
"C:\Users\Vojta\AppData\Local\iLivid\iLivid.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager
C:\Program Files (x86)\Launch Manager\LManager.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mncnkdxpSrv
C:\Windows\inf\mncnkdxp.vbe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msartfcSrv
"C:\Windows\system32\msartfc.vbe" mswmrhl mstklrxl [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msaxwsfSrv
C:\Windows\inf\msaxwsf.vbe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC
"c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSStp
C:\Windows\system32\msstp.vbe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NextLive
C:\Windows\SysWOW64\rundll32.exe "C:\Users\Vojta\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Online Backup
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp
C:\Program Files (x86)\Zrychleni Pocitace\PCSUNotifier.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence
C:\Windows\system32\igfxpers.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power Management
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC
C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg_Dolby
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SPDriver
C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.1916\jsdrv.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
"C:\Program Files (x86)\Steam\steam.exe" -silent [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StickyPassword
"C:\Program Files (x86)\Sticky Password\stpass.exe" /autorunned [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuiteTray
"C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TBHostSupport
"C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Vojta\AppData\Local\TBHostSupport\TBHostSupport_0.dll",DLLRunTBHostSupportPlugin [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent
"C:\Users\Vojta\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YTDownloader
"C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[Márty84]

Zdravim

Je tam havet

Odinstalujte McAfee SiteAdvisor

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[Bagr.George]

Dobrý den,
děkuji moc za rady

Jirka

Log s MBAM je zde:

Malwarebytes Anti-Malware
http://www.malwarebytes.org

Datum skenování: 14.7.2015
Čas skenování: 13:44
Protokol: MAMH.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.07.14.03
Databáze rootkitů: v2015.07.10.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Vojta

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 850989
Uplynulý čas: 11 hod, 32 min, 28 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 17
PUP.Optional.AirGlobe.A, HKLM\SOFTWARE\WOW6432NODE\Air Globe, , [89228a5785051521d4daaf5a927113ed],
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\Datamngr, , [6c3f9d443d4dce68c95592a428dbe818],
PUP.Optional.CrossRider.C, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, , [7e2debf6e9a162d4efb416ee0cf7c23e],
PUP.Optional.Bandoo.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ilividbandoomoviestoolbarFF, , [c4e73ea3cfbb350135bc760442c26997],
PUP.Optional.PCSpeedUp.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PCSUUCDRV, , [f7b44e9399f144f2ba987120e123fa06],
PUP.Optional.GeForce.A, HKU\S-1-5-18\SOFTWARE\Ge-Force-nv, , [416a1bc61d6dbb7b71bf612392727a86],
PUP.Optional.GeForce.A, HKU\S-1-5-18\SOFTWARE\Ge-Force-nv-ie, , [03a8eaf7bdcdc57190a09aead43001ff],
PUP.Optional.SavePass.A, HKU\S-1-5-18\SOFTWARE\SavePass 1.1-nv, , [c7e4d809325836005bf8b475ff04c937],
PUP.Optional.Sense.A, HKU\S-1-5-18\SOFTWARE\Sense-nv, , [15965e83fc8ef44249790e76f60e8a76],
PUP.Optional.Sense.A, HKU\S-1-5-18\SOFTWARE\Sense-nv-ie, , [1f8c9c4504862115bb07b5cf06fea060],
PUP.Optional.Crossrider.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, , [5457756c24664cea1eb9701a0400619f],
PUP.Optional.AirGlobe.A, HKU\S-1-5-21-2481163647-550643762-1494268911-1001\SOFTWARE\Air Globe, , [b5f6dc0503873204446bb851a0630000],
PUP.Optional.GeForce.A, HKU\S-1-5-21-2481163647-550643762-1494268911-1001\SOFTWARE\Ge-Force-nv-ie, , [8a218d546129290d64cc87fd7193f709],
PUP.Optional.MoviesToolBar.A, HKU\S-1-5-21-2481163647-550643762-1494268911-1001\SOFTWARE\ilividbandoomoviestoolbar, , [e4c73aa79befa591fef0044631d2a55b],
PUP.Optional.SavePass.A, HKU\S-1-5-21-2481163647-550643762-1494268911-1001\SOFTWARE\SavePass 1.1-nv-ie, , [4764d30e6f1b0f275df6da4fb74c659b],
PUP.Optional.Sense.A, HKU\S-1-5-21-2481163647-550643762-1494268911-1001\SOFTWARE\Sense-nv-ie, , [f3b83ca587031422a41e4044ed177888],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2481163647-550643762-1494268911-1001\SOFTWARE\GOOGLE\CHROME\NATIVEMESSAGINGHOSTS\nmhostct3289075, , [07a4e7fa7b0f3cfad411f50c35ce7b85],

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 24
PUP.Optional.ConduitTB.Gen, C:\Users\Vojta\AppData\Local\CRE, , [8526b72a147683b3fac7ca3a689bc739],
PUP.Optional.Datamngr.A, C:\ProgramData\Datamngr, , [307b32af117982b49004590a46be43bd],
PUP.Optional.Zulagames.A, C:\Program Files (x86)\Zula Games, , [931808d99febed49ecec075e9d67cd33],
PUP.Optional.Zulagames.A, C:\Program Files (x86)\Zula Games\mz, , [931808d99febed49ecec075e9d67cd33],
PUP.Optional.OptimizerPro.A, C:\Users\Vojta\Documents\Optimizer Pro, , [8922dc058efc96a0eecf008fe81c5ea2],
Trojan.Agent.BCM, C:\Windows\inf\mncnkdxp, , [991239a8bcce142266fa983acb3725db],
Trojan.Agent.BCM, C:\Windows\inf\mncnkdxp\bitstreams, , [991239a8bcce142266fa983acb3725db],
PUP.Optional.MoviesToolBar.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Firefox\Profiles\a9q67czb.default\ilividbandoomoviestoolbar, , [e1cac41df5952b0bec3b9d385ea4e61a],
PUP.Optional.GlobalUpdate.A, C:\Users\Vojta\AppData\Local\Temp\comh.117902, , [9615964b622869cd4515539028da43bd],
PUP.Optional.GlobalUpdate.A, C:\Users\Vojta\AppData\Local\Temp\comh.223066, , [07a42bb6ec9ec96dd189c02321e1ad53],
PUP.Optional.GlobalUpdate.A, C:\Users\Vojta\AppData\Local\Temp\comh.432348, , [92193fa22268999d1a404a9920e26c94],
PUP.Optional.ZulaGames.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com, , [7e2d99482268092da77815cf52b0e917],
PUP.Optional.ZulaGames.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome, , [7e2d99482268092da77815cf52b0e917],
PUP.Optional.ZulaGames.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content, , [7e2d99482268092da77815cf52b0e917],
PUP.Optional.ZulaGames.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\mz, , [7e2d99482268092da77815cf52b0e917],
PUP.Optional.ZulaGames.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\skin, , [7e2d99482268092da77815cf52b0e917],
PUP.Optional.SearchApp.A, C:\Users\Vojta\AppData\Local\Temp\{c0caa5fe-7c9c-4dca-a265-63cf55379d1a}, , [5358d20f642648eeb7cc61840df528d8],
PUP.Optional.SpeedAnalysis.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com, , [8427aa3775155cdabd556197d32ffe02],
PUP.Optional.SpeedAnalysis.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome, , [8427aa3775155cdabd556197d32ffe02],
PUP.Optional.SpeedAnalysis.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content, , [8427aa3775155cdabd556197d32ffe02],
PUP.Optional.SpeedAnalysis.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\mz, , [8427aa3775155cdabd556197d32ffe02],
PUP.Optional.SpeedAnalysis.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\skin, , [8427aa3775155cdabd556197d32ffe02],
PUP.Optional.AirGlobe.A, C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogcbggiopalifiakkabfhjbbkpjmjogo\1.0.1_0, , [6d3e26bb8ffbe74fd95b75ef1fe6867a],
PUP.Optional.AirGlobe.A, C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogcbggiopalifiakkabfhjbbkpjmjogo, , [6d3e26bb8ffbe74fd95b75ef1fe6867a],

