prosím o pomoc

Zpráva

butes · #1 Příspěvek od **butes** » 02 srp 2015 08:16

Zdravím, mám poslední dobou problém s PC. Disk se na chvíli odmlčí, všechno jede velice pomalu,po chvíli se všecno rozjede. Díky

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:02-08-2015
Ran by Radek (administrator) on RADEK-PC (02-08-2015 09:07:44)
Running from C:\Users\Radek\Desktop
Loaded Profiles: Radek (Available Profiles: Radek)
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(American Power Conversion Corporation) C:\Program Files (x86)\APC\APC PowerChute Personal Edition\mainserv.exe
() C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(American Power Conversion Corporation) C:\Program Files (x86)\APC\APC PowerChute Personal Edition\dataserv.exe
(Realtek Semiconductor Corp.) C:\Windows\SOUNDMAN.EXE
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Google Inc.) C:\Users\Radek\AppData\Local\Google\Update\GoogleUpdate.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Leadtek Research Inc.) C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\avastui.exe
(Microsoft Corporation) C:\Windows\SysWOW64\conime.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(American Power Conversion Corporation) C:\Program Files (x86)\APC\APC PowerChute Personal Edition\apcsystray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_ActiveX.exe
(forum.viry.cz) C:\Users\Radek\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SoundMan] => C:\Windows\SOUNDMAN.EXE [604704 2009-04-14] (Realtek Semiconductor Corp.)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-16] (InstallShield Software Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Display] => C:\Program Files (x86)\APC\APC PowerChute Personal Edition\DataCollectionLauncher.exe [271736 2010-09-14] (American Power Conversion Corporation)
HKLM-x32\...\Run: [WinFastDTV] => C:\Program Files\WinFast\WFDTV\DTVSchdl.exe [101888 2012-04-05] (Leadtek Research Inc.)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [5227648 2015-03-31] (AVAST Software)
HKLM-x32\...\Run: [LiveTunerCore] => C:\Program Files (x86)\LiveTuner\livecore.exe [222711 2014-12-02] (Windows X)
HKU\S-1-5-21-1393046087-3205198197-2324359881-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-1393046087-3205198197-2324359881-1000\...\Run: [WinFast Schedule] => C:\Program Files\WinFast\WFDTV\WFWIZ.exe [2920448 2012-03-02] (Leadtek Research Inc.)
HKU\S-1-5-21-1393046087-3205198197-2324359881-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-16] (InstallShield Software Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\APC UPS Status.lnk [2011-12-26]
ShortcutTarget: APC UPS Status.lnk -> C:\Program Files (x86)\APC\APC PowerChute Personal Edition\Display.exe (American Power Conversion Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wi-Fi MediaConnect.lnk [2011-02-25]
ShortcutTarget: Wi-Fi MediaConnect.lnk -> C:\Program Files (x86)\Philips\Wi-Fi MediaConnect\Wi-Fi MediaConnect.exe (Koninklijke Philips Electronics N.V.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShA64.dll [2015-01-11] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1393046087-3205198197-2324359881-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.idnes.cz/
SearchScopes: HKU\S-1-5-21-1393046087-3205198197-2324359881-1000 -> DefaultScope {9DECFE3A-E72D-415E-9FE2-53EF7700F34D} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1393046087-3205198197-2324359881-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1393046087-3205198197-2324359881-1000 -> {59116CC1-7C78-498E-B5B5-8D13DD65BFD4} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1393046087-3205198197-2324359881-1000 -> {61F5B0BB-EB87-4642-A682-CD3E6C9705B6} URL = http://www.bing.com/search?FORM=UP97DF& ... -SearchBox
SearchScopes: HKU\S-1-5-21-1393046087-3205198197-2324359881-1000 -> {9DECFE3A-E72D-415E-9FE2-53EF7700F34D} URL = https://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2015-01-11] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: No Name -> {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} -> No File
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-08-12] (RealDownloader)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-01-11] (AVAST Software)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM-x32 - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll [2010-10-30] ()
Toolbar: HKU\S-1-5-21-1393046087-3205198197-2324359881-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
DPF: HKLM-x32 {361E6B79-4A69-4376-B0F2-3D1EBEE9D7E2} http://www.ubytovani-vysocina.cz/kamera/RtspVaPgDec.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: HKLM-x32 {F680B28A-3AEE-4C88-93ED-45AE9215C128} https://adisepo.mfcr.cz/adistc/adis/idp ... tsignx.cab
Winsock: Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176 2010-09-22] (Společnost Microsoft)
Winsock: Catalog5-x64 02 C:\Windows\system32\napinsp.dll [62976 2010-09-22] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{8BA220FB-2B3B-4091-BFE6-F6E00649FFF2}: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.4.19 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2014-11-01] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.4 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-08-12] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.4.19 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2014-11-01] (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2014-08-12] (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1393046087-3205198197-2324359881-1000: @Google.com/GoogleEarthPlugin -> C:\Users\Radek\AppData\Local\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin HKU\S-1-5-21-1393046087-3205198197-2324359881-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Radek\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-1393046087-3205198197-2324359881-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Radek\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-02] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-09-24]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-06-25]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-11-01]
FF HKLM-x32\...\Firefox\Extensions: [{1B12EF76-2B5E-4DA1-B587-4762D49BFE03}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

