Notebook Sony Vaio se zasekává

Zpráva

#16 Příspěvek od **Márty84** » 06 pro 2014 13:03

Porad tam neco je. Pritvrdime

Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

funkymusic · #17 Příspěvek od **funkymusic** » 06 pro 2014 14:26

Tady to je

ComboFix 14-12-04.01 - Evža 06.12.2014 13:38:14.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4078.2400 [GMT 1:00]
Spuštěný z: c:\users\Ev×a\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\msdownld.tmp
c:\windows\PFRO.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-11-06 do 2014-12-06 )))))))))))))))))))))))))))))))
.
.
2014-12-06 12:51 . 2014-12-06 12:51 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2014-12-06 12:51 . 2014-12-06 12:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-12-05 23:00 . 2014-12-05 23:00 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{ED8CCB48-F9E9-4AC7-BC55-C59B20EACEEC}\offreg.dll
2014-12-05 23:00 . 2014-12-05 23:00 -------- d-----w- c:\programdata\iolo
2014-12-05 23:00 . 2014-12-05 23:00 -------- d-----w- c:\users\Evža\AppData\Roaming\iolo
2014-12-05 16:38 . 2014-11-17 01:08 11632448 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{ED8CCB48-F9E9-4AC7-BC55-C59B20EACEEC}\mpengine.dll
2014-12-04 19:21 . 2014-12-04 19:21 -------- d-----w- c:\programdata\Malwarebytes
2014-12-04 16:53 . 2014-12-04 16:23 24064 ----a-w- c:\windows\zoek-delete.exe
2014-12-04 16:53 . 2014-12-06 12:51 -------- d-----w- c:\users\Evža\AppData\Local\Temp
2014-12-04 16:53 . 2014-12-04 16:53 -------- d-----w- c:\users\Ev×a
2014-12-04 16:23 . 2014-12-04 16:48 -------- d-----w- C:\zoek_backup
2014-12-04 16:12 . 2014-12-04 16:12 -------- d-----w- c:\windows\ERUNT
2014-12-03 18:50 . 2014-12-03 18:55 -------- d-----w- C:\AdwCleaner
2014-12-03 17:52 . 2014-12-06 11:56 -------- d-----w- c:\program files\trend micro
2014-12-03 17:52 . 2014-12-03 17:53 -------- d-----w- C:\rsit
2014-11-26 17:00 . 2014-11-26 17:00 -------- d-----w- c:\users\Evža\AppData\Local\Opera Software
2014-11-26 16:59 . 2014-11-26 17:19 -------- d-----w- c:\program files (x86)\Opera
2014-11-26 15:50 . 2014-11-26 15:50 -------- d-----w- c:\users\Evža\AppData\Roaming\AVAST Software
2014-11-26 15:48 . 2014-11-26 15:47 116728 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-11-26 15:48 . 2014-11-26 15:47 267632 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-11-26 15:48 . 2014-11-26 15:47 83280 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-11-26 15:48 . 2014-11-26 15:47 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-11-26 15:48 . 2014-11-26 15:47 436624 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-11-26 15:48 . 2014-11-26 15:47 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-11-26 15:48 . 2014-11-26 15:47 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-11-26 15:48 . 2014-11-26 15:48 1050432 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-11-26 15:47 . 2014-11-26 15:47 364512 ----a-w- c:\windows\system32\aswBoot.exe
2014-11-26 15:47 . 2014-11-26 15:47 43152 ----a-w- c:\windows\avastSS.scr
2014-11-26 15:46 . 2014-11-26 15:46 -------- d-----w- c:\program files\AVAST Software
2014-11-26 15:44 . 2014-11-26 15:44 -------- d-----w- c:\users\Evža\AppData\Local\IsolatedStorage
2014-11-26 15:44 . 2014-11-26 15:46 -------- d-----w- c:\programdata\AVAST Software
2014-11-26 15:43 . 2014-11-26 15:45 -------- d-----w- c:\users\Evža\AppData\Local\Yandex
2014-11-26 15:43 . 2014-11-26 15:45 -------- d-----w- c:\program files (x86)\Yandex
2014-11-26 15:43 . 2014-11-26 15:43 -------- d-----w- c:\users\Evža\AppData\Roaming\Opera Software
2014-11-26 15:42 . 2014-11-26 15:42 -------- d-----w- c:\users\Evža\AppData\Local\Chromium
2014-11-26 15:42 . 2014-12-03 17:48 -------- d-----w- c:\users\Evža\AppData\Roaming\Yandex
2014-11-26 15:41 . 2014-11-26 15:41 -------- d-----w- c:\users\Evža\AppData\Roaming\ImperiaOnline
2014-11-23 11:54 . 2014-11-23 11:55 -------- d-----w- c:\users\Evža\AppData\Roaming\Maxthon3
2014-11-23 11:54 . 2014-11-23 11:54 -------- d-----w- c:\program files (x86)\Maxthon
2014-11-20 19:20 . 2014-11-21 17:05 -------- d-----w- c:\program files (x86)\Bratr a sestra - smrti navzdory
2014-11-19 11:06 . 2014-11-11 03:08 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-19 11:06 . 2014-11-11 03:08 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-19 11:06 . 2014-11-11 02:44 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-19 11:06 . 2014-11-11 02:44 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-11-13 11:31 . 2014-11-13 11:31 -------- d-sh--w- c:\users\Evža\AppData\Local\EmieBrowserModeList
2014-11-12 12:27 . 2014-11-05 17:56 304640 ----a-w- c:\windows\system32\generaltel.dll
2014-11-12 12:27 . 2014-11-05 17:56 228864 ----a-w- c:\windows\system32\aepdu.dll
2014-11-12 12:27 . 2014-11-05 17:52 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-11-12 12:25 . 2014-08-21 06:43 1882624 ----a-w- c:\windows\system32\msxml3.dll
2014-11-12 12:24 . 2014-10-25 01:57 77824 ----a-w- c:\windows\system32\packager.dll
2014-11-12 12:24 . 2014-10-25 01:32 67584 ----a-w- c:\windows\SysWow64\packager.dll
2014-11-12 12:24 . 2014-10-18 02:05 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-11-12 12:24 . 2014-10-18 01:33 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-11-12 12:24 . 2014-10-14 02:13 3241984 ----a-w- c:\windows\system32\msi.dll
2014-11-12 12:24 . 2014-10-14 01:50 2363904 ----a-w- c:\windows\SysWow64\msi.dll
2014-11-12 12:24 . 2014-10-10 00:57 3198976 ----a-w- c:\windows\system32\win32k.sys
2014-11-07 18:48 . 2014-11-07 18:48 -------- d-----w- c:\program files (x86)\Vojensky ujezd Ralsko - Cihajici sovet
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-04 18:17 . 2014-05-29 17:05 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-12-04 18:17 . 2014-05-29 16:42 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-11-26 15:46 . 2012-04-15 10:44 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-11-26 15:46 . 2012-01-19 10:09 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-24 13:04 . 2010-11-21 03:27 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-11-15 19:31 . 2014-04-30 18:42 13792 ----a-w- c:\windows\system32\drivers\semav6thermal64ro.sys
2014-11-12 19:08 . 2012-01-26 04:29 103374192 ----a-w- c:\windows\system32\MRT.exe
2014-09-25 02:08 . 2014-10-01 11:17 371712 ----a-w- c:\windows\system32\qdvd.dll
2014-09-25 01:40 . 2014-10-01 11:17 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-09-19 09:23 . 2014-11-12 12:25 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2014-09-09 22:11 . 2014-09-24 09:22 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-09 21:47 . 2014-09-24 09:22 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2014-11-18 1940160]
"cz.seznam.software.autoupdate"="c:\users\Evža\AppData\Roaming\Seznam.cz\szninstall.exe" [2013-05-16 1062472]
"cz.seznam.software.szndesktop"="c:\users\Evža\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [2013-04-12 92664]
"PhilipsSongbirdLauncher"="c:\program files (x86)\Philips\Philips Songbird\extensions\philips-autoplay@philips.com\application\PhilipsSongbirdLauncher.exe" [2014-04-11 346624]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-02-15 2757312]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-11-26 648032]
"Guard.Mail.ru.gui"="c:\program files (x86)\Guard-ICQ\GuardICQ.exe" [2012-02-15 1564368]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-03-21 1061960]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-11-26 5226600]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 ESRV_SVC;Energy Server Service;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe --AUTO_START --start --address 127.0.0.1;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe --AUTO_START --start --address 127.0.0.1 [x]
R2 Guard.Mail.ru;Guard.Mail.ru;c:\program files (x86)\Guard-ICQ\GuardICQ.exe;c:\program files (x86)\Guard-ICQ\GuardICQ.exe [x]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\System32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 McComponentHostServiceSony;McAfee Security Scan Component Host Service for Sony;c:\program files (x86)\Sony\MSS\3.8.130\McCHSvc.exe;c:\program files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [x]
R3 semav6thermal64ro;semav6thermal64ro;c:\windows\system32\drivers\semav6thermal64ro.sys;c:\windows\SYSNATIVE\drivers\semav6thermal64ro.sys [x]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdm.sys [x]
R3 ss_bserd;SAMSUNG USB Mobile Logging Driver;c:\windows\system32\DRIVERS\ss_bserd.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bserd.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssudserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 usbrndis6;Adaptér USB RNDIS6;c:\windows\system32\DRIVERS\usb80236.sys;c:\windows\SYSNATIVE\DRIVERS\usb80236.sys [x]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [x]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys;c:\windows\SYSNATIVE\drivers\SFEP.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 USER_ESRV_SVC;User Energy Server Service;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe [x]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program files\Sony\VAIO Care\VCService.exe [x]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\vuagent.exe;c:\program files\Sony\VAIO Update\vuagent.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-11-25 23:48 1087304 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.71\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-12-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-15 15:46]
.
2014-12-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-16 16:36]
.
2014-12-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-16 16:36]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-11-26 15:47 860984 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2011-03-29 518784]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-04-29 790688]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-04-29 657568]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
mSearchAssistant =
TCP: DhcpNameServer = 62.240.163.170 62.204.224.2
FF - ProfilePath - c:\users\Evža\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\
FF - prefs.js: Keyword.Enabled - true
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q=
FF - prefs.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-AppGraffiti - c:\progra~2\APPGRA~1\AppGraffiti.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
WebBrowser-{4724C5D8-DFA7-417A-A2F5-1EABFEE9B4AC} - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\uninstaller.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_bc2.exe
AddRemove-VDC_is1 - c:\program files (x86)\Video Download Converter\unins000.exe
AddRemove-{1B9604EE-B104-45C8-8551-5F63BA631E23} - c:\programdata\{FA77A43D-F6ED-4924-87B5-517C061388C6}\WeatherBugSetup.exe
AddRemove-{Cesta za dobrodruzstvim - Nadesel cas}_is1 - c:\program files (x86)\Cesta za dobrodruzstvim - Nadesel cas\unins000.exe
AddRemove-{Princ z Persie a hamizny kalif}_is1 - c:\program files (x86)\Princ z Persie a hamizny kalif\unins000.exe
AddRemove-{Proklety hrbitov - Krkavci kletba}_is1 - c:\program files (x86)\Proklety hrbitov - Krkavci kletba\unins000.exe
AddRemove-{Proroctvi ztraceneho kralovstvi}_is1 - c:\program files (x86)\Proroctvi ztraceneho kralovstvi\unins000.exe
AddRemove-{Serif Standa 2 - Pripad ztracene veci}_is1 - c:\program files (x86)\Serif Standa 2 - Pripad ztracene veci\unins000.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_239_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_239_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_239_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_239_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_239.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_239.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_239.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_239.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-12-06 13:54:58
ComboFix-quarantined-files.txt 2014-12-06 12:54
.
Před spuštěním: Volných bajtů: 339 759 476 736
Po spuštění: Volných bajtů: 339 354 636 288
.
- - End Of File - - 0BD532C14FEC6EA439F33C4BCE39B8B8

#18 Příspěvek od **Márty84** » 06 pro 2014 14:55

Vypnete trvale Windows Defender.

Presunte ComboFix primo na disk C (takze cesta k nemu bude c:\ComboFix.exe )!