Soubory: 147
PUP.Optional.SkyTech.A, C:\Users\Vojta\AppData\Roaming\MiUi-temp\QQBrowserFrame.dll, , [258641a045454de97047c291eb16dc24],
Trojan.BitMiner, C:\Windows\inf\mncnkdxp\mncnkdxp.exe, , [d5d6da076e1c1a1cfc642aad6b96738d],
BitcoinMiner, C:\Windows\inf\msdtanq\msdtanq.exe, , [0aa1964b266440f6a3b2627d18e821df],
BitcoinMiner, C:\Windows\inf\mselvxb\mselvxb.exe, , [5d4e9b46dab0f93d460f835c54ac44bc],
PUP.Optional.Airglobe, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Air Globe\updateAirGlobe.Vexe.vir, , [4962d70a9befbb7b2b59620060a56d93],
PUP.Optional.Airglobe, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Air Globe\bin\AirGlobe.expext.exe.vir, , [7536ac355634df572b59f56d5baaf50b],
PUP.Optional.Airglobe, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Air Globe\bin\tmpE7B1.tmp.vir, , [08a38a57d7b365d1bdc742202ed7a45c],
PUP.Optional.Airglobe, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Air Globe\bin\utilAirGlobe.Vexe.vir, , [2e7da0419ded5fd7add74c16fc09867a],
PUP.Optional.7Go.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Speed Analysis 2\uninst.exe.vir, , [7635c71aacde46f046fc767d3bc526da],
PUP.Optional.SpeedTest.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Speed Analysis 2\uninstall.exe.vir, , [f6b539a8a7e35fd70715f14d2bd5f60a],
PUP.Optional.BrowserWatch, C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\BrowerWatchCH.Vdll.vir, , [fbb017cae1a99e98ce58252605fb6a96],
PUP.Optional.BrowserWatch, C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\BrowerWatchFF.Vdll.vir, , [f4b7af320a807fb716104cff3ac617e9],
PUP.Optional.SearchProtect, C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\BrowserAction.Vdll.vir, , [901b954c6624be789aab7b10db2607f9],
PUP.Optional.XTab.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\ProtectService.Vexe.vir, , [614a19c8b6d488aed187adae5ba6a45c],
PUP.Optional.PCSpeedUp.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Zrychleni Pocitace\PCSpeedUp.sys.vir, , [684326bb8bff221470adbdef06fb08f8],
PUP.Optional.PCSpeedUp, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Zrychleni Pocitace\PCSULauncher.exe.vir, , [eebda839d4b63ff79c45921ae021d030],
PUP.Optional.PCSpeedUp.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Zrychleni Pocitace\PCSUUCC.exe.vir, , [0ba03ea3cdbd9e9825f8a606ea179769],
PUP.Optional.Airglobe, C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{0c1bfd68-2f89-48f3-b055-985cab8bbde5}w64.sys.vir, , [59522ab79feba2940d77dc86e025b34d],
PUP.Optional.Airglobe, C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{0ed07a29-a68f-404d-bba1-88566b3f424a}Gw64.sys.vir, , [4863fee31971201693f17de50afb48b8],
PUP.Optional.Airglobe, C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{168ea170-a682-4a6a-be62-f8928e526a66}Gw64.sys.vir, , [2c7f954ccebcb1855430273b26df39c7],
PUP.Optional.Airglobe, C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{16de1a5e-6c3d-4a29-8611-d373f21989ef}Gw64.sys.vir, , [dfcc6b7666243bfbe2a2f86afb0a0ef2],
PUP.Optional.Airglobe, C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{16de1a5e-6c3d-4a29-8611-d373f21989ef}w64.sys.vir, , [4e5d538edeac8bab543067fbcf3647b9],
PUP.Optional.Airglobe, C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{2bd159c5-ea71-4e27-88d2-1a2653bf93a0}w64.sys.vir, , [5457a938a8e2e94d384c184ad82d4cb4],
PUP.Optional.Airglobe, C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{2eb930fb-5d92-450f-a5ff-14c391caa31b}w64.sys.vir, , [911a68793258ab8b760e2e34f51036ca],
PUP.Optional.Airglobe, C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{399a0743-357c-44e5-9a46-bb7ce63a3062}w64.sys.vir, , [9516eaf7a7e3e6501371c69c27de60a0],
PUP.Optional.Airglobe, C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{454e3137-dcd4-4da1-8ba3-a62446458c4f}w64.sys.vir, , [4863bd246723f24463219ec4fb0a758b],
PUP.Optional.Airglobe, C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{47887a95-8ff1-45b1-926b-1922a67fa6a8}w64.sys.vir, , [9c0ff6eb0783ea4c513388da1aeb30d0],
PUP.Optional.Airglobe, C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{4c12e85e-ecff-4f9b-b0b4-a94418f3e761}w64.sys.vir, , [73388f527c0e49ed97ed3e243ec718e8],
PUP.Optional.Airglobe, C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{50ce1dc5-0676-4bd3-8b6f-6a8393cebc27}Gw64.sys.vir, , [406bbb269feb73c3fa8a055d39cc2ad6],
PUP.Optional.Airglobe, C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{518c59b7-17dc-4872-ae04-24f1719066a1}Gw64.sys.vir, , [5457e7fa107a1521aed6f270877eb14f],
PUP.Optional.Airglobe, C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{528cee47-7291-4264-bfa5-cfe581415f9d}Gw64.sys.vir, , [efbc0bd68307e1550c786bf7b253857b],
PUP.Optional.Airglobe, C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{8a41cfe2-3810-44a8-a83f-c58ba68c0bd4}w64.sys.vir, , [6a41f2efaedcfc3a543098cae71e619f],
PUP.Optional.Airglobe, C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{913d2ed3-4e23-413f-bdab-195da83ca204}w64.sys.vir, , [cbe0944dbfcbbb7bb7cdbca6bc49b34d],
PUP.Optional.Airglobe, C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{9c87de74-a53e-482a-ae83-0cd43d2f20ef}w64.sys.vir, , [2289855cb2d80234dca8acb6719413ed],
PUP.Optional.Airglobe, C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{bedb11f1-1e99-489a-8394-6ed70e5ad345}w64.sys.vir, , [9c0fac35e6a4e84e2163441e44c1db25],
PUP.Optional.Airglobe, C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{bf34199a-d8d1-4010-b9b5-fa9597e3123a}w64.sys.vir, , [5f4cad347a10b581ec9895cdbb4a27d9],
PUP.Optional.Airglobe, C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{d447a5a7-a0f3-4764-b2fa-d4e58c36c75a}w64.sys.vir, , [c1eaa1403258bd79c6be422054b115eb],
PUP.Optional.Airglobe, C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{e08fcad9-9d66-45db-b3c2-5d84d4983d6e}Gw64.sys.vir, , [a3080ed3cebcb87e315374ee13f20df3],
PUP.Optional.Airglobe, C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{e3bd305e-655b-4acb-ab17-5138c562afe0}w64.sys.vir, , [6f3c7d64414912245331b0b2f60fde22],
PUP.Optional.Airglobe, C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{f17f19ac-f9b8-4e8d-b04e-93f39064f7e1}w64.sys.vir, , [07a491502466d85e7a0a91d14db846ba],
PUP.Optional.Airglobe, C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{fbcc472e-8c96-4669-abe9-10a269b03700}w64.sys.vir, , [9516b62bcdbd84b2dea6540e33d2f20e],
PUP.Optional.Airglobe, C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{fc3ee8d3-d9cb-4d32-b226-0f4e1c81f5f0}w64.sys.vir, , [8a21667b04864ee8d1b38ed4f510619f],
PUP.Optional.ConduitTB.Gen, C:\Users\Vojta\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx, , [8526b72a147683b3fac7ca3a689bc739],
PUP.Optional.Enabler.A, C:\Windows\System32\Tasks\GS.Enabler-S-4560858878, , [0c9f835e2f5ba88e00d82bfd649fc23e],
Trojan.Script, C:\Windows\SysWOW64\mswmrhl.vbe, , [e9c2bf224c3e26107252d3772cd727d9],
PUP.Optional.Datamngr.A, C:\ProgramData\Datamngr\coordinator.cfg, , [307b32af117982b49004590a46be43bd],
PUP.Optional.Datamngr.A, C:\ProgramData\Datamngr\general.cfg, , [307b32af117982b49004590a46be43bd],
PUP.Optional.Datamngr.A, C:\ProgramData\Datamngr\S-1-5-21-2481163647-550643762-1494268911-1001.cfg, , [307b32af117982b49004590a46be43bd],
PUP.Optional.Zulagames.A, C:\Program Files (x86)\Zula Games\background.html, , [931808d99febed49ecec075e9d67cd33],
PUP.Optional.Zulagames.A, C:\Program Files (x86)\Zula Games\icon128.png, , [931808d99febed49ecec075e9d67cd33],
PUP.Optional.Zulagames.A, C:\Program Files (x86)\Zula Games\bg.js, , [931808d99febed49ecec075e9d67cd33],
PUP.Optional.Zulagames.A, C:\Program Files (x86)\Zula Games\config.xml, , [931808d99febed49ecec075e9d67cd33],
PUP.Optional.Zulagames.A, C:\Program Files (x86)\Zula Games\content.js, , [931808d99febed49ecec075e9d67cd33],
PUP.Optional.Zulagames.A, C:\Program Files (x86)\Zula Games\icon16.png, , [931808d99febed49ecec075e9d67cd33],
PUP.Optional.Zulagames.A, C:\Program Files (x86)\Zula Games\icon18.ico, , [931808d99febed49ecec075e9d67cd33],
PUP.Optional.Zulagames.A, C:\Program Files (x86)\Zula Games\icon18.png, , [931808d99febed49ecec075e9d67cd33],
PUP.Optional.Zulagames.A, C:\Program Files (x86)\Zula Games\icon24.ico, , [931808d99febed49ecec075e9d67cd33],
PUP.Optional.Zulagames.A, C:\Program Files (x86)\Zula Games\icon24.png, , [931808d99febed49ecec075e9d67cd33],
PUP.Optional.Zulagames.A, C:\Program Files (x86)\Zula Games\icon32.ico, , [931808d99febed49ecec075e9d67cd33],
PUP.Optional.Zulagames.A, C:\Program Files (x86)\Zula Games\icon32.png, , [931808d99febed49ecec075e9d67cd33],
PUP.Optional.Zulagames.A, C:\Program Files (x86)\Zula Games\icon48.png, , [931808d99febed49ecec075e9d67cd33],
PUP.Optional.Zulagames.A, C:\Program Files (x86)\Zula Games\jquery-1.9.1.min.js, , [931808d99febed49ecec075e9d67cd33],
PUP.Optional.Zulagames.A, C:\Program Files (x86)\Zula Games\json2.min.js, , [931808d99febed49ecec075e9d67cd33],
PUP.Optional.Zulagames.A, C:\Program Files (x86)\Zula Games\uninstall.exe, , [931808d99febed49ecec075e9d67cd33],
PUP.Optional.Zulagames.A, C:\Program Files (x86)\Zula Games\updater.js, , [931808d99febed49ecec075e9d67cd33],
PUP.Optional.Zulagames.A, C:\Program Files (x86)\Zula Games\updaterWrapper.js, , [931808d99febed49ecec075e9d67cd33],
PUP.Optional.Zulagames.A, C:\Program Files (x86)\Zula Games\zulagames.rdf, , [931808d99febed49ecec075e9d67cd33],
PUP.Optional.Zulagames.A, C:\Program Files (x86)\Zula Games\mz\background.js, , [931808d99febed49ecec075e9d67cd33],
PUP.Optional.Zulagames.A, C:\Program Files (x86)\Zula Games\mz\content.js, , [931808d99febed49ecec075e9d67cd33],
PUP.Optional.OptimizerPro.A, C:\Users\Vojta\Documents\Optimizer Pro\CookiesException.txt, , [8922dc058efc96a0eecf008fe81c5ea2],
Trojan.Agent.BCM, C:\Windows\inf\mncnkdxp\diablo130302.cl, , [991239a8bcce142266fa983acb3725db],
Trojan.Agent.BCM, C:\Windows\inf\mncnkdxp\diakgcn121016.cl, , [991239a8bcce142266fa983acb3725db],
Trojan.Agent.BCM, C:\Windows\inf\mncnkdxp\libcurl-4.dll, , [991239a8bcce142266fa983acb3725db],
