prosím o pomoc

[butes]

Je zde:
Fix result of Farbar Recovery Scan Tool (x86) Version:02-08-2015 01
Ran by Butes (2015-08-03 20:53:43) Run:1
Running from C:\Users\Butes\Desktop
Loaded Profiles: Butes (Available Profiles: Butes)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
ShortcutTarget: VPN Client.lnk -> C:\Windows\Installer\{1CE60928-8325-49A8-8B06-633E48DD2B67}\Icon3E5562ED7.ico ()
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype add-on (mastermind) -> {22BF413B-C6D2-4d91-82A9-A0F997BA588C} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-07-15] (Skype Technologies S.A.)
C:\Program Files\Skype\Toolbars
FF Plugin: @microsoft.com/GENUINE -> disabled No File
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1349384248-236505676-3158548863-1001UA.job
C:\Users\Butes\AppData\Local\Temp
End
*****************

C:\Windows\Installer\{1CE60928-8325-49A8-8B06-633E48DD2B67}\Icon3E5562ED7.ico => moved successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}" => key removed successfully.
"HKCR\CLSID\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}" => key removed successfully.
C:\Program Files\Skype\Toolbars => moved successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1349384248-236505676-3158548863-1001UA.job => moved successfully.

"C:\Users\Butes\AppData\Local\Temp" folder move:

Could not move "C:\Users\Butes\AppData\Local\Temp" => Scheduled to move on reboot.


Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-08-03 20:56:24)<=

C:\Users\Butes\AppData\Local\Temp => moved successfully

==== End of Fixlog 20:56:24 ====

[Rudy]

Vše smazáno. Vše v pořádku?

[butes]

Děkuji, zdá se to v pořádku. Je nějaká šance, abych těmto infekcím předcházel tím, že budu jednou za čas projíždět PC jednou z těchto utilit a sám nakažení rozpoznám? Nebo doporučujete obecně nějakou prevenci kromě toho, že bude mít člověk aktualizovaný antivirový program a nebude prohlížet kdejaké odkazy na netu? Pomůže třeba koupě Internet Security programů? Děkuji za Vaše užitečné rady.


Mohu Vás poprosit ještě o jeden počítač v domácnosti? Skutečně poslední.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:02-08-2015 01
Ran by Lucie (administrator) on LUCIE-PC (04-08-2015 06:59:15)
Running from C:\Users\Lucie\Desktop
Loaded Profiles: Lucie (Available Profiles: Lucie)
Platform: Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(ArcSoft, Inc.) C:\Program Files\Common Files\ArcSoft\esinter\Bin\eservutil.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FATICEE.EXE
(Sony) C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
() C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(forum.viry.cz) C:\Users\Lucie\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1045800 2008-03-27] (Synaptics, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-07-29] (AVAST Software)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1183744 2007-02-21] (Analog Devices, Inc.)
HKLM\...\Run: [TkBellExe] => c:\program files\real\realplayer\Update\realsched.exe [295512 2014-10-08] (RealNetworks, Inc.)
HKU\S-1-5-21-236267701-3676137454-311591954-1000\...\Run: [Google Update] => C:\Users\Lucie\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-27] (Google Inc.)
HKU\S-1-5-21-236267701-3676137454-311591954-1000\...\Run: [EPSON Stylus DX8400 Series] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE [182272 2007-04-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-236267701-3676137454-311591954-1000\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [456576 2015-06-10] (Sony)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-07-29] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

AutoConfigURL: [S-1-5-21-236267701-3676137454-311591954-1000] => http://ezdroje.muni.cz/proxy/libproxy.pac
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-236267701-3676137454-311591954-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
HKU\S-1-5-21-236267701-3676137454-311591954-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKU\S-1-5-21-236267701-3676137454-311591954-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
SearchScopes: HKLM -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKLM -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKU\S-1-5-21-236267701-3676137454-311591954-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-08-12] (RealDownloader)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-01-27] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-29] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-01-27] (Oracle Corporation)
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net ... plugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-21] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 194.228.41.65 194.228.41.113
Tcpip\..\Interfaces\{65BB0F59-0FEE-4CE9-B180-DCAC2827AC16}: [DhcpNameServer] 10.1.1.10 10.1.1.20
Tcpip\..\Interfaces\{912A55AB-9A1C-447D-AC01-8383DB04C683}: [DhcpNameServer] 194.228.41.65 194.228.41.113