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

Folder::
c:\users\Evža\AppData\Local\Yandex
c:\program files (x86)\Yandex
c:\users\Evža\AppData\Roaming\Yandex

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=-
"cz.seznam.software.szndesktop"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Guard.Mail.ru.gui"=-
"seznam-listicka-distribuce"=-

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Driver::
Guard.Mail.ru
McAfee SiteAdvisor Service
SkypeUpdate
BBSvc

Reboot::

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte take primo na C (takze cesta k nemu bude c:\CFScript.txt ).
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

funkymusic · #19 Příspěvek od **funkymusic** » 07 pro 2014 10:48

Tady to je

ComboFix 14-12-04.01 - Evža 06.12.2014 15:34:07.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4078.1855 [GMT 1:00]
Spuštěný z: C:\ComboFix.exe
Použité ovládací přepínače :: C:\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Yandex
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_BBSvc
-------\Service_Guard.Mail.ru
-------\Service_McAfee SiteAdvisor Service
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-11-06 do 2014-12-06 )))))))))))))))))))))))))))))))
.
.
2014-12-06 14:45 . 2014-12-06 14:45 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2014-12-06 14:45 . 2014-12-06 14:45 -------- d-----w- c:\users\Ev§a\AppData\Local\temp
2014-12-06 14:45 . 2014-12-06 14:45 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-12-05 23:00 . 2014-12-05 23:00 -------- d-----w- c:\programdata\iolo
2014-12-05 23:00 . 2014-12-05 23:00 -------- d-----w- c:\users\Evža\AppData\Roaming\iolo
2014-12-04 19:21 . 2014-12-04 19:21 -------- d-----w- c:\programdata\Malwarebytes
2014-12-04 16:53 . 2014-12-04 16:23 24064 ----a-w- c:\windows\zoek-delete.exe
2014-12-04 16:53 . 2014-12-06 15:04 -------- d-----w- c:\users\Evža\AppData\Local\Temp
2014-12-04 16:53 . 2014-12-04 16:53 -------- d-----w- c:\users\Ev×a
2014-12-04 16:23 . 2014-12-04 16:48 -------- d-----w- C:\zoek_backup
2014-12-04 16:12 . 2014-12-04 16:12 -------- d-----w- c:\windows\ERUNT
2014-12-03 18:50 . 2014-12-03 18:55 -------- d-----w- C:\AdwCleaner
2014-12-03 17:52 . 2014-12-06 11:56 -------- d-----w- c:\program files\trend micro
2014-12-03 17:52 . 2014-12-03 17:53 -------- d-----w- C:\rsit
2014-11-26 17:00 . 2014-11-26 17:00 -------- d-----w- c:\users\Evža\AppData\Local\Opera Software
2014-11-26 16:59 . 2014-11-26 17:19 -------- d-----w- c:\program files (x86)\Opera
2014-11-26 15:50 . 2014-11-26 15:50 -------- d-----w- c:\users\Evža\AppData\Roaming\AVAST Software
2014-11-26 15:48 . 2014-11-26 15:47 116728 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-11-26 15:48 . 2014-11-26 15:47 267632 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-11-26 15:48 . 2014-11-26 15:47 83280 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-11-26 15:48 . 2014-11-26 15:47 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-11-26 15:48 . 2014-11-26 15:47 436624 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-11-26 15:48 . 2014-11-26 15:47 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-11-26 15:48 . 2014-11-26 15:47 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-11-26 15:48 . 2014-11-26 15:48 1050432 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-11-26 15:47 . 2014-11-26 15:47 364512 ----a-w- c:\windows\system32\aswBoot.exe
2014-11-26 15:47 . 2014-11-26 15:47 43152 ----a-w- c:\windows\avastSS.scr
2014-11-26 15:46 . 2014-11-26 15:46 -------- d-----w- c:\program files\AVAST Software
2014-11-26 15:44 . 2014-11-26 15:44 -------- d-----w- c:\users\Evža\AppData\Local\IsolatedStorage
2014-11-26 15:44 . 2014-11-26 15:46 -------- d-----w- c:\programdata\AVAST Software
2014-11-26 15:43 . 2014-11-26 15:45 -------- d-----w- c:\users\Evža\AppData\Local\Yandex
2014-11-26 15:43 . 2014-11-26 15:43 -------- d-----w- c:\users\Evža\AppData\Roaming\Opera Software
2014-11-26 15:42 . 2014-11-26 15:42 -------- d-----w- c:\users\Evža\AppData\Local\Chromium
2014-11-26 15:42 . 2014-12-03 17:48 -------- d-----w- c:\users\Evža\AppData\Roaming\Yandex
2014-11-26 15:41 . 2014-11-26 15:41 -------- d-----w- c:\users\Evža\AppData\Roaming\ImperiaOnline
2014-11-23 11:54 . 2014-11-23 11:55 -------- d-----w- c:\users\Evža\AppData\Roaming\Maxthon3
2014-11-23 11:54 . 2014-11-23 11:54 -------- d-----w- c:\program files (x86)\Maxthon
2014-11-20 19:20 . 2014-11-21 17:05 -------- d-----w- c:\program files (x86)\Bratr a sestra - smrti navzdory
2014-11-19 11:06 . 2014-11-11 03:08 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-19 11:06 . 2014-11-11 03:08 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-19 11:06 . 2014-11-11 02:44 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-19 11:06 . 2014-11-11 02:44 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-11-13 11:31 . 2014-11-13 11:31 -------- d-sh--w- c:\users\Evža\AppData\Local\EmieBrowserModeList
2014-11-12 12:27 . 2014-11-05 17:56 304640 ----a-w- c:\windows\system32\generaltel.dll
2014-11-12 12:27 . 2014-11-05 17:56 228864 ----a-w- c:\windows\system32\aepdu.dll
2014-11-12 12:27 . 2014-11-05 17:52 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-11-12 12:25 . 2014-08-21 06:43 1882624 ----a-w- c:\windows\system32\msxml3.dll
2014-11-12 12:24 . 2014-10-25 01:57 77824 ----a-w- c:\windows\system32\packager.dll
2014-11-12 12:24 . 2014-10-25 01:32 67584 ----a-w- c:\windows\SysWow64\packager.dll
2014-11-12 12:24 . 2014-10-18 02:05 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-11-12 12:24 . 2014-10-18 01:33 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-11-12 12:24 . 2014-10-14 02:13 3241984 ----a-w- c:\windows\system32\msi.dll
2014-11-12 12:24 . 2014-10-14 01:50 2363904 ----a-w- c:\windows\SysWow64\msi.dll
2014-11-12 12:24 . 2014-10-10 00:57 3198976 ----a-w- c:\windows\system32\win32k.sys
2014-11-07 18:48 . 2014-11-07 18:48 -------- d-----w- c:\program files (x86)\Vojensky ujezd Ralsko - Cihajici sovet
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-05 23:00 . 2014-12-05 23:00 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{ED8CCB48-F9E9-4AC7-BC55-C59B20EACEEC}\offreg.dll
2014-12-04 18:17 . 2014-05-29 17:05 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-12-04 18:17 . 2014-05-29 16:42 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-11-26 15:46 . 2012-04-15 10:44 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-11-26 15:46 . 2012-01-19 10:09 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-24 13:04 . 2010-11-21 03:27 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-11-17 01:08 . 2014-12-05 16:38 11632448 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{ED8CCB48-F9E9-4AC7-BC55-C59B20EACEEC}\mpengine.dll
2014-11-15 19:31 . 2014-04-30 18:42 13792 ----a-w- c:\windows\system32\drivers\semav6thermal64ro.sys
2014-11-12 19:08 . 2012-01-26 04:29 103374192 ----a-w- c:\windows\system32\MRT.exe
2014-09-25 02:08 . 2014-10-01 11:17 371712 ----a-w- c:\windows\system32\qdvd.dll
2014-09-25 01:40 . 2014-10-01 11:17 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-09-19 09:23 . 2014-11-12 12:25 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2014-09-09 22:11 . 2014-09-24 09:22 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-09 21:47 . 2014-09-24 09:22 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2014-11-18 1940160]
"PhilipsSongbirdLauncher"="c:\program files (x86)\Philips\Philips Songbird\extensions\philips-autoplay@philips.com\application\PhilipsSongbirdLauncher.exe" [2014-04-11 346624]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-02-15 2757312]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-11-26 648032]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-11-26 5226600]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 ESRV_SVC;Energy Server Service;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe --AUTO_START --start --address 127.0.0.1;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe --AUTO_START --start --address 127.0.0.1 [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\System32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 McComponentHostServiceSony;McAfee Security Scan Component Host Service for Sony;c:\program files (x86)\Sony\MSS\3.8.130\McCHSvc.exe;c:\program files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [x]
R3 semav6thermal64ro;semav6thermal64ro;c:\windows\system32\drivers\semav6thermal64ro.sys;c:\windows\SYSNATIVE\drivers\semav6thermal64ro.sys [x]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdm.sys [x]
R3 ss_bserd;SAMSUNG USB Mobile Logging Driver;c:\windows\system32\DRIVERS\ss_bserd.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bserd.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssudserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 usbrndis6;Adaptér USB RNDIS6;c:\windows\system32\DRIVERS\usb80236.sys;c:\windows\SYSNATIVE\DRIVERS\usb80236.sys [x]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [x]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [x]
R3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program files\Sony\VAIO Care\VCService.exe [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys;c:\windows\SYSNATIVE\drivers\SFEP.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 USER_ESRV_SVC;User Energy Server Service;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe [x]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\vuagent.exe;c:\program files\Sony\VAIO Update\vuagent.exe [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-11-25 23:48 1087304 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.71\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-12-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-15 15:46]
.
2014-12-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-16 16:36]
.
2014-12-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-16 16:36]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-11-26 15:47 860984 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2011-03-29 518784]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-04-29 790688]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-04-29 657568]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
mSearchAssistant =
TCP: DhcpNameServer = 62.240.163.170 62.204.224.2
FF - ProfilePath - c:\users\Evža\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\
FF - prefs.js: Keyword.Enabled - true
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q=
FF - prefs.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{4724C5D8-DFA7-417A-A2F5-1EABFEE9B4AC} - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\uninstaller.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_bc2.exe
AddRemove-VDC_is1 - c:\program files (x86)\Video Download Converter\unins000.exe
AddRemove-{1B9604EE-B104-45C8-8551-5F63BA631E23} - c:\programdata\{FA77A43D-F6ED-4924-87B5-517C061388C6}\WeatherBugSetup.exe
AddRemove-{Cesta za dobrodruzstvim - Nadesel cas}_is1 - c:\program files (x86)\Cesta za dobrodruzstvim - Nadesel cas\unins000.exe
AddRemove-{Princ z Persie a hamizny kalif}_is1 - c:\program files (x86)\Princ z Persie a hamizny kalif\unins000.exe
AddRemove-{Proklety hrbitov - Krkavci kletba}_is1 - c:\program files (x86)\Proklety hrbitov - Krkavci kletba\unins000.exe
AddRemove-{Proroctvi ztraceneho kralovstvi}_is1 - c:\program files (x86)\Proroctvi ztraceneho kralovstvi\unins000.exe
AddRemove-{Serif Standa 2 - Pripad ztracene veci}_is1 - c:\program files (x86)\Serif Standa 2 - Pripad ztracene veci\unins000.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_239_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_239_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\program files (x86)\Sony\VAIO Event Service\VESMgr.exe
c:\windows\SysWOW64\DllHost.exe
c:\program files (x86)\Steam\bin\steamwebhelper.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2014-12-06 16:13:52 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-12-06 15:13
ComboFix2.txt 2014-12-06 12:54
.
Před spuštěním: Volných bajtů: 338 957 705 216
Po spuštění: Volných bajtů: 338 128 982 016
.
- - End Of File - - 9F5E137D54312BD8A16DA243FCF4FA6A