Trojan.Agent.BCM, C:\Windows\inf\mncnkdxp\libeay32.dll, , [991239a8bcce142266fa983acb3725db],
Trojan.Agent.BCM, C:\Windows\inf\mncnkdxp\libidn-11.dll, , [991239a8bcce142266fa983acb3725db],
Trojan.Agent.BCM, C:\Windows\inf\mncnkdxp\librtmp.dll, , [991239a8bcce142266fa983acb3725db],
Trojan.Agent.BCM, C:\Windows\inf\mncnkdxp\libssh2.dll, , [991239a8bcce142266fa983acb3725db],
Trojan.Agent.BCM, C:\Windows\inf\mncnkdxp\phatk121016.cl, , [991239a8bcce142266fa983acb3725db],
Trojan.Agent.BCM, C:\Windows\inf\mncnkdxp\poclbm130302.cl, , [991239a8bcce142266fa983acb3725db],
Trojan.Agent.BCM, C:\Windows\inf\mncnkdxp\scrypt130511.cl, , [991239a8bcce142266fa983acb3725db],
Trojan.Agent.BCM, C:\Windows\inf\mncnkdxp\ssleay32.dll, , [991239a8bcce142266fa983acb3725db],
Trojan.Agent.BCM, C:\Windows\inf\mncnkdxp\zlib1.dll, , [991239a8bcce142266fa983acb3725db],
Trojan.Agent.BCM, C:\Windows\inf\mncnkdxp\bitstreams\fpgaminer_top_fixed7_197MHz.ncd, , [991239a8bcce142266fa983acb3725db],
PUP.Optional.MoviesToolBar.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Firefox\Profiles\a9q67czb.default\ilividbandoomoviestoolbar\apnuserid.dat, , [e1cac41df5952b0bec3b9d385ea4e61a],
PUP.Optional.MoviesToolBar.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Firefox\Profiles\a9q67czb.default\ilividbandoomoviestoolbar\appid.dat, , [e1cac41df5952b0bec3b9d385ea4e61a],
PUP.Optional.MoviesToolBar.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Firefox\Profiles\a9q67czb.default\ilividbandoomoviestoolbar\geodata.xml, , [e1cac41df5952b0bec3b9d385ea4e61a],
PUP.Optional.MoviesToolBar.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Firefox\Profiles\a9q67czb.default\ilividbandoomoviestoolbar\guid.dat, , [e1cac41df5952b0bec3b9d385ea4e61a],
PUP.Optional.MoviesToolBar.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Firefox\Profiles\a9q67czb.default\ilividbandoomoviestoolbar\setupCfg.xml, , [e1cac41df5952b0bec3b9d385ea4e61a],
PUP.Optional.MoviesToolBar.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Firefox\Profiles\a9q67czb.default\ilividbandoomoviestoolbar\sysid.dat, , [e1cac41df5952b0bec3b9d385ea4e61a],
PUP.Optional.MoviesToolBar.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Firefox\Profiles\a9q67czb.default\ilividbandoomoviestoolbar\trackid.dat, , [e1cac41df5952b0bec3b9d385ea4e61a],
PUP.Optional.GlobalUpdate.A, C:\Users\Vojta\AppData\Local\Temp\comh.117902\GoogleUpdateHelper.msi, , [9615964b622869cd4515539028da43bd],
PUP.Optional.GlobalUpdate.A, C:\Users\Vojta\AppData\Local\Temp\comh.223066\GoogleUpdateHelper.msi, , [07a42bb6ec9ec96dd189c02321e1ad53],
PUP.Optional.GlobalUpdate.A, C:\Users\Vojta\AppData\Local\Temp\comh.432348\GoogleUpdateHelper.msi, , [92193fa22268999d1a404a9920e26c94],
PUP.Optional.ZulaGames.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome.manifest, , [7e2d99482268092da77815cf52b0e917],
PUP.Optional.ZulaGames.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\install.rdf, , [7e2d99482268092da77815cf52b0e917],
PUP.Optional.ZulaGames.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\background.html, , [7e2d99482268092da77815cf52b0e917],
PUP.Optional.ZulaGames.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\bg.js, , [7e2d99482268092da77815cf52b0e917],
PUP.Optional.ZulaGames.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\button.xml, , [7e2d99482268092da77815cf52b0e917],
PUP.Optional.ZulaGames.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\config.js, , [7e2d99482268092da77815cf52b0e917],
PUP.Optional.ZulaGames.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\content.js, , [7e2d99482268092da77815cf52b0e917],
PUP.Optional.ZulaGames.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\framework.js, , [7e2d99482268092da77815cf52b0e917],
PUP.Optional.ZulaGames.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\framework.png, , [7e2d99482268092da77815cf52b0e917],
PUP.Optional.ZulaGames.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\framework.xul, , [7e2d99482268092da77815cf52b0e917],
PUP.Optional.ZulaGames.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\icon128.png, , [7e2d99482268092da77815cf52b0e917],
PUP.Optional.ZulaGames.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\icon16.png, , [7e2d99482268092da77815cf52b0e917],
PUP.Optional.ZulaGames.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\icon18.ico, , [7e2d99482268092da77815cf52b0e917],
PUP.Optional.ZulaGames.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\icon18.png, , [7e2d99482268092da77815cf52b0e917],
PUP.Optional.ZulaGames.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\icon24.ico, , [7e2d99482268092da77815cf52b0e917],
PUP.Optional.ZulaGames.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\icon24.png, , [7e2d99482268092da77815cf52b0e917],
PUP.Optional.ZulaGames.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\icon32.ico, , [7e2d99482268092da77815cf52b0e917],
PUP.Optional.ZulaGames.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\icon32.png, , [7e2d99482268092da77815cf52b0e917],
PUP.Optional.ZulaGames.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\icon48.png, , [7e2d99482268092da77815cf52b0e917],
PUP.Optional.ZulaGames.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\jquery-1.9.1.min.js, , [7e2d99482268092da77815cf52b0e917],
PUP.Optional.ZulaGames.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\options.xul, , [7e2d99482268092da77815cf52b0e917],
PUP.Optional.ZulaGames.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\settings.json, , [7e2d99482268092da77815cf52b0e917],
PUP.Optional.ZulaGames.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\zulagames.rdf, , [7e2d99482268092da77815cf52b0e917],
PUP.Optional.ZulaGames.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\mz\background.js, , [7e2d99482268092da77815cf52b0e917],
PUP.Optional.ZulaGames.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\mz\content.js, , [7e2d99482268092da77815cf52b0e917],
PUP.Optional.ZulaGames.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\skin\framework.css, , [7e2d99482268092da77815cf52b0e917],
PUP.Optional.SearchApp.A, C:\Users\Vojta\AppData\Local\Temp\{c0caa5fe-7c9c-4dca-a265-63cf55379d1a}\geodata.xml, , [5358d20f642648eeb7cc61840df528d8],
PUP.Optional.SpeedAnalysis.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome.manifest, , [8427aa3775155cdabd556197d32ffe02],
PUP.Optional.SpeedAnalysis.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\install.rdf, , [8427aa3775155cdabd556197d32ffe02],
PUP.Optional.SpeedAnalysis.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\background.html, , [8427aa3775155cdabd556197d32ffe02],
PUP.Optional.SpeedAnalysis.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\bg.js, , [8427aa3775155cdabd556197d32ffe02],
PUP.Optional.SpeedAnalysis.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\button.xml, , [8427aa3775155cdabd556197d32ffe02],
PUP.Optional.SpeedAnalysis.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\config.js, , [8427aa3775155cdabd556197d32ffe02],
PUP.Optional.SpeedAnalysis.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\content.js, , [8427aa3775155cdabd556197d32ffe02],
PUP.Optional.SpeedAnalysis.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\framework.js, , [8427aa3775155cdabd556197d32ffe02],
PUP.Optional.SpeedAnalysis.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\framework.png, , [8427aa3775155cdabd556197d32ffe02],
PUP.Optional.SpeedAnalysis.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\framework.xul, , [8427aa3775155cdabd556197d32ffe02],
PUP.Optional.SpeedAnalysis.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon128.png, , [8427aa3775155cdabd556197d32ffe02],
PUP.Optional.SpeedAnalysis.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon16.png, , [8427aa3775155cdabd556197d32ffe02],
PUP.Optional.SpeedAnalysis.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon18.ico, , [8427aa3775155cdabd556197d32ffe02],
PUP.Optional.SpeedAnalysis.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon18.png, , [8427aa3775155cdabd556197d32ffe02],
PUP.Optional.SpeedAnalysis.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon24.ico, , [8427aa3775155cdabd556197d32ffe02],
PUP.Optional.SpeedAnalysis.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon24.png, , [8427aa3775155cdabd556197d32ffe02],
PUP.Optional.SpeedAnalysis.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon32.ico, , [8427aa3775155cdabd556197d32ffe02],
PUP.Optional.SpeedAnalysis.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon32.png, , [8427aa3775155cdabd556197d32ffe02],
PUP.Optional.SpeedAnalysis.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon48.png, , [8427aa3775155cdabd556197d32ffe02],
PUP.Optional.SpeedAnalysis.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\jquery-1.9.1.min.js, , [8427aa3775155cdabd556197d32ffe02],
PUP.Optional.SpeedAnalysis.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\options.xul, , [8427aa3775155cdabd556197d32ffe02],
PUP.Optional.SpeedAnalysis.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\settings.json, , [8427aa3775155cdabd556197d32ffe02],
PUP.Optional.SpeedAnalysis.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\mz\background.js, , [8427aa3775155cdabd556197d32ffe02],
PUP.Optional.SpeedAnalysis.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\mz\content.js, , [8427aa3775155cdabd556197d32ffe02],
PUP.Optional.SpeedAnalysis.A, C:\Users\Vojta\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\skin\framework.css, , [8427aa3775155cdabd556197d32ffe02],
PUP.Optional.AirGlobe.A, C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogcbggiopalifiakkabfhjbbkpjmjogo\1.0.1_0\manifest.json, , [6d3e26bb8ffbe74fd95b75ef1fe6867a],
PUP.Optional.AirGlobe.A, C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogcbggiopalifiakkabfhjbbkpjmjogo\1.0.1_0\icon.png, , [6d3e26bb8ffbe74fd95b75ef1fe6867a],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Márty84]