Chrome:
=======
CHR Profile: C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-08]
CHR Extension: (Google Drive) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-08]
CHR Extension: (YouTube) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-08]
CHR Extension: (Google Search) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-08]
CHR Extension: (AdBlock) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-06-26]
CHR Extension: (Avast Online Security) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-14]
CHR Extension: (Google Wallet) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-08]
CHR Extension: (Gmail) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-08]
CHR HKU\S-1-5-21-1393046087-3205198197-2324359881-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2015-01-11]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 APC Data Service; C:\Program Files (x86)\APC\APC PowerChute Personal Edition\dataserv.exe [21880 2010-09-14] (American Power Conversion Corporation)
R2 APC UPS Service; C:\Program Files (x86)\APC\APC PowerChute Personal Edition\mainserv.exe [705912 2010-09-14] (American Power Conversion Corporation)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2015-01-11] (AVAST Software)
R2 OMSI download service; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] () [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2014-08-12] ()
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2004-12-13] (Ulead Systems, Inc.) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-19] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ALCXWDM; C:\Windows\System32\drivers\RTKVAC64.SYS [3491616 2009-06-18] (Realtek Semiconductor Corp.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-11] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-01-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64752 2015-01-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-11] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-11] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2015-01-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-11] ()
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [275432 2009-04-11] (Společnost Microsoft)
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1513320 2013-03-03] (Společnost Microsoft)
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2011-01-04] (Sony Ericsson Mobile Communications)
S3 ULCDRHlp; C:\Windows\SysWOW64\Drivers\ULCDRHlp.sys [27392 2004-12-23] (Ulead Systems, Inc.) [File not signed]
S3 VIAudio; C:\Windows\System32\drivers\ac97via.sys [93696 2006-09-18] (VIA Technologies, Inc.)
S3 WFMC_VAD; C:\Windows\System32\DRIVERS\wfmcvad.sys [24064 2010-02-08] (WiFi Media Connect)
S3 adusbser; system32\DRIVERS\adusbser.sys [X]
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-02 09:07 - 2015-08-02 09:08 - 00018609 _____ C:\Users\Radek\Desktop\FRST.txt
2015-08-02 09:06 - 2015-08-02 09:07 - 00000000 ____D C:\FRST
2015-08-02 09:03 - 2015-08-02 09:03 - 00112640 _____ (forum.viry.cz) C:\Users\Radek\Desktop\FRSTLauncher.exe
2015-08-02 09:01 - 2015-08-02 09:01 - 00112640 _____ (forum.viry.cz) C:\Users\Radek\Downloads\Nepotvrzeno 559315.crdownload
2015-08-02 09:00 - 2015-08-02 09:00 - 02168832 _____ (Farbar) C:\Users\Radek\Downloads\FRST64.exe
2015-08-02 09:00 - 2015-08-02 09:00 - 02168832 _____ (Farbar) C:\Users\Radek\Desktop\FRST64.exe
2015-08-02 08:43 - 2015-08-02 09:05 - 00000000 ____D C:\ProgramData\RogueKiller
2015-08-02 08:43 - 2015-08-02 08:43 - 00037624 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-08-02 08:42 - 2015-08-02 08:42 - 22653000 _____ C:\Users\Radek\Downloads\RogueKillerX64.exe
2015-08-02 08:32 - 2015-08-02 08:32 - 00000000 ____D C:\Users\Radek\AppData\Local\{82DFF18B-9759-40BB-B5F2-57FD63D6D402}
2015-08-02 08:17 - 2015-07-14 18:02 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-02 08:17 - 2015-07-14 17:45 - 00048128 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-02 08:17 - 2015-07-14 16:34 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-02 08:17 - 2015-07-14 16:23 - 00296960 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-02 08:15 - 2015-06-27 18:03 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-02 08:15 - 2015-06-27 18:03 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-02 08:15 - 2015-06-27 18:02 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-02 08:15 - 2015-06-27 18:02 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-02 08:15 - 2015-06-27 18:01 - 00801280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-08-02 08:15 - 2015-06-27 17:40 - 01304576 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-02 08:15 - 2015-06-27 17:40 - 00658944 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-02 08:15 - 2015-06-27 17:40 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-02 08:15 - 2015-06-27 17:39 - 01065472 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-08-02 08:15 - 2015-06-27 16:30 - 00278016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-02 08:15 - 2015-06-27 16:30 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-02 08:15 - 2015-06-12 15:13 - 00516544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-02 08:15 - 2015-01-09 02:28 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-02 08:14 - 2015-07-03 18:04 - 01316864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-08-02 08:14 - 2015-07-03 17:41 - 01916416 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-08-02 08:11 - 2015-08-02 08:11 - 00005609 _____ C:\Users\Radek\Documents\Moje Aero.Theme
2015-08-02 08:10 - 2015-06-25 05:09 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-02 08:09 - 2015-05-31 10:11 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-08-02 08:09 - 2015-05-31 09:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-08-02 08:08 - 2015-06-17 18:50 - 02264576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-08-02 08:08 - 2015-06-17 18:23 - 03137536 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-08-02 08:08 - 2015-06-17 17:18 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-08-02 08:08 - 2015-06-17 17:09 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-08-02 08:07 - 2015-06-12 18:03 - 00304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-08-02 08:07 - 2015-06-12 17:46 - 00390656 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-08-02 07:50 - 2015-07-03 08:01 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-02 07:50 - 2015-07-03 07:31 - 12386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-02 07:50 - 2015-07-03 07:18 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-02 07:50 - 2015-06-17 03:52 - 02343936 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-02 07:50 - 2015-06-17 03:50 - 10936320 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-02 07:50 - 2015-06-17 03:50 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-02 07:50 - 2015-06-17 03:47 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-02 07:50 - 2015-06-17 03:47 - 01387520 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-02 07:50 - 2015-06-17 03:46 - 02158080 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-02 07:50 - 2015-06-17 03:46 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-02 07:50 - 2015-06-17 03:46 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-02 07:50 - 2015-06-17 03:46 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-02 07:50 - 2015-06-17 03:46 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-02 07:50 - 2015-06-17 03:46 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-02 07:50 - 2015-06-17 03:46 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-08-02 07:50 - 2015-06-17 03:46 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-02 07:50 - 2015-06-17 03:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-02 07:50 - 2015-06-17 03:45 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-02 07:50 - 2015-06-17 03:45 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-02 07:50 - 2015-06-17 03:45 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-02 07:50 - 2015-06-17 03:45 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-08-02 07:50 - 2015-06-17 03:45 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-08-02 07:50 - 2015-06-17 03:45 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-08-02 07:50 - 2015-06-17 03:14 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-02 07:50 - 2015-06-17 03:12 - 09750528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-02 07:50 - 2015-06-17 03:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-02 07:50 - 2015-06-17 03:10 - 01139712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-02 07:50 - 2015-06-17 03:09 - 01804288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-02 07:50 - 2015-06-17 03:09 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-02 07:50 - 2015-06-17 03:09 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-02 07:50 - 2015-06-17 03:09 - 00421888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-02 07:50 - 2015-06-17 03:08 - 00718336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-02 07:50 - 2015-06-17 03:08 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-02 07:50 - 2015-06-17 03:08 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-02 07:50 - 2015-06-17 03:08 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-08-02 07:50 - 2015-06-17 03:08 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-02 07:50 - 2015-06-17 03:08 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-02 07:50 - 2015-06-17 03:08 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-02 07:50 - 2015-06-17 03:08 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-02 07:50 - 2015-06-17 03:08 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-02 07:50 - 2015-06-17 03:08 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-08-02 07:50 - 2015-06-17 03:08 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-08-02 07:50 - 2015-06-17 03:08 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-08-02 07:49 - 2015-07-03 08:18 - 17887744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-02 07:07 - 2015-08-02 08:26 - 00003206 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1393046087-3205198197-2324359881-1000

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-02 08:51 - 2013-09-08 17:06 - 00002025 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-02 08:41 - 2006-11-02 17:27 - 01477574 _____ C:\Windows\WindowsUpdate.log
2015-08-02 08:38 - 2011-01-17 00:26 - 00000000 ____D C:\Windows\pss
2015-08-02 08:32 - 2011-01-24 19:27 - 00000000 ____D C:\Users\Radek\AppData\Local\Windows Live
2015-08-02 08:30 - 2007-01-09 00:10 - 00645076 _____ C:\Windows\system32\perfh005.dat
2015-08-02 08:30 - 2007-01-09 00:10 - 00137762 _____ C:\Windows\system32\perfc005.dat
2015-08-02 08:30 - 2006-11-02 14:46 - 01532822 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-02 08:26 - 2015-05-20 16:19 - 00003340 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1393046087-3205198197-2324359881-1000
2015-08-02 08:25 - 2006-11-02 17:07 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-08-02 08:24 - 2013-09-08 17:03 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-02 08:23 - 2006-11-02 17:22 - 00004448 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-02 08:23 - 2006-11-02 17:22 - 00004448 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-02 08:22 - 2012-04-01 08:49 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-02 08:22 - 2006-11-02 17:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-02 08:22 - 2006-11-02 17:21 - 00266960 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-02 08:19 - 2006-11-02 17:42 - 00032576 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-08-02 08:15 - 2010-10-01 20:44 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-02 08:14 - 2014-03-02 09:24 - 01509614 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-08-02 08:03 - 2013-08-18 09:06 - 00000000 ____D C:\Windows\system32\MRT
2015-08-02 07:53 - 2011-06-24 11:40 - 00002425 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-08-02 07:42 - 2011-02-11 00:06 - 00003730 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{CDDCFFCC-54DE-464A-B9BF-5352B564D650}
2015-08-02 07:41 - 2014-12-24 15:17 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-08-02 07:23 - 2012-04-01 08:49 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-02 07:23 - 2012-04-01 08:49 - 00003766 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-02 07:23 - 2011-05-21 19:47 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-02 07:21 - 2013-09-08 17:03 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-02 07:20 - 2012-10-25 20:21 - 00000962 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1393046087-3205198197-2324359881-1000UA.job
2015-08-02 07:20 - 2012-10-25 20:21 - 00000910 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1393046087-3205198197-2324359881-1000Core.job
2015-08-02 07:16 - 2013-09-08 17:03 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-02 07:16 - 2013-09-08 17:03 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-02 07:15 - 2012-10-25 20:21 - 00003846 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1393046087-3205198197-2324359881-1000UA
2015-08-02 07:15 - 2012-10-25 20:21 - 00003450 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1393046087-3205198197-2324359881-1000Core
2015-08-02 07:11 - 2011-06-25 09:09 - 00022312 _____ C:\Windows\system32\spsys.log
2015-08-02 07:08 - 2012-07-28 18:24 - 00004184 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-07-03 08:43 - 2006-11-02 14:35 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

==================== Files in the root of some directories =======

2011-08-06 14:10 - 2012-06-22 13:39 - 0000000 _____ () C:\Users\Radek\AppData\Roaming\FileIn.cns
2011-08-06 14:10 - 2012-06-22 13:39 - 0000000 _____ () C:\Users\Radek\AppData\Roaming\FileOut.cns
2012-02-13 20:05 - 2015-01-11 09:47 - 0000680 _____ () C:\Users\Radek\AppData\Local\d3d9caps.dat
2010-12-10 11:16 - 2010-12-10 13:34 - 0000732 _____ () C:\Users\Radek\AppData\Local\d3d9caps64.dat
2010-09-23 00:36 - 2015-01-11 17:53 - 0018432 _____ () C:\Users\Radek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-09-22 23:41 - 2010-09-22 23:41 - 0442174 _____ () C:\Users\Radek\AppData\Local\dd_vcredistMSI0A0C.txt
2012-11-17 09:31 - 2012-11-17 09:39 - 0004396 _____ () C:\Users\Radek\AppData\Local\dd_vcredistMSI3287.txt
2010-09-23 10:32 - 2010-09-23 10:33 - 0437650 _____ () C:\Users\Radek\AppData\Local\dd_vcredistMSI7C92.txt
2010-09-22 23:41 - 2010-09-22 23:41 - 0019892 _____ () C:\Users\Radek\AppData\Local\dd_vcredistUI0A0C.txt
2012-11-17 09:31 - 2012-11-17 09:31 - 0012264 _____ () C:\Users\Radek\AppData\Local\dd_vcredistUI3287.txt
2010-09-23 10:32 - 2010-09-23 10:33 - 0011398 _____ () C:\Users\Radek\AppData\Local\dd_vcredistUI7C92.txt
2010-10-20 15:58 - 2010-10-20 15:58 - 0148736 _____ (Avanquest Software) C:\ProgramData\hpeD0BD.dll