#20 Příspěvek od **Márty84** » 07 pro 2014 11:10

Dejte log podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100

funkymusic · #21 Příspěvek od **funkymusic** » 07 pro 2014 11:30

Zde je první log:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-12-2014 01
Ran by Evža (administrator) on EVZA-VAIO on 07-12-2014 11:23:14
Running from C:\Users\Evža\Desktop
Loaded Profile: Evža (Available profiles: Evža)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
(iolo technologies, LLC) C:\Program Files\Sony\VAIO Care\Iolo\ioloTools.exe
(forum.viry.cz) C:\Users\Evža\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-29] (Conexant Systems, Inc.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790688 2011-04-29] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657568 2011-04-29] (Atheros Commnucations)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-11-26] (AVAST Software)
HKU\S-1-5-21-1733478658-4031006406-2309067913-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1940160 2014-11-18] (Valve Corporation)
HKU\S-1-5-21-1733478658-4031006406-2309067913-1000\...\Run: [PhilipsSongbirdLauncher] => C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-autoplay@philips.com\application\PhilipsSongbirdLauncher.exe [346624 2014-04-11] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1733478658-4031006406-2309067913-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://vaioportal.sony.eu
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://sony.msn.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://sony.msn.com
HKU\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
HKU\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://sony.msn.com
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM-x32 - MyPlayCity Toolbar - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:\Program Files (x86)\MyPlayCity\tbMyP0.dll (Conduit Ltd.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\S-1-5-21-1733478658-4031006406-2309067913-1000 -> 0CA2FA1B2CA34E0686B2C1341CCF7AFC URL = http://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1733478658-4031006406-2309067913-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1733478658-4031006406-2309067913-1000 -> {04B98912-C5F4-437C-B1DE-49AB554FB181} URL = http://www.novinky.cz/hledej?w={searchT ... kSearch_12
SearchScopes: HKU\S-1-5-21-1733478658-4031006406-2309067913-1000 -> {05E2782A-A131-464A-B270-76104795391D} URL = http://www.firmy.cz/?q={searchTerms}&so ... kSearch_12
SearchScopes: HKU\S-1-5-21-1733478658-4031006406-2309067913-1000 -> {0CFB2A59-A990-4630-982D-6D4937E7C8F3} URL = http://slovnik.seznam.cz/?q={searchTerm ... kSearch_12
SearchScopes: HKU\S-1-5-21-1733478658-4031006406-2309067913-1000 -> {59C775F7-640E-4176-A234-C4340DE16A46} URL = http://www.mapy.cz/?query={searchTerms} ... kSearch_12
SearchScopes: HKU\S-1-5-21-1733478658-4031006406-2309067913-1000 -> {6AFBD0DA-0E48-4717-AC14-4BC0292E8F84} URL = http://services.zinio.com/search?s={sea ... sonyslices
SearchScopes: HKU\S-1-5-21-1733478658-4031006406-2309067913-1000 -> {728E49F8-84BB-41EC-901F-F20904276D4F} URL = http://slovnik.seznam.cz/?q={searchTerm ... kSearch_12
SearchScopes: HKU\S-1-5-21-1733478658-4031006406-2309067913-1000 -> {76526143-99C8-43C8-9E88-DE8474EA7373} URL = http://rover.ebay.com/rover/1/14361-113 ... earchTerms}
SearchScopes: HKU\S-1-5-21-1733478658-4031006406-2309067913-1000 -> {A9720EFE-0238-401C-B238-EC99EB821180} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... kSearch_12
SearchScopes: HKU\S-1-5-21-1733478658-4031006406-2309067913-1000 -> {BD8ADF1E-4586-4B5F-B273-FF76493D8397} URL = http://encyklopedie.seznam.cz/search?q= ... kSearch_12
SearchScopes: HKU\S-1-5-21-1733478658-4031006406-2309067913-1000 -> {D57422ED-53DD-40DD-8218-9B19A4BDE221} URL = http://tv.seznam.cz/hledej?w={searchTer ... kSearch_12
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-1733478658-4031006406-2309067913-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-1733478658-4031006406-2309067913-1000 -> No Name - {4724C5D8-DFA7-417A-A2F5-1EABFEE9B4AC} - No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: HKLM-x32 {8AD9C840-044E-11D1-B3E9-00805F499D93} http://javadl-esd.sun.com/update/1.6.0/ ... s-i586.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 62.240.163.170 62.204.224.2

FireFox:
========
FF ProfilePath: C:\Users\Evža\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchUrl: hxxp://www.google.com/search?btnG=Google+Search&q=
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF NetworkProxy: "no_proxies_on", "localhost,127.0.0.1"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1733478658-4031006406-2309067913-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Evža\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1733478658-4031006406-2309067913-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\Evža\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\searchplugins\yqs-barff-yandex.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF Extension: MyPlayCity Toolbar - C:\Users\Evža\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\Extensions\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} [2013-04-30]
FF Extension: Seznam lištička - C:\Users\Evža\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-09-21]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2011-08-08]

Chrome:
=======
CHR HomePage: Default -> hxxp://start.myplaycity.com/
CHR Profile: C:\Users\Evža\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (SiteAdvisor) - C:\Users\Evža\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-08-27]
CHR Extension: (Peněženka Google) - C:\Users\Evža\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-13]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-11-26]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [91296 2011-04-29] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-26] (AVAST Software)
S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2361344 2011-03-29] (Realsil Microelectronics Inc.) [File not signed]
S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75064 2014-05-29] ()
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
R3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-26] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-26] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-26] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-26] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-26] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-26] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-26] ()
S3 GEARAspiWDM; C:\Windows\SysWOW64\Drivers\GEARAspiWDM.sys [15664 2010-04-12] (GEAR Software Inc.)
S3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-11-15] ()
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_bserd; C:\Windows\System32\DRIVERS\ss_bserd.sys [128000 2009-09-19] (MCCI Corporation)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 ApfiltrService; \SystemRoot\system32\drivers\Apfiltr.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-07 11:23 - 2014-12-07 11:23 - 00022030 _____ () C:\Users\Evža\Desktop\FRST.txt
2014-12-07 11:20 - 2014-12-07 11:20 - 00112640 _____ (forum.viry.cz) C:\Users\Evža\Desktop\FRSTLauncher.exe
2014-12-07 11:19 - 2014-12-07 11:23 - 00000000 ____D () C:\FRST
2014-12-07 11:19 - 2014-12-07 11:19 - 02119680 _____ (Farbar) C:\Users\Evža\Desktop\FRST64.exe
2014-12-07 11:18 - 2014-12-07 11:18 - 02119680 _____ (Farbar) C:\Users\Evža\Downloads\FRST64.exe
2014-12-06 16:13 - 2014-12-06 16:13 - 00023548 _____ () C:\ComboFix.txt
2014-12-06 16:04 - 2014-12-06 16:04 - 00000000 ___RD () C:\Users\Evža\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-12-06 16:03 - 2014-12-06 16:03 - 00001736 _____ () C:\Windows\PFRO.log
2014-12-06 13:34 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-12-06 13:34 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-12-06 13:34 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-12-06 13:34 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-12-06 13:34 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-12-06 13:34 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-12-06 13:34 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-12-06 13:34 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-12-06 13:33 - 2014-12-06 16:14 - 00000000 ____D () C:\Qoobox
2014-12-06 13:33 - 2014-12-06 15:45 - 00000000 ____D () C:\Windows\erdnt
2014-12-06 13:31 - 2014-12-06 13:32 - 05600479 ____R (Swearware) C:\ComboFix.exe
2014-12-06 00:00 - 2014-12-06 00:00 - 00000000 ____D () C:\Users\Evža\AppData\Roaming\iolo
2014-12-06 00:00 - 2014-12-06 00:00 - 00000000 ____D () C:\ProgramData\iolo
2014-12-04 20:21 - 2014-12-04 20:21 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-04 20:19 - 2014-12-04 20:20 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Evža\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-04 17:53 - 2014-12-04 17:53 - 00000000 ____D () C:\Users\Ev×a\AppData\Roaming\Macromedia
2014-12-04 17:53 - 2014-12-04 17:53 - 00000000 ____D () C:\Users\Ev×a
2014-12-04 17:53 - 2014-12-04 17:23 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-12-04 17:27 - 2014-12-04 17:56 - 00025125 _____ () C:\zoek-results.log
2014-12-04 17:24 - 2014-12-04 17:25 - 01295360 _____ () C:\Users\Evža\Desktop\zoek (2).exe
2014-12-04 17:23 - 2014-12-04 17:48 - 00000000 ____D () C:\zoek_backup
2014-12-04 17:22 - 2014-12-04 17:22 - 01295360 _____ () C:\Users\Evža\Desktop\zoek.exe
2014-12-04 17:20 - 2014-12-04 17:20 - 00012436 _____ () C:\Users\Evža\Desktop\JRT.txt
2014-12-04 17:12 - 2014-12-04 17:12 - 00000000 ____D () C:\Windows\ERUNT
2014-12-04 17:10 - 2014-12-04 17:10 - 01707646 _____ (Thisisu) C:\Users\Evža\Desktop\JRT.exe
2014-12-03 19:50 - 2014-12-03 19:55 - 00000000 ____D () C:\AdwCleaner
2014-12-03 19:49 - 2014-12-03 19:47 - 02154496 _____ () C:\Users\Evža\Desktop\adwcleaner_4.103.exe
2014-12-03 18:52 - 2014-12-06 12:56 - 00000000 ____D () C:\Program Files\trend micro
2014-12-03 18:52 - 2014-12-03 18:53 - 00000000 ____D () C:\rsit
2014-12-03 18:51 - 2014-12-03 18:51 - 01222144 _____ () C:\Users\Evža\Downloads\RSITx64.exe
2014-12-03 18:51 - 2014-12-03 18:51 - 01222144 _____ () C:\Users\Evža\Desktop\RSITx64.exe
2014-11-26 18:00 - 2014-11-26 18:00 - 00003820 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1417021221
2014-11-26 18:00 - 2014-11-26 18:00 - 00001139 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk.1417021554.old
2014-11-26 18:00 - 2014-11-26 18:00 - 00000000 ____D () C:\Users\Evža\AppData\Local\Opera Software
2014-11-26 17:59 - 2014-11-26 18:19 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-11-26 16:50 - 2014-11-26 16:50 - 00000000 ____D () C:\Users\Evža\AppData\Roaming\AVAST Software
2014-11-26 16:48 - 2014-12-07 10:45 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-11-26 16:48 - 2014-11-26 16:48 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-26 16:48 - 2014-11-26 16:48 - 00001964 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-11-26 16:48 - 2014-11-26 16:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-11-26 16:48 - 2014-11-26 16:47 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-11-26 16:48 - 2014-11-26 16:47 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-11-26 16:48 - 2014-11-26 16:47 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-11-26 16:48 - 2014-11-26 16:47 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-11-26 16:48 - 2014-11-26 16:47 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-11-26 16:48 - 2014-11-26 16:47 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-11-26 16:48 - 2014-11-26 16:47 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-11-26 16:47 - 2014-11-26 16:47 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-11-26 16:47 - 2014-11-26 16:47 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-11-26 16:46 - 2014-11-26 16:46 - 00000000 ____D () C:\Program Files\AVAST Software
2014-11-26 16:44 - 2014-11-26 16:46 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-11-26 16:44 - 2014-11-26 16:44 - 00000000 ____D () C:\Users\Evža\AppData\Local\IsolatedStorage
2014-11-26 16:43 - 2014-11-26 16:45 - 00000000 ____D () C:\Users\Evža\AppData\Local\Yandex
2014-11-26 16:43 - 2014-11-26 16:43 - 00000000 ____D () C:\Users\Evža\AppData\Roaming\Opera Software
2014-11-26 16:42 - 2014-12-03 18:48 - 00000000 ____D () C:\Users\Evža\AppData\Roaming\Yandex
2014-11-26 16:42 - 2014-11-26 16:42 - 00000000 ____D () C:\Users\Evža\AppData\Local\Chromium
2014-11-26 16:41 - 2014-11-26 16:54 - 00002403 _____ () C:\Users\Evža\Desktop\Imperia Online.lnk
2014-11-26 16:41 - 2014-11-26 16:41 - 00003632 _____ () C:\Windows\System32\Tasks\Imperia Online W4
2014-11-26 16:41 - 2014-11-26 16:41 - 00000000 ____D () C:\Users\Evža\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online
2014-11-26 16:41 - 2014-11-26 16:41 - 00000000 ____D () C:\Users\Evža\AppData\Roaming\ImperiaOnline
2014-11-23 12:57 - 2014-11-23 12:58 - 01505096 _____ (Maxthon International ltd.) C:\Users\Evža\Downloads\mxsetup.exe
2014-11-23 12:55 - 2014-11-23 12:59 - 00003582 _____ () C:\Windows\System32\Tasks\Maxthon Update
2014-11-23 12:55 - 2014-11-23 12:59 - 00001085 _____ () C:\Users\Public\Desktop\Maxthon Cloud Browser.lnk
2014-11-23 12:55 - 2014-11-23 12:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxthon Cloud Browser
2014-11-23 12:54 - 2014-11-23 12:55 - 00000000 ____D () C:\Users\Evža\AppData\Roaming\Maxthon3
2014-11-23 12:54 - 2014-11-23 12:54 - 00000000 ____D () C:\Program Files (x86)\Maxthon
2014-11-21 18:05 - 2014-11-21 18:05 - 00001287 _____ () C:\Users\Public\Desktop\Bratr a sestra - smrti navzdory.lnk
2014-11-20 20:22 - 2014-11-21 18:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bratr a sestra - smrti navzdory
2014-11-20 20:20 - 2014-11-21 18:05 - 00000000 ____D () C:\Program Files (x86)\Bratr a sestra - smrti navzdory
2014-11-19 12:06 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 12:06 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 12:06 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 12:06 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-15 20:33 - 2014-11-15 20:33 - 00003130 _____ () C:\Windows\System32\Tasks\USER_ESRV_SVC
2014-11-15 20:33 - 2014-11-15 20:33 - 00002027 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care.lnk
2014-11-15 20:33 - 2014-11-15 20:33 - 00000000 __RHD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
2014-11-13 12:31 - 2014-11-13 12:31 - 00000000 __SHD () C:\Users\Evža\AppData\Local\EmieBrowserModeList
2014-11-12 13:27 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 13:27 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 13:27 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 13:26 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 13:26 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 13:26 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 13:26 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 13:26 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 13:26 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 13:26 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 13:26 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 13:26 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 13:26 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 13:26 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 13:26 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 13:26 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 13:26 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 13:26 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 13:26 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 13:26 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 13:26 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 13:26 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 13:26 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 13:26 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 13:26 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 13:26 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 13:26 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 13:26 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 13:26 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 13:26 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 13:26 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 13:26 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 13:26 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 13:26 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 13:26 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 13:26 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 13:26 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 13:26 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 13:26 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 13:26 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 13:26 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 13:26 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 13:26 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 13:26 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 13:26 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 13:26 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 13:26 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 13:26 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 13:26 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 13:26 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 13:26 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 13:26 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 13:26 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 13:26 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 13:26 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 13:26 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 13:26 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 13:26 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 13:26 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 13:26 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 13:26 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 13:26 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 13:26 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 13:26 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 13:26 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 13:26 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 13:26 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 13:26 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 13:25 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 13:25 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 13:25 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 13:25 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 13:25 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 13:25 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 13:25 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 13:25 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 13:25 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 13:25 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 13:25 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 13:25 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 13:25 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 13:25 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 13:25 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 13:25 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 13:25 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 13:25 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 13:25 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 13:25 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 13:25 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 13:25 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 13:25 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 13:25 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 13:25 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 13:25 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 13:24 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 13:24 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 13:24 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 13:24 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 13:24 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 13:24 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 13:24 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-07 19:48 - 2014-11-07 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vojensky ujezd Ralsko - Cihajici sovet
2014-11-07 19:48 - 2014-11-07 19:48 - 00000000 ____D () C:\Program Files (x86)\Vojensky ujezd Ralsko - Cihajici sovet