Vsechny nalezy nechte odstranit. Po odstraneni a restartu pc test zopakujte (staci sken hrozeb), at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.

[Bagr.George]

Zdravím

Děkuji moc

Opakovaný test je zde:

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 15.7.2015
Čas skenování: 13:09
Protokol: MAMH2.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.07.15.03
Databáze rootkitů: v2015.07.14.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Vojta

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 426484
Uplynulý čas: 50 min, 1 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Márty84]

Vyborne, MBAM muzete odinstalovat.

Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

Dejte log z RSITx64 http://images.malwareremoval.com/random/RSITx64.exe , navod zde http://forum.viry.cz/viewtopic.php?f=13&t=130786

a k tomu

Dejte nove logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

[Bagr.George]

Děkuji mockrát

Výpis z crystal disk info:

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Home Premium Edition SP1 [6.1 Build 7601] (x64)
Date : 2015/07/15 21:18:42

-- Controller Map ----------------------------------------------------------
+ Intel(R) Mobile Express Chipset SATA AHCI Controller [ATA]
- TOSHIBA MQ01ABD050
- PIONEER DVD-RW DVRTD11RS
- Broadcom Memory Stick [SCSI]

-- Disk List ---------------------------------------------------------------
(1) TOSHIBA MQ01ABD050 : 500,1 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) TOSHIBA MQ01ABD050
----------------------------------------------------------------------------
Model : TOSHIBA MQ01ABD050
Firmware : AX001A
Serial Number : 22MCF3A8S
Disk Size : 500,1 GB (8,4/137,4/500,1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 2778 hod.
Power On Count : 2413 krát
Temparature : 32 C (89 F)
Health Status : Pozor
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _50 000000000000 Počet chyb čtení
02 100 100 _50 000000000000 Průchodnost disku
03 100 100 __1 000000000425 Čas na roztočení ploten
04 100 100 __0 000000000A28 Počet spuštění/zastavení
05 100 100 _50 000000000000 Počet přemapovaných sektorů
07 100 100 _50 000000000000 Počet chybných hledání
08 100 100 _50 000000000000 Čas potřebný na vyhledání
09 _94 _94 __0 000000000ADA Hodin v činnosti
0A 152 100 _30 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 00000000096D Počet cyklů zapnutí zařízení
BF 100 100 __0 0000000001C3 Počet udalostí zaznamenaných otřesovým senzorem
C0 _99 _99 __0 0000000001F9 Počet vypnutí disku
C1 100 100 __0 000000000D28 Počet cyklů načítání/vymazání
C2 100 100 __0 003100040020 Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000048 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
DC 100 100 __0 000000000000 Posunutí disku vůči ose
DE _94 _94 __0 000000000A6F Počet hodin zalažení budoucího mechanismu magnetických hlav
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony
E0 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené napětím mechanických částí
E2 100 100 __0 0000000000BB Celkový čas zatížení budiče magnetických hlav
F0 100 100 __1 000000000000 Čas nastavování hlaviček - v hodinách

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 324D 324D 4346 3341 3853
020: 0000 4000 0000 4158 3030 2020 2020 544F 5348 4942
030: 4120 4D51 3031 4142 4430 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0000 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0007 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0F06 0F06 0004 004C 004C
080: 01F8 0000 746B 7D09 6163 BC09 BC09 6163 203F 003C
090: 003C 0080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 6003 6003 0000 5000 0393
110: D6D0 7962 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 003D 003D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 66A5

[Bagr.George]

Výpis z RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Vojta at 2015-07-15 21:28:01
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 80 GB (17%) free of 458 GB
Total RAM: 3948 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:28:29, on 15.7.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Vojta.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2481163647-550643762-1494268911-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2481163647-550643762-1494268911-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: BitRaider Mini-Support Service (BRSptSvc) - BitRaider, LLC - C:\ProgramData\BitRaider\BRSptSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10630 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\WLANExt.exe 4309920
\??\C:\Windows\system32\conhost.exe "-18818598641423254281493239929211780106592727219-1953930865-8883059321651979087
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window
"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE
"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
taskeng.exe {00A54B8A-6347-4286-B968-E76D2FA27E75}
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"
"C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\EgisTec IPS\PMMUpdate.exe"
"C:\Program Files\EgisTec IPS\EgisUpdate.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2840.0.1425775323\1961984643" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,18,39 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2418 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RememberCertificateErrorDecisions/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_74/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="2840.4.1756342344\2075781606" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RememberCertificateErrorDecisions/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_74/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="2840.13.739825029\1459384686" /prefetch:673131151
"C:\Users\Vojta\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0408b82623e6b.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d0408b8301b510.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Vojta\AppData\Roaming\Mozilla\Firefox\Profiles\a9q67czb.default

prefs.js - "browser.search.useDBForOrder" - true

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@live.heroesandgenerals.com/npretox]
"Description"=Heroes & Generals downloader
"Path"=C:\Program Files (x86)\Heroes & Generals\live\npretox-1.0.6.1\npretoxlive-1.0.6.1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll


C:\Program Files (x86)\Mozilla Firefox\plugins\
NPOFF12.DLL
nppdf32.dll
nppluginrichmediaplayer.dll