FireFox:
========
FF ProfilePath: C:\Users\Lucie\AppData\Roaming\Mozilla\Firefox\Profiles\8hnegohv.default
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Windows\system32\npdeployJava1.dll [2014-01-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-01-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-01-27] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll [2011-08-03] (Sony Computer Entertainment Inc.)
FF Plugin: @real.com/nppl3260;version=16.0.4.19 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2014-10-08] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.4 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-08-12] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-10-01] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-10-01] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.4.19 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2014-10-08] (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2014-08-12] (RealDownloader)
FF Plugin: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files\Sony\Media Go\npmediago.dll [2012-02-03] (Sony Network Entertainment International LLC)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-236267701-3676137454-311591954-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Lucie\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-236267701-3676137454-311591954-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Lucie\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} [2015-07-10]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-10-23]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-10-23]
FF HKLM\...\Firefox\Extensions: [{1B12EF76-2B5E-4DA1-B587-4762D49BFE03}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-10-08]

Chrome:
=======
CHR Profile: C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-01-04]
CHR Extension: (Send to Kindle for Google Chrome™) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdjpilhipecahhcilnafpblkieebhea [2014-02-08]
CHR Extension: (Google Search) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-01-04]
CHR Extension: (AdBlock) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-06-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-01-04]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-03]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 ADExchange; C:\Program Files\Common Files\ArcSoft\esinter\Bin\eservutil.exe [43072 2012-03-19] (ArcSoft, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-29] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3218624 2015-07-13] (Avast Software)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2014-08-12] ()
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155520 2015-06-10] (Avanquest Software)
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2004-12-13] (Ulead Systems, Inc.) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-07-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-07-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55200 2015-07-29] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-07-29] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [788784 2015-07-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [433264 2015-07-29] (AVAST Software)
R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [161472 2015-07-29] (AVAST Software)
S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57888 2015-07-29] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-07-29] (AVAST Software)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-10] (Společnost Microsoft)
S3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [23424 2009-12-15] (Huawei Tech. Co., Ltd.)
R0 ngvss; C:\Windows\system32\Drivers\ngvss.sys [95112 2015-07-29] (AVAST Software)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [89256 2008-05-16] (MCCI Corporation)
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2007-11-09] (Samsung Electronics) [File not signed]
R3 ULCDRHlp; C:\Windows\System32\Drivers\ULCDRHlp.sys [27392 2004-12-23] (Ulead Systems, Inc.) [File not signed]
S3 USB28xxBGA; C:\Windows\System32\DRIVERS\emBDA.sys [582016 2010-02-24] (eMPIA Technology, Inc.)
S3 USB28xxOEM; C:\Windows\System32\DRIVERS\emOEM.sys [562176 2010-02-24] (eMPIA Technology, Inc.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-07-13] (Avast Software)
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
U4 eabfiltr; No ImagePath
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [112640 2009-12-15] (Huawei Technologies Co., Ltd.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP2\WNt500x86\Sandra.sys [X]
S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-04 06:59 - 2015-08-04 06:59 - 00016691 _____ C:\Users\Lucie\Desktop\FRST.txt
2015-08-04 06:59 - 2015-08-04 06:59 - 00000000 ____D C:\FRST
2015-08-04 06:57 - 2015-08-04 06:57 - 00112640 _____ (forum.viry.cz) C:\Users\Lucie\Desktop\FRSTLauncher.exe
2015-08-04 06:56 - 2015-08-04 06:55 - 01673728 _____ (Farbar) C:\Users\Lucie\Desktop\FRST.exe
2015-08-04 06:55 - 2015-08-04 06:55 - 01673728 _____ (Farbar) C:\Users\Lucie\Downloads\FRST.exe
2015-08-04 06:50 - 2015-08-04 06:51 - 01673728 _____ (Farbar) C:\Users\Lucie\Downloads\Nepotvrzeno 844019.crdownload
2015-08-03 19:02 - 2015-08-03 19:23 - 370713953 _____ C:\Users\Lucie\Downloads\American-Horror-Story-Freak-Show---s04e07---CZ.mp4
2015-08-03 18:58 - 2015-08-03 18:58 - 00011580 _____ C:\Users\Lucie\Desktop\Prémie THP (1).xlsx
2015-08-03 18:49 - 2015-08-03 18:54 - 77222749 _____ C:\Users\Lucie\Downloads\GTA-VICE-CITY-FEVER-105-FM-FULL-RADIO-STADION.mp4
2015-08-03 18:47 - 2015-08-03 18:47 - 00011580 _____ C:\Users\Lucie\Downloads\Prémie THP.xlsx
2015-07-29 21:38 - 2015-07-29 21:38 - 00000092 _____ C:\Users\Lucie\Desktop\hesla.txt
2015-07-29 20:29 - 2015-07-29 20:28 - 00313472 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-07-29 20:28 - 2015-07-29 20:28 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-07-21 22:40 - 2015-07-14 18:02 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 22:40 - 2015-07-14 16:23 - 00296960 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 20:19 - 2015-07-03 07:31 - 12386304 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-21 20:19 - 2015-07-03 07:18 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-17 00:29 - 2015-07-03 18:04 - 01316864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-17 00:29 - 2015-06-25 04:57 - 02066432 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-17 00:26 - 2015-06-17 18:50 - 02264576 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-17 00:26 - 2015-06-17 17:09 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-17 00:24 - 2015-06-12 18:01 - 00298496 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-16 22:36 - 2015-05-31 10:11 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-16 18:17 - 2015-06-27 18:03 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-16 18:17 - 2015-06-27 18:02 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-16 18:17 - 2015-06-27 18:02 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-16 18:17 - 2015-06-27 18:01 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-07-16 18:17 - 2015-06-27 16:21 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-16 18:17 - 2015-06-27 16:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-16 18:17 - 2015-06-12 15:13 - 00440768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-16 18:17 - 2015-01-09 02:17 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 22:18 - 2015-06-17 03:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 22:18 - 2015-06-17 03:10 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 22:18 - 2015-06-17 03:09 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 22:18 - 2015-06-17 03:09 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 22:18 - 2015-06-17 03:09 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 22:18 - 2015-06-17 03:09 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 22:18 - 2015-06-17 03:08 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 22:18 - 2015-06-17 03:08 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 22:18 - 2015-06-17 03:08 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 22:18 - 2015-06-17 03:08 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-07-15 22:18 - 2015-06-17 03:08 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 22:18 - 2015-06-17 03:08 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 22:18 - 2015-06-17 03:08 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 22:18 - 2015-06-17 03:08 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 22:18 - 2015-06-17 03:08 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-07-15 22:18 - 2015-06-17 03:08 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-07-15 22:18 - 2015-06-17 03:08 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-07-15 22:17 - 2015-06-17 03:14 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 22:17 - 2015-06-17 03:12 - 09750528 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 22:17 - 2015-06-17 03:08 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-14 19:27 - 2015-07-14 19:50 - 408350480 _____ C:\Users\Lucie\Downloads\American_Horror_Story.S04E04.TVRip.XviD.CZ.avi
2015-07-13 17:32 - 2015-07-29 20:29 - 00161472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStmXP.sys
2015-07-13 17:32 - 2015-07-29 20:26 - 00095112 _____ (AVAST Software) C:\Windows\system32\Drivers\ngvss.sys
2015-07-10 21:46 - 2015-07-14 15:52 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-07-08 19:21 - 2015-07-08 19:50 - 510479258 _____ C:\Users\Lucie\Downloads\American_Horror_Story.S04E02.TVRip.XviD.CZ.avi