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-07 10:53 - 2011-12-18 15:43 - 01835393 _____ () C:\Windows\WindowsUpdate.log
2014-12-07 10:47 - 2012-02-16 16:19 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-07 10:46 - 2013-11-10 16:21 - 00003970 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{15DF2D47-802A-4C39-A9BC-7CB5E646F44A}
2014-12-07 10:43 - 2012-04-15 11:44 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-06 16:14 - 2009-07-14 05:45 - 00028576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-06 16:14 - 2009-07-14 05:45 - 00028576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-06 16:04 - 2012-04-25 16:41 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-06 16:04 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-12-06 16:03 - 2014-08-17 19:08 - 00017232 _____ () C:\Windows\setupact.log
2014-12-06 16:03 - 2012-02-16 16:19 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-06 16:03 - 2011-08-08 19:27 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-06 16:03 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-06 15:31 - 2011-02-14 21:16 - 00669568 _____ () C:\Windows\system32\perfh005.dat
2014-12-06 15:31 - 2011-02-14 21:16 - 00141938 _____ () C:\Windows\system32\perfc005.dat
2014-12-06 15:31 - 2009-07-14 06:13 - 01586170 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-06 13:55 - 2013-02-18 15:14 - 00000000 ____D () C:\Users\Ev
2014-12-06 13:55 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-12-06 13:35 - 2012-04-25 17:00 - 00000000 ____D () C:\Users\Ev§a
2014-12-06 12:57 - 2014-05-04 19:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-05 20:47 - 2013-05-26 19:36 - 00000000 ____D () C:\Users\Evža\AppData\Roaming\Seznam.cz
2014-12-05 20:41 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\IME
2014-12-05 20:40 - 2013-04-30 11:33 - 00000000 ____D () C:\Program Files (x86)\MyPlayCity
2014-12-04 19:17 - 2014-05-29 18:05 - 00215128 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-12-04 19:17 - 2014-05-29 17:42 - 00215128 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-12-03 20:08 - 2011-08-08 19:31 - 00000000 ____D () C:\ProgramData\McAfee
2014-12-03 20:08 - 2011-08-08 19:31 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-12-03 19:57 - 2013-09-12 18:13 - 05388800 ___SH () C:\Users\Evža\Desktop\Thumbs.db
2014-11-28 16:02 - 2011-12-18 16:32 - 00000000 ____D () C:\Users\Evža\AppData\Local\CrashDumps
2014-11-26 16:46 - 2014-08-20 19:52 - 00000000 ____D () C:\Users\Evža\AppData\Local\Adobe
2014-11-26 16:46 - 2012-04-15 11:44 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-26 16:46 - 2012-04-15 11:44 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-26 16:46 - 2012-01-19 11:09 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-26 00:49 - 2012-02-16 16:19 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-24 14:04 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-20 21:15 - 2012-02-26 21:11 - 00000000 ____D () C:\Users\Evža\Desktop\PC Hry
2014-11-20 20:53 - 2012-07-21 17:32 - 00000000 ____D () C:\Users\Evža\AppData\Roaming\spidla
2014-11-20 20:23 - 2013-01-05 18:25 - 00000000 ____D () C:\Users\Evža\AppData\Roaming\DominiGames
2014-11-20 20:22 - 2011-12-18 16:19 - 00000000 ____D () C:\Users\Evža\AppData\Roaming\Špidla Data Processing, s.r.o
2014-11-20 20:22 - 2011-12-18 16:19 - 00000000 ____D () C:\ProgramData\Špidla Data Processing, s.r.o
2014-11-15 20:33 - 2011-08-08 19:29 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation
2014-11-15 20:33 - 2011-08-08 19:29 - 00000000 ____D () C:\Program Files\Sony
2014-11-15 20:33 - 2011-08-08 19:29 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-11-15 20:31 - 2014-04-30 19:42 - 00013792 _____ () C:\Windows\system32\Drivers\semav6thermal64ro.sys
2014-11-15 20:29 - 2012-01-28 21:11 - 00000000 ____D () C:\Update
2014-11-14 18:12 - 2012-11-26 21:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zloději duší
2014-11-14 18:12 - 2012-11-26 21:02 - 00000000 ____D () C:\Program Files (x86)\Zlodeji dusi
2014-11-14 17:54 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-13 12:42 - 2012-02-16 16:19 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-13 12:42 - 2012-02-16 16:19 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-13 12:28 - 2009-07-14 05:45 - 00298720 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-13 12:25 - 2014-05-06 14:31 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-12 20:18 - 2013-08-14 22:06 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 20:08 - 2012-01-26 05:29 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-08 18:17 - 2012-09-17 10:57 - 00000000 ____D () C:\Users\Evža\Desktop\Fotky

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-12-05 18:08

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:580.49 GB) (Free:314.5 GB) NTFS

Available physical RAM: 2353.47 MB
Total physical RAM: 4077.86 MB
Percentage of memory in use: 42%

==================== MBR and Partition Table ==================

Task: {9D8CA11D-CA1B-4BE8-8FC1-D7F598F37666} - System32\Tasks\Imperia Online W4 => Chrome.exe \C:\Program Files (x86)\Google\Chrome\Application\chrome.exe\" --app=http://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1600,900"
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 68A36946)
Partition 1: (Not Active) - (Size=15.6 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=580.5 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\TEMP:D3212CCB
AlternateDataStreams: C:\Users\Evža\Desktop\adwcleaner_4.103.exe:xdg.origin.url
AlternateDataStreams: C:\Users\Evža\Desktop\adwcleaner_4.103.exe:xdg.referrer.url
AlternateDataStreams: C:\Users\Evža\Downloads\message_25845.eml:OECustomProperty

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Ev�a\Desktop" je 41407 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
"C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

funkymusic · #22 Příspěvek od **funkymusic** » 07 pro 2014 11:31

Additions log je tady

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2014 01
Ran by Evža at 2014-12-07 11:24:17
Running from C:\Users\Evža\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

