pomalý ntb

Zpráva

d.a.p · #1 Příspěvek od **d.a.p** » 21 říj 2013 12:39

dobrý den , mohli by jste prosím pomoci vyčistit ntb od ruzných toolbarů apod. děkuji

Logfile of random's system information tool 1.09 (written by random/random)
Run by venca at 2013-10-21 13:36:40
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 370 GB (80%) free of 465 GB
Total RAM: 4026 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:36:42, on 21.10.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
C:\ProgramData\GameXN\GameXNGO.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Genius\ioCentre\gTaskBar.exe
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
C:\Users\venca\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Genius\ioCentre\gMouseTask.exe
C:\Genius\ioCentre\gKbdTask.exe
C:\Genius\ioCentre\gAutoPan.exe
C:\Genius\ioCentre\gAutoScroll.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Genius\ioCentre\gZoom.exe
C:\Genius\ioCentre\gMGlass.exe
C:\Genius\ioCentre\gIMMgm.exe
C:\Genius\ioCentre\gKbStatus.exe
C:\Genius\ioCentre\gDeskMgm.exe
C:\Genius\ioCentre\gTaskSwitch.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\trend micro\venca.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5t48i2x04s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=12454
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchfunmoods.com/?f=1&a=AgnUpd ... 506035&ir=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O3 - Toolbar: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11239 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\Dwm.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Acer\Registration\GregHSRW.exe"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
"C:\Windows\PLFSetI.exe"
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\Apoint2K\Apoint.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Apoint2K\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"Apntex.exe"
\??\C:\Windows\system32\conhost.exe "-1003640089-3538678611127924951-742836692260067804430520123-2972970171554828372
"C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
"C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
"C:\ProgramData\GameXN\GameXNGO.exe" /startup
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Genius\ioCentre\gTaskBar.exe"
"C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe"
szndesktop.exe default start
"C:\Users\venca\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "-1450155850-59743207713637734891788069025969030083-1609413968175498147955388824
C:\Genius\ioCentre\gMouseTask
C:\Genius\ioCentre\gKbdTask
C:\Genius\ioCentre\gAutoPan
C:\Genius\ioCentre\gAutoScroll
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Genius\ioCentre\gZoom
C:\Genius\ioCentre\gMGlass
C:\Genius\ioCentre\gIMMgm
C:\Genius\ioCentre\gKbStatus
C:\Genius\ioCentre\gDeskMgm
C:\Genius\ioCentre\gTaskSwitch
"C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe"
"C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe"
C:\Windows\SysWOW64\IoctlSvc.exe
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
"C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical
C:\Windows\system32\UI0Detect.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Users\venca\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-10-09 6270336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
QuickStores-Toolbar - C:\Windows\system32\mscoree.dll [2010-11-05 444752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll [2009-12-13 520192]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-10-13 329712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09 4502400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-10-13 59376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2009-12-13 520192]
{10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - QuickStores-Toolbar - C:\Windows\system32\mscoree.dll [2010-11-05 444752]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2009-08-06 828960]
"PLFSetI"=C:\Windows\PLFSetI.exe [2009-10-12 200704]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 415256]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-08-12 1356240]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater]
C:\Program Files (x86)\Ask.com\Updater\Updater.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
C:\Program Files\Apoint2K\Apoint.exe [2009-06-11 301056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\venca\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\venca\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\facemoods]
