VIRY.CZ

Zdravím,

mám problém s Windows 7. Soustavně zamrzají avšak nevidím žádný zřejmý důvod. Mohl by mi někdo prosím poradit, v čem je chyba? Co se těchto problémů týče jsem naprostý amatér. Díky

zdravim
vloz sem log z FRST.
Podrobny navod:
http://forum.viry.cz/viewtopic.php?f=24 ... 3#p1228363

Pardon za zdržení

Snad je to správně:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by Jindřich (administrator) on JINDŘICH-PC on 02-10-2013 22:55:00
Running from C:\Users\Jindřich\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(Validity Sensors, Inc.) C:\Windows\system32\vcsFPService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Windows\System32\tcpsvcs.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
() c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVCapSvc.exe
(CyberLink Corp.) c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
(CyberLink) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jusched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
() C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DPAgent.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Piriform Ltd) C:\Program Files\Defraggler\Defraggler64.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
() C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google Inc.) C:\Users\Jindřich\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jindřich\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jindřich\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jindřich\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jindřich\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jindřich\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jindřich\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jindřich\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Jindřich\AppData\Local\Google\Chrome\Application\chrome.exe
() C:\PROGRA~2\SAFEPC~2\bar\1.bin\AppIntegrator64.exe
(VER_COMPANY_NAME) C:\PROGRA~2\SAFEPC~2\bar\1.bin\89brmon.exe
(COMPANYVERS_NAME) C:\PROGRA~2\SAFEPC~2\bar\1.bin\89barsvc.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SmartMenu] - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610872 2009-08-25] ()
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Java\jre6\bin\jusched.exe [171520 2010-01-09] (Sun Microsystems, Inc.)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-06-20] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-23] (IDT, Inc.)
HKLM\...\Run: [SafePCRepair Home Page Guard 64 bit] - C:\Program Files (x86)\SafePCRepair_89\bar\1.bin\AppIntegrator64.exe [548936 2013-10-02] ()
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
MountPoints2: {0d44aa45-631f-11df-afd2-806e6f6e6963} - F:\ENGINE\GSCD.EXE
MountPoints2: {45be07d6-632d-11df-b2b4-00271389aae7} - G:\Autorun.exe
MountPoints2: {68e7d5a8-b3aa-11df-8250-00271389aae7} - H:\Setup.exe
HKLM-x32\...\Run: [Corel File Shell Monitor] - C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe [15544 2009-08-25] ()
HKLM-x32\...\Run: [HPCam_Menu] - c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [QlbCtrl.exe] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [322104 2009-08-20] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Easybits Recovery] - C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [60464 2009-09-02] (EasyBits Software AS)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [WirelessAssistant] - C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1164584 2010-09-01] ()
HKLM-x32\...\Run: [NeroFilterCheck] - C:\Windows\system32\NeroCheck.exe
HKLM-x32\...\Run: [DpAgent] - C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe [842816 2009-12-01] (DigitalPersona, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2012-03-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [SafePCRepair Search Scope Monitor] - C:\PROGRA~2\SAFEPC~2\bar\1.bin\89srchmn.exe [44784 2013-10-02] (MindSpark)
HKLM-x32\...\Run: [SafePCRepair_89 Browser Plugin Loader] - C:\Program Files (x86)\SafePCRepair_89\bar\1.bin\89brmon.exe [30096 2013-10-02] (VER_COMPANY_NAME)
Lsa: [Notification Packages] scecli DPPWDFLT

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.ph ... &ch_id=osd
URLSearchHook: (No Name) - {be823b8c-a7ec-4078-a321-0f8046cbb48a} - No File
SearchScopes: HKLM - DefaultScope {B039F9CF-D867-4A7E-9952-CF3A96BCA8AD} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL = http://search.qip.ru/search?query={searchTerms}&from=IE
SearchScopes: HKCU - {2D34A4A8-9823-408C-ACBE-8FF201BC3496} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... &ch_id=osd
SearchScopes: HKCU - {680D2489-D9B8-4B96-AFB4-5CD49F517635} URL = http://websearch.ask.com/redirect?clien ... B1180A3611
SearchScopes: HKCU - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL = http://search.qip.ru/search?query={searchTerms}&from=IE
BHO: DigitalPersona Personal Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Toolbar BHO - {1fc509df-4b29-4ab3-96e6-47c178d60287} - C:\Program Files (x86)\SafePCRepair_89\bar\1.bin\89bar.dll (MindSpark)
BHO-x32: DigitalPersona Personal Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
BHO-x32: Search Assistant BHO - {5d13bf91-ea09-4ed8-9acd-c6bad32617b9} - C:\Program Files (x86)\SafePCRepair_89\bar\1.bin\89SrcAs.dll (MindSpark)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: No Name - {95289393-33EA-4F8D-B952-483415B9C955} - No File
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: No Name - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - No File
Toolbar: HKLM-x32 - No Name - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No File
Toolbar: HKLM-x32 - No Name - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - No File
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - SafePCRepair - {a9d9ea68-5d09-43ef-a0c5-6f6a6f82a0e1} - C:\Program Files (x86)\SafePCRepair_89\bar\1.bin\89bar.dll (MindSpark)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWow64\EZUPBH~1.DLL [52272 2010-01-09] (EasyBits Software Corp.)

FireFox:
========
FF ProfilePath: C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default
FF SearchEngineOrder.1: Ask.com
FF Homepage: hxxp://qip.ru
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @SafePCRepair_89.com/Plugin - C:\Program Files (x86)\SafePCRepair_89\bar\1.bin\NP89Stub.dll (MindSpark)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Jindřich\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Jindřich\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default\searchplugins\icqplugin-10.xml
FF SearchPlugin: C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default\searchplugins\icqplugin-11.xml
FF SearchPlugin: C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default\searchplugins\icqplugin-12.xml
FF SearchPlugin: C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default\searchplugins\icqplugin-13.xml
FF SearchPlugin: C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default\searchplugins\icqplugin-14.xml
FF SearchPlugin: C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default\searchplugins\icqplugin-15.xml
FF SearchPlugin: C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default\searchplugins\icqplugin-2.xml
FF SearchPlugin: C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default\searchplugins\icqplugin-3.xml
FF SearchPlugin: C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default\searchplugins\icqplugin-4.xml
FF SearchPlugin: C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default\searchplugins\icqplugin-5.xml
FF SearchPlugin: C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default\searchplugins\icqplugin-6.xml
FF SearchPlugin: C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default\searchplugins\icqplugin-7.xml
FF SearchPlugin: C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default\searchplugins\icqplugin-8.xml
FF SearchPlugin: C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default\searchplugins\icqplugin-9.xml
FF SearchPlugin: C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default\searchplugins\qip-search.xml
FF SearchPlugin: C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\mall-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: SafePCRepair - C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default\Extensions\89ffxtbr@SafePCRepair_89.com
FF Extension: QipAuthorizer - C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default\Extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
FF Extension: No Name - C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default\Extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\
FF HKLM-x32\...\Firefox\Extensions: [89ffxtbr@SafePCRepair_89.com] - C:\Program Files (x86)\SafePCRepair_89\bar\1.bin
FF Extension: SafePCRepair - C:\Program Files (x86)\SafePCRepair_89\bar\1.bin
FF HKCU\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\firefoxext
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\firefoxext

Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\JINDIC~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\JINDIC~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\JINDIC~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\JINDIC~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Digital Clock) - C:\Users\JINDIC~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo\1.11_0
CHR Extension: (Text4FreeOnline) - C:\Users\JINDIC~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfhiboopoofbabnfbcpolfjgbckecbcl\1.1_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\JINDIC~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Android\u2122 for Google Chrome\u2122) - C:\Users\JINDIC~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pafpbplbbeehhfhdfdnkgpflkfikechf\1.5_0
CHR Extension: (Gmail) - C:\Users\JINDIC~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR StartMenuInternet: Google Chrome - C:\Users\Jindřich\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
S3 ioloService; C:\Program Files (x86)\SafePCRepair\ioloToolService.exe [2625800 2013-04-05] (iolo technologies, LLC)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-06-20] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-06-20] (Microsoft Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-06] ()
R2 SafePCRepair_89Service; C:\PROGRA~2\SAFEPC~2\bar\1.bin\89barsvc.exe [42504 2013-10-02] (COMPANYVERS_NAME)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [247808 2010-03-23] (IDT, Inc.)
R2 TVCapSvc; c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVCapSvc.exe [296360 2009-10-06] ()
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [x]

==================== Drivers (Whitelisted) ====================

R3 AVerAF15; C:\Windows\System32\Drivers\AVerAF15.sys [311424 2009-05-22] (AVerMedia TECHNOLOGIES, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-05-19] ()
U3 ahgqomml; C:\Windows\System32\Drivers\ahgqomml.sys [0 ] (Microsoft Corporation)
S1 MpKsl722cfecd; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2B057490-6F79-413C-8A08-86BA859599B5}\MpKsl722cfecd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-02 22:54 - 2013-10-02 22:54 - 01954124 _____ (Farbar) C:\Users\Jindřich\Downloads\FRST64.exe
2013-10-02 22:52 - 2013-10-02 22:52 - 00383472 _____ C:\Users\Jindřich\Downloads\SafePCRepair.exe
2013-10-02 22:52 - 2013-10-02 22:52 - 00000000 ____D C:\Users\Jindřich\AppData\Local\iolo
2013-10-02 22:52 - 2013-10-02 22:52 - 00000000 ____D C:\ProgramData\iolo
2013-10-02 22:52 - 2013-10-02 22:52 - 00000000 ____D C:\Program Files (x86)\SafePCRepair_89EI
2013-10-02 22:52 - 2013-10-02 22:52 - 00000000 ____D C:\Program Files (x86)\SafePCRepair_89
2013-10-02 22:52 - 2013-10-02 22:52 - 00000000 ____D C:\Program Files (x86)\SafePCRepair
2013-10-02 16:10 - 2013-10-02 16:10 - 00000000 ____D C:\FRST
2013-10-02 12:19 - 2013-10-02 12:19 - 00000056 _____ C:\Windows\setupact.log
2013-10-02 12:19 - 2013-10-02 12:19 - 00000000 _____ C:\Windows\setuperr.log
2013-10-02 12:18 - 2013-10-02 12:18 - 00000590 _____ C:\Windows\PFRO.log
2013-10-02 11:13 - 2013-10-02 11:13 - 00001724 _____ C:\Users\Public\Desktop\Defraggler.lnk
2013-10-02 11:13 - 2013-10-02 11:13 - 00000000 ____D C:\Program Files\Defraggler
2013-10-02 11:12 - 2013-10-02 11:12 - 04104448 _____ (Piriform Ltd) C:\Users\Jindřich\Downloads\dfsetup215.exe
2013-10-02 11:04 - 2013-10-02 11:04 - 00002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-10-02 11:04 - 2013-10-02 11:04 - 00000977 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-10-02 11:04 - 2013-10-02 11:04 - 00000000 ____D C:\Program Files (x86)\CCleaner
2013-10-02 10:53 - 2013-10-02 10:53 - 00201728 _____ (OldTimer Tools) C:\Users\Jindřich\Desktop\OTC.exe
2013-10-02 10:47 - 2013-10-02 10:47 - 04454952 _____ (Piriform Ltd) C:\Users\Jindřich\Downloads\ccsetup405.exe
2013-10-02 10:47 - 2013-10-02 10:47 - 00448512 _____ (OldTimer Tools) C:\Users\Jindřich\Desktop\TFC.exe
2013-10-01 14:50 - 2013-10-01 14:50 - 00001069 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-10-01 14:49 - 2013-10-01 14:50 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-01 14:49 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-10-01 14:02 - 2013-10-01 14:02 - 00003152 _____ C:\Windows\System32\Tasks\{6CDBE4FF-4D0C-40E9-86AA-4F184D767F2A}
2013-10-01 13:32 - 2013-10-01 13:32 - 00003544 ____N C:\bootsqm.dat
2013-09-30 13:39 - 2013-09-30 13:39 - 00002970 _____ C:\Windows\System32\Tasks\{9F548F99-59C3-4640-A6EC-67FBC78EB0FD}
2013-09-30 13:39 - 2013-09-30 13:39 - 00002970 _____ C:\Windows\System32\Tasks\{3C5D7477-BB80-487C-8344-04EA1E5F0910}
2013-09-28 11:33 - 2013-09-28 11:33 - 00096992 _____ C:\Users\Jindřich\Downloads\AVATAR-titulky.srt
2013-09-23 13:58 - 2013-09-23 14:24 - 00012816 _____ C:\Users\Jindřich\Desktop\Tvorba cen v podniku služeb - Jindřich Kubla 12195.odt
2013-09-23 12:00 - 2013-09-23 12:00 - 00000106 ____H C:\Users\Jindřich\Desktop\.~lock.Bakalářská práce.odt#
2013-09-23 11:59 - 2013-09-23 11:59 - 00007334 _____ C:\Users\Jindřich\Desktop\Bakalářská práce.odt
2013-09-20 11:45 - 2013-09-27 14:43 - 00000000 ____D C:\Users\Jindřich\Desktop\šerm
2013-09-19 13:49 - 2013-09-19 13:57 - 138540076 _____ C:\Users\Jindřich\Downloads\_IGP1461.zip
2013-09-19 12:45 - 2013-09-19 13:57 - 00000000 ____D C:\Users\Jindřich\Desktop\IGP
2013-09-19 11:50 - 2013-09-19 12:16 - 445647703 _____ C:\Users\Jindřich\Downloads\Airsoft - ASPortal 23.-25.8.2013.zip
2013-09-17 19:54 - 2013-09-17 19:54 - 00000000 ____D C:\Users\Jindřich\Desktop\de_rats2_2002
2013-09-17 19:47 - 2013-09-17 19:47 - 00000000 ____D C:\Users\Jindřich\Desktop\CS
2013-09-17 18:27 - 2013-09-17 18:28 - 00621660 _____ C:\Users\Jindřich\Downloads\cs-1262-de_rats2_2002.rar
2013-09-17 17:00 - 2013-09-17 17:43 - 104729891 _____ C:\Users\Jindřich\Downloads\Counter-Strike-1.6.rar
2013-09-11 18:27 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-11 18:27 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-11 18:27 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-11 18:27 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-11 18:27 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-11 18:27 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-11 18:27 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-11 18:27 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-11 18:27 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-11 18:27 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-11 18:27 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-11 18:27 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-11 18:27 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-11 18:27 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-11 18:27 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-11 18:27 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-11 18:27 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-11 18:27 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-11 18:27 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-11 18:27 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-11 18:27 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-11 18:27 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-11 18:27 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-11 18:27 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-11 18:27 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-11 18:27 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-11 18:27 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-11 18:27 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-11 18:27 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-11 18:27 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-11 18:27 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-11 08:04 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-11 08:04 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-11 08:04 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-11 08:04 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-11 08:04 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-11 08:04 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-11 08:04 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-11 08:04 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-11 08:04 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-11 08:04 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-11 08:04 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-11 08:04 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-11 08:04 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-11 08:04 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-11 08:04 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-11 08:04 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-11 08:04 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-11 08:04 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-11 08:04 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-11 08:04 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-11 08:04 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-11 08:04 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 08:04 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-11 08:04 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-11 08:04 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-11 08:04 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-11 08:04 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-07 18:56 - 2013-09-07 19:13 - 62541731 _____ C:\Users\Jindřich\Downloads\Mravenec-Z-1998-CZ.avi
2013-09-07 11:07 - 2013-09-07 11:11 - 00000000 ____D C:\Program Files (x86)\UnrealTournament