10 Talismans (HKLM-x32\...\10 Talismans_is1) (Version: 1.0 - Media Contact LLC)
7-Zip 9.30 alpha (HKLM-x32\...\7-Zip) (Version: - )
AceSpeeder (HKLM-x32\...\AceSpeeder) (Version: - )
ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Reader X (10.1.5) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.5 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5 - Adobe Systems, Inc.)
Age of Emerald (HKLM-x32\...\Age of Emerald_is1) (Version: 1.0 - MyPlayCity, Inc.)
Ahoj Ameriko - Za rozkvetlý New York v1.1 (HKLM-x32\...\{Ahoj Ameriko - Za rozkvetly New York}_is1) (Version: - Spidla Data Processing, s.r.o.)
Ahoj Benátky v1.0 (HKLM-x32\...\{Ahoj Benatky}_is1) (Version: - Špidla Data Processing, s.r.o.)
Aladinova lampa 1.0 (HKLM-x32\...\{Aladinova lampa}_is1) (Version: - Špidla Data Processing, s.r.o.)
Alenka 2 - Kouzelná země (HKLM-x32\...\Alenka 2 - Kouzelná země) (Version: - Alawar Entertainment Inc.)
Alenka 2 - Kouzelná země v1.0 (HKLM-x32\...\{Alenka 2 - Kouzelná země}_is1) (Version: - Špidla Data Processing, s.r.o.)
Alchemy Mahjong (HKLM-x32\...\Alchemy Mahjong) (Version: - Alawar Entertainment Inc.)
Amber Pyramids Solitaire (HKLM-x32\...\AmberPyramidsSolitaire_is1) (Version: 1.0 - Media Contact LLC)
Annabel (HKLM-x32\...\Annabel_is1) (Version: 1.0 - Media Contact LLC)
Antický Řím 1.5 (HKLM-x32\...\{Anticky Rim}_is1) (Version: - Špidla Data Processing, s.r.o.)
Antický Řím 2 (HKLM-x32\...\{Anticky Rim 2 1.1a}_is1) (Version: - Špidla Data Processing, s.r.o.)
Antický Řím 2 (HKLM-x32\...\{Anticky Rim 2 v1.0}_is1) (Version: - Špidla Data Processing, s.r.o.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{61438020-DDD4-42FA-99A2-50225441980A}) (Version: 2.0.1.142 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.392 - ArcSoft)
Around The World in 80 Days (HKLM-x32\...\Around The World in 80 Days_is1) (Version: 1.0 - MyPlayCity, Inc.)
Asian Mahjong (HKLM-x32\...\Asian Mahjong_is1) (Version: 1.0 - MyPlayCity, Inc.)
Ask Toolbar (HKLM-x32\...\{41575200-6A76-A76A-76A7-A758B70C0A02}) (Version: 12.10.2.4126 - APN, LLC) <==== ATTENTION
Astro Avenger (HKLM-x32\...\Astro Avenger_is1) (Version: 1.0 - MyPlayCity, Inc.)
Atlantic Journey: Ztracený bratr (HKLM-x32\...\Atlantic Journey: Ztracený bratr) (Version: - Alawar Entertainment Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Azkend (HKLM-x32\...\Azkend) (Version: - Alawar Entertainment Inc.)
Azteca Puzzle (HKLM-x32\...\Azteca Puzzle_is1) (Version: 1.0 - Media Contact LLC)
Balada o Solarovi (HKLM-x32\...\Balada o Solarovi) (Version: - Alawar Entertainment Inc.)
Bato (HKLM-x32\...\Bato_is1) (Version: 1.0 - MyPlayCity, Inc.)
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts)
Bejeweled Deluxe 1.87 (HKLM-x32\...\Bejeweled Deluxe 1.87) (Version: - )
Berušky II (HKLM-x32\...\Berušky II_is1) (Version: - AnakreoN)
Bezhlavý jezdec - legenda ze Sleepy Hollow v1.0 (HKLM-x32\...\{Bezhlavy jezdec - legenda ze Sleepy Hollow}_is1) (Version: - Špidla Data Processing, s.r.o.)
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.100 - Atheros Communications)
Bratr a sestra - smrti navzdory 1.1a (HKLM-x32\...\{1.1a Bratr a sestra - smrti navzdory 1.1a}_is1) (Version: - Špidla Data Processing, s.r.o.)
Bratr a sestra - smrti navzdory v1.1v.lz.m.y (HKLM-x32\...\{Bratr a sestra - smrti navzdory}_is1) (Version: - Spidla Data Processing, s.r.o.)
Brick Shooter Egypt (HKLM-x32\...\Brick Shooter Egypt_is1) (Version: 1.0 - Media Contact LLC)
Brickshooter Egypt (HKLM-x32\...\Brickshooter Egypt_is1) (Version: 1.0 - MyPlayCity, Inc.)
Bubble Ball (HKLM-x32\...\Bubble Ball) (Version: - )
Call Of Atlantis (HKLM-x32\...\Call Of Atlantis_is1) (Version: 1.0 - Media Contact LLC)
Call of Juarez - Bound in Blood (HKLM-x32\...\InstallShield_{019908AA-79E9-4389-A1AD-8BBEED63CFBA}) (Version: 1.01.0000 - Ubisoft)
Call of Juarez - Bound in Blood (x32 Version: 1.01.0000 - Ubisoft) Hidden
Call of Juarez: The Cartel (HKLM-x32\...\Steam App 33420) (Version: - Techland)
Caribbean Mah Jong (HKLM-x32\...\Caribbean Mah Jong_is1) (Version: 1.0 - MyPlayCity, Inc.)
Casy vikingu 1.1 (HKLM-x32\...\{Casy Vikingu verze pro korektor.cz 3}_is1) (Version: - Špidla Data Processing, s.r.o.)
Cave Quest (HKLM-x32\...\Cave Quest_is1) (Version: 1.0 - Media Contact LLC)
CCleaner (HKLM\...\CCleaner) (Version: 4.05 - Piriform)
Cesta za dobrodružstvím - Nadešel čas 1.5 (HKLM-x32\...\{Cesta za dobrodruzstvim - Nadesel cas}_is1) (Version: - Špidla Data Processing, s.r.o.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.0.53 - Conexant)
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (HKLM-x32\...\{260E3D78-94E6-47EC-8E29-46301572BB1E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Cradle of Egypt (HKLM-x32\...\Cradle of Egypt_is1) (Version: 1.0 - Media Contact LLC)
Crash Time II (HKLM-x32\...\Crash Time II_is1) (Version: 1.0 - City Interactive)
CueClub Demo (HKLM-x32\...\{E9C18DEC-165E-11D4-9D68-0020781864F1}) (Version: - )
Čarodějka v1.1a (HKLM-x32\...\{1.1a Carodejka}_is1) (Version: - Špidla Data Processing, s.r.o.)
Čarodějný žertík - žabí štěstí v1.1a (HKLM-x32\...\{1.1a Carodejny zertik - zabi stesti}_is1) (Version: - Špidla Data Processing, s.r.o.)
Časy Vikingů (HKLM-x32\...\{Časy Vikingů}_is1) (Version: - Špidla Data Processing, s.r.o.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Demolice (HKLM-x32\...\Demolice_is1) (Version: 1.0 - TopQer s.r.o.)
Detective Stories Hollywood (HKLM-x32\...\Detective Stories Hollywood_is1) (Version: 1.0 - Media Contact LLC)
Dobrodružný mahjongg - Kapitola 1 (HKLM-x32\...\Dobrodružný mahjongg - Kapitola 1) (Version: - )
Dragon Crossroads (HKLM-x32\...\Dragon Crossroads_is1) (Version: 1.0 - MyPlayCity, Inc.)
Drahokamový míč - Dávné legendy (HKLM-x32\...\{Drahokamovy mic - Davne legendy}_is1) (Version: - Špidla Data Processing, s.r.o.)
Dress-up Pups (HKLM-x32\...\Dress-up Pups_is1) (Version: 1.0 - Media Contact LLC)
Dům 1000 dveří: Dlaň Zarathustry. Sběratelská edice (HKLM-x32\...\Dům 1000 dveří: Dlaň Zarathustry. Sběratelská edice) (Version: - Alawar Entertainment Inc.)
Emilka Holubová - Montezumův poklad (HKLM-x32\...\Emilka Holubová - Montezumův poklad) (Version: - )
Enchanted Cavern 2 (HKLM-x32\...\Enchanted Cavern 2_is1) (Version: 1.0 - MyPlayCity, Inc.)
Escape From Lost Island (HKLM-x32\...\Escape From Lost Island_is1) (Version: 1.0 - Media Contact LLC)
Experiment 2 (HKLM-x32\...\Experiment 2_is1) (Version: 1.0 - Media Contact LLC)
Faraon v1.0 (HKLM-x32\...\{Faraon}_is1) (Version: - Špidla Data Processing, s.r.o.)
FBReader for Windows (HKLM-x32\...\FBReader for Windows) (Version: - )
Feng Šuej Mahjong (HKLM-x32\...\Feng Šuej Mahjong) (Version: - )
Fill And Cross - World Contest (HKLM-x32\...\Fill And Cross - World Contest_is1) (Version: 1.0 - MyPlayCity, Inc.)
Fishdom 2 (HKLM-x32\...\Fishdom 2_is1) (Version: 1.0 - MyPlayCity, Inc.)
Fishdom Harvest Splash (HKLM-x32\...\Fishdom Harvest Splash_is1) (Version: 1.0 - Media Contact LLC)
FlatOut2 (HKLM-x32\...\{D4006E71-FF32-44FF-AD5A-B5EE4389B825}_is1) (Version: 1.0 - US - ACTION, s.r.o.)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GamingWonderland (HKLM-x32\...\GamingWonderlandbar Uninstall) (Version: - GamingWonderland)
Global Ops: Commando Libya (remove only) (HKLM-x32\...\Global_Ops-CL) (Version: - bitComposer Games)
Golden Dozen Solitaire (HKLM-x32\...\GoldenDozenSolitaire_is1) (Version: 1.0 - Media Contact LLC)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Guard.ICQ (HKLM-x32\...\Guard.Mail.ru) (Version: - Mail.ru) <==== ATTENTION
Heat Wave (HKLM-x32\...\Heat Wave/EN/PL-English_is1) (Version: - City Interactive)
Hidden Object Crosswords (HKLM-x32\...\Hidden Object Crosswords_is1) (Version: 1.0 - MyPlayCity, Inc.)
Hledači pokladů (HKLM-x32\...\Hledači pokladů) (Version: - )
Hledači pokladů: Ztracené město (HKLM-x32\...\Hledači pokladů: Ztracené město) (Version: - Alawar Entertainment Inc.)
Hledání grálu v1.0 (HKLM-x32\...\{Hledani gralu}_is1) (Version: - Špidla Data Processing, s.r.o.)
Hledání grálu v1.1a (HKLM-x32\...\{1.1a Hledani gralu - Jane Angel}_is1) (Version: - Špidla Data Processing, s.r.o.)
Hloubka zrady v1.0 (HKLM-x32\...\{Hloubka zrady}_is1) (Version: - Špidla Data Processing, s.r.o.)
Hrdina království (HKLM-x32\...\Hrdina království) (Version: - Alawar Entertainment Inc.)
Chic Puzzles (HKLM-x32\...\Chic Puzzles_is1) (Version: 1.0 - MyPlayCity, Inc.)
In Search of the Lost Temple (HKLM-x32\...\In Search of the Lost Temple_is1) (Version: 1.0 - MyPlayCity, Inc.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
Jabber (HKLM-x32\...\Jabber_is1) (Version: 1.0 - MyPlayCity, Inc.)
Jane Angel 2 - Děti temnoty v1.0 (HKLM-x32\...\{Jane Angel 2 - Deti temnoty}_is1) (Version: - Špidla Data Processing, s.r.o.)
Jane Angel 2 - Děti temnoty v1.1a (HKLM-x32\...\{1.1a Jane Angel 2 - Deti temnoty}_is1) (Version: - Špidla Data Processing, s.r.o.)
Jantarová kletba v1.0 (HKLM-x32\...\{Jantarova kletba}_is1) (Version: - Špidla Data Processing, s.r.o.)
Java(TM) 6 Update 22 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416022FF}) (Version: 6.0.220 - Oracle)
Java(TM) 6 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216025F0}) (Version: 6.0.250 - Oracle)
Java(TM) 6 Update 30 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.300 - Oracle)
Jewel Match (HKLM-x32\...\Jewel Match_is1) (Version: 1.0 - Media Contact LLC)
Jewel Match 3 (HKLM-x32\...\Jewel Match 3_is1) (Version: 1.0 - MyPlayCity, Inc.)
Jewel Quest 2 (HKLM-x32\...\Jewel Quest 2_is1) (Version: 1.0 - Media Contact LLC)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kdo jsem v1.1a (HKLM-x32\...\{1.1a Kdo jsem}_is1) (Version: - Špidla Data Processing, s.r.o.)
Klenoty Východoindické Společnosti (HKLM-x32\...\Klenoty Východoindické Společnosti) (Version: - Alawar Entertainment Inc.)
Kobra 11 Nitro (HKLM-x32\...\{5AAA952E-B15E-47E0-94E4-DD6DC7B9C796}_is1) (Version: 3.0.0.CZ - US - ACTION, s.r.o.)
Kouzelný mořský svět 2 - Okolo světa 1.0 (HKLM-x32\...\{Kouzelny morsky svet 2 - Okolo sveta}_is1) (Version: - Špidla Data Processing, s.r.o.)
Kouzelný mořský svět 3 - Dobrodružství v Atlantidě 1.0 (HKLM-x32\...\{Kouzelny morsky svet 3 - Dobrodruzstvi v Atlantide}_is1) (Version: - Špidla Data Processing, s.r.o.)
Královské drahokamy (HKLM-x32\...\Královské drahokamy) (Version: - Alawar Entertainment Inc.)
Královské drahokamy (HKU\S-1-5-21-1733478658-4031006406-2309067913-1000\...\Královské drahokamy) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
Královský expres v1.0 (HKLM-x32\...\{Kralovsky expres}_is1) (Version: - Špidla Data Processing, s.r.o.)
Láska mezi kapkami krve v1.0 (HKLM-x32\...\{Laska mezi kapkami krve}_is1) (Version: - Spidla Data Processing, s.r.o.)
Ledová královna 1.0 (HKLM-x32\...\{Ledova kralovna}_is1) (Version: - Špidla Data Processing, s.r.o.)
Ledová královna 2 ver 1.1 (HKLM-x32\...\{Ledova kralovna 2}_is1) (Version: - Špidla Data Processing, s.r.o.)
Ledové Drahokamy (HKLM-x32\...\Ledové Drahokamy) (Version: - )
Legendy Avalonu Solitaire v1.1 (HKLM-x32\...\{Legendy Avalonu Solitaire}_is1) (Version: - Špidla Data Processing, s.r.o.)
Léon Clifton - Stopa zla v1.1 (HKLM-x32\...\{Leon Clifton - Stopa zla}_is1) (Version: - Spidla Data Processing, s.r.o.)
Libanky v pekle v1.1a (HKLM-x32\...\{1.1a Libanky v pekle}_is1) (Version: - Špidla Data Processing, s.r.o.)
Líbánky v pekle v1.2 (HKLM-x32\...\{Libanky v pekle}_is1) (Version: - Špidla Data Processing, s.r.o.)
Loď nářků v1.0 (HKLM-x32\...\{Lod narku}_is1) (Version: - Špidla Data Processing, s.r.o.)
Loutkové divadlo - Záhada Štěstíkova v1.0 (HKLM-x32\...\{Loutkove divadlo - Zahada Stestikova}_is1) (Version: - Špidla Data Processing, s.r.o.)
Loutkové divadlo - Ztracené město v1.0cs (HKLM-x32\...\{Loutkove divadlo - Ztracene mesto}_is1) (Version: - Špidla Data Processing, s.r.o.)
Mafia II (HKLM-x32\...\Steam App 50130) (Version: - 2K Czech)
Mahjong Business Style (HKLM-x32\...\Mahjong Business Style_is1) (Version: 1.0 - MyPlayCity, Inc.)
Mariáš 3.0 (HKLM-x32\...\{FB647435-FB6F-4926-A9BA-49C3306AE1AF}) (Version: 3.0.0 - Ganttsoft)
Marooned (HKLM-x32\...\Marooned_is1) (Version: 1.0 - MyPlayCity, Inc.)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.3.1000 - Maxthon International Limited)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.154 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Města duchů: Ultharské kočky – Sběratelská edice (HKLM-x32\...\Města duchů: Ultharské kočky – Sběratelská edice) (Version: - Alawar Entertainment Inc.)
Mesto blaznu v1.0 (HKLM-x32\...\{Mesto blaznu}_is1) (Version: - Špidla Data Processing, s.r.o.)
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (dansk) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1030) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Português) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 2070) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (suomi) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1035) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (svenska) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1053) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Türkçe) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1055) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Ελληνικά) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1032) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1, norsk språkpakke (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1044) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET-keretrendszer 4.5.1 (magyar) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1038) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klikni a spusť 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1011 - Microsoft Corporation)
Microsoft Office Starter 2010 - čeština (HKLM-x32\...\{90140011-0066-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Million Dollar Quest (HKLM-x32\...\Million Dollar Quest_is1) (Version: 1.0 - Media Contact LLC)
Morová rána v1.0 (HKLM-x32\...\{Morova rana}_is1) (Version: - Špidla Data Processing, s.r.o.)
Mozilla Firefox 25.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 25.0.1 (x86 cs)) (Version: 25.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 25.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Murder She Wrote 2 (HKLM-x32\...\Murder She Wrote 2_is1) (Version: 1.0 - MyPlayCity, Inc.)
MyPlayCity Toolbar (HKLM-x32\...\MyPlayCity Toolbar) (Version: - )
Na hraně příčetnosti: Syndrom Doriana Graye Sběratelská Edice (HKLM-x32\...\Na hraně příčetnosti: Syndrom Doriana Graye Sběratelská Edice) (Version: - Alawar Entertainment Inc.)
Nádherná zahrada (HKLM-x32\...\Nádherná zahrada) (Version: - )
Natalie Brooks - Poklad ztraceného království (HKLM-x32\...\Natalie Brooks - Poklad ztraceného království) (Version: - )