C:\Users\Vojta\AppData\Roaming\Mozilla\Firefox\Profiles\a9q67czb.default\extensions\
firepicker@thedarkone
s4LVk@gmail.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25 171944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcadeMovieService]
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [2011-08-26 177448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BackupManagerTray]
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2011-04-24 297280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dolby Advanced Audio v2]
C:\Dolby PCEE4\pcee4.exe [2011-06-01 506712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
C:\Program Files (x86)\Origin\Origin.exe [2015-06-23 3632472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDCtrl]
C:\Program Files\Elantech\ETDCtrl.exe [2011-04-05 2589992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2011-06-21 392472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2011-06-21 167704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iLivid]
C:\Users\Vojta\AppData\Local\iLivid\iLivid.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\Program Files (x86)\Launch Manager\LManager.exe [2011-07-01 1103440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mncnkdxpSrv]
C:\Windows\inf\mncnkdxp.vbe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msartfcSrv]
C:\Windows\system32\msartfc.vbe mswmrhl mstklrxl []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msaxwsfSrv]
C:\Windows\inf\msaxwsf.vbe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
c:\Program Files\Microsoft Security Client\msseces.exe [2015-01-30 1332296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSStp]
C:\Windows\system32\msstp.vbe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NextLive]
C:\Windows\SysWOW64\rundll32.exe [2009-07-14 44544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Online Backup]
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2010-06-02 1155928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp]
C:\Program Files (x86)\Zrychleni Pocitace\PCSUNotifier.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2011-06-21 416024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power Management]
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-08-02 1831016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2008-11-14 305064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg_Dolby]
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-08-16 2277480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-08-16 12673128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-02-10 20922016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SPDriver]
C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.1916\jsdrv.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2015-06-04 2892992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StickyPassword]
C:\Program Files (x86)\Sticky Password\stpass.exe /autorunned []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuiteTray]
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-09-20 341360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-25 256896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TBHostSupport]
C:\Windows\SysWOW64\Rundll32.exe [2009-07-14 44544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\Vojta\AppData\Roaming\uTorrent\uTorrent.exe [2014-11-25 1385808]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YTDownloader]
C:\Program Files (x86)\YTDownloader\YTDownloader.exe /boot []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-06-10 389632]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-07-15 21:28:01 ----D---- C:\rsit
2015-07-15 21:28:01 ----D---- C:\Program Files\trend micro
2015-07-14 13:41:48 ----D---- C:\ProgramData\Malwarebytes
2015-07-14 13:25:08 ----D---- C:\Program Files\McAfee
2015-07-14 13:23:58 ----D---- C:\ProgramData\McAfee Security Scan
2015-07-14 09:04:53 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-07-14 09:04:53 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-07-14 09:04:53 ----A---- C:\Windows\system32\cryptsvc.dll
2015-07-14 09:04:53 ----A---- C:\Windows\system32\crypt32.dll
2015-07-14 09:04:52 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-07-14 09:04:52 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2015-07-14 09:04:52 ----A---- C:\Windows\system32\wintrust.dll
2015-07-14 09:04:52 ----A---- C:\Windows\system32\cryptnet.dll
2015-07-14 09:04:43 ----A---- C:\Windows\system32\invagent.dll
2015-07-14 09:04:43 ----A---- C:\Windows\system32\generaltel.dll
2015-07-14 09:04:43 ----A---- C:\Windows\system32\appraiser.dll
2015-07-14 09:04:43 ----A---- C:\Windows\system32\aeinv.dll
2015-07-14 09:04:42 ----A---- C:\Windows\system32\devinv.dll
2015-07-14 09:04:42 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-07-14 09:04:42 ----A---- C:\Windows\system32\aepdu.dll
2015-07-14 09:04:42 ----A---- C:\Windows\system32\acmigration.dll
2015-07-14 09:04:41 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2015-07-14 09:04:41 ----A---- C:\Windows\system32\dwmcore.dll
2015-07-14 09:04:40 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2015-07-14 09:04:40 ----A---- C:\Windows\system32\dwmapi.dll
2015-07-14 09:04:37 ----A---- C:\Windows\system32\wuaueng.dll
2015-07-14 09:04:36 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-07-14 09:04:36 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-07-14 09:04:36 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-07-14 09:04:36 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-07-14 09:04:36 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-07-14 09:04:36 ----A---- C:\Windows\system32\wuwebv.dll
2015-07-14 09:04:36 ----A---- C:\Windows\system32\wups2.dll
2015-07-14 09:04:36 ----A---- C:\Windows\system32\wups.dll
2015-07-14 09:04:36 ----A---- C:\Windows\system32\wudriver.dll
2015-07-14 09:04:36 ----A---- C:\Windows\system32\wucltux.dll
2015-07-14 09:04:36 ----A---- C:\Windows\system32\wuauclt.exe
2015-07-14 09:04:36 ----A---- C:\Windows\system32\wuapp.exe
2015-07-14 09:04:36 ----A---- C:\Windows\system32\wuapi.dll
2015-07-14 09:04:36 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-07-14 09:04:36 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-07-14 09:03:52 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-13 23:03:42 ----D---- C:\FRST
2015-07-13 13:25:07 ----D---- C:\AdwCleaner
2015-07-13 13:08:08 ----D---- C:\Program Files (x86)\ESET
2015-07-13 12:52:56 ----A---- C:\Windows\ntbtlog.txt
2015-06-22 15:04:41 ----D---- C:\Windows\TempAB899B82-FD6D-22FF-FE03-BDCBBC0B52BF-Signatures
2015-06-19 13:01:41 ----D---- C:\1fa629e8bc87a2777b8391a4d76bc262

======List of files/folders modified in the last 1 month======

2015-07-15 21:28:13 ----D---- C:\Windows\Prefetch
2015-07-15 21:28:01 ----RD---- C:\Program Files
2015-07-15 21:22:03 ----D---- C:\Windows\Temp
2015-07-15 21:11:27 ----RD---- C:\Program Files (x86)
2015-07-15 21:11:27 ----D---- C:\Windows\system32\drivers
2015-07-15 13:09:10 ----D---- C:\ProgramData\clear.fi
2015-07-15 13:08:38 ----A---- C:\Windows\SYSWOW64\log.txt
2015-07-15 13:06:18 ----D---- C:\Windows\system32\config
2015-07-15 13:05:57 ----D---- C:\ProgramData\McAfee
2015-07-15 13:05:17 ----D---- C:\Windows\Tasks
2015-07-15 13:04:44 ----D---- C:\Windows\system32\catroot
2015-07-15 13:04:25 ----HD---- C:\ProgramData
2015-07-15 13:04:25 ----D---- C:\Windows\SysWOW64
2015-07-15 13:04:25 ----D---- C:\Windows\system32\Tasks
2015-07-15 13:04:25 ----D---- C:\Windows\inf
2015-07-15 13:04:24 ----D---- C:\Users\Vojta\AppData\Roaming\MiUi-temp
2015-07-15 05:16:02 ----D---- C:\Windows\winsxs
2015-07-15 05:15:19 ----D---- C:\Windows\system32\catroot2
2015-07-15 05:09:15 ----D---- C:\Windows\Microsoft.NET
2015-07-15 05:01:06 ----RSD---- C:\Windows\assembly
2015-07-15 03:17:09 ----SHD---- C:\System Volume Information
2015-07-15 03:05:24 ----SHD---- C:\Windows\Installer
2015-07-15 03:05:24 ----SHD---- C:\Config.Msi
2015-07-15 03:05:21 ----D---- C:\Program Files\Microsoft Security Client
2015-07-15 03:05:21 ----D---- C:\Program Files (x86)\Microsoft Security Client
2015-07-15 03:04:03 ----D---- C:\Windows
2015-07-15 02:07:18 ----D---- C:\Windows\rescache
2015-07-14 22:08:59 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-07-14 10:03:45 ----SD---- C:\Windows\SYSWOW64\GWX
2015-07-14 10:03:45 ----SD---- C:\Windows\system32\GWX
2015-07-14 10:03:45 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-07-14 10:03:45 ----D---- C:\Windows\system32\cs-CZ
2015-07-14 10:03:45 ----D---- C:\Windows\System32
2015-07-14 10:03:45 ----D---- C:\Windows\PolicyDefinitions
2015-07-14 10:03:44 ----SD---- C:\Windows\system32\CompatTel
2015-07-14 10:03:44 ----D---- C:\Windows\system32\wbem
2015-07-14 10:03:44 ----D---- C:\Windows\system32\appraiser
2015-07-14 10:03:43 ----D---- C:\Windows\AppPatch
2015-07-14 09:11:57 ----D---- C:\Program Files (x86)\Microsoft Office
2015-07-14 09:10:56 ----D---- C:\Windows\system32\MRT
2015-07-13 22:44:39 ----SD---- C:\ProgramData\Microsoft
2015-07-13 22:44:39 ----D---- C:\Program Files (x86)\Microsoft
2015-07-13 22:35:23 ----D---- C:\Program Files (x86)\microsoft office 2013 plna verze cz zdarma
2015-07-13 22:26:40 ----D---- C:\Program Files\Common Files\System
2015-07-13 22:26:24 ----D---- C:\Program Files\Common Files
2015-07-13 22:26:23 ----D---- C:\Program Files (x86)\Common Files
2015-07-13 22:00:24 ----D---- C:\Users\Vojta\AppData\Roaming\uTorrent
2015-07-13 21:58:53 ----D---- C:\ProgramData\YTAedRaemoval
2015-07-13 21:57:58 ----D---- C:\Program Files (x86)\Rise Gaming Store
2015-07-13 21:09:53 ----A---- C:\Windows\win.ini
2015-07-13 13:01:37 ----D---- C:\Program Files (x86)\1C Company
2015-07-13 13:01:24 ----D---- C:\Program Files (x86)\2K Games
2015-07-05 12:08:23 ----N---- C:\Windows\system32\MpSigStub.exe
2015-06-27 15:11:11 ----D---- C:\ProgramData\Origin
2015-06-26 11:27:31 ----D---- C:\Program Files (x86)\WarThunder
2015-06-24 18:28:58 ----D---- C:\Users\Vojta\AppData\Roaming\Skype
2015-06-24 16:55:28 ----D---- C:\Windows\SYSWOW64\directx
2015-06-24 16:55:15 ----HD---- C:\Windows\msdownld.tmp
2015-06-23 20:51:08 ----D---- C:\Users\Vojta\AppData\Roaming\Origin
2015-06-23 20:04:51 ----D---- C:\Program Files (x86)\Origin