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-04 06:53 - 2008-01-21 03:38 - 01647170 _____ C:\Windows\WindowsUpdate.log
2015-08-04 06:48 - 2012-06-29 22:02 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-04 06:48 - 2006-11-02 14:58 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-04 06:48 - 2006-11-02 14:45 - 00003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-04 06:48 - 2006-11-02 14:45 - 00003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-03 22:08 - 2006-11-02 14:58 - 00032616 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-08-03 21:38 - 2011-10-23 20:47 - 00000000 ____D C:\Users\Lucie\AppData\Roaming\vlc
2015-08-03 21:25 - 2012-06-29 22:02 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-03 21:18 - 2011-10-25 18:19 - 00000962 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-236267701-3676137454-311591954-1000UA.job
2015-08-03 21:17 - 2012-04-10 09:26 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-03 18:38 - 2013-12-29 16:51 - 00001742 ____H C:\Users\Lucie\Documents\Default.rdp
2015-08-03 18:18 - 2011-10-25 18:19 - 00000910 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-236267701-3676137454-311591954-1000Core.job
2015-08-02 20:51 - 2015-05-31 22:17 - 00000000 ____D C:\Users\Lucie\Desktop\NJ
2015-08-02 20:49 - 2011-10-25 18:20 - 00002042 _____ C:\Users\Lucie\Desktop\Google Chrome.lnk
2015-08-02 20:47 - 2011-12-05 19:55 - 00000000 ____D C:\Users\Lucie\Documents\Radek
2015-07-29 21:32 - 2014-07-08 18:10 - 00016334 _____ C:\Windows\PFRO.log
2015-07-29 20:29 - 2014-04-19 20:30 - 00024016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-07-29 20:29 - 2013-03-03 10:07 - 00208664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-07-29 20:29 - 2013-03-03 10:07 - 00049776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-07-29 20:29 - 2011-10-23 16:15 - 00433264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-07-29 20:29 - 2011-10-23 16:15 - 00076000 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-07-29 20:29 - 2011-10-23 16:15 - 00057888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2015-07-29 20:29 - 2011-10-23 16:15 - 00055200 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2015-07-29 20:26 - 2011-10-23 16:15 - 00788784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-07-24 20:23 - 2006-11-02 14:44 - 00264984 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-21 20:10 - 2011-10-23 20:36 - 00160768 _____ C:\Users\Lucie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-18 09:26 - 2011-10-23 18:33 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-18 09:11 - 2006-11-02 12:33 - 01532794 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-17 00:23 - 2013-07-22 22:44 - 00000000 ____D C:\Windows\system32\MRT
2015-07-16 22:42 - 2011-10-23 20:22 - 00002425 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-07-14 22:17 - 2012-04-10 09:26 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-07-14 22:17 - 2011-10-23 20:25 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-07-14 17:01 - 2015-03-03 21:33 - 00000000 ____D C:\Windows\system32\vbox
2015-07-14 15:52 - 2015-06-21 13:20 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-07-09 17:31 - 2015-05-20 18:38 - 00139182 _____ C:\Windows\DPINST.LOG
2015-07-09 17:29 - 2015-05-20 18:36 - 00001839 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2015-07-09 17:29 - 2012-12-24 12:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-07-09 17:29 - 2011-10-23 16:24 - 00000000 ___HD C:\Program Files\InstallShield Installation Information