Files to move or delete:
====================
C:\ProgramData\hpeD0BD.dll

Some files in TEMP:
====================
C:\Users\Radek\AppData\Local\Temp\dllnt_dump.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1393046087-3205198197-2324359881-1000Core.job => C:\Users\Radek\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1393046087-3205198197-2324359881-1000UA.job => C:\Users\Radek\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Radek\Desktop" je 6924 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Display
C:\Program Files (x86)\APC\APC PowerChute Personal Edition\DataCollectionLauncher.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
"C:\Users\Radek\AppData\Local\Google\Update\GoogleUpdate.exe" /c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq
C:\Users\Radek\AppData\Roaming\ICQM\icq.exe -CU [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan
"C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe
%ProgramFiles%\Windows Defender\MSASCui.exe -hide [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender
Re�im ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^APC UPS Status.lnk
C:\PROGRA~2\APC\APCPOW~1\Display.exe

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#2 Příspěvek od **Rudy** » 02 srp 2015 10:31

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

butes · #3 Příspěvek od **butes** » 02 srp 2015 10:47

Našlo to následující.

# AdwCleaner v4.208 - Log vytvořen 02/08/2015 v 11:45:29
# Aktualizováno 09/07/2015 by Xplode
# Databáze : 2015-08-01.1 [Server]
# Operační system : Windows (TM) Vista Home Premium Service Pack 2 (x64)
# Uživatelské jméno : Radek - RADEK-PC
# Spuštěno z : C:\Users\Radek\Downloads\adwcleaner_4.208.exe
# Nastavení : Čištění

***** [ Služby ] *****

***** [ Soubory / Složky ] *****

***** [ Naplánované úlohy ] *****

***** [ Zástupci ] *****

***** [ Registry ] *****

Klíč Smazáno : HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Klíč Smazáno : HKCU\Software\YahooPartnerToolbar
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-00B2-0405-0000-0000000FF1CE}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{90120000-00B2-0405-0000-0000000FF1CE}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

***** [ Prohlížeče ] *****

-\\ Internet Explorer v9.0.8112.16669

-\\ Google Chrome v44.0.2403.125

*************************

AdwCleaner[R0].txt - [1422 bytů] - [02/08/2015 10:55:45]
AdwCleaner[R1].txt - [1480 bytů] - [02/08/2015 10:58:35]
AdwCleaner[S0].txt - [1342 bytů] - [02/08/2015 11:00:29]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1400 bytů] ##########

#4 Příspěvek od **Rudy** » 02 srp 2015 11:31

Dejte nový log FRST.

butes · #5 Příspěvek od **butes** » 02 srp 2015 13:04

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:02-08-2015
Ran by Radek (administrator) on RADEK-PC (02-08-2015 14:00:09)
Running from C:\Users\Radek\Desktop
Loaded Profiles: Radek (Available Profiles: Radek)
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Realtek Semiconductor Corp.) C:\Windows\SOUNDMAN.EXE
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Leadtek Research Inc.) C:\Program Files\WinFast\WFDTV\WFWIZ.exe
(Koninklijke Philips Electronics N.V.) C:\Program Files (x86)\Philips\Wi-Fi MediaConnect\Wi-Fi MediaConnect.exe
(Leadtek Research Inc.) C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\avastui.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\conime.exe
(American Power Conversion Corporation) C:\Program Files (x86)\APC\APC PowerChute Personal Edition\mainserv.exe
() C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(American Power Conversion Corporation) C:\Program Files (x86)\APC\APC PowerChute Personal Edition\dataserv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\Program Files (x86)\Philips\Wi-Fi MediaConnect\HTSRecover.exe
(American Power Conversion Corporation) C:\Program Files (x86)\APC\APC PowerChute Personal Edition\apcsystray.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_ActiveX.exe
(forum.viry.cz) C:\Users\Radek\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SoundMan] => C:\Windows\SOUNDMAN.EXE [604704 2009-04-14] (Realtek Semiconductor Corp.)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-16] (InstallShield Software Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Display] => C:\Program Files (x86)\APC\APC PowerChute Personal Edition\DataCollectionLauncher.exe [271736 2010-09-14] (American Power Conversion Corporation)
HKLM-x32\...\Run: [WinFastDTV] => C:\Program Files\WinFast\WFDTV\DTVSchdl.exe [101888 2012-04-05] (Leadtek Research Inc.)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [5227648 2015-03-31] (AVAST Software)
HKLM-x32\...\Run: [LiveTunerCore] => C:\Program Files (x86)\LiveTuner\livecore.exe [222711 2014-12-02] (Windows X)
HKU\S-1-5-21-1393046087-3205198197-2324359881-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-1393046087-3205198197-2324359881-1000\...\Run: [WinFast Schedule] => C:\Program Files\WinFast\WFDTV\WFWIZ.exe [2920448 2012-03-02] (Leadtek Research Inc.)
HKU\S-1-5-21-1393046087-3205198197-2324359881-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-16] (InstallShield Software Corporation)
HKU\S-1-5-21-1393046087-3205198197-2324359881-1000\...\Run: [WMPNSCFG] => C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\APC UPS Status.lnk [2011-12-26]
ShortcutTarget: APC UPS Status.lnk -> C:\Program Files (x86)\APC\APC PowerChute Personal Edition\Display.exe (American Power Conversion Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wi-Fi MediaConnect.lnk [2011-02-25]
ShortcutTarget: Wi-Fi MediaConnect.lnk -> C:\Program Files (x86)\Philips\Wi-Fi MediaConnect\Wi-Fi MediaConnect.exe (Koninklijke Philips Electronics N.V.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShA64.dll [2015-01-11] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1393046087-3205198197-2324359881-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.idnes.cz/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1393046087-3205198197-2324359881-1000 -> DefaultScope {9DECFE3A-E72D-415E-9FE2-53EF7700F34D} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1393046087-3205198197-2324359881-1000 -> {59116CC1-7C78-498E-B5B5-8D13DD65BFD4} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1393046087-3205198197-2324359881-1000 -> {61F5B0BB-EB87-4642-A682-CD3E6C9705B6} URL = http://www.bing.com/search?FORM=UP97DF& ... -SearchBox
SearchScopes: HKU\S-1-5-21-1393046087-3205198197-2324359881-1000 -> {9DECFE3A-E72D-415E-9FE2-53EF7700F34D} URL = https://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2015-01-11] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: No Name -> {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} -> No File
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-08-12] (RealDownloader)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-01-11] (AVAST Software)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM-x32 - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll [2010-10-30] ()
DPF: HKLM-x32 {361E6B79-4A69-4376-B0F2-3D1EBEE9D7E2} http://www.ubytovani-vysocina.cz/kamera/RtspVaPgDec.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: HKLM-x32 {F680B28A-3AEE-4C88-93ED-45AE9215C128} https://adisepo.mfcr.cz/adistc/adis/idp ... tsignx.cab
Winsock: Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176 2010-09-22] (Společnost Microsoft)
Winsock: Catalog5-x64 02 C:\Windows\system32\napinsp.dll [62976 2010-09-22] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{8BA220FB-2B3B-4091-BFE6-F6E00649FFF2}: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.4.19 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2014-11-01] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.4 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-08-12] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.4.19 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2014-11-01] (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2014-08-12] (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1393046087-3205198197-2324359881-1000: @Google.com/GoogleEarthPlugin -> C:\Users\Radek\AppData\Local\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin HKU\S-1-5-21-1393046087-3205198197-2324359881-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Radek\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-1393046087-3205198197-2324359881-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Radek\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-02] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-09-24]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-06-25]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-11-01]
FF HKLM-x32\...\Firefox\Extensions: [{1B12EF76-2B5E-4DA1-B587-4762D49BFE03}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