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2011-04-26 557848]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-11-15 274696]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-09-05 30496]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-06-26 283064]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2012-01-19 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2012-01-19 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2012-01-19 62776]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-11-15 124560]
R3 b57xdbd;Broadcom xD Picture Bus Driver Service; C:\Windows\system32\DRIVERS\b57xdbd.sys [2011-01-21 67624]
R3 b57xdmp;Broadcom xD Picture vstorp client drv; C:\Windows\system32\DRIVERS\b57xdmp.sys [2011-01-21 19496]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-06-08 4729408]
R3 bScsiMSa;bScsiMSa; C:\Windows\system32\DRIVERS\bScsiMSa.sys [2011-05-16 51240]
R3 bScsiSDa;bScsiSDa; C:\Windows\system32\DRIVERS\bScsiSDa.sys [2011-05-06 86056]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2011-04-05 142632]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-06-10 12230912]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-08-16 3056360]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2011-05-10 425000]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2011-09-20 18432]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2011-09-20 17408]
S3 BRDriver64;BRDriver64; \??\C:\ProgramData\BitRaider\BRDriver64.sys [2014-05-24 75048]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-07-01 353360]
R2 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-08-02 872552]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-05-30 36456]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-04-30 13592]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-01-30 23784]
R2 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-06-02 2804568]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-04-24 256832]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-08-30 920864]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-09-05 1364256]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-06-16 76888]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
R3 NisSrv;Kontrola sítě Microsoft; c:\Program Files\Microsoft Security Client\NisSrv.exe [2015-01-30 366512]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-27 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14 268976]
S3 BRSptSvc;BitRaider Mini-Support Service; C:\ProgramData\BitRaider\BRSptSvc.exe [2014-05-23 477960]
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-06-20 655624]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-27 116648]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-05-04 148080]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-06-23 1997168]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-06-04 837312]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-12-12 1255736]
S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-29 2292096]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------

[Bagr.George]

Log z FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-07-2015
Ran by Vojta (administrator) on VOJTA-PC on 15-07-2015 21:39:24
Running from C:\Users\Vojta\Desktop
Loaded Profiles: UpdatusUser & Vojta (Available Profiles: UpdatusUser & Vojta)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Vojta\Desktop\FRSTLauncher (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-2481163647-550643762-1494268911-1001\...\MountPoints2: {0dfe8100-fd40-11e3-837a-b888e309ba37} - F:\MafiaLauncher.EXE
HKU\S-1-5-21-2481163647-550643762-1494268911-1001\...\MountPoints2: {0dfe8105-fd40-11e3-837a-b888e309ba37} - G:\Setup.exe
HKU\S-1-5-21-2481163647-550643762-1494268911-1001\...\MountPoints2: {409a0cbd-ba5d-11e1-aea8-806e6f6e6963} - D:\autorun.exe
HKU\S-1-5-21-2481163647-550643762-1494268911-1001\...\MountPoints2: {a60e1717-dac0-11e3-a19f-b888e309ba37} - E:\MafiaLauncher.EXE
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.200.1.1 8.8.8.8
Tcpip\..\Interfaces\{33B7A10B-0CBA-4D1B-89E6-4488C4D31D5B}: [DhcpNameServer] 10.200.1.1 8.8.8.8
Tcpip\..\Interfaces\{425A1498-80EA-4D3C-AE21-CE2B95C16894}: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Vojta\AppData\Roaming\Mozilla\Firefox\Profiles\a9q67czb.default
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @live.heroesandgenerals.com/npretox -> C:\Program Files (x86)\Heroes & Generals\live\npretox-1.0.6.1\npretoxlive-1.0.6.1.dll [2014-10-20] (Reto-Moto ApS)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2012-10-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2481163647-550643762-1494268911-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Vojta\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-04-02] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppluginrichmediaplayer.dll [2013-03-12] ()
FF Extension: firepickerthedarkone - C:\Users\Vojta\AppData\Roaming\Mozilla\Firefox\Profiles\a9q67czb.default\Extensions\firepicker@thedarkone [2015-06-02]
FF Extension: Rise Gaming Store - C:\Users\Vojta\AppData\Roaming\Mozilla\Firefox\Profiles\a9q67czb.default\Extensions\s4LVk@gmail.com [2015-06-02]