C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodssrv.exe /md I []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GameXN GO]
C:\ProgramData\GameXN\GameXNGO.exe [2011-09-02 347008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Global Registration]
C:\Program Files (x86)\Acer\Registration\GREG.exe [2009-07-31 2844704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\Program Files (x86)\Launch Manager\LManager.exe [2009-07-27 1157128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NtVdmSrv]
C:\Windows\inf\ntvdm.vbe [2013-06-20 1219]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-28 7982112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-07-25 20684656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [2011-08-01 114992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^venca^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~2\MICROS~1\Office12\ONENOTEM.EXE [2009-02-26 97680]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NortonOnlineBackupReminder"=C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [2009-07-25 588648]
"ioCentre"=C:\Genius\ioCentre\gTaskBar.exe [2007-12-17 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-25 271360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-10-21 13:29:35 ----D---- C:\rsit
2013-10-21 13:29:35 ----D---- C:\Program Files\trend micro
2013-10-21 13:24:19 ----SHD---- C:\Config.Msi
2013-10-21 13:16:02 ----D---- C:\Windows\pss
2013-10-21 13:09:55 ----D---- C:\Program Files (x86)\VS Revo Group
2013-10-10 13:38:32 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-10-10 13:38:31 ----A---- C:\Windows\system32\ieui.dll
2013-10-10 13:38:30 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-10-10 13:38:30 ----A---- C:\Windows\system32\iesetup.dll
2013-10-10 13:38:30 ----A---- C:\Windows\system32\iernonce.dll
2013-10-10 13:38:29 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-10-10 13:38:29 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-10-10 13:38:29 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-10-10 13:38:29 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-10 13:38:29 ----A---- C:\Windows\system32\ie4uinit.exe
2013-10-10 13:38:28 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-10-10 13:38:28 ----A---- C:\Windows\system32\iesysprep.dll
2013-10-10 13:38:27 ----A---- C:\Windows\system32\iertutil.dll
2013-10-10 13:38:26 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-10-10 13:38:26 ----A---- C:\Windows\system32\msfeeds.dll
2013-10-10 13:38:25 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-10-10 13:38:25 ----A---- C:\Windows\system32\jscript.dll
2013-10-10 13:38:24 ----A---- C:\Windows\system32\jscript9.dll
2013-10-10 13:38:23 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-10-10 13:38:23 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-10-10 13:38:22 ----A---- C:\Windows\system32\urlmon.dll
2013-10-10 13:38:20 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-10-10 13:38:20 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-10-10 13:38:20 ----A---- C:\Windows\system32\jsproxy.dll
2013-10-10 13:38:19 ----A---- C:\Windows\system32\wininet.dll
2013-10-10 13:38:18 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-10-10 13:38:17 ----A---- C:\Windows\system32\ieframe.dll
2013-10-10 13:38:15 ----A---- C:\Windows\system32\mshtml.dll
2013-10-10 13:38:12 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-10-09 18:24:59 ----A---- C:\Windows\system32\comctl32.dll
2013-10-09 18:24:58 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2013-10-09 18:24:55 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-10-09 18:24:55 ----A---- C:\Windows\system32\lpk.dll
2013-10-09 18:24:55 ----A---- C:\Windows\system32\dciman32.dll
2013-10-09 18:24:55 ----A---- C:\Windows\system32\atmfd.dll
2013-10-09 18:24:54 ----A---- C:\Windows\SYSWOW64\lpk.dll
2013-10-09 18:24:54 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2013-10-09 18:24:54 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2013-10-09 18:24:54 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-10-09 18:24:54 ----A---- C:\Windows\system32\fontsub.dll
2013-10-09 18:24:54 ----A---- C:\Windows\system32\atmlib.dll
2013-10-09 18:24:53 ----A---- C:\Windows\system32\Wdfres.dll
2013-10-09 18:24:53 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2013-10-09 18:24:53 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-10-09 18:24:52 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2013-10-09 18:24:52 ----A---- C:\Windows\system32\drivers\usbcir.sys
2013-10-09 18:24:52 ----A---- C:\Windows\system32\drivers\USBAUDIO.sys