==================== One Month Modified Files and Folders =======

2013-10-02 22:54 - 2013-10-02 22:54 - 01954124 _____ (Farbar) C:\Users\Jindřich\Downloads\FRST64.exe
2013-10-02 22:52 - 2013-10-02 22:52 - 00383472 _____ C:\Users\Jindřich\Downloads\SafePCRepair.exe
2013-10-02 22:52 - 2013-10-02 22:52 - 00000000 ____D C:\Users\Jindřich\AppData\Local\iolo
2013-10-02 22:52 - 2013-10-02 22:52 - 00000000 ____D C:\ProgramData\iolo
2013-10-02 22:52 - 2013-10-02 22:52 - 00000000 ____D C:\Program Files (x86)\SafePCRepair_89EI
2013-10-02 22:52 - 2013-10-02 22:52 - 00000000 ____D C:\Program Files (x86)\SafePCRepair_89
2013-10-02 22:52 - 2013-10-02 22:52 - 00000000 ____D C:\Program Files (x86)\SafePCRepair
2013-10-02 22:32 - 2013-06-11 13:21 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-02 22:27 - 2010-10-25 08:26 - 00000956 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-02 22:09 - 2011-08-11 22:38 - 00000974 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-501759516-3349545114-1428755030-1000UA.job
2013-10-02 20:27 - 2010-10-25 08:26 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-02 16:10 - 2013-10-02 16:10 - 00000000 ____D C:\FRST
2013-10-02 15:09 - 2011-08-11 22:38 - 00000922 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-501759516-3349545114-1428755030-1000Core.job
2013-10-02 14:28 - 2010-05-21 21:10 - 00000000 ____D C:\Users\Jindřich\AppData\Local\CrashDumps
2013-10-02 13:46 - 2010-02-03 02:21 - 02047698 _____ C:\Windows\WindowsUpdate.log
2013-10-02 12:27 - 2009-07-14 06:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-02 12:27 - 2009-07-14 06:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-02 12:21 - 2010-05-19 10:29 - 00103312 _____ C:\Users\Jindřich\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-02 12:19 - 2013-10-02 12:19 - 00000056 _____ C:\Windows\setupact.log
2013-10-02 12:19 - 2013-10-02 12:19 - 00000000 _____ C:\Windows\setuperr.log
2013-10-02 12:19 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-02 12:19 - 2009-07-14 06:45 - 00398552 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-02 12:18 - 2013-10-02 12:18 - 00000590 _____ C:\Windows\PFRO.log
2013-10-02 11:13 - 2013-10-02 11:13 - 00001724 _____ C:\Users\Public\Desktop\Defraggler.lnk
2013-10-02 11:13 - 2013-10-02 11:13 - 00000000 ____D C:\Program Files\Defraggler
2013-10-02 11:12 - 2013-10-02 11:12 - 04104448 _____ (Piriform Ltd) C:\Users\Jindřich\Downloads\dfsetup215.exe
2013-10-02 11:09 - 2010-12-13 00:30 - 00000000 ____D C:\Users\Jindřich\Documents\Peugeot 307
2013-10-02 11:08 - 2013-02-25 23:57 - 00000000 ____D C:\Users\Jindřich\AppData\Local\LogMeIn Hamachi
2013-10-02 11:08 - 2011-01-17 07:41 - 00000000 ____D C:\Windows\Minidump
2013-10-02 11:08 - 2010-06-07 16:24 - 00000000 ____D C:\Users\Jindřich\AppData\Roaming\Skype
2013-10-02 11:08 - 2010-05-20 20:23 - 00000000 ____D C:\Program Files (x86)\Steam
2013-10-02 11:08 - 2010-05-19 11:58 - 00000000 ____D C:\Users\Jindřich\AppData\Roaming\DAEMON Tools Lite
2013-10-02 11:08 - 2009-09-07 03:57 - 00000000 ____D C:\Windows\Panther
2013-10-02 11:04 - 2013-10-02 11:04 - 00002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-10-02 11:04 - 2013-10-02 11:04 - 00000977 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-10-02 11:04 - 2013-10-02 11:04 - 00000000 ____D C:\Program Files (x86)\CCleaner
2013-10-02 10:53 - 2013-10-02 10:53 - 00201728 _____ (OldTimer Tools) C:\Users\Jindřich\Desktop\OTC.exe
2013-10-02 10:47 - 2013-10-02 10:47 - 04454952 _____ (Piriform Ltd) C:\Users\Jindřich\Downloads\ccsetup405.exe
2013-10-02 10:47 - 2013-10-02 10:47 - 00448512 _____ (OldTimer Tools) C:\Users\Jindřich\Desktop\TFC.exe
2013-10-02 10:29 - 2012-09-27 13:06 - 00003204 _____ C:\Windows\System32\Tasks\HPCeeScheduleForJindřich
2013-10-02 10:29 - 2012-09-27 13:06 - 00000344 _____ C:\Windows\Tasks\HPCeeScheduleForJindřich.job
2013-10-01 14:50 - 2013-10-01 14:50 - 00001069 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-10-01 14:50 - 2013-10-01 14:49 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-01 14:02 - 2013-10-01 14:02 - 00003152 _____ C:\Windows\System32\Tasks\{6CDBE4FF-4D0C-40E9-86AA-4F184D767F2A}