Chrome:
=======
CHR HomePage: Default -> https://www.google.cz/
CHR Profile: C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-04]
CHR Extension: (Google Docs) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-04]
CHR Extension: (Google Drive) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-04]
CHR Extension: (YouTube) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-04]
CHR Extension: (cfhdojbkjhnklbpkdaibdccddilifddb) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-06-02]
CHR Extension: (Google Search) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-04]
CHR Extension: (Google Sheets) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-04]
CHR Extension: (Heroes & Generals) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbophcdhblbipoaacgchllkobdaolpge [2015-03-05]
CHR Extension: (Rise Gaming Store) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdlmjkfoidldghacbhdinlbmgpcplpal [2015-06-02]
CHR Extension: (Google Wallet) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Users\Vojta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-04]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-05-23] (BitRaider, LLC)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1997168 2015-06-23] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-06-16] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2014-05-24] (BitRaider)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-26] (Disc Soft Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-15 21:39 - 2015-07-15 21:39 - 00013374 _____ C:\Users\Vojta\Desktop\FRST.txt
2015-07-15 21:28 - 2015-07-15 21:28 - 00000000 ____D C:\rsit
2015-07-15 21:28 - 2015-07-15 21:28 - 00000000 ____D C:\Program Files\trend micro
2015-07-15 21:21 - 2015-07-15 21:22 - 01222144 _____ C:\Users\Vojta\Desktop\RSITx64.exe
2015-07-15 21:17 - 2015-07-15 21:18 - 00000000 ____D C:\Users\Vojta\Desktop\Crystal disk info
2015-07-15 21:17 - 2015-07-15 21:17 - 00000024 _____ C:\Users\Vojta\Desktop\DiskInfo.ini
2015-07-15 14:00 - 2015-07-15 14:00 - 00001149 _____ C:\Users\Vojta\Desktop\MAMH2.txt
2015-07-15 06:40 - 2015-07-15 06:40 - 00000000 ____D C:\Users\Vojta\AppData\Local\GWX
2015-07-15 05:33 - 2015-07-15 05:33 - 00028502 _____ C:\Users\Vojta\Desktop\MAMH.txt
2015-07-14 13:41 - 2015-07-14 13:41 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-14 13:26 - 2015-07-14 13:27 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Vojta\Downloads\mbam-setup-2.1.8.1057.exe
2015-07-14 13:25 - 2015-07-14 13:25 - 00000000 ____D C:\Program Files\McAfee
2015-07-14 13:23 - 2015-07-14 13:23 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-07-14 09:04 - 2015-07-09 19:59 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-14 09:04 - 2015-07-09 19:58 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-14 09:04 - 2015-07-09 19:58 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-14 09:04 - 2015-07-09 19:58 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-14 09:04 - 2015-07-09 19:58 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-14 09:04 - 2015-07-09 19:58 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-14 09:04 - 2015-07-09 19:58 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-14 09:04 - 2015-07-09 19:50 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-14 09:04 - 2015-06-27 00:07 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-14 09:04 - 2015-06-27 00:07 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-14 09:04 - 2015-06-27 00:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-14 09:04 - 2015-06-27 00:07 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-14 09:04 - 2015-06-27 00:07 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-14 09:04 - 2015-06-27 00:07 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-14 09:04 - 2015-06-27 00:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-14 09:04 - 2015-06-27 00:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-14 09:04 - 2015-06-27 00:06 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-14 09:04 - 2015-06-27 00:06 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-14 09:04 - 2015-06-27 00:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-14 09:04 - 2015-06-26 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-14 09:04 - 2015-06-26 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-14 09:04 - 2015-06-26 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-14 09:04 - 2015-06-26 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-14 09:04 - 2015-06-26 19:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-14 09:04 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-14 09:04 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-14 09:04 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-14 09:04 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-14 09:04 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-14 09:04 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-14 09:04 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-14 09:04 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-14 09:04 - 2015-03-14 05:21 - 01632768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-07-14 09:04 - 2015-03-14 05:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-07-14 09:04 - 2015-03-14 05:04 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-07-14 09:04 - 2015-03-14 05:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-07-14 09:03 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-13 23:03 - 2015-07-15 21:39 - 00000000 ____D C:\FRST
2015-07-13 23:02 - 2015-07-13 23:02 - 00112640 _____ (forum.viry.cz) C:\Users\Vojta\Desktop\FRSTLauncher (1).exe
2015-07-13 22:50 - 2015-07-13 22:50 - 02133504 _____ (Farbar) C:\Users\Vojta\Desktop\FRST64.exe
2015-07-13 22:30 - 2015-07-13 22:30 - 00037534 _____ C:\Users\Vojta\Desktop\AdwCleaner[S0].txt
2015-07-13 22:19 - 2015-07-13 22:19 - 00107046 _____ C:\Users\Vojta\Desktop\viry.txt
2015-07-13 13:25 - 2015-07-13 22:26 - 00000000 ____D C:\AdwCleaner
2015-07-13 13:24 - 2015-07-13 13:24 - 02248704 _____ C:\Users\Vojta\Downloads\adwcleaner_4.208.exe
2015-07-13 13:08 - 2015-07-13 13:08 - 00000000 ____D C:\Program Files (x86)\ESET
2015-07-13 13:07 - 2015-07-13 13:07 - 02870984 _____ (ESET) C:\Users\Vojta\Downloads\esetsmartinstaller_csy.exe
2015-07-11 21:22 - 2015-07-11 21:22 - 01406401 _____ C:\Users\Vojta\Downloads\mu0v3-36.zip
2015-07-11 21:15 - 2015-07-11 21:15 - 01774247 _____ C:\Users\Vojta\Downloads\mu4v3-36.zip
2015-06-24 16:55 - 2015-06-24 16:55 - 00001340 _____ C:\Users\Vojta\Desktop\Men of War. Condemned Heroes.lnk
2015-06-24 15:43 - 2015-06-24 15:43 - 00000000 ____D C:\Users\Vojta\minecraft
2015-06-22 15:04 - 2015-06-22 15:04 - 00000000 ____D C:\Windows\TempAB899B82-FD6D-22FF-FE03-BDCBBC0B52BF-Signatures
2015-06-19 13:01 - 2015-06-19 13:01 - 00000000 ____D C:\1fa629e8bc87a2777b8391a4d76bc262
2015-06-15 19:02 - 2015-06-15 19:02 - 00000000 ____D C:\Windows\Temp10C3E64C-C0A2-DD0B-280E-2575F113FA3B-Signatures

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-15 21:35 - 2012-06-20 00:25 - 01388204 _____ C:\Windows\WindowsUpdate.log
2015-07-15 21:14 - 2009-07-14 06:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-15 21:14 - 2009-07-14 06:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-15 21:09 - 2013-05-18 18:19 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-15 13:09 - 2012-11-10 11:38 - 00000000 ____D C:\ProgramData\clear.fi
2015-07-15 13:05 - 2014-08-20 16:53 - 00037854 _____ C:\Windows\setupact.log
2015-07-15 13:05 - 2012-01-19 14:19 - 00000000 ____D C:\ProgramData\McAfee
2015-07-15 13:05 - 2010-11-21 05:47 - 00194694 _____ C:\Windows\PFRO.log
2015-07-15 13:05 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-15 13:04 - 2015-06-01 19:33 - 00000000 ____D C:\Users\Vojta\AppData\Roaming\MiUi-temp
2015-07-15 03:05 - 2014-08-20 16:50 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2015-07-15 03:05 - 2014-08-20 16:49 - 00002106 _____ C:\Windows\epplauncher.mif
2015-07-15 03:05 - 2014-08-20 16:49 - 00000000 ____D C:\Program Files\Microsoft Security Client
2015-07-15 03:05 - 2013-11-19 23:35 - 00492824 _____ C:\Windows\IE11_main.log
2015-07-15 02:07 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-07-14 22:09 - 2013-05-18 18:19 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-14 22:08 - 2013-05-18 18:19 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-14 22:08 - 2012-01-19 14:47 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-14 10:05 - 2009-07-14 07:08 - 00032580 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-14 10:03 - 2015-04-05 21:35 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-14 10:03 - 2015-04-05 21:35 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-14 10:03 - 2014-12-11 20:23 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-14 10:03 - 2014-05-06 21:39 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-14 10:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-14 09:11 - 2012-06-20 00:46 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-07-14 09:10 - 2014-07-08 16:39 - 00000000 ____D C:\Windows\system32\MRT
2015-07-13 22:35 - 2015-04-17 18:59 - 00000000 ____D C:\Program Files (x86)\microsoft office 2013 plna verze cz zdarma
2015-07-13 22:26 - 2013-09-26 17:23 - 00000601 _____ C:\Users\Vojta\Desktop\Search.lnk
2015-07-13 22:26 - 2012-11-09 19:34 - 00000000 ____D C:\Users\Vojta
2015-07-13 22:26 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\System
2015-07-13 22:00 - 2013-05-25 20:44 - 00000000 ____D C:\Users\Vojta\AppData\Roaming\uTorrent
2015-07-13 21:58 - 2014-02-02 17:30 - 00000000 ____D C:\ProgramData\YTAedRaemoval
2015-07-13 21:57 - 2015-06-02 20:04 - 00000000 ____D C:\Program Files (x86)\Rise Gaming Store
2015-07-13 21:09 - 2009-07-14 04:34 - 00000612 _____ C:\Windows\win.ini
2015-07-13 13:01 - 2014-06-25 18:43 - 00000000 ____D C:\Program Files (x86)\2K Games
2015-07-13 13:01 - 2013-11-17 00:19 - 00000000 ____D C:\Program Files (x86)\1C Company
2015-07-13 12:56 - 2015-05-21 20:32 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-07-13 12:56 - 2014-09-22 19:11 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-07-13 12:56 - 2013-10-27 18:58 - 00001105 _____ C:\Users\Public\Desktop\WarThunder.lnk
2015-07-13 12:56 - 2012-11-09 19:37 - 00001397 _____ C:\Users\Vojta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-07-13 12:56 - 2012-11-09 19:37 - 00001363 _____ C:\Users\Vojta\Desktop\Internet Explorer (64-bit).lnk
2015-07-13 10:36 - 2015-04-17 20:48 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-07-13 09:59 - 2015-04-25 19:57 - 00000000 _____ C:\Users\Vojta\rgmnr
2015-07-12 20:54 - 2013-01-05 19:44 - 00000000 ____D C:\Users\Vojta\AppData\Local\ArmA 2 OA
2015-07-05 12:08 - 2010-11-21 05:27 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-06-27 18:23 - 2013-10-20 13:47 - 00000000 ____D C:\Users\Vojta\Documents\Euro Truck Simulator 2
2015-06-27 15:11 - 2013-05-02 15:15 - 00000000 ____D C:\ProgramData\Origin
2015-06-26 11:27 - 2013-10-27 18:58 - 00000000 ____D C:\Program Files (x86)\WarThunder
2015-06-24 18:28 - 2012-11-09 22:33 - 00000000 ____D C:\Users\Vojta\AppData\Roaming\Skype
2015-06-24 16:57 - 2012-12-16 13:09 - 00000000 ____D C:\Users\Vojta\Documents\My Games
2015-06-24 16:55 - 2013-01-20 21:45 - 00000000 ___HD C:\Windows\msdownld.tmp
2015-06-24 16:55 - 2013-01-20 21:45 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-06-24 16:55 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-06-24 16:54 - 2014-01-11 21:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1C Company
2015-06-24 15:45 - 2015-05-06 20:54 - 00000000 ____D C:\Users\Vojta\Desktop\Vojta
2015-06-23 20:51 - 2013-05-02 15:18 - 00000000 ____D C:\Users\Vojta\AppData\Roaming\Origin
2015-06-23 20:04 - 2013-05-02 15:14 - 00000000 ____D C:\Program Files (x86)\Origin

==================== Files in the root of some directories =======

2003-04-16 14:49 - 2003-04-16 14:49 - 0233472 ____R () C:\Users\Vojta\AppData\Roaming\MafiaSetup.exe
2012-06-20 00:52 - 2012-06-20 00:55 - 0015222 _____ () C:\ProgramData\ArcadeDeluxe5.log