2013-10-09 18:24:50 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-10-09 18:24:50 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-10-09 18:24:48 ----A---- C:\Windows\system32\win32k.sys
2013-10-09 18:24:40 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 18:24:40 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 18:24:39 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-10-09 18:24:37 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2013-10-09 18:24:37 ----A---- C:\Windows\system32\drivers\usbport.sys
2013-10-09 18:24:37 ----A---- C:\Windows\system32\drivers\usbohci.sys
2013-10-09 18:24:37 ----A---- C:\Windows\system32\drivers\usbhub.sys
2013-10-09 18:24:37 ----A---- C:\Windows\system32\drivers\usbehci.sys
2013-10-09 18:24:37 ----A---- C:\Windows\system32\drivers\usbd.sys
2013-10-09 18:24:37 ----A---- C:\Windows\system32\drivers\usbccgp.sys

======List of files/folders modified in the last 1 month======

2013-10-21 13:35:19 ----D---- C:\ProgramData\GameXN
2013-10-21 13:30:15 ----D---- C:\Windows\Temp
2013-10-21 13:29:35 ----RD---- C:\Program Files
2013-10-21 13:24:23 ----SHD---- C:\Windows\Installer
2013-10-21 13:24:22 ----D---- C:\Program Files (x86)\SweetIM
2013-10-21 13:24:15 ----D---- C:\Users\venca\AppData\Roaming\Skype
2013-10-21 13:23:59 ----SHD---- C:\System Volume Information
2013-10-21 13:22:18 ----D---- C:\Program Files (x86)\Google
2013-10-21 13:22:17 ----D---- C:\ProgramData\Google
2013-10-21 13:21:16 ----RD---- C:\Program Files (x86)
2013-10-21 13:18:18 ----D---- C:\Firefox
2013-10-21 13:18:16 ----D---- C:\Windows\system32\Tasks
2013-10-21 13:16:02 ----D---- C:\Windows
2013-10-21 13:11:13 ----D---- C:\Windows\Panther
2013-10-21 13:11:13 ----D---- C:\Windows\inf
2013-10-21 13:11:11 ----D---- C:\Windows\Minidump
2013-10-21 13:11:11 ----D---- C:\Windows\debug
2013-10-21 13:06:31 ----D---- C:\Program Files\CCleaner
2013-10-21 13:06:13 ----D---- C:\Windows\system32\config
2013-10-21 13:00:14 ----D---- C:\Users\venca\AppData\Roaming\Seznam.cz
2013-10-21 12:29:31 ----D---- C:\Users\venca\AppData\Roaming\go
2013-10-16 14:36:21 ----D---- C:\Windows\system32\drivers
2013-10-16 14:36:21 ----D---- C:\Windows\system32\catroot
2013-10-16 14:36:19 ----D---- C:\Program Files\Microsoft Security Client
2013-10-16 14:36:19 ----D---- C:\Program Files (x86)\Microsoft Security Client
2013-10-14 12:45:56 ----RD---- C:\Program Files (x86)\Skype
2013-10-11 16:04:33 ----D---- C:\Windows\Microsoft.NET
2013-10-11 16:04:04 ----RSD---- C:\Windows\assembly
2013-10-10 15:24:56 ----D---- C:\Windows\winsxs
2013-10-10 15:21:22 ----D---- C:\Windows\SysWOW64
2013-10-10 15:21:22 ----D---- C:\Windows\System32
2013-10-10 15:21:21 ----D---- C:\Program Files (x86)\Internet Explorer
2013-10-10 15:21:19 ----D---- C:\Program Files\Internet Explorer
2013-10-10 15:21:18 ----D---- C:\Windows\system32\wbem
2013-10-10 15:21:12 ----D---- C:\Windows\system32\DriverStore
2013-10-10 13:40:52 ----D---- C:\ProgramData\Microsoft Help
2013-10-10 13:39:03 ----D---- C:\Windows\system32\catroot2
2013-10-10 13:36:27 ----D---- C:\Program Files\Microsoft Silverlight
2013-10-10 13:36:27 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-10-10 13:34:44 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-10-10 13:34:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-10-10 13:28:58 ----D---- C:\Windows\system32\MRT
2013-10-10 13:27:11 ----A---- C:\Windows\system32\MRT.exe
2013-10-09 18:02:03 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-05 408600]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-06-18 247216]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-12-06 871408]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 139616]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2009-06-15 245296]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-07-16 1488384]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-28 1966624]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-07-27 58880]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-05 18432]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-05 16896]
S3 afs6fpxu;afs6fpxu; C:\Windows\system32\drivers\afs6fpxu.sys []
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-07-07 2769400]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 USBCCID;USB Smart Card Reader; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S4 RsFx0103;RsFx0103 Driver; C:\Windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-08-06 844320]