==================== Files in the root of some directories =======

2014-04-06 23:04 - 2014-04-06 23:04 - 6000640 _____ () C:\Program Files\GUTC778.tmp
2011-10-23 16:46 - 2011-10-23 16:46 - 0000000 _____ () C:\Users\Lucie\AppData\Local\AtStart.txt
2011-10-23 15:18 - 2015-03-13 23:05 - 0001356 _____ () C:\Users\Lucie\AppData\Local\d3d9caps.dat
2011-10-23 20:36 - 2015-07-21 20:10 - 0160768 _____ () C:\Users\Lucie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-10-23 16:46 - 2011-10-23 16:46 - 0000000 _____ () C:\Users\Lucie\AppData\Local\DSwitch.txt
2011-10-23 16:46 - 2011-10-23 16:46 - 0000000 _____ () C:\Users\Lucie\AppData\Local\QSwitch.txt

Some files in TEMP:
====================
C:\Users\Lucie\AppData\Local\Temp\GURD4F.exe
C:\Users\Lucie\AppData\Local\Temp\GURFFEF.exe
C:\Users\Lucie\AppData\Local\Temp\lowproc.exe
C:\Users\Lucie\AppData\Local\Temp\mp3el2.exe
C:\Users\Lucie\AppData\Local\Temp\rnupdate0.exe
C:\Users\Lucie\AppData\Local\Temp\stubhelper.dll
C:\Users\Lucie\AppData\Local\Temp\x264enc5.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-236267701-3676137454-311591954-1000Core.job => C:\Users\Lucie\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-236267701-3676137454-311591954-1000UA.job => C:\Users\Lucie\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Lucie\Desktop" je 20871 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFast Schedule
C:\Program Files\WinFast\WFDTV\WFWIZ.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFastDTV
C:\Program Files\WinFast\WFDTV\DTVSchdl.exe


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[Rudy]

Tak InetrnetSecurity produkty jsou komplexní balík, který obsahu nadstavbu antiviru v podobě firewallu a někdy i dalších prvků. jeho přednost je v tom, že by měl blokovat neznámé IP (které nemá v pravidlech - ta musí být vytvořena v průběhu používání PC a vy sám si do nich dáte, co libo). Jinak samozřejmě základem je aktuální antivir a obezřetné chování na internetu. Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

O té ploše platí totéž, co v předchozím případě.

[butes]

Prosím, tady je:

# AdwCleaner v4.208 - Log vytvořen 04/08/2015 v 18:39:38
# Aktualizováno 09/07/2015 by Xplode
# Databáze : 2015-08-01.1 [Server]
# Operační system : Windows Vista (TM) Home Basic Service Pack 2 (x86)
# Uživatelské jméno : Lucie - LUCIE-PC
# Spuštěno z : C:\Users\Lucie\Desktop\adwcleaner_4.208.exe
# Nastavení : Čištění

***** [ Služby ] *****


***** [ Soubory / Složky ] *****

Soubor Smazáno : C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
Soubor Smazáno : C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal

***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****


***** [ Prohlížeče ] *****

-\\ Internet Explorer v9.0.8112.16669


-\\ Mozilla Firefox v39.0 (x86 cs)


-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [1059 bytů] - [04/08/2015 18:38:17]
AdwCleaner[S0].txt - [984 bytů] - [04/08/2015 18:39:38]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1041 bytů] ##########

[Rudy]

Dejte nový log FRST.