2013-10-01 14:00 - 2013-07-19 09:03 - 00000000 ____D C:\Program Files (x86)\Exterminate It!
2013-10-01 13:47 - 2013-07-19 09:29 - 00000523 _____ C:\Users\Jindřich\Downloads\FixVundo.log
2013-10-01 13:45 - 2013-07-23 23:35 - 00013341 _____ C:\Users\Jindřich\Downloads\hijackthis.log
2013-10-01 13:32 - 2013-10-01 13:32 - 00003544 ____N C:\bootsqm.dat
2013-09-30 13:39 - 2013-09-30 13:39 - 00002970 _____ C:\Windows\System32\Tasks\{9F548F99-59C3-4640-A6EC-67FBC78EB0FD}
2013-09-30 13:39 - 2013-09-30 13:39 - 00002970 _____ C:\Windows\System32\Tasks\{3C5D7477-BB80-487C-8344-04EA1E5F0910}
2013-09-30 11:49 - 2013-02-20 12:12 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-09-30 11:49 - 2010-06-07 16:24 - 00000000 ____D C:\ProgramData\Skype
2013-09-30 07:47 - 2012-11-19 14:09 - 00000000 ____D C:\Program Files (x86)\WoT
2013-09-29 22:14 - 2010-05-21 12:03 - 00000000 ____D C:\Users\Jindřich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-09-29 16:26 - 2013-07-14 14:57 - 00000000 ____D C:\Program Files (x86)\WoWP
2013-09-28 11:33 - 2013-09-28 11:33 - 00096992 _____ C:\Users\Jindřich\Downloads\AVATAR-titulky.srt
2013-09-27 19:09 - 2010-01-09 07:55 - 00631526 _____ C:\Windows\system32\perfh005.dat
2013-09-27 19:09 - 2010-01-09 07:55 - 00122148 _____ C:\Windows\system32\perfc005.dat
2013-09-27 19:09 - 2009-07-14 07:13 - 01470298 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-27 14:43 - 2013-09-20 11:45 - 00000000 ____D C:\Users\Jindřich\Desktop\šerm
2013-09-23 14:24 - 2013-09-23 13:58 - 00012816 _____ C:\Users\Jindřich\Desktop\Tvorba cen v podniku služeb - Jindřich Kubla 12195.odt
2013-09-23 14:24 - 2011-09-23 14:52 - 00565760 ___SH C:\Users\Jindřich\Desktop\Thumbs.db
2013-09-23 12:00 - 2013-09-23 12:00 - 00000106 ____H C:\Users\Jindřich\Desktop\.~lock.Bakalářská práce.odt#
2013-09-23 11:59 - 2013-09-23 11:59 - 00007334 _____ C:\Users\Jindřich\Desktop\Bakalářská práce.odt
2013-09-19 13:57 - 2013-09-19 13:49 - 138540076 _____ C:\Users\Jindřich\Downloads\_IGP1461.zip
2013-09-19 13:57 - 2013-09-19 12:45 - 00000000 ____D C:\Users\Jindřich\Desktop\IGP
2013-09-19 12:16 - 2013-09-19 11:50 - 445647703 _____ C:\Users\Jindřich\Downloads\Airsoft - ASPortal 23.-25.8.2013.zip
2013-09-17 19:54 - 2013-09-17 19:54 - 00000000 ____D C:\Users\Jindřich\Desktop\de_rats2_2002
2013-09-17 19:47 - 2013-09-17 19:47 - 00000000 ____D C:\Users\Jindřich\Desktop\CS
2013-09-17 18:28 - 2013-09-17 18:27 - 00621660 _____ C:\Users\Jindřich\Downloads\cs-1262-de_rats2_2002.rar
2013-09-17 17:43 - 2013-09-17 17:00 - 104729891 _____ C:\Users\Jindřich\Downloads\Counter-Strike-1.6.rar
2013-09-16 18:06 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-12 14:19 - 2010-05-19 10:38 - 00000000 ___RD C:\Users\Jindřich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-12 14:19 - 2010-05-19 10:38 - 00000000 ___RD C:\Users\Jindřich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-11 18:27 - 2013-07-21 14:20 - 00000000 ____D C:\Windows\system32\MRT
2013-09-11 18:25 - 2010-06-08 20:38 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-11 17:32 - 2013-06-11 13:21 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-11 17:32 - 2012-04-04 09:02 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-11 17:32 - 2011-11-02 12:10 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-11 07:54 - 2010-11-25 19:07 - 00103312 _____ C:\Users\Jindřich\AppData\Roaming\GDIPFONTCACHEV1.DAT
2013-09-07 19:13 - 2013-09-07 18:56 - 62541731 _____ C:\Users\Jindřich\Downloads\Mravenec-Z-1998-CZ.avi
2013-09-07 11:11 - 2013-09-07 11:07 - 00000000 ____D C:\Program Files (x86)\UnrealTournament
2013-09-03 18:38 - 2013-06-04 12:05 - 00000000 ____D C:\Users\Jindřich\Documents\FIFA 11

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-01 09:25

==================== End Of Log ============================

Otvor Notepad (Poznámkový blok) a zkopíruj do neho celý tex: Potom klik na Subor -> Uložiť ako.. .-> Ako je Názov souboru tak do toho riadku napiš:fixlist.txt
Typ súboru tak tam vyberies *]všetky súbory
A ulož ho TU>>>C:\Users\Jindřich\Downloads, presne tam kde mas program Frst.exe