Chrome:
=======
CHR Profile: C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-08]
CHR Extension: (Google Drive) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-08]
CHR Extension: (YouTube) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-08]
CHR Extension: (Google Search) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-08]
CHR Extension: (AdBlock) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-06-26]
CHR Extension: (Avast Online Security) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-08]
CHR Extension: (Gmail) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-08]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2015-01-11]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 APC Data Service; C:\Program Files (x86)\APC\APC PowerChute Personal Edition\dataserv.exe [21880 2010-09-14] (American Power Conversion Corporation)
R2 APC UPS Service; C:\Program Files (x86)\APC\APC PowerChute Personal Edition\mainserv.exe [705912 2010-09-14] (American Power Conversion Corporation)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2015-01-11] (AVAST Software)
R2 OMSI download service; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] () [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2014-08-12] ()
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2004-12-13] (Ulead Systems, Inc.) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-19] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ALCXWDM; C:\Windows\System32\drivers\RTKVAC64.SYS [3491616 2009-06-18] (Realtek Semiconductor Corp.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-11] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-01-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64752 2015-01-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-11] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-11] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2015-01-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-11] ()
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [275432 2009-04-11] (Společnost Microsoft)
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1513320 2013-03-03] (Společnost Microsoft)
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2011-01-04] (Sony Ericsson Mobile Communications)
S3 ULCDRHlp; C:\Windows\SysWOW64\Drivers\ULCDRHlp.sys [27392 2004-12-23] (Ulead Systems, Inc.) [File not signed]
S3 VIAudio; C:\Windows\System32\drivers\ac97via.sys [93696 2006-09-18] (VIA Technologies, Inc.)
S3 WFMC_VAD; C:\Windows\System32\DRIVERS\wfmcvad.sys [24064 2010-02-08] (WiFi Media Connect)
S3 adusbser; system32\DRIVERS\adusbser.sys [X]
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-02 13:59 - 2015-08-02 13:59 - 00112640 _____ (forum.viry.cz) C:\Users\Radek\Desktop\FRSTLauncher.exe
2015-08-02 11:38 - 2015-08-02 11:38 - 02248704 _____ C:\Users\Radek\Downloads\adwcleaner_4.208 (1).exe
2015-08-02 10:54 - 2015-08-02 11:40 - 00000000 ____D C:\AdwCleaner
2015-08-02 10:54 - 2015-08-02 10:54 - 02248704 _____ C:\Users\Radek\Downloads\adwcleaner_4.208.exe
2015-08-02 09:16 - 2015-08-02 13:51 - 00015333 _____ C:\Users\Radek\Desktop\Addition.zip
2015-08-02 09:07 - 2015-08-02 14:00 - 00018329 _____ C:\Users\Radek\Desktop\FRST.txt
2015-08-02 09:06 - 2015-08-02 14:00 - 00000000 ____D C:\FRST
2015-08-02 09:00 - 2015-08-02 09:00 - 02168832 _____ (Farbar) C:\Users\Radek\Downloads\FRST64.exe
2015-08-02 09:00 - 2015-08-02 09:00 - 02168832 _____ (Farbar) C:\Users\Radek\Desktop\FRST64.exe
2015-08-02 08:43 - 2015-08-02 09:05 - 00000000 ____D C:\ProgramData\RogueKiller
2015-08-02 08:43 - 2015-08-02 08:43 - 00037624 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-08-02 08:42 - 2015-08-02 08:42 - 22653000 _____ C:\Users\Radek\Downloads\RogueKillerX64.exe
2015-08-02 08:32 - 2015-08-02 08:32 - 00000000 ____D C:\Users\Radek\AppData\Local\{82DFF18B-9759-40BB-B5F2-57FD63D6D402}
2015-08-02 08:17 - 2015-07-14 18:02 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-02 08:17 - 2015-07-14 17:45 - 00048128 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-02 08:17 - 2015-07-14 16:34 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-02 08:17 - 2015-07-14 16:23 - 00296960 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-02 08:15 - 2015-06-27 18:03 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-02 08:15 - 2015-06-27 18:03 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-02 08:15 - 2015-06-27 18:02 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-02 08:15 - 2015-06-27 18:02 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-02 08:15 - 2015-06-27 18:01 - 00801280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-08-02 08:15 - 2015-06-27 17:40 - 01304576 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-02 08:15 - 2015-06-27 17:40 - 00658944 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-02 08:15 - 2015-06-27 17:40 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-02 08:15 - 2015-06-27 17:39 - 01065472 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-08-02 08:15 - 2015-06-27 16:30 - 00278016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-02 08:15 - 2015-06-27 16:30 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-02 08:15 - 2015-06-12 15:13 - 00516544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-02 08:15 - 2015-01-09 02:28 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-02 08:14 - 2015-07-03 18:04 - 01316864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-08-02 08:14 - 2015-07-03 17:41 - 01916416 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-08-02 08:11 - 2015-08-02 08:11 - 00005609 _____ C:\Users\Radek\Documents\Moje Aero.Theme
2015-08-02 08:10 - 2015-06-25 05:09 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-02 08:09 - 2015-05-31 10:11 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-08-02 08:09 - 2015-05-31 09:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-08-02 08:08 - 2015-06-17 18:50 - 02264576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-08-02 08:08 - 2015-06-17 18:23 - 03137536 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-08-02 08:08 - 2015-06-17 17:18 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-08-02 08:08 - 2015-06-17 17:09 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-08-02 08:07 - 2015-06-12 18:03 - 00304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-08-02 08:07 - 2015-06-12 17:46 - 00390656 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-08-02 07:50 - 2015-07-03 08:01 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-02 07:50 - 2015-07-03 07:31 - 12386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-02 07:50 - 2015-07-03 07:18 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-02 07:50 - 2015-06-17 03:52 - 02343936 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-02 07:50 - 2015-06-17 03:50 - 10936320 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-02 07:50 - 2015-06-17 03:50 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-02 07:50 - 2015-06-17 03:47 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-02 07:50 - 2015-06-17 03:47 - 01387520 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-02 07:50 - 2015-06-17 03:46 - 02158080 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-02 07:50 - 2015-06-17 03:46 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-02 07:50 - 2015-06-17 03:46 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-02 07:50 - 2015-06-17 03:46 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-02 07:50 - 2015-06-17 03:46 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-02 07:50 - 2015-06-17 03:46 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-02 07:50 - 2015-06-17 03:46 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-08-02 07:50 - 2015-06-17 03:46 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-02 07:50 - 2015-06-17 03:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-02 07:50 - 2015-06-17 03:45 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-02 07:50 - 2015-06-17 03:45 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-02 07:50 - 2015-06-17 03:45 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-02 07:50 - 2015-06-17 03:45 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-08-02 07:50 - 2015-06-17 03:45 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-08-02 07:50 - 2015-06-17 03:45 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-08-02 07:50 - 2015-06-17 03:14 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-02 07:50 - 2015-06-17 03:12 - 09750528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-02 07:50 - 2015-06-17 03:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-02 07:50 - 2015-06-17 03:10 - 01139712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-02 07:50 - 2015-06-17 03:09 - 01804288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-02 07:50 - 2015-06-17 03:09 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-02 07:50 - 2015-06-17 03:09 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-02 07:50 - 2015-06-17 03:09 - 00421888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-02 07:50 - 2015-06-17 03:08 - 00718336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-02 07:50 - 2015-06-17 03:08 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-02 07:50 - 2015-06-17 03:08 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-02 07:50 - 2015-06-17 03:08 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-08-02 07:50 - 2015-06-17 03:08 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-02 07:50 - 2015-06-17 03:08 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-02 07:50 - 2015-06-17 03:08 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-02 07:50 - 2015-06-17 03:08 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-02 07:50 - 2015-06-17 03:08 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-02 07:50 - 2015-06-17 03:08 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-08-02 07:50 - 2015-06-17 03:08 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-08-02 07:50 - 2015-06-17 03:08 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-08-02 07:49 - 2015-07-03 08:18 - 17887744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-02 07:07 - 2015-08-02 13:55 - 00003206 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1393046087-3205198197-2324359881-1000