[butes]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:02-08-2015 01
Ran by Lucie (administrator) on LUCIE-PC (04-08-2015 20:48:39)
Running from C:\Users\Lucie\Desktop
Loaded Profiles: Lucie (Available Profiles: Lucie)
Platform: Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(ArcSoft, Inc.) C:\Program Files\Common Files\ArcSoft\esinter\Bin\eservutil.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FATICEE.EXE
(Sony) C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
() C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe
(forum.viry.cz) C:\Users\Lucie\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1045800 2008-03-27] (Synaptics, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-07-29] (AVAST Software)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1183744 2007-02-21] (Analog Devices, Inc.)
HKLM\...\Run: [TkBellExe] => c:\program files\real\realplayer\Update\realsched.exe [295512 2014-10-08] (RealNetworks, Inc.)
HKU\S-1-5-21-236267701-3676137454-311591954-1000\...\Run: [Google Update] => C:\Users\Lucie\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-27] (Google Inc.)
HKU\S-1-5-21-236267701-3676137454-311591954-1000\...\Run: [EPSON Stylus DX8400 Series] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE [182272 2007-04-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-236267701-3676137454-311591954-1000\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [456576 2015-06-10] (Sony)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-07-29] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

AutoConfigURL: [S-1-5-21-236267701-3676137454-311591954-1000] => http://ezdroje.muni.cz/proxy/libproxy.pac
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-236267701-3676137454-311591954-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
HKU\S-1-5-21-236267701-3676137454-311591954-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKU\S-1-5-21-236267701-3676137454-311591954-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
SearchScopes: HKLM -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-236267701-3676137454-311591954-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-08-12] (RealDownloader)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-01-27] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-29] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-01-27] (Oracle Corporation)
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net ... plugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-21] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 194.228.41.65 194.228.41.113
Tcpip\..\Interfaces\{65BB0F59-0FEE-4CE9-B180-DCAC2827AC16}: [DhcpNameServer] 10.1.1.10 10.1.1.20
Tcpip\..\Interfaces\{912A55AB-9A1C-447D-AC01-8383DB04C683}: [DhcpNameServer] 194.228.41.65 194.228.41.113

FireFox:
========
FF ProfilePath: C:\Users\Lucie\AppData\Roaming\Mozilla\Firefox\Profiles\8hnegohv.default
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Windows\system32\npdeployJava1.dll [2014-01-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-01-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-01-27] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll [2011-08-03] (Sony Computer Entertainment Inc.)
FF Plugin: @real.com/nppl3260;version=16.0.4.19 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2014-10-08] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.4 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-08-12] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-10-01] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-10-01] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.4.19 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2014-10-08] (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2014-08-12] (RealDownloader)
FF Plugin: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files\Sony\Media Go\npmediago.dll [2012-02-03] (Sony Network Entertainment International LLC)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-236267701-3676137454-311591954-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Lucie\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-236267701-3676137454-311591954-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Lucie\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} [2015-07-10]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-10-23]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-10-23]
FF HKLM\...\Firefox\Extensions: [{1B12EF76-2B5E-4DA1-B587-4762D49BFE03}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-10-08]