R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-06-04 1150496]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-08-12 23808]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2009-03-30 57617752]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [2006-12-19 81920]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 157720]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-08-12 366600]
R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-04 135664]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-07-25 162672]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-04 135664]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-10-05 1255736]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
S4 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 21 říj 2013 13:28

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

d.a.p · #3 Příspěvek od **d.a.p** » 21 říj 2013 14:50

Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows 7 Home Premium x64
Ran by venca on po 21.10.2013 at 15:41:30,32
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sim-packages
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escort.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\funmoods
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2845763344-2925354805-1462635519-1000\Software\SweetIM
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mediaplayer.graphicsutils
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mediaplayer.graphicsutils.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mgmediaplayer.gifanimator
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mgmediaplayer.gifanimator.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\facemoods_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\facemoods_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\facemoodssrv_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\facemoodssrv_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mybabylontb_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mybabylontb_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\sweetim.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\quickstores-toolbar_is1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{a81a974f-8a22-43e6-9243-5198ff758da1}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askChecker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askChecker_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\UpdateTask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\UpdateTask_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\askChecker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\askChecker_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\UpdateTask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\UpdateTask_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{090B676A-43C8-2F01-9E7B-603798883009}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{800A5DED-E197-4F0B-B27D-0E8535048A4E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{3B548F63-BB6B-D042-9F9F-3F457F713B44}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\partner"
Successfully deleted: [Folder] "C:\ProgramData\premium"
Successfully deleted: [Folder] "C:\ProgramData\sweetim"
Successfully deleted: [Folder] "C:\Users\venca\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\venca\AppData\Roaming\funmoods"
Successfully deleted: [Folder] "C:\Users\venca\AppData\Roaming\quickstorestoolbar"
Successfully deleted: [Folder] "C:\Users\venca\appdata\local\babylon"
Successfully deleted: [Folder] "C:\Users\venca\appdata\locallow\facemoods.com"
Successfully deleted: [Folder] "C:\Program Files (x86)\sweetim"
Successfully deleted: [Folder] "C:\ProgramData\ask"

~~~ Chrome

Successfully deleted: [Folder] C:\Users\venca\appdata\local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 21.10.2013 at 15:49:26,89
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

d.a.p · #4 Příspěvek od **d.a.p** » 21 říj 2013 14:56

# AdwCleaner v3.010 - Report created 21/10/2013 at 15:53:14
# Updated 20/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : venca - VENCA-PC
# Running from : C:\Users\venca\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar
File Deleted : C:\Users\venca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
File Deleted : C:\Users\venca\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url
File Deleted : C:\Users\venca\Documents\QuickStores.url
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\fcmdSrch.xml
File Deleted : C:\Windows\System32\Tasks\Funmoods

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Funmoods
Key Deleted : HKLM\Software\Classes\Installer\Features\F479A18A22A86E3429341589FF57D81A