Spust znova FRST.exe, ale POZOR, teraz stlac gombik, FIX
Log FIXLOG.txt>>vloz sem.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-10-2013
Ran by Jindřich at 2013-10-03 08:57:20 Run:1
Running from C:\Users\Jindřich\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
C:\PROGRA~2\SAFEPC~2\bar\1.bin\AppIntegrator64.exe
C:\PROGRA~2\SAFEPC~2\bar\1.bin\89brmon.exe
C:\PROGRA~2\SAFEPC~2\bar\1.bin\89barsvc.exe
C:\Program Files (x86)\SafePCRepair_89
HKLM\...\Run: [SafePCRepair Home Page Guard 64 bit] - C:\Program Files (x86)\SafePCRepair_89\bar\1.bin\AppIntegrator64.exe [548936 2013-10-02] ()
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
MountPoints2: {0d44aa45-631f-11df-afd2-806e6f6e6963} - F:\ENGINE\GSCD.EXE
MountPoints2: {45be07d6-632d-11df-b2b4-00271389aae7} - G:\Autorun.exe
MountPoints2: {68e7d5a8-b3aa-11df-8250-00271389aae7} - H:\Setup.exe
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1164584 2010-09-01] ()
HKLM-x32\...\Run: [NeroFilterCheck] - C:\Windows\system32\NeroCheck.exe
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2012-03-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [SafePCRepair Search Scope Monitor] - C:\PROGRA~2\SAFEPC~2\bar\1.bin\89srchmn.exe [44784 2013-10-02] (MindSpark)
HKLM-x32\...\Run: [SafePCRepair_89 Browser Plugin Loader] - C:\Program Files (x86)\SafePCRepair_89\bar\1.bin\89brmon.exe [30096 2013-10-02] (VER_COMPANY_NAME)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.ph ... &ch_id=osd
URLSearchHook: (No Name) - {be823b8c-a7ec-4078-a321-0f8046cbb48a} - No File
SearchScopes: HKLM - DefaultScope {B039F9CF-D867-4A7E-9952-CF3A96BCA8AD} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL = http://search.qip.ru/search?query={searchTerms}&from=IE
SearchScopes: HKCU - {2D34A4A8-9823-408C-ACBE-8FF201BC3496} URL = http://search.yahoo.com/search?fr=chr-g ... =937811&p={searchTerms}
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... &ch_id=osd
SearchScopes: HKCU - {680D2489-D9B8-4B96-AFB4-5CD49F517635} URL = http://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYCZ&apn_uid=28F276D1-499C-4588-A0C5-47C633778E9F&apn_sauid=EBEA985A-E34E-4878-A610-44B1180A3611
SearchScopes: HKCU - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} URL = http://search.qip.ru/search?query={searchTerms}&from=IE
BHO-x32: Toolbar BHO - {1fc509df-4b29-4ab3-96e6-47c178d60287} - C:\Program Files (x86)\SafePCRepair_89\bar\1.bin\89bar.dll (MindSpark)
BHO-x32: Search Assistant BHO - {5d13bf91-ea09-4ed8-9acd-c6bad32617b9} - C:\Program Files (x86)\SafePCRepair_89\bar\1.bin\89SrcAs.dll (MindSpark)
BHO-x32: No Name - {95289393-33EA-4F8D-B952-483415B9C955} - No File
BHO-x32: No Name - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - No File
Toolbar: HKLM-x32 - No Name - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No File
Toolbar: HKLM-x32 - No Name - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - No File
Toolbar: HKLM-x32 - SafePCRepair - {a9d9ea68-5d09-43ef-a0c5-6f6a6f82a0e1} - C:\Program Files (x86)\SafePCRepair_89\bar\1.bin\89bar.dll (MindSpark)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
FF SearchEngineOrder.1: Ask.com
FF Homepage: hxxp://qip.ru
FF Extension: SafePCRepair - C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default\Extensions\89ffxtbr@SafePCRepair_89.com
FF HKLM-x32\...\Firefox\Extensions: [89ffxtbr@SafePCRepair_89.com] - C:\Program Files (x86)\SafePCRepair_89\bar\1.bin
FF Extension: SafePCRepair - C:\Program Files (x86)\SafePCRepair_89\bar\1.bin
S3 ioloService; C:\Program Files (x86)\SafePCRepair\ioloToolService.exe [2625800 2013-04-05] (iolo technologies, LLC)
R2 SafePCRepair_89Service; C:\PROGRA~2\SAFEPC~2\bar\1.bin\89barsvc.exe [42504 2013-10-02] (COMPANYVERS_NAME)
2013-10-02 22:52 - 2013-10-02 22:52 - 00383472 _____ C:\Users\Jindřich\Downloads\SafePCRepair.exe
2013-10-02 22:52 - 2013-10-02 22:52 - 00000000 ____D C:\Users\Jindřich\AppData\Local\iolo
2013-10-02 22:52 - 2013-10-02 22:52 - 00000000 ____D C:\ProgramData\iolo
2013-10-02 22:52 - 2013-10-02 22:52 - 00000000 ____D C:\Program Files (x86)\SafePCRepair_89EI
2013-10-02 22:52 - 2013-10-02 22:52 - 00000000 ____D C:\Program Files (x86)\SafePCRepair_89
2013-10-02 22:52 - 2013-10-02 22:52 - 00000000 ____D C:\Program Files (x86)\SafePCRepair
Hosts:
End
*****************

C:\PROGRA~2\SAFEPC~2\bar\1.bin\AppIntegrator64.exe => Moved successfully.
C:\PROGRA~2\SAFEPC~2\bar\1.bin\89brmon.exe => Moved successfully.
C:\PROGRA~2\SAFEPC~2\bar\1.bin\89barsvc.exe => Moved successfully.
C:\Program Files (x86)\SafePCRepair_89 => Moved successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SafePCRepair Home Page Guard 64 bit => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableLockWorkstation => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableChangePassword => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0d44aa45-631f-11df-afd2-806e6f6e6963} => Key deleted successfully.
HKCR\CLSID\{0d44aa45-631f-11df-afd2-806e6f6e6963} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{45be07d6-632d-11df-b2b4-00271389aae7} => Key deleted successfully.
HKCR\CLSID\{45be07d6-632d-11df-b2b4-00271389aae7} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{68e7d5a8-b3aa-11df-8250-00271389aae7} => Key deleted successfully.
HKCR\CLSID\{68e7d5a8-b3aa-11df-8250-00271389aae7} => Key not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\DivXUpdate => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SafePCRepair Search Scope Monitor => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SafePCRepair_89 Browser Plugin Loader => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\ICQ Search => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\\{be823b8c-a7ec-4078-a321-0f8046cbb48a} => Value deleted successfully.
HKCR\CLSID\{be823b8c-a7ec-4078-a321-0f8046cbb48a} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2D34A4A8-9823-408C-ACBE-8FF201BC3496} => Key deleted successfully.
HKCR\CLSID\{2D34A4A8-9823-408C-ACBE-8FF201BC3496} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19} => Key deleted successfully.
HKCR\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{680D2489-D9B8-4B96-AFB4-5CD49F517635} => Key deleted successfully.
HKCR\CLSID\{680D2489-D9B8-4B96-AFB4-5CD49F517635} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} => Key deleted successfully.
HKCR\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1fc509df-4b29-4ab3-96e6-47c178d60287} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{1fc509df-4b29-4ab3-96e6-47c178d60287} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5d13bf91-ea09-4ed8-9acd-c6bad32617b9} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{5d13bf91-ea09-4ed8-9acd-c6bad32617b9} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{95289393-33EA-4F8D-B952-483415B9C955} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436a-86E4-9690573BEE8A} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{F3FEE66E-E034-436a-86E4-9690573BEE8A} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4FE6-8A56-BBB695989046} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{F3FEE66E-E034-436a-86E4-9690573BEE8A} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{F3FEE66E-E034-436a-86E4-9690573BEE8A} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{a9d9ea68-5d09-43ef-a0c5-6f6a6f82a0e1} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{a9d9ea68-5d09-43ef-a0c5-6f6a6f82a0e1} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Value deleted successfully.
HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Key not found.
Firefox SearchEngineOrder.1 deleted successfully.
Firefox homepage deleted successfully.
C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default\Extensions\89ffxtbr@SafePCRepair_89.com => Moved successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\89ffxtbr@SafePCRepair_89.com => Value deleted successfully.
C:\Program Files (x86)\SafePCRepair_89\bar\1.bin not found.
ioloService => Service deleted successfully.
SafePCRepair_89Service => Service deleted successfully.
C:\Users\Jindřich\Downloads\SafePCRepair.exe => Moved successfully.
C:\Users\Jindřich\AppData\Local\iolo => Moved successfully.
C:\ProgramData\iolo => Moved successfully.
C:\Program Files (x86)\SafePCRepair_89EI => Moved successfully.
"C:\Program Files (x86)\SafePCRepair_89" => File/Directory not found.
C:\Program Files (x86)\SafePCRepair => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.