Chrome:
=======
CHR Profile: C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-01-04]
CHR Extension: (Send to Kindle for Google Chrome™) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdjpilhipecahhcilnafpblkieebhea [2014-02-08]
CHR Extension: (Google Search) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-01-04]
CHR Extension: (AdBlock) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-06-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-01-04]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-03]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 ADExchange; C:\Program Files\Common Files\ArcSoft\esinter\Bin\eservutil.exe [43072 2012-03-19] (ArcSoft, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-29] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3218624 2015-07-13] (Avast Software)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2014-08-12] ()
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155520 2015-06-10] (Avanquest Software)
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2004-12-13] (Ulead Systems, Inc.) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-07-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-07-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55200 2015-07-29] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-07-29] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [788784 2015-07-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [433264 2015-07-29] (AVAST Software)
R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [161472 2015-07-29] (AVAST Software)
S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57888 2015-07-29] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-07-29] (AVAST Software)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-10] (Společnost Microsoft)
S3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [23424 2009-12-15] (Huawei Tech. Co., Ltd.)
R0 ngvss; C:\Windows\system32\Drivers\ngvss.sys [95112 2015-07-29] (AVAST Software)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [89256 2008-05-16] (MCCI Corporation)
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2007-11-09] (Samsung Electronics) [File not signed]
R3 ULCDRHlp; C:\Windows\System32\Drivers\ULCDRHlp.sys [27392 2004-12-23] (Ulead Systems, Inc.) [File not signed]
S3 USB28xxBGA; C:\Windows\System32\DRIVERS\emBDA.sys [582016 2010-02-24] (eMPIA Technology, Inc.)
S3 USB28xxOEM; C:\Windows\System32\DRIVERS\emOEM.sys [562176 2010-02-24] (eMPIA Technology, Inc.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-07-13] (Avast Software)
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
U4 eabfiltr; No ImagePath
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [112640 2009-12-15] (Huawei Technologies Co., Ltd.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP2\WNt500x86\Sandra.sys [X]
S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-04 18:37 - 2015-08-04 18:39 - 00000000 ____D C:\AdwCleaner
2015-08-04 18:37 - 2015-08-04 18:37 - 02248704 _____ C:\Users\Lucie\Desktop\adwcleaner_4.208.exe
2015-08-04 07:26 - 2015-08-04 07:26 - 00008400 _____ C:\Users\Lucie\Desktop\Addition.zip
2015-08-04 06:59 - 2015-08-04 20:52 - 00016908 _____ C:\Users\Lucie\Desktop\FRST.txt
2015-08-04 06:59 - 2015-08-04 20:48 - 00000000 ____D C:\FRST
2015-08-04 06:57 - 2015-08-04 06:57 - 00112640 _____ (forum.viry.cz) C:\Users\Lucie\Desktop\FRSTLauncher.exe
2015-08-04 06:56 - 2015-08-04 06:55 - 01673728 _____ (Farbar) C:\Users\Lucie\Desktop\FRST.exe
2015-08-04 06:55 - 2015-08-04 06:55 - 01673728 _____ (Farbar) C:\Users\Lucie\Downloads\FRST.exe
2015-08-04 06:50 - 2015-08-04 06:51 - 01673728 _____ (Farbar) C:\Users\Lucie\Downloads\Nepotvrzeno 844019.crdownload
2015-08-03 19:02 - 2015-08-03 19:23 - 370713953 _____ C:\Users\Lucie\Downloads\American-Horror-Story-Freak-Show---s04e07---CZ.mp4
2015-08-03 18:58 - 2015-08-03 18:58 - 00011580 _____ C:\Users\Lucie\Desktop\Prémie THP (1).xlsx
2015-08-03 18:49 - 2015-08-03 18:54 - 77222749 _____ C:\Users\Lucie\Downloads\GTA-VICE-CITY-FEVER-105-FM-FULL-RADIO-STADION.mp4
2015-08-03 18:47 - 2015-08-03 18:47 - 00011580 _____ C:\Users\Lucie\Downloads\Prémie THP.xlsx
2015-07-29 21:38 - 2015-07-29 21:38 - 00000092 _____ C:\Users\Lucie\Desktop\hesla.txt
2015-07-29 20:29 - 2015-07-29 20:28 - 00313472 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-07-29 20:28 - 2015-07-29 20:28 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-07-21 22:40 - 2015-07-14 18:02 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 22:40 - 2015-07-14 16:23 - 00296960 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 20:19 - 2015-07-03 07:31 - 12386304 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-21 20:19 - 2015-07-03 07:18 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-17 00:29 - 2015-07-03 18:04 - 01316864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-17 00:29 - 2015-06-25 04:57 - 02066432 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-17 00:26 - 2015-06-17 18:50 - 02264576 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-17 00:26 - 2015-06-17 17:09 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-17 00:24 - 2015-06-12 18:01 - 00298496 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-16 22:36 - 2015-05-31 10:11 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-16 18:17 - 2015-06-27 18:03 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-16 18:17 - 2015-06-27 18:02 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-16 18:17 - 2015-06-27 18:02 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-16 18:17 - 2015-06-27 18:01 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-07-16 18:17 - 2015-06-27 16:21 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-16 18:17 - 2015-06-27 16:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-16 18:17 - 2015-06-12 15:13 - 00440768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-16 18:17 - 2015-01-09 02:17 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 22:18 - 2015-06-17 03:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 22:18 - 2015-06-17 03:10 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 22:18 - 2015-06-17 03:09 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 22:18 - 2015-06-17 03:09 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 22:18 - 2015-06-17 03:09 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 22:18 - 2015-06-17 03:09 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 22:18 - 2015-06-17 03:08 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 22:18 - 2015-06-17 03:08 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 22:18 - 2015-06-17 03:08 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 22:18 - 2015-06-17 03:08 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-07-15 22:18 - 2015-06-17 03:08 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 22:18 - 2015-06-17 03:08 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 22:18 - 2015-06-17 03:08 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 22:18 - 2015-06-17 03:08 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 22:18 - 2015-06-17 03:08 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-07-15 22:18 - 2015-06-17 03:08 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-07-15 22:18 - 2015-06-17 03:08 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-07-15 22:17 - 2015-06-17 03:14 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 22:17 - 2015-06-17 03:12 - 09750528 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 22:17 - 2015-06-17 03:08 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-14 19:27 - 2015-07-14 19:50 - 408350480 _____ C:\Users\Lucie\Downloads\American_Horror_Story.S04E04.TVRip.XviD.CZ.avi
2015-07-13 17:32 - 2015-07-29 20:29 - 00161472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStmXP.sys
2015-07-13 17:32 - 2015-07-29 20:26 - 00095112 _____ (AVAST Software) C:\Windows\system32\Drivers\ngvss.sys
2015-07-10 21:46 - 2015-07-14 15:52 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-07-08 19:21 - 2015-07-08 19:50 - 510479258 _____ C:\Users\Lucie\Downloads\American_Horror_Story.S04E02.TVRip.XviD.CZ.avi