Key Deleted : HKLM\Software\Classes\Installer\Products\F479A18A22A86E3429341589FF57D81A

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v30.0.1599.101

[ File : C:\Users\venca\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [6684 octets] - [21/10/2013 15:51:37]
AdwCleaner[S0].txt - [6378 octets] - [21/10/2013 15:53:14]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6438 octets] ##########

#5 Příspěvek od **vyosek** » 21 říj 2013 16:34

Poprosim o log z FRSTL http://forum.viry.cz/viewtopic.php?f=13&t=133100

d.a.p · #6 Příspěvek od **d.a.p** » 21 říj 2013 16:47

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-10-2013
Ran by venca (administrator) on VENCA-PC on 21-10-2013 17:45:00
Running from C:\Users\venca\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
() C:\Windows\PLFSetI.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
() C:\Genius\ioCentre\gTaskBar.exe
() C:\Genius\ioCentre\gMouseTask.exe
() C:\Genius\ioCentre\gKbdTask.exe
() C:\Genius\ioCentre\gAutoPan.exe
() C:\Genius\ioCentre\gAutoScroll.exe
() C:\Genius\ioCentre\gZoom.exe
() C:\Genius\ioCentre\gMGlass.exe
() C:\Genius\ioCentre\gIMMgm.exe
() C:\Genius\ioCentre\gKbStatus.exe
() C:\Genius\ioCentre\gDeskMgm.exe
() C:\Genius\ioCentre\gTaskSwitch.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(forum.viry.cz) C:\Users\venca\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [828960 2009-08-06] (Acer Incorporated)
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [200704 2009-10-12] ()
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-08-12] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [OEXPRESS] - [x]
MountPoints2: {c59930be-e28b-11de-b739-00262266aa1a} - F:\Menu.exe
HKLM-x32\...\Run: [NortonOnlineBackupReminder] - C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-25] (Symantec Corporation)
HKLM-x32\...\Run: [ioCentre] - C:\Genius\ioCentre\gTaskBar.exe [61440 2007-12-17] ()
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-22] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-22] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=12454
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5t48i2x04s
SearchScopes: HKLM - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://searchfunmoods.com/results.php?f ... 158656&ir=
SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://searchfunmoods.com/results.php?f ... 158656&ir=
SearchScopes: HKCU - {0F25DA4E-788D-47D6-ACD1-0E9DC16A68E7} URL = http://www.mapy.cz/?query={searchTerms} ... arch_12454
SearchScopes: HKCU - {169DD2AB-F824-4116-80A3-2D81F0EF22C3} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKCU - {69493BB5-5513-4623-A023-9017846218DB} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKCU - {8D0EC3D1-DC36-4A4A-9C8B-5A0CB217575F} URL = http://encyklopedie.seznam.cz/search?q= ... arch_12454
SearchScopes: HKCU - {BD68637F-EE73-47FB-B782-552DC9882329} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
SearchScopes: HKCU - {C34E4FA6-7203-4E06-BECE-A8190B3A219A} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454
SearchScopes: HKCU - {E0D999B6-74EE-4435-ABCE-0C9950B482A0} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_12454
SearchScopes: HKCU - {E14523B4-D88E-4E17-A7B9-DAACE437CA87} URL = http://www.novinky.cz/hledej?w={searchT ... arch_12454
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll ()
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM-x32 - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll ()
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 178.72.253.5 178.72.195.195

Chrome:
=======
CHR HomePage: hxxp://www.seznam.cz/?clid=12454
CHR RestoreOnStartup: "hxxp://www.seznam.cz/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\gcswf32.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll No File
CHR Plugin: (VLC Multimedia Plug-in) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Seznam Li\u0161ti\u010Dka - Email) - C:\Users\venca\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig\1.3.13_0
CHR Extension: (Seznam Li\u0161ti\u010Dka - Slovn\u00EDk) - C:\Users\venca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd\1.2.13_0
CHR Extension: (YouTube) - C:\Users\venca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\venca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (AdBlock) - C:\Users\venca\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.10_0
CHR Extension: (Skype Click to Call) - C:\Users\venca\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0
CHR Extension: (Seznam Li\u0161ti\u010Dka - Rychl\u00E1 volba) - C:\Users\venca\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak\1.5.14_0