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-02 13:57 - 2006-11-02 17:27 - 01493107 _____ C:\Windows\WindowsUpdate.log
2015-08-02 13:55 - 2015-05-20 16:19 - 00003340 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1393046087-3205198197-2324359881-1000
2015-08-02 13:54 - 2013-09-08 17:03 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-02 13:54 - 2006-11-02 17:22 - 00004448 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-02 13:54 - 2006-11-02 17:22 - 00004448 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-02 13:54 - 2006-11-02 17:07 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-08-02 13:53 - 2006-11-02 17:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-02 13:52 - 2006-11-02 17:42 - 00032550 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-08-02 13:21 - 2013-09-08 17:03 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-02 13:21 - 2012-04-01 08:49 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-02 13:20 - 2012-10-25 20:21 - 00000962 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1393046087-3205198197-2324359881-1000UA.job
2015-08-02 11:16 - 2007-01-09 00:10 - 00645076 _____ C:\Windows\system32\perfh005.dat
2015-08-02 11:16 - 2007-01-09 00:10 - 00137762 _____ C:\Windows\system32\perfc005.dat
2015-08-02 11:16 - 2006-11-02 14:46 - 01532822 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-02 11:02 - 2015-06-26 14:29 - 00001264 _____ C:\Windows\PFRO.log
2015-08-02 08:51 - 2013-09-08 17:06 - 00002025 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-02 08:38 - 2011-01-17 00:26 - 00000000 ____D C:\Windows\pss
2015-08-02 08:32 - 2011-01-24 19:27 - 00000000 ____D C:\Users\Radek\AppData\Local\Windows Live
2015-08-02 08:22 - 2006-11-02 17:21 - 00266960 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-02 08:15 - 2010-10-01 20:44 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-02 08:14 - 2014-03-02 09:24 - 01509614 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-08-02 08:03 - 2013-08-18 09:06 - 00000000 ____D C:\Windows\system32\MRT
2015-08-02 07:53 - 2011-06-24 11:40 - 00002425 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-08-02 07:42 - 2011-02-11 00:06 - 00003730 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{CDDCFFCC-54DE-464A-B9BF-5352B564D650}
2015-08-02 07:41 - 2014-12-24 15:17 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-08-02 07:23 - 2012-04-01 08:49 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-02 07:23 - 2012-04-01 08:49 - 00003766 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-02 07:23 - 2011-05-21 19:47 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-02 07:20 - 2012-10-25 20:21 - 00000910 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1393046087-3205198197-2324359881-1000Core.job
2015-08-02 07:16 - 2013-09-08 17:03 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-02 07:16 - 2013-09-08 17:03 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-02 07:15 - 2012-10-25 20:21 - 00003846 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1393046087-3205198197-2324359881-1000UA
2015-08-02 07:15 - 2012-10-25 20:21 - 00003450 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1393046087-3205198197-2324359881-1000Core
2015-08-02 07:11 - 2011-06-25 09:09 - 00022312 _____ C:\Windows\system32\spsys.log
2015-08-02 07:08 - 2012-07-28 18:24 - 00004184 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-07-03 08:43 - 2006-11-02 14:35 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

==================== Files in the root of some directories =======

2011-08-06 14:10 - 2012-06-22 13:39 - 0000000 _____ () C:\Users\Radek\AppData\Roaming\FileIn.cns
2011-08-06 14:10 - 2012-06-22 13:39 - 0000000 _____ () C:\Users\Radek\AppData\Roaming\FileOut.cns
2012-02-13 20:05 - 2015-01-11 09:47 - 0000680 _____ () C:\Users\Radek\AppData\Local\d3d9caps.dat
2010-12-10 11:16 - 2010-12-10 13:34 - 0000732 _____ () C:\Users\Radek\AppData\Local\d3d9caps64.dat
2010-09-23 00:36 - 2015-01-11 17:53 - 0018432 _____ () C:\Users\Radek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-09-22 23:41 - 2010-09-22 23:41 - 0442174 _____ () C:\Users\Radek\AppData\Local\dd_vcredistMSI0A0C.txt
2012-11-17 09:31 - 2012-11-17 09:39 - 0004396 _____ () C:\Users\Radek\AppData\Local\dd_vcredistMSI3287.txt
2010-09-23 10:32 - 2010-09-23 10:33 - 0437650 _____ () C:\Users\Radek\AppData\Local\dd_vcredistMSI7C92.txt
2010-09-22 23:41 - 2010-09-22 23:41 - 0019892 _____ () C:\Users\Radek\AppData\Local\dd_vcredistUI0A0C.txt
2012-11-17 09:31 - 2012-11-17 09:31 - 0012264 _____ () C:\Users\Radek\AppData\Local\dd_vcredistUI3287.txt
2010-09-23 10:32 - 2010-09-23 10:33 - 0011398 _____ () C:\Users\Radek\AppData\Local\dd_vcredistUI7C92.txt
2010-10-20 15:58 - 2010-10-20 15:58 - 0148736 _____ (Avanquest Software) C:\ProgramData\hpeD0BD.dll

Files to move or delete:
====================
C:\ProgramData\hpeD0BD.dll

Some files in TEMP:
====================
C:\Users\Radek\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Radek\AppData\Local\Temp\Quarantine.exe
C:\Users\Radek\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1393046087-3205198197-2324359881-1000Core.job => C:\Users\Radek\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1393046087-3205198197-2324359881-1000UA.job => C:\Users\Radek\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Radek\Desktop" je 6924 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Display
C:\Program Files (x86)\APC\APC PowerChute Personal Edition\DataCollectionLauncher.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
"C:\Users\Radek\AppData\Local\Google\Update\GoogleUpdate.exe" /c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq
C:\Users\Radek\AppData\Roaming\ICQM\icq.exe -CU [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan
"C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe
%ProgramFiles%\Windows Defender\MSASCui.exe -hide [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender
Re�im ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^APC UPS Status.lnk
C:\PROGRA~2\APC\APCPOW~1\Display.exe

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#6 Příspěvek od **Rudy** » 02 srp 2015 15:48

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1393046087-3205198197-2324359881-1000 -> {61F5B0BB-EB87-4642-A682-CD3E6C9705B6} URL = http://www.bing.com/search?FORM=UP97DF& ... -SearchBox
BHO-x32: No Name -> {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} -> No File
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1393046087-3205198197-2324359881-1000UA.job
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1393046087-3205198197-2324359881-1000UA
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1393046087-3205198197-2324359881-1000Core
C:\ProgramData\hpeD0BD.dll
C:\Users\Radek\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Z logu:

Velikost slozky "C:\Users\Radek\Desktop" je 6924 MB.

To je příliš mnoho. Vytvořte nový adresář v C:\Users\Radek, do něho přesuňte všechna data z plochy (kromě zástupců) a na plochu si dejte pro snazší přístup zástupce té složky. Takové množství dat zpomaluje start.

butes · #7 Příspěvek od **butes** » 02 srp 2015 19:15

Díky za tip. Posílám LOG.

Fix result of Farbar Recovery Scan Tool (x64) Version:02-08-2015
Ran by Radek (2015-08-02 20:01:30) Run:1
Running from C:\Users\Radek\Desktop
Loaded Profiles: Radek (Available Profiles: Radek)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1393046087-3205198197-2324359881-1000 -> {61F5B0BB-EB87-4642-A682-CD3E6C9705B6} URL = http://www.bing.com/search?FORM=UP97DF& ... -SearchBox
BHO-x32: No Name -> {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} -> No File
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1393046087-3205198197-2324359881-1000UA.job
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1393046087-3205198197-2324359881-1000UA
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1393046087-3205198197-2324359881-1000Core
C:\ProgramData\hpeD0BD.dll
C:\Users\Radek\AppData\Local\Temp
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-1393046087-3205198197-2324359881-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{61F5B0BB-EB87-4642-A682-CD3E6C9705B6}" => key removed successfully
HKCR\CLSID\{61F5B0BB-EB87-4642-A682-CD3E6C9705B6} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}" => key removed successfully
HKCR\Wow6432Node\CLSID\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853} => key not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer" => key removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1393046087-3205198197-2324359881-1000UA.job => moved successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1393046087-3205198197-2324359881-1000UA => moved successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1393046087-3205198197-2324359881-1000Core => moved successfully.
C:\ProgramData\hpeD0BD.dll => moved successfully.

"C:\Users\Radek\AppData\Local\Temp" folder move:

Could not move "C:\Users\Radek\AppData\Local\Temp" => Scheduled to move on reboot.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-08-02 20:04:36)<=

C:\Users\Radek\AppData\Local\Temp => moved successfully

==== End of Fixlog 20:04:47 ====

butes · #8 Příspěvek od **butes** » 02 srp 2015 19:15

Díky za tip. Posílám LOG.

Fix result of Farbar Recovery Scan Tool (x64) Version:02-08-2015
Ran by Radek (2015-08-02 20:01:30) Run:1
Running from C:\Users\Radek\Desktop
Loaded Profiles: Radek (Available Profiles: Radek)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1393046087-3205198197-2324359881-1000 -> {61F5B0BB-EB87-4642-A682-CD3E6C9705B6} URL = http://www.bing.com/search?FORM=UP97DF& ... -SearchBox
BHO-x32: No Name -> {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} -> No File
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1393046087-3205198197-2324359881-1000UA.job
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1393046087-3205198197-2324359881-1000UA
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1393046087-3205198197-2324359881-1000Core
C:\ProgramData\hpeD0BD.dll
C:\Users\Radek\AppData\Local\Temp
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-1393046087-3205198197-2324359881-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{61F5B0BB-EB87-4642-A682-CD3E6C9705B6}" => key removed successfully
HKCR\CLSID\{61F5B0BB-EB87-4642-A682-CD3E6C9705B6} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}" => key removed successfully
HKCR\Wow6432Node\CLSID\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853} => key not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer" => key removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1393046087-3205198197-2324359881-1000UA.job => moved successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1393046087-3205198197-2324359881-1000UA => moved successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1393046087-3205198197-2324359881-1000Core => moved successfully.
C:\ProgramData\hpeD0BD.dll => moved successfully.