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-04 20:52 - 2008-01-21 03:38 - 01665142 _____ C:\Windows\WindowsUpdate.log
2015-08-04 20:47 - 2012-06-29 22:02 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-04 20:47 - 2012-04-10 09:26 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-04 20:47 - 2011-10-25 18:19 - 00000962 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-236267701-3676137454-311591954-1000UA.job
2015-08-04 18:42 - 2006-11-02 14:45 - 00003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-04 18:42 - 2006-11-02 14:45 - 00003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-04 18:41 - 2012-06-29 22:02 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-04 18:41 - 2006-11-02 14:58 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-04 18:40 - 2006-11-02 14:58 - 00032616 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-08-04 18:39 - 2011-10-25 18:19 - 00000910 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-236267701-3676137454-311591954-1000Core.job
2015-08-03 21:38 - 2011-10-23 20:47 - 00000000 ____D C:\Users\Lucie\AppData\Roaming\vlc
2015-08-03 18:38 - 2013-12-29 16:51 - 00001742 ____H C:\Users\Lucie\Documents\Default.rdp
2015-08-02 20:51 - 2015-05-31 22:17 - 00000000 ____D C:\Users\Lucie\Desktop\NJ
2015-08-02 20:49 - 2011-10-25 18:20 - 00002042 _____ C:\Users\Lucie\Desktop\Google Chrome.lnk
2015-08-02 20:47 - 2011-12-05 19:55 - 00000000 ____D C:\Users\Lucie\Documents\Radek
2015-07-29 21:32 - 2014-07-08 18:10 - 00016334 _____ C:\Windows\PFRO.log
2015-07-29 20:29 - 2014-04-19 20:30 - 00024016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-07-29 20:29 - 2013-03-03 10:07 - 00208664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-07-29 20:29 - 2013-03-03 10:07 - 00049776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-07-29 20:29 - 2011-10-23 16:15 - 00433264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-07-29 20:29 - 2011-10-23 16:15 - 00076000 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-07-29 20:29 - 2011-10-23 16:15 - 00057888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2015-07-29 20:29 - 2011-10-23 16:15 - 00055200 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2015-07-29 20:26 - 2011-10-23 16:15 - 00788784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-07-24 20:23 - 2006-11-02 14:44 - 00264984 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-21 20:10 - 2011-10-23 20:36 - 00160768 _____ C:\Users\Lucie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-18 09:26 - 2011-10-23 18:33 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-18 09:11 - 2006-11-02 12:33 - 01532794 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-17 00:23 - 2013-07-22 22:44 - 00000000 ____D C:\Windows\system32\MRT
2015-07-16 22:42 - 2011-10-23 20:22 - 00002425 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-07-14 22:17 - 2012-04-10 09:26 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-07-14 22:17 - 2011-10-23 20:25 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-07-14 17:01 - 2015-03-03 21:33 - 00000000 ____D C:\Windows\system32\vbox
2015-07-14 15:52 - 2015-06-21 13:20 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-07-09 17:31 - 2015-05-20 18:38 - 00139182 _____ C:\Windows\DPINST.LOG
2015-07-09 17:29 - 2015-05-20 18:36 - 00001839 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2015-07-09 17:29 - 2012-12-24 12:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-07-09 17:29 - 2011-10-23 16:24 - 00000000 ___HD C:\Program Files\InstallShield Installation Information