Noc plna kouzel v1.0 (HKLM-x32\...\{Noc plna kouzel}_is1) (Version: - Špidla Data Processing, s.r.o.)
NVIDIA 3D Vision Driver 267.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 267.21 - NVIDIA Corporation)
NVIDIA Graphics Driver 267.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 267.21 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.2.19.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.19.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
Odysseus - Dlouhá cesta domů v1.6 (HKLM-x32\...\{Odysseus - Dlouha cesta domu}_is1) (Version: - Špidla Data Processing, s.r.o.)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Pán počasí: Skryté království (HKLM-x32\...\Pán počasí: Skryté království) (Version: - Alawar Entertainment Inc.)
Pearl Puzzle (HKLM-x32\...\Pearl Puzzle_is1) (Version: 1.0 - MyPlayCity, Inc.)
Philips Songbird (HKLM-x32\...\Philips Songbird) (Version: 3.1.1615 (1615) - Koninklijke Philips Electronics N.V.)
Piková dama v1.1a (HKLM-x32\...\{1.1a Pikova dama}_is1) (Version: - Špidla Data Processing, s.r.o.)
Play Mahjong Forever (HKLM-x32\...\Play Mahjong Forever_is1) (Version: 1.0 - MyPlayCity, Inc.)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.5.02.12220 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.6.00.06030 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.5.10.05300 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06010 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06140 - Sony Corporation) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Poklady starověké sluje 1.0 (HKLM-x32\...\{Poklady starověké sluje}_is1) (Version: - Špidla Data Processing, s.r.o.)
Pomsta ducha - Soumrak nad Beaconem 1.1a (HKLM-x32\...\{1.1a Pomsta ducha - Soumrak nad Beaconem}_is1) (Version: - Špidla Data Processing, s.r.o.)
Pomsta ducha - Soumrak nad Beaconem v1.2 (HKLM-x32\...\{Pomsta ducha - Soumrak nad Beaconem 1.2}_is1) (Version: - Špidla Data Processing, s.r.o.)
Princ z Persie a hamižný kalif v1.0 (HKLM-x32\...\{Princ z Persie a hamizny kalif}_is1) (Version: - Špidla Data Processing, s.r.o.)
Project IGI2 - Covert Strike (HKLM-x32\...\InstallShield_{AF9DF4B7-5BDE-42F5-94EF-53311B55566B}) (Version: 1.20.000 - Název společnosti:)
Project IGI2 - Covert Strike (x32 Version: 1.20.000 - Název společnosti:) Hidden
Prokleté klenoty 1.1a (HKLM-x32\...\{1.1a Proklete klenoty}_is1) (Version: - Špidla Data Processing, s.r.o.)
Prokleté klenoty v1.0 (HKLM-x32\...\{Proklete klenoty}_is1) (Version: - Špidla Data Processing, s.r.o.)
Prokletý hřbitov - Krkavčí kletba 1.4 (HKLM-x32\...\{Proklety hrbitov - Krkavci kletba}_is1) (Version: - Špidla Data Processing, s.r.o.)
Proroctví ztraceného království v1.0b (HKLM-x32\...\{Proroctvi ztraceneho kralovstvi}_is1) (Version: - Špidla Data Processing, s.r.o.)
Příběh víly - Výprava za květinami v1.0 (HKLM-x32\...\{Pribeh vily - Vyprava za kvetinami}_is1) (Version: - Špidla Data Processing, s.r.o.)
Psí butik v1.1 (HKLM-x32\...\{Psi butik v1.1}_is1) (Version: - Špidla Data Processing, s.r.o.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.)
Putování za zvířaty v1.0 (HKLM-x32\...\{Putovani za zviraty}_is1) (Version: - Špidla Data Processing, s.r.o.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Rainbow Mystery (HKLM-x32\...\Rainbow Mystery_is1) (Version: 1.0 - MyPlayCity, Inc.)
Rainbow Web (HKLM-x32\...\Rainbow Web_is1) (Version: 1.0 - MyPlayCity, Inc.)
Rainbow Web 2 (HKLM-x32\...\Rainbow Web 2_is1) (Version: 1.0 - MyPlayCity, Inc.)
Rainbow Web 3 (HKLM-x32\...\Rainbow Web 3_is1) (Version: 1.0 - MyPlayCity, Inc.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.77 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.1.1.03020 - Sony Corporation) Hidden
Remote Play with PlayStation 3 (x32 Version: 1.1.0.15070 - Sony Corporation) Hidden
Robin's Island Adventure (HKLM-x32\...\Robin's Island Adventure_is1) (Version: 1.0 - MyPlayCity, Inc.)
Royal Envoy 2 Sběratelská edice (HKLM-x32\...\Royal Envoy 2 Sběratelská edice) (Version: - Alawar Entertainment Inc.)
Royal Gems (HKLM-x32\...\Royal Gems_is1) (Version: 1.0 - MyPlayCity, Inc.)
Royal Riddles - Fill and Cross (HKLM-x32\...\Royal Riddles - Fill and Cross_is1) (Version: 1.0 - MyPlayCity, Inc.)
Rune Of Fate (HKLM-x32\...\Rune Of Fate_is1) (Version: 1.0 - MyPlayCity, Inc.)
Rusalka a kouzelná perla v1.2 (HKLM-x32\...\{Rusalka a kouzelna perla}_is1) (Version: - Špidla Data Processing, s.r.o.)
Rybičky 2 - Na nové adrese (HKLM-x32\...\{Rybičky 2 - Na nové adrese}_is1) (Version: - Špidla Data Processing, s.r.o.)
Řečtí hrdinové (HKLM-x32\...\Řečtí hrdinové) (Version: - )
Říše Inků v1.0 (HKLM-x32\...\{Rise Inku}_is1) (Version: - Špidla Data Processing, s.r.o.)
Sanatorium Green Hills 1.1a (HKLM-x32\...\{1.1a Sanatorium Green Hills v2}_is1) (Version: - Špidla Data Processing, s.r.o.)
Sedm bran - BETA v1.0 (HKLM-x32\...\{Sedm bran - BETA}_is1) (Version: - Špidla Data Processing, s.r.o.)
Sedm Bran v1.0 (HKLM-x32\...\{Sedm Bran}_is1) (Version: - Špidla Data Processing, s.r.o.)
Sedm divů světa v1.0 (HKLM-x32\...\{Sedm divu sveta}_is1) (Version: - Špidla Data Processing, s.r.o.)
Sestry - Spojeny krvi v1.1a (HKLM-x32\...\{1.1a Sestry - Spojeny krvi}_is1) (Version: - Špidla Data Processing, s.r.o.)
Seven Gates (HKLM-x32\...\Seven Gates_is1) (Version: 1.0 - Media Contact LLC)
Seznam Pošťák (Pouze já.) (HKU\S-1-5-21-1733478658-4031006406-2309067913-1000\...\szn-software-postak) (Version: - )
Seznam Software (HKU\S-1-5-21-1733478658-4031006406-2309067913-1000\...\SeznamInstall) (Version: - Seznam.cz)
Síla lásky v1.0 (HKLM-x32\...\{Sila lasky}_is1) (Version: - Špidla Data Processing, s.r.o.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Smaragdová země Solitaire v1.0 (HKLM-x32\...\{Smaragdova zeme Solitaire}_is1) (Version: - Špidla Data Processing, s.r.o.)
Sniper Skrytý bojovník (HKLM-x32\...\Sniper Skrytý bojovník_is1) (Version: 1.0 - City Interactive)
Solitaire Game Ultra (HKLM-x32\...\Solitaire Game Ultra_is1) (Version: 1.0 - MyPlayCity, Inc.)
Solitaire Maniac 1.9 (HKLM-x32\...\SM18_is1) (Version: 1.9 - JTL Development, Inc.)
Sony Corporation (Version: 1.0.0 - Default Company Name) Hidden
Splněné sny v1.0 (HKLM-x32\...\{Splnene sny}_is1) (Version: - Špidla Data Processing, s.r.o.)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Starshine 4.díl (HKLM-x32\...\{C4ECF493-29C4-4CB7-903E-90C28F3D0C00}) (Version: 1.00.000 - )
Stavba Velké čínské zdi Sběratelská Edice (HKLM-x32\...\Stavba Velké čínské zdi Sběratelská Edice) (Version: - Alawar Entertainment Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Světový pohár v mahjongu (HKLM-x32\...\Světový pohár v mahjongu) (Version: - Alawar Entertainment Inc.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Šerif Standa 2 - Případ ztracené věci 1.0 (HKLM-x32\...\{Serif Standa 2 - Pripad ztracene veci}_is1) (Version: - Špidla Data Processing, s.r.o.)
Tajemství věků (HKLM-x32\...\{Tajemství věků}_is1) (Version: - Špidla Data Processing, s.r.o.)
Tajemství věků v1.0 (HKLM-x32\...\{Tajemstvi veku}_is1) (Version: - Špidla Data Processing, s.r.o.)
Terrorist Takedown: War in Colombia (HKLM-x32\...\TTWICENG_is1) (Version: - City Interactive)
The Lost Kingdom Prophecy (HKLM-x32\...\The Lost Kingdom Prophecy_is1) (Version: 1.0 - MyPlayCity, Inc.)
The Surprising Adventures of Munchausen (HKLM-x32\...\The Surprising Adventures of Munchausen_is1) (Version: 1.0 - MyPlayCity, Inc.)
Tibet volá 1.50 (HKLM-x32\...\{Tibet vola}_is1) (Version: - Špidla Data Processing, s.r.o.)
Tornádo v1.0 (HKLM-x32\...\{Tornado}_is1) (Version: - Špidla Data Processing, s.r.o.)
Tornado v1.1a (HKLM-x32\...\{1.1a Tornado}_is1) (Version: - Špidla Data Processing, s.r.o.)
Trainz Simulator 12 (HKLM-x32\...\AuranTS2009_is1) (Version: - Auran)
Twisted Lands - Shadow Town (HKLM-x32\...\Twisted Lands - Shadow Town_is1) (Version: 1.0 - MyPlayCity, Inc.)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Underwater Puzzle (HKLM-x32\...\Underwater Puzzle_is1) (Version: 1.0 - Media Contact LLC)
Unity Web Player (HKU\S-1-5-21-1733478658-4031006406-2309067913-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Úplněk v1.0 (HKLM-x32\...\{Uplnek}_is1) (Version: - Špidla Data Processing, s.r.o.)
Utajený svět umění 2 1.0 (HKLM-x32\...\{Utajeny svet umeni 2}_is1) (Version: - Špidla Data Processing, s.r.o.)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{66081CDD-C1FE-415F-BB3A-F2622BA27461}) (Version: 1.6.00.06030 - Sony Corporation)
VAIO - PMB VAIO Edition Plug-in (HKLM-x32\...\InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}) (Version: 1.6.00.06140 - Sony Corporation)
VAIO - Remote Keyboard (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.0.1.03020 - Sony Corporation)
VAIO - Remote Play with PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.1.0.15070 - Sony Corporation)
VAIO Care (HKLM\...\{55A60C1D-BEBF-4249-BFB2-F4E5C2E77988}) (Version: 8.4.1.07021 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{6ED1750E-F44F-4635-8F0D-B76B9262B7FB}) (Version: 1.1.1.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.5.0.03040 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.6.0.13140 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.6.0.13140 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.2.01120 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.1.2.01120 - Sony Corporation) Hidden
VAIO Event Service (HKLM-x32\...\{73D8886A-D416-4687-B609-0D3836BA410C}) (Version: 5.5.0.03040 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.3.0.11090 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.4.0.03240 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.2.0.14280 - Sony Corporation) Hidden
VAIO Hero Screensaver - Summer 2011 Screensaver (HKLM-x32\...\VAIO Hero Screensaver - Summer 2011 Screensaver) (Version: - )
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 1.0.0.14150 - Sony Corporation)
VAIO Improvement Validation (HKLM\...\{75C95C84-264F-4CC7-8A7E-346444E6C7C1}) (Version: 1.0.4.01190 - Sony Corporation)
VAIO Manual (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 2.0.0.02250 - Sony Corporation)
VAIO Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.5.3 - Sony Corporation)
VAIO Quick Web Access (x32 Version: 1.4.5.3 - Sony Corporation) Hidden
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.4.2.09010 - Sony Corporation)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.5.0.02280 - Sony Corporation)
VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.4.0.14230 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Věčná cesta: Nová Atlantida (HKLM-x32\...\Věčná cesta: Nová Atlantida) (Version: - Alawar Entertainment Inc.)
Veselá kuřata (HKLM-x32\...\Veselá kuřata) (Version: - )
VESx64 (Version: 1.0.0 - Sony Corporation) Hidden
VESx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Video Download Converter version 1.0.0.0 (HKLM-x32\...\VDC_is1) (Version: 1.0.0.0 - ) <==== ATTENTION
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Vojensky ujezd Ralsko - Cihajici sovet v1.1a (HKLM-x32\...\{1.1a Vojensky ujezd Ralsko - Cihajici sovet}_is1) (Version: - Špidla Data Processing, s.r.o.)
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Vykutálená kouzla 1.5 (HKLM-x32\...\{Vykutalena kouzla}_is1) (Version: - Špidla Data Processing, s.r.o.)
War Thunder Launcher 1.0.1.278 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - 2013 Gaijin Entertainment Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (HKLM-x32\...\{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Witches Pranks Frogs Fortune (HKLM-x32\...\Witches Pranks Frogs Fortune_is1) (Version: 1.0 - Media Contact LLC)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
World of Warplanes (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C813EU}_is1) (Version: - Wargaming.net)
World's Greatest Temples Mahjong (HKLM-x32\...\World's Greatest Temples Mahjong_is1) (Version: 1.0 - MyPlayCity, Inc.)
Xvid 1.1.3 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.1 - Xvid team (Koepi))
Začarovaná jeskyně (HKLM-x32\...\Začarovaná jeskyně) (Version: - Alawar Entertainment Inc.)
Začarovaná jeskyně 2 (HKLM-x32\...\Začarovaná jeskyně 2) (Version: - Alawar Entertainment Inc.)
Zahada Inku v1.0 (HKLM-x32\...\{Zahada Inku}_is1) (Version: - Špidla Data Processing, s.r.o.)
Záhadná kuchařka (HKLM-x32\...\Záhadná kuchařka) (Version: - )
Záhadné město - Zlatá Praha 1.1a (HKLM-x32\...\{1.1a Záhadné město - Zlatá Praha}_is1) (Version: - Špidla Data Processing, s.r.o.)
Zachraň syna v1.0 (HKLM-x32\...\{Zachran syna}_is1) (Version: - Špidla Data Processing, s.r.o.)
Záchvěv - Ztracená stopařka v1.0 (HKLM-x32\...\{Zachvev - Ztracena stoparka}_is1) (Version: - Špidla Data Processing, s.r.o.)
Zakázaná Tajemství: Město Mimozemšťanů (HKLM-x32\...\Zakázaná Tajemství: Město Mimozemšťanů) (Version: - Alawar Entertainment Inc.)
Zakázaná Tajemství: Město Mimozemšťanů Sběratelská Edice (HKLM-x32\...\Zakázaná Tajemství: Město Mimozemšťanů Sběratelská Edice) (Version: - Alawar Entertainment Inc.)
Ze života hmyzu v1.0 (HKLM-x32\...\{Ze zivota hmyzu}_is1) (Version: - Špidla Data Processing, s.r.o.)
Zelený měsíc v1.0 (HKLM-x32\...\{Zeleny mesic}_is1) (Version: - Špidla Data Processing, s.r.o.)
Zen Mosaics (HKLM-x32\...\Zen Mosaics_is1) (Version: 1.0 - MyPlayCity, Inc.)
Zlatá horečka v1.0 (HKLM-x32\...\{Zlata horecka}_is1) (Version: - Špidla Data Processing, s.r.o.)
Zlodeji dusi - Sberatelska edice v1.1 (HKLM-x32\...\{Zlodeji dusi - Sberatelska edice}_is1) (Version: - Špidla Data Processing, s.r.o.)
Zloději duší 1.1a (HKLM-x32\...\{1.1a Zlodeji dusi}_is1) (Version: - Špidla Data Processing, s.r.o.)
Zloději duší v1.1 (HKLM-x32\...\{Zlodeji dusi}_is1) (Version: - Špidla Data Processing, s.r.o.)
Ztracené Eldorádo 1.0 (HKLM-x32\...\{Ztracené Eldorádo}_is1) (Version: - Špidla Data Processing, s.r.o.)
Ztracený poklad 1.2 (HKLM-x32\...\{49A30D6B-CCD8-4741-91FD-0E3FCC0D3A13}_is1) (Version: - Špidla Data Processing, s.r.o.)
Živlíci v1.0 (HKLM-x32\...\{Zivlici}_is1) (Version: - Špidla Data Processing, s.r.o.)
Živoucí Legendy: Ledová Růže (HKLM-x32\...\Živoucí Legendy: Ledová Růže) (Version: - Alawar Entertainment Inc.)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Елемент керування Windows Live Mesh ActiveX для віддалених підключень (HKLM-x32\...\{6756D5CA-3E31-4308-9BF0-79DFD1AF196E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Основи Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотоколекція Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1733478658-4031006406-2309067913-1000_Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}\InprocServer32 -> C:\PROGRA~2\APPGRA~1\APPGRA~2.DLL No File