Some files in TEMP:
====================
C:\Users\Vojta\AppData\Local\Temp\0093051436873126mcinst.exe
C:\Users\Vojta\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Vojta\AppData\Local\Temp\drm_dyndata_7310011.dll
C:\Users\Vojta\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Vojta\AppData\Local\Temp\ose00000.exe
C:\Users\Vojta\AppData\Local\Temp\Quarantine.exe
C:\Users\Vojta\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Vojta\AppData\Local\Temp\sqlite3.dll
C:\Users\Vojta\AppData\Local\Temp\TsuA35C02E6.dll
C:\Users\Vojta\AppData\Local\Temp\_isCB3A.exe
C:\Users\Vojta\AppData\Local\Temp\_isDEEA.exe
C:\Users\Vojta\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0408b82623e6b.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0408b8301b510.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Vojta\Desktop" je 32885 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcadeMovieService
"C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BackupManagerTray
"C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dolby Advanced Audio v2
"C:\Dolby PCEE4\pcee4.exe" -autostart [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM
"C:\Program Files (x86)\Origin\Origin.exe" -AutoStart [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDCtrl
%ProgramFiles%\Elantech\ETDCtrl.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
"C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds
C:\Windows\system32\hkcmd.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray
C:\Windows\system32\igfxtray.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iLivid
"C:\Users\Vojta\AppData\Local\iLivid\iLivid.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager
C:\Program Files (x86)\Launch Manager\LManager.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mncnkdxpSrv
C:\Windows\inf\mncnkdxp.vbe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msartfcSrv
"C:\Windows\system32\msartfc.vbe" mswmrhl mstklrxl [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msaxwsfSrv
C:\Windows\inf\msaxwsf.vbe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC
"c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSStp
C:\Windows\system32\msstp.vbe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NextLive
C:\Windows\SysWOW64\rundll32.exe "C:\Users\Vojta\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Online Backup
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp
C:\Program Files (x86)\Zrychleni Pocitace\PCSUNotifier.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence
C:\Windows\system32\igfxpers.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power Management
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC
C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg_Dolby
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SPDriver
C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.1916\jsdrv.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
"C:\Program Files (x86)\Steam\steam.exe" -silent [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StickyPassword
"C:\Program Files (x86)\Sticky Password\stpass.exe" /autorunned [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuiteTray
"C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TBHostSupport
"C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Vojta\AppData\Local\TBHostSupport\TBHostSupport_0.dll",DLLRunTBHostSupportPlugin [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent
"C:\Users\Vojta\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YTDownloader
"C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[Márty84]

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Vojta\Desktop" je 32885 MB.

Velikost plochy by nemela presahovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku




Disk na tom neni moc dobre.


Udelejte kontrolu programem HD Tune
Stahnete http://www.slunecnice.cz/sw/hd-tune/ , nainstalujte a spustte jako spravce (pokud vam pri instalaci nabidne nejaky doplnek, odmitnete ho!)
V tom okne kliknete na posledni zalozku - Error Scan (pokud bude zatrzeny quick scan, tak zatrzitko zruste) a kliknete na Start.
Kontrola bude nejakou dobu trvat. Dejte vedet, jestli tam bylo nejake cervene policko.
Taky se podivejte na zalozku Health a opiste mi (vyfotte), co se tam pise. Melo by tam byt OK http://www.google.cz/imgres?um=1&hl=cs& ... s:20,i:143




Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-27 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14 268976]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-27 116648]

2015-07-14 13:41 - 2015-07-14 13:41 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-14 13:26 - 2015-07-14 13:27 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Vojta\Downloads\mbam-setup-2.1.8.1057.exe
2015-07-14 13:25 - 2015-07-14 13:25 - 00000000 ____D C:\Program Files\McAfee
2015-07-14 13:23 - 2015-07-14 13:23 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-07-13 13:08 - 2015-07-13 13:08 - 00000000 ____D C:\Program Files (x86)\ESET
2015-07-13 13:07 - 2015-07-13 13:07 - 02870984 _____ (ESET) C:\Users\Vojta\Downloads\esetsmartinstaller_csy.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0408b82623e6b.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0408b8301b510.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

C:\Windows\inf\mncnkdxp.vbe
C:\Windows\system32\msartfc.vbe
C:\Windows\inf\msaxwsf.vbe
C:\Windows\system32\msstp.vbe
C:\Program Files (x86)\Zrychleni Pocitace
C:\Program Files (x86)\ShopperPro

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mncnkdxpSrv
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msartfcSrv
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msaxwsfSrv
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSStp
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Online Backup
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SPDriver
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StickyPassword
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TBHostSupport
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YTDownloader
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NextLive

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

[Bagr.George]

Dobrý den,
- plocha uklizena,
- HD Tune našel 0,2% (6 čtverečků) vadných bloků, ale v položce Healt se neobjevily žádné položky, bylo tam úplně čisto.
- Fix log přikládám.

NTB je rychlejší a na internetu již nevyskakují žádné reklamy.

Budu pro ně shánět jiný disk, ale snad jim ještě chvíli vydrží.

Je ještě potřeba něco dodělat?

Děkuji mockrát



FixLog:

Fix result of Farbar Recovery Scan Tool (x64) Version:13-07-2015
Ran by Vojta at 2015-07-17 09:19:07 Run:1
Running from C:\Users\Vojta\Desktop
Loaded Profiles: UpdatusUser & Vojta (Available Profiles: UpdatusUser & Vojta)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-27 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14 268976]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-27 116648]

2015-07-14 13:41 - 2015-07-14 13:41 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-14 13:26 - 2015-07-14 13:27 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Vojta\Downloads\mbam-setup-2.1.8.1057.exe
2015-07-14 13:25 - 2015-07-14 13:25 - 00000000 ____D C:\Program Files\McAfee
2015-07-14 13:23 - 2015-07-14 13:23 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-07-13 13:08 - 2015-07-13 13:08 - 00000000 ____D C:\Program Files (x86)\ESET
2015-07-13 13:07 - 2015-07-13 13:07 - 02870984 _____ (ESET) C:\Users\Vojta\Downloads\esetsmartinstaller_csy.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0408b82623e6b.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0408b8301b510.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

C:\Windows\inf\mncnkdxp.vbe
C:\Windows\system32\msartfc.vbe
C:\Windows\inf\msaxwsf.vbe
C:\Windows\system32\msstp.vbe
C:\Program Files (x86)\Zrychleni Pocitace
C:\Program Files (x86)\ShopperPro

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mncnkdxpSrv
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msartfcSrv
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msaxwsfSrv
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSStp
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Online Backup
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SPDriver
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StickyPassword
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TBHostSupport
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YTDownloader
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NextLive

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
NOBU => Service removed successfully
AdobeARMservice => Service removed successfully
gupdate => Service removed successfully
SkypeUpdate => Service removed successfully
AdobeFlashPlayerUpdateSvc => Service removed successfully
gupdatem => Service removed successfully
C:\ProgramData\Malwarebytes => moved successfully.
C:\Users\Vojta\Downloads\mbam-setup-2.1.8.1057.exe => moved successfully.
C:\Program Files\McAfee => moved successfully.
C:\ProgramData\McAfee Security Scan => moved successfully.
C:\Program Files (x86)\ESET => moved successfully.
C:\Users\Vojta\Downloads\esetsmartinstaller_csy.exe => moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0408b82623e6b.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0408b8301b510.job => moved successfully.
"C:\Windows\inf\mncnkdxp.vbe" => File/Folder not found.
"C:\Windows\system32\msartfc.vbe" => File/Folder not found.
"C:\Windows\inf\msaxwsf.vbe" => File/Folder not found.
"C:\Windows\system32\msstp.vbe" => File/Folder not found.
"C:\Program Files (x86)\Zrychleni Pocitace" => File/Folder not found.
"C:\Program Files (x86)\ShopperPro" => File/Folder not found.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mncnkdxpSrv => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msartfcSrv => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msaxwsfSrv => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSStp => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Online Backup => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SPDriver => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StickyPassword => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TBHostSupport => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YTDownloader => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NextLive => key removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 9.2 GB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 09:27:56 ====

[Márty84]

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remove disinfection tools
• Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak to s pc vypada. Pokud vse pojede jak ma, mame hotovo. Kdyz ne, podivame se hloubeji


Jinak s tim diskem, pokud jsou vadne sektory, nevesti to nic dobreho. Takze nez bude novy disk, doporucuji pravidelne zalohovat, hlavne fotky (videa).

[Bagr.George]

Dobrý den,
notebook funguje jak má a vše je svižné a čisté.

MOCKRÁT DĚKUJI a na Váš účet jsem poslal stovku

Je moc dobře, že existují lidé, kteří vždy rádi poradí

Jirka

[Márty84]

Nemate zac, rado se stalo!

Kdyby neco, staci se ozvat, budem tady

Za prispevek dekujeme

Mejte se a treba zase nekdy