CHR Extension: (Gmail) - C:\Users\venca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

==================== Services (Whitelisted) =================

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-08-12] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-06-08] (Nero AG)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-08-12] (Microsoft Corporation)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [537896 2008-06-24] (Nero AG)
R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [871408 2009-12-06] ()
U3 apcpctf3; C:\Windows\System32\Drivers\apcpctf3.sys [0 ] (Microsoft Corporation)
S3 RSUSBSTOR; System32\Drivers\RtsUStor.sys [x]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-10-21 17:44 - 2013-10-21 17:44 - 00000000 ____D C:\FRST
2013-10-21 17:40 - 2013-10-21 17:40 - 01954670 _____ (Farbar) C:\Users\venca\Desktop\FRST64.exe
2013-10-21 17:40 - 2013-10-21 17:40 - 00112128 _____ (forum.viry.cz) C:\Users\venca\Desktop\FRSTLauncher.exe
2013-10-21 16:01 - 2013-10-21 16:01 - 00007678 _____ C:\Users\venca\Documents\cc_20131021_160101.reg
2013-10-21 15:51 - 2013-10-21 15:53 - 00000000 ____D C:\AdwCleaner
2013-10-21 15:49 - 2013-10-21 15:49 - 00008215 _____ C:\Users\venca\Desktop\JRT.txt
2013-10-21 15:41 - 2013-10-21 15:41 - 00000000 ____D C:\Windows\ERUNT
2013-10-21 15:38 - 2013-10-21 15:39 - 01060070 _____ C:\Users\venca\Desktop\adwcleaner.exe
2013-10-21 15:38 - 2013-10-21 15:38 - 01033335 _____ (Thisisu) C:\Users\venca\Desktop\JRT.exe
2013-10-21 13:50 - 2013-10-21 13:50 - 00000000 ____D C:\Users\venca\Desktop\Nová složka
2013-10-21 13:29 - 2013-10-21 13:36 - 00000000 ____D C:\Program Files\trend micro
2013-10-21 13:29 - 2013-10-21 13:29 - 00935175 _____ C:\Users\venca\Downloads\RSITx64.exe
2013-10-21 13:29 - 2013-10-21 13:29 - 00000000 ____D C:\rsit
2013-10-21 13:16 - 2013-10-21 13:16 - 00000000 ____D C:\Windows\pss
2013-10-21 13:14 - 2013-10-21 13:14 - 00113228 _____ C:\Users\venca\Documents\cc_20131021_131411.reg
2013-10-21 13:09 - 2013-10-21 13:09 - 00001272 _____ C:\Users\venca\Desktop\Revo Uninstaller.lnk
2013-10-21 13:09 - 2013-10-21 13:09 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-10-21 13:07 - 2013-10-21 13:07 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\venca\Downloads\revosetup.exe
2013-10-21 13:06 - 2013-10-21 13:06 - 00002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-10-21 13:02 - 2013-10-21 13:03 - 10787798 _____ C:\Users\venca\Downloads\cc-setup.exe
2013-10-10 13:38 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-10 13:38 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-10 13:38 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-10 13:38 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-10 13:38 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-10 13:38 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-10 13:38 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-10 13:38 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-10 13:38 - 2013-09-23 01:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-10 13:38 - 2013-09-23 01:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-10 13:38 - 2013-09-23 01:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-10 13:38 - 2013-09-23 01:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-10 13:38 - 2013-09-23 01:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-10 13:38 - 2013-09-23 00:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-10 13:38 - 2013-09-23 00:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-10 13:38 - 2013-09-23 00:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-10 13:38 - 2013-09-23 00:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-10 13:38 - 2013-09-23 00:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-10 13:38 - 2013-09-23 00:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-10 13:38 - 2013-09-23 00:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-10 13:38 - 2013-09-23 00:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-10 13:38 - 2013-09-23 00:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-10 13:38 - 2013-09-23 00:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-10 13:38 - 2013-09-23 00:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-10 13:38 - 2013-09-23 00:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-10 13:38 - 2013-09-23 00:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-10 13:38 - 2013-09-23 00:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-10 13:38 - 2013-09-21 05:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-10 