==================== Restore Points =========================

19-11-2014 13:46:34 Windows Update
26-11-2014 15:44:55 avast! antivirus system restore point
27-11-2014 16:55:52 Operace obnovení
03-12-2014 19:27:49 Windows Update
04-12-2014 16:27:04 zoek.exe restore point
06-12-2014 12:34:15 ComboFix created restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-12-06 16:03 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {03701A1E-F6AA-4FC4-A7AB-7FC26B7CA26E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-14] (Google Inc.)
Task: {0D8894A9-7E37-40F7-9468-5B77F8BE55C8} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient
Task: {10D753B1-4478-4A1B-9175-A0AC71F3BC17} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation)
Task: {1370A415-CFBC-40AC-8F48-B3C7641EA77D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-26] (Adobe Systems Incorporated)
Task: {208CFF4A-F2A6-41B9-ADC5-5D437F007BC5} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {2EACEC3A-92FF-48EC-8D91-A129B1D613E8} - System32\Tasks\SONY\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2010-11-16] (Sony Corporation)
Task: {30D98184-6119-4F85-83FE-49C9F2CEAF07} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {54306EF0-8351-4C4F-82D7-7DABF1846606} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd)
Task: {5BEF18C2-6BE9-4C5D-A79B-B1A6EF709270} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {5C7EDEB1-42F4-448D-A3FC-1EDA9EC00253} - System32\Tasks\SONY\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2010-11-16] (Sony Corporation)
Task: {642C0E85-E670-4ADE-998B-367DA128991C} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-02-15] (Sony Corporation)
Task: {70E83A0B-46E4-43AB-BE36-771D3CC0DDB7} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-26] (AVAST Software)
Task: {8078479D-D875-4CE9-BCA2-F5F6E4C42179} - System32\Tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation => C:\Program Files\Sony\VAIO Improvement Validation\viv.exe [2011-01-20] (Sony Corporation)
Task: {8C4A5DD8-B898-436F-887A-1337E42BBB96} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-14] (Google Inc.)
Task: {9D8CA11D-CA1B-4BE8-8FC1-D7F598F37666} - System32\Tasks\Imperia Online W4 => Chrome.exe \C:\Program Files (x86)\Google\Chrome\Application\chrome.exe\" --app=http://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1600,900"
Task: {A0FDF268-12B9-43D6-807A-BFD0234241AB} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation)
Task: {A4D293F0-AA3D-4389-8A47-79E5B64DB8F5} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {A91EE730-2B5E-466F-B5A1-1E8E4985BD6C} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {AE759EA9-4455-4759-ACC3-45F7ED1A5AEB} - System32\Tasks\Opera scheduled Autoupdate 1417021221 => C:\Program Files (x86)\Opera\launcher.exe [2014-11-20] (Opera Software)
Task: {B40DC431-445C-4FB6-B1D3-75B4ADAB4648} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {C7761DDC-B769-40B2-8FD5-C4EEA7940B31} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {D523FE6E-48DF-48F4-AD1B-6F6007CC645D} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {DE99DBE4-322D-45AD-A2E7-8203B5E04210} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-06-25] (Sony Corporation)
Task: {DEBA52DA-363F-4864-85B0-31F75A24C9DC} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {E7769474-F16B-4656-9D53-E87D66E26194} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {EDC6EF54-4FF2-4666-B43A-B626AD558071} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {EF7AA36A-5965-4C4C-A491-AA5E9F5920B5} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {F01A5126-CE5F-4701-A470-6FB498379EA4} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [2014-11-06] (Maxthon International ltd.)
Task: {F125C1D4-AA0F-4B9D-AC60-2F69703BF027} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-05-29 17:42 - 2014-05-29 17:42 - 00075064 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-12-07 10:43 - 2014-12-07 10:43 - 02905088 _____ () C:\Program Files\AVAST Software\Avast\defs\14120700\algo.dll
2014-08-30 07:19 - 2014-11-11 19:48 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-30 07:19 - 2014-11-11 19:48 - 00442368 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-30 07:19 - 2014-11-11 19:48 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2013-03-12 17:10 - 2014-11-11 19:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-22 17:48 - 2014-11-18 21:23 - 02227904 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-30 07:19 - 2014-11-11 19:48 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-30 07:19 - 2014-11-11 19:48 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2012-04-25 16:42 - 2014-11-18 21:23 - 00690880 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-11-26 16:47 - 2014-11-26 16:47 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-04-25 16:42 - 2014-11-11 19:48 - 34589888 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-10-18 08:00 - 2014-10-18 08:00 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ba8588c3319d63350220ec2ac3eb2c36\IsdiInterop.ni.dll
2011-08-08 19:20 - 2010-09-13 18:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-11-01 14:59 - 2013-11-01 14:59 - 00347136 _____ () C:\Program Files\Sony\VAIO Care\Iolo\vosges.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:D3212CCB
AlternateDataStreams: C:\Users\Evža\Desktop\adwcleaner_4.103.exe:xdg.origin.url
AlternateDataStreams: C:\Users\Evža\Desktop\adwcleaner_4.103.exe:xdg.referrer.url
AlternateDataStreams: C:\Users\Evža\Downloads\message_25845.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-1733478658-4031006406-2309067913-500 - Administrator - Disabled)
Evža (S-1-5-21-1733478658-4031006406-2309067913-1000 - Administrator - Enabled) => C:\Users\Evža
Guest (S-1-5-21-1733478658-4031006406-2309067913-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1733478658-4031006406-2309067913-1004 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (12/07/2014 10:43:58 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program chrome.exe verze 39.0.2171.71 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: f04

Čas spuštění: 01d0116b272dc741

Čas ukončení: 60000

Cesta k aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

ID hlášení: 42b3ed77-7df5-11e4-a3f6-ccaf78c07bdc

Error: (12/06/2014 04:05:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/06/2014 00:50:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GuardICQ.exe, verze: 1.0.0.296, časové razítko: 0x4eca79c9
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000
ID chybujícího procesu: 0x588
Čas spuštění chybující aplikace: 0xGuardICQ.exe0
Cesta k chybující aplikaci: GuardICQ.exe1
Cesta k chybujícímu modulu: GuardICQ.exe2
ID zprávy: GuardICQ.exe3

Error: (12/05/2014 08:43:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/04/2014 05:56:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (12/07/2014 10:53:02 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Hlavní prohledávač přijal oznámení serveru od počítače ADAM-UBUNTU,
který se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{6C63C071-3331-4A1F-9A76-4659643607B2}.
Hlavní prohledávač bude ukončen nebo bude vyvolána volba.