The system needs a manual reboot.

==== End of Fixlog ====

pouzi ADWcleaner a JunkwareremovalTool.
Logy vloz sem
Navod v mojom blogu.
ADWcleaner
http://www.viruskasino.com/2012/09/adwcleaner.html

Junkwareremoval
http://www.viruskasino.com/2010/12/prog ... moval-tool

Tady je zatím log z AdwCleaner. Na druhým se pracuje

# AdwCleaner v3.006 - Report created 03/10/2013 at 09:08:00
# Updated 01/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Jindřich - JINDŘICH-PC
# Running from : C:\Users\Jindřich\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\Program Files (x86)\Common Files\spigot
Folder Deleted : C:\Users\Jindřich\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Jindřich\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default\Extensions\{32A1FD71-835E-4B11-8E54-886FDA0B4C89}
Folder Deleted : C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
File Deleted : C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default\searchplugins\Askcom.xml
File Deleted : C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default\searchplugins\icqplugin-1.xml
File Deleted : C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default\searchplugins\icqplugin-10.xml
File Deleted : C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default\searchplugins\icqplugin-3.xml
File Deleted : C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default\searchplugins\icqplugin-4.xml
File Deleted : C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default\searchplugins\icqplugin-5.xml
File Deleted : C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default\searchplugins\icqplugin-6.xml
File Deleted : C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default\searchplugins\icqplugin-7.xml
File Deleted : C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default\searchplugins\icqplugin-8.xml
File Deleted : C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default\searchplugins\icqplugin-9.xml
File Deleted : C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default\searchplugins\qip-search.xml

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Key Deleted : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Key Deleted : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33119133-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7CD74AFF-3433-4E34-92E2-D98DFDB30754}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ICQ\ICQToolbar
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKLM\Software\Application Updater
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Search Settings
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16686


-\\ Mozilla Firefox v23.0.1 (cs)

[ File : C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
Line Deleted : user_pref("extensions.wrc.SearchRules.rambler.ru.style", ".WRCN {display:none} .search-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");
Line Deleted : user_pref("icqtoolbar.allowSendURL", false);
Line Deleted : user_pref("icqtoolbar.engineVerified", false);
Line Deleted : user_pref("icqtoolbar.geolastmodified", 1349034152);
Line Deleted : user_pref("icqtoolbar.hiddenElements", "itb_options");
Line Deleted : user_pref("icqtoolbar.history", "emma%20watson%20porn||Emma%20watson%20porn||hot%20teens%20lesbians%20anal||hot%20teens%20lesbians||%C5%A0%C3%A1%C5%A1a%20kira%20v%C4%9B%C4%8Dorkov%C3%A1||stript%C3%BDz[...]
Line Deleted : user_pref("icqtoolbar.icqgeo", 42);
Line Deleted : user_pref("icqtoolbar.installTime", "1309345861");
Line Deleted : user_pref("icqtoolbar.installsource", "1");
Line Deleted : user_pref("icqtoolbar.itbsitescount", 341);
Line Deleted : user_pref("icqtoolbar.newtab_state", "1");
Line Deleted : user_pref("icqtoolbar.numberOfSearches", 0);
Line Deleted : user_pref("icqtoolbar.previousFFVersion", "3.6.28");
Line Deleted : user_pref("icqtoolbar.removedsitescount", 6);
Line Deleted : user_pref("icqtoolbar.skip_default_search", "no");
Line Deleted : user_pref("icqtoolbar.suggestions", false);
Line Deleted : user_pref("icqtoolbar.uniqueID", "127481330012748133361274988298974");
Line Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1349444758);
Line Deleted : user_pref("icqtoolbar.version", "1.1.9");
Line Deleted : user_pref("icqtoolbar.voucherHideClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherWasShown", 0);
Line Deleted : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Line Deleted : user_pref("icqtoolbar.xmlLanguage", "cs");

-\\ Google Chrome v

[ File : C:\Users\Jindřich\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [7692 octets] - [03/10/2013 09:06:41]
AdwCleaner[S0].txt - [7521 octets] - [03/10/2013 09:08:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7581 octets] ##########

Tak, zde je i log z JRT

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.3 (09.27.2013:1)
OS: Windows 7 Home Premium x64
Ran by Jindýich on źt 03.10.2013 at 9:14:55,61
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askChecker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askChecker_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\askChecker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\askChecker_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASMANCS



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Jindýich\AppData\Roaming\mozilla\firefox\profiles\8x2e5nc2.default\minidumps [87 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 03.10.2013 at 9:22:34,59
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Stiahni na plochu OTL
http://oldtimer.geekstogo.com/OTL.exe
Spustite program ako správca-Admin.
Do spodného okna skopírujte tento text,a kliknite na gombík RUNFIX-alebo OPRAVIŤ. Log vloz sem.