==================== Files in the root of some directories =======

2014-04-06 23:04 - 2014-04-06 23:04 - 6000640 _____ () C:\Program Files\GUTC778.tmp
2011-10-23 16:46 - 2011-10-23 16:46 - 0000000 _____ () C:\Users\Lucie\AppData\Local\AtStart.txt
2011-10-23 15:18 - 2015-03-13 23:05 - 0001356 _____ () C:\Users\Lucie\AppData\Local\d3d9caps.dat
2011-10-23 20:36 - 2015-07-21 20:10 - 0160768 _____ () C:\Users\Lucie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-10-23 16:46 - 2011-10-23 16:46 - 0000000 _____ () C:\Users\Lucie\AppData\Local\DSwitch.txt
2011-10-23 16:46 - 2011-10-23 16:46 - 0000000 _____ () C:\Users\Lucie\AppData\Local\QSwitch.txt

Some files in TEMP:
====================
C:\Users\Lucie\AppData\Local\Temp\GURD4F.exe
C:\Users\Lucie\AppData\Local\Temp\GURFFEF.exe
C:\Users\Lucie\AppData\Local\Temp\lowproc.exe
C:\Users\Lucie\AppData\Local\Temp\mp3el2.exe
C:\Users\Lucie\AppData\Local\Temp\Quarantine.exe
C:\Users\Lucie\AppData\Local\Temp\rnupdate0.exe
C:\Users\Lucie\AppData\Local\Temp\sqlite3.dll
C:\Users\Lucie\AppData\Local\Temp\stubhelper.dll
C:\Users\Lucie\AppData\Local\Temp\x264enc5.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================


==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Lucie\Desktop" je 20874 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFast Schedule
C:\Program Files\WinFast\WFDTV\WFWIZ.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFastDTV
C:\Program Files\WinFast\WFDTV\DTVSchdl.exe


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-236267701-3676137454-311591954-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKLM -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-236267701-3676137454-311591954-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-08-12] (RealDownloader)
C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2014-08-12] (RealDownloader)
FF HKLM\...\Firefox\Extensions: [{1B12EF76-2B5E-4DA1-B587-4762D49BFE03}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-10-08]
U4 eabfiltr; No ImagePath
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-236267701-3676137454-311591954-1000UA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-236267701-3676137454-311591954-1000Core.job
C:\Program Files\GUTC778.tmp
C:\Users\Lucie\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[butes]

Fix result of Farbar Recovery Scan Tool (x86) Version:02-08-2015 01
Ran by Lucie (2015-08-04 21:22:45) Run:1
Running from C:\Users\Lucie\Desktop
Loaded Profiles: Lucie (Available Profiles: Lucie)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-236267701-3676137454-311591954-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKLM -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-236267701-3676137454-311591954-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-08-12] (RealDownloader)
C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2014-08-12] (RealDownloader)
FF HKLM\...\Firefox\Extensions: [{1B12EF76-2B5E-4DA1-B587-4762D49BFE03}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-10-08]
U4 eabfiltr; No ImagePath
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-236267701-3676137454-311591954-1000UA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-236267701-3676137454-311591954-1000Core.job
C:\Program Files\GUTC778.tmp
C:\Users\Lucie\AppData\Local\Temp
End

*****************

HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-236267701-3676137454-311591954-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}" => key removed successfully.
HKCR\CLSID\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
"HKU\S-1-5-21-236267701-3676137454-311591954-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}" => key removed successfully.
HKCR\CLSID\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}" => key removed successfully.
"HKCR\CLSID\{3049C3E9-B461-4BC5-8870-4C09146192CA}" => key removed successfully.
C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll => moved successfully.
"HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1" => key removed successfully.
C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll => moved successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\{1B12EF76-2B5E-4DA1-B587-4762D49BFE03} => value removed successfully.
C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => moved successfully.
eabfiltr => service removed successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-236267701-3676137454-311591954-1000UA.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-236267701-3676137454-311591954-1000Core.job => moved successfully.
C:\Program Files\GUTC778.tmp => moved successfully.
C:\Users\Lucie\AppData\Local\Temp => moved successfully.

==== End of Fixlog 21:22:47 ====

[Rudy]

Smazáno. Je vše OK?

[butes]

Notebook se zrychlil parádně. Ještě jednou díky za spolupráci. Vše ke spokojenosti vyřešeno. Rozhodl jsem se pro nákup Norton Security.

[Rudy]

OK a nemáte zač!