"C:\Users\Radek\AppData\Local\Temp" folder move:

Could not move "C:\Users\Radek\AppData\Local\Temp" => Scheduled to move on reboot.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-08-02 20:04:36)<=

C:\Users\Radek\AppData\Local\Temp => moved successfully

==== End of Fixlog 20:04:47 ====

#9 Příspěvek od **Rudy** » 02 srp 2015 20:09

Smazáno. Nastala nějaká změna?

butes · #10 Příspěvek od **butes** » 02 srp 2015 20:36

Je to mnohem svižnější. Disk se zatím neseká, děkuji.

Můžu poprosit o projetí tohoto LOGu? Je v něm nějaký problém?

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:02-08-2015 01
Ran by Butes (administrator) on BUTES-PC (02-08-2015 21:31:08)
Running from C:\Users\Butes\Desktop
Loaded Profiles: Butes (Available Profiles: Butes)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
() C:\Windows\System32\AsusService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ASUS) C:\Windows\AsScrPro.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\SHE\SuperHybridEngine.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Users\Butes\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Butes\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Butes\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Butes\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\dw20.exe
(forum.viry.cz) C:\Users\Butes\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1545512 2009-07-20] (Synaptics Incorporated)
HKLM\...\Run: [HotkeyService] => C:\Program Files\EeePC\HotkeyService\HotkeyService.exe [752056 2009-09-24] (ASUSTeK Computer Inc.)
HKLM\...\Run: [HotKeyMon] => C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe [100328 2009-09-11] (ASUSTeK Computer Inc.)
HKLM\...\Run: [SuperHybridEngine] => C:\Program Files\EeePC\SHE\SuperHybridEngine.exe [413688 2009-09-09] (ASUSTeK Computer Inc.)
HKLM\...\Run: [ASUS Screen Saver Protector] => C:\windows\AsScrPro.exe [3058304 2009-10-14] (ASUS)
HKLM\...\Run: [SynAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [83240 2009-07-20] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7739936 2009-09-11] (Realtek Semiconductor)
HKLM\...\Run: [IgfxExt] => C:\windows\system32\IgfxExt.exe [174616 2009-10-15] (Intel Corporation)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\Update\realsched.exe [273544 2011-02-23] (RealNetworks, Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-30] (Microsoft Corporation)
HKU\S-1-5-21-1349384248-236505676-3158548863-1001\...\Run: [Google Update] => C:\Users\Butes\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-31] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2009-10-14]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk [2011-10-05]
ShortcutTarget: VPN Client.lnk -> C:\Windows\Installer\{1CE60928-8325-49A8-8B06-633E48DD2B67}\Icon3E5562ED7.ico ()
ShellIconOverlayIdentifiers: [OverlayIconExtension1] -> {fe25455d-b4c2-4e32-97d2-92632ec1c224} => C:\windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [OverlayIconExtension2] -> {1fae2d88-a78e-4f03-909f-be818a3c1ce6} => C:\windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1349384248-236505676-3158548863-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
SearchScopes: HKU\S-1-5-21-1349384248-236505676-3158548863-1001 -> DefaultScope {679A3659-DFB6-4D8D-B2AA-790E7850156D} URL = http://www.google.cz/search?q={searchTe ... {startPage}
SearchScopes: HKU\S-1-5-21-1349384248-236505676-3158548863-1001 -> {679A3659-DFB6-4D8D-B2AA-790E7850156D} URL = http://www.google.cz/search?q={searchTe ... {startPage}
BHO: Skype add-on (mastermind) -> {22BF413B-C6D2-4d91-82A9-A0F997BA588C} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-07-15] (Skype Technologies S.A.)
BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22] (Microsoft Corporation)
BHO: SSVHelper Class -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2011-05-04] (Sun Microsystems, Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-04] (Sun Microsystems, Inc.)
Toolbar: HKU\S-1-5-21-1349384248-236505676-3158548863-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{A6324140-8BE6-4935-900C-DCBD5D38869C}: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-06-27] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-05-04] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=12.0.1.633 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2011-02-23] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=12.0.1.633 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll [2011-02-23] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=12.0.1.633 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2011-02-23] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=12.0.1.633 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll [2011-02-23] (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-01] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-01] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1349384248-236505676-3158548863-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Butes\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-01] (Google Inc.)
FF Plugin HKU\S-1-5-21-1349384248-236505676-3158548863-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Butes\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-01] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\Butes\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Translate) - C:\Users\Butes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2010-05-30]
CHR Extension: (YouTube) - C:\Users\Butes\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-25]
CHR Extension: (Google Search) - C:\Users\Butes\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-25]
CHR Extension: (AdBlock) - C:\Users\Butes\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2011-02-22]
CHR Extension: (Star Gazing) - C:\Users\Butes\AppData\Local\Google\Chrome\User Data\Default\Extensions\mblmlcbknbnfebdfjnolmcapmdofhmme [2010-04-01]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\Butes\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2010-05-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Butes\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (Gmail) - C:\Users\Butes\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-25]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - No Path Or update_url value
StartMenuInternet: Google Chrome - C:\Users\Butes\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AsusService; C:\Windows\System32\AsusService.exe [219136 2009-08-19] () [File not signed]
R2 CVPND; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [1528616 2010-09-27] (Cisco Systems, Inc.)
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [113664 2007-01-11] (SEIKO EPSON CORPORATION)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AF15BDA; C:\windows\System32\DRIVERS\AF15BDA.sys [483200 2009-06-03] (ITETech )
R1 AsUpIO; C:\windows\System32\drivers\AsUpIO.sys [11448 2009-10-06] ()
S3 Axtmvflt; C:\windows\System32\DRIVERS\Axtmvflt.sys [3456 2007-03-22] (Axesstel) [File not signed]
S3 Axtmvmdm; C:\windows\System32\DRIVERS\Axtmvmdm.sys [40064 2007-03-26] (Axesstel) [File not signed]
S3 Axtmvprt; C:\windows\System32\Drivers\Axtmvprt.sys [38784 2007-03-26] (Axesstel) [File not signed]
S3 CVirtA; C:\windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
R2 CVPNDRVA; C:\windows\system32\Drivers\CVPNDRVA.sys [308859 2010-09-27] (Cisco Systems, Inc.) [File not signed]
R3 DNE; C:\windows\System32\DRIVERS\dne2000.sys [131984 2008-11-16] (Deterministic Networks, Inc.)
S3 Huawei; C:\windows\System32\DRIVERS\ewdcsc.sys [23424 2007-08-09] (Huawei Tech. Co., Ltd.)
R3 igd; C:\windows\System32\DRIVERS\igdkmd32.sys [635552 2009-10-10] (Intel Corporation)
R3 kbfiltr; C:\windows\System32\DRIVERS\kbfiltr.sys [13880 2009-07-20] ( )
R0 MpFilter; C:\windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
R1 MpKsl19a084ed; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F1048947-A203-4797-B826-A5B3719AE225}\MpKsl19a084ed.sys [39168 2015-08-02] (Microsoft Corporation)
R0 sptd; C:\windows\System32\Drivers\sptd.sys [691696 2010-12-01] () [File not signed]
S3 USB28xxBGA; C:\windows\System32\DRIVERS\emBDA.sys [582016 2010-02-24] (eMPIA Technology, Inc.)
S3 USB28xxOEM; C:\windows\System32\DRIVERS\emOEM.sys [562176 2010-02-24] (eMPIA Technology, Inc.)
R3 WFMC_VAD; C:\windows\System32\DRIVERS\wfmcvad.sys [19456 2010-02-08] (WiFi Media Connect)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [198656 2009-10-21] (Huawei Technologies Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-02 21:31 - 2015-08-02 21:31 - 00015234 _____ C:\Users\Butes\Desktop\FRST.txt
2015-08-02 21:30 - 2015-08-02 21:31 - 00000000 ____D C:\FRST
2015-08-02 21:29 - 2015-08-02 21:29 - 00112640 _____ (forum.viry.cz) C:\Users\Butes\Downloads\Nepotvrzeno 108080.crdownload
2015-08-02 21:29 - 2015-08-02 21:29 - 00112640 _____ (forum.viry.cz) C:\Users\Butes\Desktop\FRSTLauncher.exe
2015-08-02 21:28 - 2015-08-02 21:27 - 01673728 _____ (Farbar) C:\Users\Butes\Desktop\FRST.exe
2015-08-02 21:27 - 2015-08-02 21:27 - 01673728 _____ (Farbar) C:\Users\Butes\Downloads\FRST.exe
2015-08-02 14:03 - 2015-08-02 14:07 - 00000000 ____D C:\Users\Butes\Desktop\zaloha