Error: (12/06/2014 04:06:51 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Energy Server Service byla ukončena s následující chybou:
%%268439612

Error: (12/06/2014 04:03:14 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \SystemRoot\SysWow64\Drivers\GEARAspiWDM.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (12/06/2014 03:45:26 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (12/06/2014 03:45:19 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (12/06/2014 03:41:01 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (12/06/2014 03:33:50 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (12/06/2014 03:33:49 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (12/06/2014 02:25:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba McAfee SiteAdvisor Service neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (12/06/2014 01:51:47 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Microsoft Office Sessions:
=========================
Error: (12/07/2014 10:43:58 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe39.0.2171.71f0401d0116b272dc74160000C:\Program Files (x86)\Google\Chrome\Application\chrome.exe42b3ed77-7df5-11e4-a3f6-ccaf78c07bdc

Error: (12/06/2014 04:05:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/06/2014 00:50:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: GuardICQ.exe1.0.0.2964eca79c9unknown0.0.0.000000000c00000050000000058801d010c38c7e625bC:\Program Files (x86)\Guard-ICQ\GuardICQ.exeunknown01688c63-7d3e-11e4-86c4-ccaf78c07bdc

Error: (12/05/2014 08:43:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/04/2014 05:56:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

CodeIntegrity Errors:
===================================
Date: 2014-12-06 15:33:50.048
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-12-06 15:33:49.923
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-12-06 15:33:49.814
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-12-06 15:33:49.705
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-12-06 13:51:09.142
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-12-06 13:51:09.017
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Percentage of memory in use: 42%
Total physical RAM: 4077.86 MB
Available physical RAM: 2353.47 MB
Total Pagefile: 8153.9 MB
Available Pagefile: 6035.11 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:580.49 GB) (Free:314.5 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 68A36946)
Partition 1: (Not Active) - (Size=15.6 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=580.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================

#23 Příspěvek od **Márty84** » 07 pro 2014 14:45

funkymusic píše:***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Ev�a\Desktop" je 41407 MB.

Velikost plochy by nemela preshovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku

Odinstalujte McAfee SiteAdvisor

Vypnete trvale Windows Defender

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1733478658-4031006406-2309067913-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://vaioportal.sony.eu
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://sony.msn.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://sony.msn.com
HKU\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://sony.msn.com
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM-x32 - MyPlayCity Toolbar - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:\Program Files (x86)\MyPlayCity\tbMyP0.dll (Conduit Ltd.)
SearchScopes: HKLM-x32 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-1733478658-4031006406-2309067913-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-1733478658-4031006406-2309067913-1000 -> No Name - {4724C5D8-DFA7-417A-A2F5-1EABFEE9B4AC} - No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll No File
FF SearchPlugin: C:\Users\Evža\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\searchplugins\yqs-barff-yandex.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF Extension: MyPlayCity Toolbar - C:\Users\Evža\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\Extensions\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} [2013-04-30]
FF Extension: Seznam lištička - C:\Users\Evža\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-09-21]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2011-08-08]

CHR HomePage: Default -> hxxp://start.myplaycity.com/
CHR Extension: (SiteAdvisor) - C:\Users\Evža\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-08-27]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-11-26]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - No Path

2014-12-04 20:19 - 2014-12-04 20:20 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Evža\Downloads\mbam-setup-2.0.4.1028.exe
2014-11-26 16:43 - 2014-11-26 16:45 - 00000000 ____D () C:\Users\Evža\AppData\Local\Yandex
2014-11-26 16:42 - 2014-12-03 18:48 - 00000000 ____D () C:\Users\Evža\AppData\Roaming\Yandex

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\ProgramData\TEMP:D3212CCB
AlternateDataStreams: C:\Users\Evža\Desktop\adwcleaner_4.103.exe:xdg.origin.url
AlternateDataStreams: C:\Users\Evža\Desktop\adwcleaner_4.103.exe:xdg.referrer.url
AlternateDataStreams: C:\Users\Evža\Downloads\message_25845.eml:OECustomProperty

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher" /f

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

funkymusic · #24 Příspěvek od **funkymusic** » 07 pro 2014 15:22

S plochou jsem si pohrál, byla tam cca 7GB hudby, 2,5 GB nějakého výletu a 26 GB fotek, tak jsem to přetáh jinám, snad to stačí.

Zde je fixlog. Díky:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-12-2014 01
Ran by Evža at 2014-12-07 15:12:44 Run:1
Running from C:\Users\Evža\Desktop
Loaded Profile: Evža (Available profiles: Evža)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1733478658-4031006406-2309067913-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://vaioportal.sony.eu
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://sony.msn.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://sony.msn.com
HKU\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://sony.msn.com
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM-x32 - MyPlayCity Toolbar - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:\Program Files (x86)\MyPlayCity\tbMyP0.dll (Conduit Ltd.)
SearchScopes: HKLM-x32 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-1733478658-4031006406-2309067913-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-1733478658-4031006406-2309067913-1000 -> No Name - {4724C5D8-DFA7-417A-A2F5-1EABFEE9B4AC} - No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll No File
FF SearchPlugin: C:\Users\Evža\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\searchplugins\yqs-barff-yandex.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF Extension: MyPlayCity Toolbar - C:\Users\Evža\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\Extensions\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} [2013-04-30]
FF Extension: Seznam lištička - C:\Users\Evža\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-09-21]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2011-08-08]

CHR HomePage: Default -> hxxp://start.myplaycity.com/
CHR Extension: (SiteAdvisor) - C:\Users\Evža\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-08-27]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-11-26]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - No Path

2014-12-04 20:19 - 2014-12-04 20:20 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Evža\Downloads\mbam-setup-2.0.4.1028.exe
2014-11-26 16:43 - 2014-11-26 16:45 - 00000000 ____D () C:\Users\Evža\AppData\Local\Yandex
2014-11-26 16:42 - 2014-12-03 18:48 - 00000000 ____D () C:\Users\Evža\AppData\Roaming\Yandex

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\ProgramData\TEMP:D3212CCB
AlternateDataStreams: C:\Users\Evža\Desktop\adwcleaner_4.103.exe:xdg.origin.url
AlternateDataStreams: C:\Users\Evža\Desktop\adwcleaner_4.103.exe:xdg.referrer.url
AlternateDataStreams: C:\Users\Evža\Downloads\message_25845.eml:OECustomProperty

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher" /f

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-1733478658-4031006406-2309067913-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL => value deleted successfully.
HKU\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL => value deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\ => value deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => Key deleted successfully.
"HKCR\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
"HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}" => Key not found.
"HKCR\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}" => Key not found.
"HKCR\Wow6432Node\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}" => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} => Value not found.
"HKCR\CLSID\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}" => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} => Value not found.
"HKCR\Wow6432Node\CLSID\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}" => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => Key deleted successfully.
HKU\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => Key not found.
HKU\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4724C5D8-DFA7-417A-A2F5-1EABFEE9B4AC} => value deleted successfully.
"HKCR\CLSID\{4724C5D8-DFA7-417A-A2F5-1EABFEE9B4AC}" => Key not found.
"HKCR\PROTOCOLS\Handler\dssrequest" => Key not found.
"HKCR\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5}" => Key not found.
"HKCR\Wow6432Node\PROTOCOLS\Handler\dssrequest" => Key not found.
"HKCR\Wow6432Node\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5}" => Key not found.
"HKCR\PROTOCOLS\Handler\sacore" => Key not found.
"HKCR\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5}" => Key not found.
"HKCR\Wow6432Node\PROTOCOLS\Handler\sacore" => Key not found.
"HKCR\Wow6432Node\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5}" => Key not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin" => Key deleted successfully.
C:\Users\Evža\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\searchplugins\yqs-barff-yandex.xml => Moved successfully.
C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml => Moved successfully.
C:\Users\Evža\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\Extensions\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} => Moved successfully.
C:\Users\Evža\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} => Moved successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92} => Value not found.
C:\Program Files (x86)\McAfee\SiteAdvisor => Moved successfully.
Chrome HomePage deleted successfully.
C:\Users\Evža\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho directory not found.
"HKLM\SOFTWARE\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho" => Key not found.
"C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx" => File/Directory not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho" => Key not found.
C:\Users\Evža\Downloads\mbam-setup-2.0.4.1028.exe => Moved successfully.
C:\Users\Evža\AppData\Local\Yandex => Moved successfully.
C:\Users\Evža\AppData\Roaming\Yandex => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\ProgramData\TEMP => ":D3212CCB" ADS removed successfully.
C:\Users\Evža\Desktop\adwcleaner_4.103.exe => ":xdg.origin.url" ADS removed successfully.
C:\Users\Evža\Desktop\adwcleaner_4.103.exe => ":xdg.referrer.url" ADS removed successfully.
C:\Users\Evža\Downloads\message_25845.eml => ":OECustomProperty" ADS removed successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 2 GB temporary data.

The system needed a reboot.

==== End of Fixlog ====

funkymusic · #25 Příspěvek od **funkymusic** » 07 pro 2014 15:27

/e: Plocha povyklizená

#26 Příspěvek od **Márty84** » 07 pro 2014 16:43

Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

funkymusic · #27 Příspěvek od **funkymusic** » 07 pro 2014 16:49

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Home Premium Edition SP1 [6.1 Build 7601] (x64)
Date : 2014/12/07 16:49:31

-- Controller Map ----------------------------------------------------------
+ Intel(R) Mobile Express Chipset SATA AHCI Controller [ATA]
- ST9640320AS
- Optiarc DVD RW AD-7740H

-- Disk List ---------------------------------------------------------------
(1) ST9640320AS : 640,1 GB [0/0/0, pd1] - st

----------------------------------------------------------------------------
(1) ST9640320AS
----------------------------------------------------------------------------
Model : ST9640320AS
Firmware : 0001SDM1
Serial Number : 5WX3SZ55
Disk Size : 640,1 GB (8,4/137,4/640,1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 1250263728
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/300
Power On Hours : 8057 hod.
Power On Count : 2984 krát
Host Reads : 1612 GB
Host Writes : 1707 GB
Temparature : 28 C (82 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 110 _99 __6 00000198A9C8 Počet chyb čtení
03 100 100 _85 000000000000 Čas na roztočení ploten
04 _98 _98 _20 000000000BA9 Počet spuštění/zastavení
05 100 100 _36 000000000000 Počet přemapovaných sektorů
07 _75 _60 _30 00050A822486 Počet chybných hledání
09 _91 _91 __0 000000001F79 Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _98 _98 _20 000000000BA8 Počet cyklů zapnutí zařízení
B8 100 100 _99 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _72 _53 _45 00001C1A001C Teplota toku vzduchu
BF 100 100 __0 00000000015D Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 00000000002E Počet vypnutí disku
C1 _86 _86 __0 00000000738F Počet cyklů načítání/vymazání
C2 _28 _47 __0 00110000001C Teplota
C3 _47 _41 __0 00000198A9C8 Počet oprav chybného čtení
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
F0 100 253 __0 714B00001F45 Čas nastavování hlaviček - v hodinách
F1 100 253 __0 0000D57B4106 Total LBAs Written
F2 100 253 __0 0000C991961E Total LBAs Read
FE 100 100 __0 000000000000 Ochrana proti pádu

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 3557 3557 5833 535A 3535
020: 0000 4000 0004 3030 3031 4D31 4D31 5354 3936 3430
030: 3332 3041 5320 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0F06 0F06 0000 0048 0048
080: 01F0 0029 746B 7D09 61E3 BC09 BC09 61E3 407F 004B
090: 004B 8080 FFFE 0000 D000 0000 0000 0000 0000 0000
100: 82B0 4A85 0000 0000 0000 0000 0000 0000 5000 C500
110: 3D1A 83AC 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0021 82B0
130: 4A85 82B0 4A85 2020 0002 0108 0108 5000 3C06 3C0A
140: 0000 0078 0000 0008 0000 007F 007F 0280 0000 0000
150: 0008 0000 0000 0000 0000 0000 0000 0000 4100 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 103F 103F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 1010 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 67A5

#28 Příspěvek od **Márty84** » 07 pro 2014 17:50

Disk hlasi spoustu chyb. I to muze byt pricina problemu.

Jak dlouho trva start pc? A jak dlouho trva start do nouzoveho rezimu?

funkymusic · #29 Příspěvek od **funkymusic** » 07 pro 2014 17:54

Tady vše normálně, tenhle problém je u druhého notebooku. Tady ten se zdá, že už je vyřešený, už je zdravý?

#30 Příspěvek od **Márty84** » 07 pro 2014 17:57

funkymusic píše:tenhle problém je u druhého notebooku

Tak davejte pozor, do ktereho tematu o kterem pc pisete, je v tom pak hrozny chaos a ztracim se v tom

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

vyosek píše: T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe
Stahnete a spustte

Pro potvrzeni volby mackejte A, Enter

Po pouziti utilitu smazte

Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak je na tom pc.

VIRY.CZ

Notebook Sony Vaio se zasekává

Re: Notebook Sony Vaio se zasekává

Re: Notebook Sony Vaio se zasekává

Re: Notebook Sony Vaio se zasekává

Re: Notebook Sony Vaio se zasekává

Re: Notebook Sony Vaio se zasekává

Re: Notebook Sony Vaio se zasekává

Re: Notebook Sony Vaio se zasekává

Re: Notebook Sony Vaio se zasekává

Re: Notebook Sony Vaio se zasekává

Re: Notebook Sony Vaio se zasekává

Re: Notebook Sony Vaio se zasekává

Re: Notebook Sony Vaio se zasekává

Re: Notebook Sony Vaio se zasekává

Re: Notebook Sony Vaio se zasekává

Re: Notebook Sony Vaio se zasekává