Dokončeno

All processes killed
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
< %windir%\*.tmp ipconfig /flushdns /c >
No captured output from command...
C:\Users\Jindřich\Desktop\cmd.bat deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Jindřich
->Temp folder emptied: 4896048 bytes
->Temporary Internet Files folder emptied: 3657289 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 19072128 bytes
->Google Chrome cache emptied: 348997938 bytes
->Flash cache emptied: 612 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 23350 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 359,00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 10032013_092856

Files\Folders moved on Reboot...
C:\Users\Jindřich\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Jindřich\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

ok este daj log z combofix
http://www.bleepingcomputer.com/combofi ... t-combofix

Chvilku to trvalo ale tu je log:

ComboFix 13-10-01.03 - Jindřich 03.10.2013 9:47.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4087.2463 [GMT 2:00]
Spuštěný z: c:\users\Jind°ich\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Jindřich\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\windows\PFRO.log
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SysWow64\Config.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-09-03 do 2013-10-03 )))))))))))))))))))))))))))))))
.
.
2013-10-03 07:39 . 2013-10-03 07:39 -------- d-----w- c:\users\Jindřich\AppData\Local\AppsHat Mobile Apps
2013-10-03 07:39 . 2013-10-03 07:39 -------- d-----w- c:\users\Jindřich\AppData\Local\WebPlayer
2013-10-03 07:39 . 2013-10-03 07:39 -------- d-----w- c:\program files (x86)\Minibar
2013-10-03 07:39 . 2013-10-03 07:39 -------- d-----w- c:\users\Jindřich\AppData\Local\Minibar
2013-10-03 07:39 . 2013-10-03 07:39 -------- d-----w- c:\users\Jindřich\AppData\Local\FilesFrog Update Checker
2013-10-03 07:28 . 2013-10-03 07:28 -------- d-----w- C:\_OTL
2013-10-03 07:14 . 2013-10-03 07:14 -------- d-----w- c:\windows\ERUNT
2013-10-03 07:06 . 2013-10-03 07:08 -------- d-----w- C:\AdwCleaner
2013-10-03 06:51 . 2013-09-05 05:32 9694160 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F3DF9571-F883-4AD9-8958-ACCD2112B2CE}\mpengine.dll
2013-10-02 14:10 . 2013-10-03 06:57 -------- d-----w- C:\FRST
2013-10-02 09:13 . 2013-10-02 09:13 -------- d-----w- c:\program files\Defraggler
2013-10-02 09:04 . 2013-10-02 09:04 -------- d-----w- c:\program files (x86)\CCleaner
2013-10-01 13:05 . 2013-09-05 05:32 9694160 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-10-01 12:49 . 2013-10-01 12:50 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-10-01 12:49 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-09-11 06:04 . 2013-08-05 02:25 155584 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-09-07 09:07 . 2013-09-07 09:11 -------- d-----w- c:\program files (x86)\UnrealTournament
2013-09-06 10:35 . 2013-09-06 10:34 965008 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C4E45067-549F-4D6A-B628-507AB5365B28}\gapaengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-11 16:25 . 2010-06-08 18:38 79143768 ----a-w- c:\windows\system32\MRT.exe
2013-09-11 15:32 . 2012-04-04 07:02 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-11 15:32 . 2011-11-02 10:10 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-23 08:20 . 2013-06-14 18:33 941720 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-08-02 01:48 . 2013-09-11 06:04 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-07-25 09:25 . 2013-08-15 07:36 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-25 08:57 . 2013-08-15 07:36 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-07-19 01:58 . 2013-08-15 07:36 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-19 01:41 . 2013-08-15 07:36 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-07-17 08:49 . 2013-07-17 08:50 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-17 08:49 . 2012-05-10 14:14 867240 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2013-07-17 08:49 . 2010-05-19 09:11 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-07-09 05:52 . 2013-08-15 07:36 224256 ----a-w- c:\windows\system32\wintrust.dll
2013-07-09 05:51 . 2013-08-15 07:35 1217024 ----a-w- c:\windows\system32\rpcrt4.dll
2013-07-09 05:46 . 2013-08-15 07:36 1472512 ----a-w- c:\windows\system32\crypt32.dll
2013-07-09 05:46 . 2013-08-15 07:36 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-09 05:46 . 2013-08-15 07:36 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-07-09 04:52 . 2013-08-15 07:35 663552 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-07-09 04:52 . 2013-08-15 07:36 175104 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-07-09 04:46 . 2013-08-15 07:36 1166848 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-07-09 04:46 . 2013-08-15 07:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-07-09 04:46 . 2013-08-15 07:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-07-06 06:03 . 2013-08-15 07:35 1910208 ----a-w- c:\windows\system32\drivers\tcpip.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{AA74D58F-ACD0-450D-A85E-6C04B171C044}]
2013-09-19 05:23 331264 ----a-w- c:\program files (x86)\Minibar\Minibar.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"SDP"="c:\users\Jindřich\AppData\Local\FilesFrog Update Checker\update_checker.exe" [2013-01-31 201808]
"AppsHat"="c:\users\Jindřich\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe" [2012-10-26 202752]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Corel File Shell Monitor"="c:\program files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe" [2009-08-25 15544]
"HPCam_Menu"="c:\program files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-08-20 322104]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2009-09-02 60464]
"WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
"DpAgent"="c:\program files (x86)\DigitalPersona\Bin\dpagent.exe" [2009-12-01 842816]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-9-4 1081632]
Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office10\OSA.EXE -b -l [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R1 MpKsl722cfecd;MpKsl722cfecd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2B057490-6F79-413C-8A08-86BA859599B5}\MpKsl722cfecd.sys;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2B057490-6F79-413C-8A08-86BA859599B5}\MpKsl722cfecd.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [x]
R3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu;c:\program files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe;c:\program files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [x]
S2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [x]
S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 TVCapSvc;TV Background Capture Service (TVBCS);c:\program files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVCapSvc.exe;c:\program files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVCapSvc.exe [x]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
S3 AVerAF15;HP DVB-T TV Tuner;c:\windows\system32\Drivers\AVerAF15.sys;c:\windows\SYSNATIVE\Drivers\AVerAF15.sys [x]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys;c:\windows\SYSNATIVE\DRIVERS\enecir.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-08-20 12:24 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-10-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 15:32]
.
2013-10-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-25 06:26]
.
2013-10-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-25 06:26]
.
2013-10-02 c:\windows\Tasks\HPCeeScheduleForJindřich.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 21:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-08-25 610872]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-01-08 171520]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-06-20 1356240]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-23 487424]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office10\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
IE: {{AAA38851-3CFF-475F-B5E0-720D3645E4A5} - {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - c:\program files (x86)\Minibar\Minibar.dll
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default\
FF - ExtSQL: !HIDDEN! 2011-08-17 08:38; otis@digitalpersona.com; c:\program files (x86)\DigitalPersona\Bin\FirefoxExt
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-SimCity 3000 - c:\program files (x86)\Maxis\SimCity 3000\Uninst.isu
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\DigitalPersona\Bin\DpHostW.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Celkový čas: 2013-10-03 10:17:52 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-10-03 08:17
.
Před spuštěním: Volných bajtů: 197 076 697 088
Po spuštění: Volných bajtů: 196 667 084 800
.
- - End Of File - - 1B441008E26DC654CE4B1588D360E7AC
7BE45E9C9BE6575E408027E5E860C0E4

Pri tejto akcii je nutné mať ComboFix na ploche.

Vypni>FIREWALL>Antivir>Antispyware>vsetko rezidentne.

Otvor Notepad (Poznámkový blok) a zkopíruj do nehocelý tex: Potom klik na Subor -> Uložiť ako.. .-> Ako je Názov souboru tak do toho riadku napiš:CFScript.txt
Typ súboru tak tam vyberies *]všetky súbory
A ulož ho na plochu> Pozor CFScript.txt>Neotvarat a nemoze byt ani>CFScript.txt.txt A Urobis Toto :


Po skonceni skenu vlož log .