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-02 21:25 - 2009-12-25 12:34 - 01548301 _____ C:\windows\WindowsUpdate.log
2015-08-02 21:08 - 2012-04-21 14:23 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-08-02 21:02 - 2012-10-30 19:55 - 00000940 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-02 20:59 - 2010-01-25 21:36 - 00000962 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1349384248-236505676-3158548863-1001UA.job
2015-08-02 14:24 - 2014-12-26 23:13 - 00000000 ____D C:\Users\Public\Downloads\Maps
2015-08-02 12:41 - 2009-10-14 18:13 - 01592446 _____ C:\windows\system32\PerfStringBackup.INI
2015-08-02 11:49 - 2009-07-14 06:34 - 00018736 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-02 11:49 - 2009-07-14 06:34 - 00018736 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-02 11:41 - 2015-02-03 14:01 - 00002812 _____ C:\windows\setupact.log
2015-08-02 11:41 - 2012-10-30 19:55 - 00000936 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-02 11:41 - 2009-07-14 06:53 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-08-02 10:58 - 2012-04-21 14:23 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2015-08-02 10:58 - 2011-05-15 18:52 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2015-08-02 10:18 - 2009-07-14 04:37 - 00000000 ____D C:\windows\rescache
2015-08-02 08:03 - 2014-12-24 11:38 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-08-01 22:59 - 2010-01-25 21:36 - 00000910 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1349384248-236505676-3158548863-1001Core.job
2015-07-05 12:11 - 2010-02-26 17:58 - 00246952 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2015-07-03 09:31 - 2010-01-05 20:41 - 00000000 ____D C:\Program Files\Microsoft Silverlight

==================== Files in the root of some directories =======

2010-12-28 23:01 - 2010-12-28 23:01 - 0002528 _____ () C:\Users\Butes\AppData\Roaming\$_hpcst$.hpc
2009-12-26 17:51 - 2009-12-26 17:51 - 0000000 _____ () C:\Users\Butes\AppData\Roaming\wklnhst.dat
2010-12-03 02:43 - 2010-12-03 02:43 - 0000146 _____ () C:\ProgramData\LmeUSB.log
2010-12-03 02:43 - 2010-12-03 02:43 - 0000143 _____ () C:\ProgramData\LmeZJSW.log

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

FontResizer (HKLM\...\{FAD8718D-950E-468D-BDE2-17D4D6F1EA6A}) (Version: 1.01.0007 - ASUS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1349384248-236505676-3158548863-1001Core.job => C:\Users\Butes\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1349384248-236505676-3158548863-1001UA.job => C:\Users\Butes\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Butes\Desktop" je 3645 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eee Docking
C:\Program Files\ASUS\Eee Docking\Eee Docking.exe autorun [x]

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#11 Příspěvek od **Rudy** » 02 srp 2015 21:18

Spusťte znovu ADW a dejte log.

butes · #12 Příspěvek od **butes** » 02 srp 2015 21:29

Tady je:

# AdwCleaner v4.208 - Log vytvořen 02/08/2015 v 22:25:46
# Aktualizováno 09/07/2015 by Xplode
# Databáze : 2015-08-01.1 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x86)
# Uživatelské jméno : Butes - BUTES-PC
# Spuštěno z : C:\Users\Butes\Desktop\adwcleaner_4.208.exe
# Nastavení : Čištění

***** [ Služby ] *****

***** [ Soubory / Složky ] *****

***** [ Naplánované úlohy ] *****

***** [ Zástupci ] *****

***** [ Registry ] *****

Klíč Smazáno : HKLM\SOFTWARE\Classes\ToolBand.EasyHideBtn
Klíč Smazáno : HKLM\SOFTWARE\Classes\ToolBand.EasyHideBtn.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\ToolBand.Localizer
Klíč Smazáno : HKLM\SOFTWARE\Classes\ToolBand.Localizer.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\ToolBand.NameHighlighter
Klíč Smazáno : HKLM\SOFTWARE\Classes\ToolBand.NameHighlighter.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\ToolBand.NameHighlighterStatistics
Klíč Smazáno : HKLM\SOFTWARE\Classes\ToolBand.NameHighlighterStatistics.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\ToolBand.SkypeIEHelper
Klíč Smazáno : HKLM\SOFTWARE\Classes\ToolBand.SkypeIEHelper.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\ToolBand.SNameProxy
Klíč Smazáno : HKLM\SOFTWARE\Classes\ToolBand.SNameProxy.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{937936AF-28CA-4973-B8AE-F250406149A2}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{937936AF-28CA-4973-B8AE-F250406149A2}
Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]
Klíč Smazáno : HKCU\Software\OCS
Klíč Smazáno : HKCU\Software\Softonic
Klíč Smazáno : HKCU\Software\YahooPartnerToolbar
Klíč Smazáno : HKLM\SOFTWARE\dt soft\daemon tools toolbar
Klíč Smazáno : HKLM\SOFTWARE\WebShot\OpenCandy

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17728

-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [2042 bytů] - [02/08/2015 22:23:40]
AdwCleaner[S0].txt - [1947 bytů] - [02/08/2015 22:25:46]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2005 bytů] ##########

#13 Příspěvek od **Rudy** » 02 srp 2015 21:34

Dejte nový log FRST.

butes · #14 Příspěvek od **butes** » 02 srp 2015 21:38

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:02-08-2015 01
Ran by Butes (administrator) on BUTES-PC (02-08-2015 22:35:14)
Running from C:\Users\Butes\Desktop
Loaded Profiles: Butes (Available Profiles: Butes)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
() C:\Windows\System32\AsusService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ASUS) C:\Windows\AsScrPro.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\SHE\SuperHybridEngine.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Users\Butes\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Butes\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Butes\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Users\Butes\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(forum.viry.cz) C:\Users\Butes\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1545512 2009-07-20] (Synaptics Incorporated)
HKLM\...\Run: [HotkeyService] => C:\Program Files\EeePC\HotkeyService\HotkeyService.exe [752056 2009-09-24] (ASUSTeK Computer Inc.)
HKLM\...\Run: [HotKeyMon] => C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe [100328 2009-09-11] (ASUSTeK Computer Inc.)
HKLM\...\Run: [SuperHybridEngine] => C:\Program Files\EeePC\SHE\SuperHybridEngine.exe [413688 2009-09-09] (ASUSTeK Computer Inc.)
HKLM\...\Run: [ASUS Screen Saver Protector] => C:\windows\AsScrPro.exe [3058304 2009-10-14] (ASUS)
HKLM\...\Run: [SynAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [83240 2009-07-20] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7739936 2009-09-11] (Realtek Semiconductor)
HKLM\...\Run: [IgfxExt] => C:\windows\system32\IgfxExt.exe [174616 2009-10-15] (Intel Corporation)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\Update\realsched.exe [273544 2011-02-23] (RealNetworks, Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-30] (Microsoft Corporation)
HKU\S-1-5-21-1349384248-236505676-3158548863-1001\...\Run: [Google Update] => C:\Users\Butes\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-31] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2009-10-14]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk [2011-10-05]
ShortcutTarget: VPN Client.lnk -> C:\Windows\Installer\{1CE60928-8325-49A8-8B06-633E48DD2B67}\Icon3E5562ED7.ico ()
ShellIconOverlayIdentifiers: [OverlayIconExtension1] -> {fe25455d-b4c2-4e32-97d2-92632ec1c224} => C:\windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [OverlayIconExtension2] -> {1fae2d88-a78e-4f03-909f-be818a3c1ce6} => C:\windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1349384248-236505676-3158548863-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1349384248-236505676-3158548863-1001 -> {679A3659-DFB6-4D8D-B2AA-790E7850156D} URL = http://www.google.cz/search?q={searchTe ... {startPage}
BHO: Skype add-on (mastermind) -> {22BF413B-C6D2-4d91-82A9-A0F997BA588C} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-07-15] (Skype Technologies S.A.)
BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22] (Microsoft Corporation)
BHO: SSVHelper Class -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2011-05-04] (Sun Microsystems, Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-04] (Sun Microsystems, Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{A6324140-8BE6-4935-900C-DCBD5D38869C}: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-06-27] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-05-04] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=12.0.1.633 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2011-02-23] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=12.0.1.633 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll [2011-02-23] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=12.0.1.633 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2011-02-23] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=12.0.1.633 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll [2011-02-23] (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-01] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-01] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1349384248-236505676-3158548863-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Butes\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-01] (Google Inc.)
FF Plugin HKU\S-1-5-21-1349384248-236505676-3158548863-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Butes\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-01] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\Butes\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Translate) - C:\Users\Butes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2010-05-30]
CHR Extension: (YouTube) - C:\Users\Butes\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-25]
CHR Extension: (Google Search) - C:\Users\Butes\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-25]
CHR Extension: (AdBlock) - C:\Users\Butes\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2011-02-22]
CHR Extension: (Star Gazing) - C:\Users\Butes\AppData\Local\Google\Chrome\User Data\Default\Extensions\mblmlcbknbnfebdfjnolmcapmdofhmme [2010-04-01]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\Butes\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2010-05-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Butes\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (Gmail) - C:\Users\Butes\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-25]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - No Path Or update_url value
StartMenuInternet: Google Chrome - C:\Users\Butes\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AsusService; C:\Windows\System32\AsusService.exe [219136 2009-08-19] () [File not signed]
R2 CVPND; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [1528616 2010-09-27] (Cisco Systems, Inc.)
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [113664 2007-01-11] (SEIKO EPSON CORPORATION)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AF15BDA; C:\windows\System32\DRIVERS\AF15BDA.sys [483200 2009-06-03] (ITETech )
R1 AsUpIO; C:\windows\System32\drivers\AsUpIO.sys [11448 2009-10-06] ()
S3 Axtmvflt; C:\windows\System32\DRIVERS\Axtmvflt.sys [3456 2007-03-22] (Axesstel) [File not signed]
S3 Axtmvmdm; C:\windows\System32\DRIVERS\Axtmvmdm.sys [40064 2007-03-26] (Axesstel) [File not signed]
S3 Axtmvprt; C:\windows\System32\Drivers\Axtmvprt.sys [38784 2007-03-26] (Axesstel) [File not signed]
S3 CVirtA; C:\windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
R2 CVPNDRVA; C:\windows\system32\Drivers\CVPNDRVA.sys [308859 2010-09-27] (Cisco Systems, Inc.) [File not signed]
R3 DNE; C:\windows\System32\DRIVERS\dne2000.sys [131984 2008-11-16] (Deterministic Networks, Inc.)
S3 Huawei; C:\windows\System32\DRIVERS\ewdcsc.sys [23424 2007-08-09] (Huawei Tech. Co., Ltd.)
R3 igd; C:\windows\System32\DRIVERS\igdkmd32.sys [635552 2009-10-10] (Intel Corporation)
R3 kbfiltr; C:\windows\System32\DRIVERS\kbfiltr.sys [13880 2009-07-20] ( )
R0 MpFilter; C:\windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
R1 MpKslc05676c3; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F1048947-A203-4797-B826-A5B3719AE225}\MpKslc05676c3.sys [39168 2015-08-02] (Microsoft Corporation)
R0 sptd; C:\windows\System32\Drivers\sptd.sys [691696 2010-12-01] () [File not signed]
S3 USB28xxBGA; C:\windows\System32\DRIVERS\emBDA.sys [582016 2010-02-24] (eMPIA Technology, Inc.)
S3 USB28xxOEM; C:\windows\System32\DRIVERS\emOEM.sys [562176 2010-02-24] (eMPIA Technology, Inc.)
R3 WFMC_VAD; C:\windows\System32\DRIVERS\wfmcvad.sys [19456 2010-02-08] (WiFi Media Connect)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [198656 2009-10-21] (Huawei Technologies Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-02 22:23 - 2015-08-02 22:25 - 00000000 ____D C:\AdwCleaner
2015-08-02 22:23 - 2015-08-02 22:22 - 02248704 _____ C:\Users\Butes\Desktop\adwcleaner_4.208.exe
2015-08-02 22:21 - 2015-08-02 22:22 - 02248704 _____ C:\Users\Butes\Downloads\adwcleaner_4.208.exe
2015-08-02 21:31 - 2015-08-02 22:35 - 00014978 _____ C:\Users\Butes\Desktop\FRST.txt
2015-08-02 21:30 - 2015-08-02 22:35 - 00000000 ____D C:\FRST
2015-08-02 21:29 - 2015-08-02 21:29 - 00112640 _____ (forum.viry.cz) C:\Users\Butes\Downloads\Nepotvrzeno 108080.crdownload
2015-08-02 21:29 - 2015-08-02 21:29 - 00112640 _____ (forum.viry.cz) C:\Users\Butes\Desktop\FRSTLauncher.exe
2015-08-02 21:28 - 2015-08-02 21:27 - 01673728 _____ (Farbar) C:\Users\Butes\Desktop\FRST.exe
2015-08-02 21:27 - 2015-08-02 21:27 - 01673728 _____ (Farbar) C:\Users\Butes\Downloads\FRST.exe
2015-08-02 14:03 - 2015-08-02 14:07 - 00000000 ____D C:\Users\Butes\Desktop\zaloha

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-02 22:35 - 2009-07-14 06:34 - 00018736 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-02 22:35 - 2009-07-14 06:34 - 00018736 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-02 22:31 - 2009-12-25 12:34 - 01569433 _____ C:\windows\WindowsUpdate.log
2015-08-02 22:27 - 2012-10-30 19:55 - 00000936 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-02 22:27 - 2009-07-14 06:53 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-08-02 22:26 - 2015-02-03 14:01 - 00002924 _____ C:\windows\setupact.log
2015-08-02 22:08 - 2012-04-21 14:23 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-08-02 22:02 - 2012-10-30 19:55 - 00000940 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-02 21:59 - 2010-01-25 21:36 - 00000962 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1349384248-236505676-3158548863-1001UA.job
2015-08-02 14:24 - 2014-12-26 23:13 - 00000000 ____D C:\Users\Public\Downloads\Maps
2015-08-02 12:41 - 2009-10-14 18:13 - 01592446 _____ C:\windows\system32\PerfStringBackup.INI
2015-08-02 10:58 - 2012-04-21 14:23 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2015-08-02 10:58 - 2011-05-15 18:52 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2015-08-02 10:18 - 2009-07-14 04:37 - 00000000 ____D C:\windows\rescache
2015-08-02 08:03 - 2014-12-24 11:38 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-08-01 22:59 - 2010-01-25 21:36 - 00000910 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1349384248-236505676-3158548863-1001Core.job
2015-07-05 12:11 - 2010-02-26 17:58 - 00246952 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2015-07-03 09:31 - 2010-01-05 20:41 - 00000000 ____D C:\Program Files\Microsoft Silverlight

==================== Files in the root of some directories =======

2010-12-28 23:01 - 2010-12-28 23:01 - 0002528 _____ () C:\Users\Butes\AppData\Roaming\$_hpcst$.hpc
2009-12-26 17:51 - 2009-12-26 17:51 - 0000000 _____ () C:\Users\Butes\AppData\Roaming\wklnhst.dat
2010-12-03 02:43 - 2010-12-03 02:43 - 0000146 _____ () C:\ProgramData\LmeUSB.log
2010-12-03 02:43 - 2010-12-03 02:43 - 0000143 _____ () C:\ProgramData\LmeZJSW.log

Some files in TEMP:
====================
C:\Users\Butes\AppData\Local\Temp\Quarantine.exe
C:\Users\Butes\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

FontResizer (HKLM\...\{FAD8718D-950E-468D-BDE2-17D4D6F1EA6A}) (Version: 1.01.0007 - ASUS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1349384248-236505676-3158548863-1001Core.job => C:\Users\Butes\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1349384248-236505676-3158548863-1001UA.job => C:\Users\Butes\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Butes\Desktop" je 3647 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eee Docking
C:\Program Files\ASUS\Eee Docking\Eee Docking.exe autorun [x]

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#15 Příspěvek od **Rudy** » 03 srp 2015 16:44

Otevřte poznámkový blok a zkopírujte do něj:

Start
ShortcutTarget: VPN Client.lnk -> C:\Windows\Installer\{1CE60928-8325-49A8-8B06-633E48DD2B67}\Icon3E5562ED7.ico ()
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype add-on (mastermind) -> {22BF413B-C6D2-4d91-82A9-A0F997BA588C} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-07-15] (Skype Technologies S.A.)
C:\Program Files\Skype\Toolbars
FF Plugin: @microsoft.com/GENUINE -> disabled No File
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1349384248-236505676-3158548863-1001UA.job
C:\Users\Butes\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Z logu:

Velikost slozky "C:\Users\Butes\Desktop" je 3647 MB.

To je dost vysoké číslo. Může se prodlužovat start systému. Udělejte v C:\Users\Butes nový adresář, kam přesuňte všechna data z plocy (kromě zástupců). Pro snazší přístup dejte na plochu zástupce té složky.

VIRY.CZ

prosím o pomoc

prosím o pomoc

Re: prosím o pomoc

Re: prosím o pomoc

Re: prosím o pomoc

Re: prosím o pomoc

Re: prosím o pomoc

Re: prosím o pomoc

Re: prosím o pomoc

Re: prosím o pomoc

Re: prosím o pomoc

Re: prosím o pomoc

Re: prosím o pomoc

Re: prosím o pomoc

Re: prosím o pomoc

Re: prosím o pomoc