Snad jsem vypnul všechny rezidentní programy:

ComboFix 13-10-01.03 - Jindřich 03.10.2013 10:53:18.2.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4087.2509 [GMT 2:00]
Spuštěný z: c:\users\Jind°ich\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Jind°ich\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-09-03 do 2013-10-03 )))))))))))))))))))))))))))))))
.
.
2013-10-03 09:00 . 2013-10-03 09:00 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-10-03 09:00 . 2013-10-03 09:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-03 09:00 . 2013-10-03 09:00 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EAD39783-14F4-4F7C-B95D-106E841F05EB}\offreg.dll
2013-10-03 07:39 . 2013-10-03 07:39 -------- d-----w- c:\users\Jindřich\AppData\Local\AppsHat Mobile Apps
2013-10-03 07:39 . 2013-10-03 07:39 -------- d-----w- c:\users\Jindřich\AppData\Local\WebPlayer
2013-10-03 07:39 . 2013-10-03 07:39 -------- d-----w- c:\program files (x86)\Minibar
2013-10-03 07:39 . 2013-10-03 07:39 -------- d-----w- c:\users\Jindřich\AppData\Local\Minibar
2013-10-03 07:39 . 2013-10-03 07:39 -------- d-----w- c:\users\Jindřich\AppData\Local\FilesFrog Update Checker
2013-10-03 07:28 . 2013-10-03 07:28 -------- d-----w- C:\_OTL
2013-10-03 07:14 . 2013-10-03 07:14 -------- d-----w- c:\windows\ERUNT
2013-10-03 07:06 . 2013-10-03 07:08 -------- d-----w- C:\AdwCleaner
2013-10-02 14:10 . 2013-10-03 06:57 -------- d-----w- C:\FRST
2013-10-02 09:13 . 2013-10-02 09:13 -------- d-----w- c:\program files\Defraggler
2013-10-02 09:04 . 2013-10-02 09:04 -------- d-----w- c:\program files (x86)\CCleaner
2013-09-11 06:04 . 2013-08-05 02:25 155584 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-09-07 09:07 . 2013-09-07 09:11 -------- d-----w- c:\program files (x86)\UnrealTournament
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-11 16:25 . 2010-06-08 18:38 79143768 ----a-w- c:\windows\system32\MRT.exe
2013-09-11 15:32 . 2012-04-04 07:02 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-11 15:32 . 2011-11-02 10:10 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-02 01:48 . 2013-09-11 06:04 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-07-25 09:25 . 2013-08-15 07:36 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-25 08:57 . 2013-08-15 07:36 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-07-19 01:58 . 2013-08-15 07:36 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-19 01:41 . 2013-08-15 07:36 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-07-17 08:49 . 2013-07-17 08:50 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-17 08:49 . 2012-05-10 14:14 867240 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2013-07-17 08:49 . 2010-05-19 09:11 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-07-09 05:52 . 2013-08-15 07:36 224256 ----a-w- c:\windows\system32\wintrust.dll
2013-07-09 05:51 . 2013-08-15 07:35 1217024 ----a-w- c:\windows\system32\rpcrt4.dll
2013-07-09 05:46 . 2013-08-15 07:36 1472512 ----a-w- c:\windows\system32\crypt32.dll
2013-07-09 05:46 . 2013-08-15 07:36 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-09 05:46 . 2013-08-15 07:36 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-07-09 04:52 . 2013-08-15 07:35 663552 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-07-09 04:52 . 2013-08-15 07:36 175104 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-07-09 04:46 . 2013-08-15 07:36 1166848 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-07-09 04:46 . 2013-08-15 07:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-07-09 04:46 . 2013-08-15 07:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-07-06 06:03 . 2013-08-15 07:35 1910208 ----a-w- c:\windows\system32\drivers\tcpip.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{AA74D58F-ACD0-450D-A85E-6C04B171C044}]
2013-09-19 05:23 331264 ----a-w- c:\program files (x86)\Minibar\Minibar.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"SDP"="c:\users\Jindřich\AppData\Local\FilesFrog Update Checker\update_checker.exe" [2013-01-31 201808]
"AppsHat"="c:\users\Jindřich\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe" [2012-10-26 202752]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Corel File Shell Monitor"="c:\program files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe" [2009-08-25 15544]
"HPCam_Menu"="c:\program files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-08-20 322104]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2009-09-02 60464]
"WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
"DpAgent"="c:\program files (x86)\DigitalPersona\Bin\dpagent.exe" [2009-12-01 842816]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-9-4 1081632]
Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office10\OSA.EXE -b -l [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R1 MpKsl722cfecd;MpKsl722cfecd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2B057490-6F79-413C-8A08-86BA859599B5}\MpKsl722cfecd.sys;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2B057490-6F79-413C-8A08-86BA859599B5}\MpKsl722cfecd.sys [x]
R2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [x]
R3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu;c:\program files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe;c:\program files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [x]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 TVCapSvc;TV Background Capture Service (TVBCS);c:\program files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVCapSvc.exe;c:\program files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVCapSvc.exe [x]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
S3 AVerAF15;HP DVB-T TV Tuner;c:\windows\system32\Drivers\AVerAF15.sys;c:\windows\SYSNATIVE\Drivers\AVerAF15.sys [x]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys;c:\windows\SYSNATIVE\DRIVERS\enecir.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - NisDrv
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-08-20 12:24 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-10-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 15:32]
.
2013-10-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-25 06:26]
.
2013-10-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-25 06:26]
.
2013-10-02 c:\windows\Tasks\HPCeeScheduleForJindřich.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 21:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-08-25 610872]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-01-08 171520]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-23 487424]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office10\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
IE: {{AAA38851-3CFF-475F-B5E0-720D3645E4A5} - {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - c:\program files (x86)\Minibar\Minibar.dll
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\8x2e5nc2.default\
FF - ExtSQL: !HIDDEN! 2011-08-17 08:38; otis@digitalpersona.com; c:\program files (x86)\DigitalPersona\Bin\FirefoxExt
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-SimCity 3000 - c:\program files (x86)\Maxis\SimCity 3000\Uninst.isu
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-10-03 11:02:06
ComboFix-quarantined-files.txt 2013-10-03 09:02
ComboFix2.txt 2013-10-03 08:18
.
Před spuštěním: Volných bajtů: 197 157 330 944
Po spuštění: Volných bajtů: 197 072 416 768
.
- - End Of File - - CFF120CB4A3ECBF03B3B98874CB61D3B
7BE45E9C9BE6575E408027E5E860C0E4

Preloz combofix priamo na disk C:\ a zopakuj akciu,so CFScript-om, pretoze mas nick znakom, a combofix to nema rad.Jind"ich