13:38 - 2013-09-21 05:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-10 13:38 - 2013-09-21 04:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-10 13:38 - 2013-09-21 04:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-09 18:24 - 2013-09-04 14:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-09 18:24 - 2013-09-04 14:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-09 18:24 - 2013-09-04 14:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-09 18:24 - 2013-09-04 14:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-09 18:24 - 2013-09-04 14:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-09 18:24 - 2013-09-04 14:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-10-09 18:24 - 2013-09-04 14:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-09 18:24 - 2013-08-28 03:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-09 18:24 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-09 18:24 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 18:24 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 18:24 - 2013-07-12 12:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-09 18:24 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-09 18:24 - 2013-07-12 12:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2013-10-09 18:24 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-09 18:24 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-09 18:24 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-09 18:24 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-09 18:24 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-09 18:24 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-09 18:24 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-09 18:24 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-09 18:24 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-09 18:24 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-09 18:24 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-09 18:24 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-09 18:24 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-09 18:24 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-09 18:24 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-09 18:24 - 2012-11-29 00:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2013-10-09 18:24 - 2012-11-29 00:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2013-10-09 18:24 - 2012-11-29 00:56 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf

==================== One Month Modified Files and Folders =======

2013-10-21 17:44 - 2013-10-21 17:44 - 00000000 ____D C:\FRST
2013-10-21 17:42 - 2012-01-07 19:17 - 00003970 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{ACF01306-6C7F-4B39-9999-69C64030EA49}
2013-10-21 17:40 - 2013-10-21 17:40 - 01954670 _____ (Farbar) C:\Users\venca\Desktop\FRST64.exe
2013-10-21 17:40 - 2013-10-21 17:40 - 00112128 _____ (forum.viry.cz) C:\Users\venca\Desktop\FRSTLauncher.exe
2013-10-21 17:26 - 2009-07-14 06:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-21 17:26 - 2009-07-14 06:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-21 17:26 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-10-21 17:22 - 2012-11-11 10:40 - 01255335 _____ C:\Windows\WindowsUpdate.log
2013-10-21 17:18 - 2012-04-09 09:57 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-21 17:11 - 2010-10-04 21:44 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-21 16:24 - 2009-12-13 18:53 - 00000958 _____ C:\Users\venca\AppData\Roaming\default.pls
2013-10-21 16:01 - 2013-10-21 16:01 - 00007678 _____ C:\Users\venca\Documents\cc_20131021_160101.reg
2013-10-21 15:54 - 2010-10-04 21:44 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-21 15:54 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-21 15:53 - 2013-10-21 15:51 - 00000000 ____D C:\AdwCleaner
2013-10-21 15:49 - 2013-10-21 15:49 - 00008215 _____ C:\Users\venca\Desktop\JRT.txt
2013-10-21 15:41 - 2013-10-21 15:41 - 00000000 ____D C:\Windows\ERUNT
2013-10-21 15:39 - 2013-10-21 15:38 - 01060070 _____ C:\Users\venca\Desktop\adwcleaner.exe
2013-10-21 15:38 - 2013-10-21 15:38 - 01033335 _____ (Thisisu) C:\Users\venca\Desktop\JRT.exe
2013-10-21 13:52 - 2009-08-14 12:40 - 00000000 ____D C:\Program Files\Google
2013-10-21 13:52 - 2009-08-14 12:40 - 00000000 ____D C:\Program Files (x86)\Google
2013-10-21 13:50 - 2013-10-21 13:50 - 00000000 ____D C:\Users\venca\Desktop\Nová složka
2013-10-21 13:45 - 2011-09-02 07:19 - 00000000 ____D C:\ProgramData\GameXN
2013-10-21 13:36 - 2013-10-21 13:29 - 00000000 ____D C:\Program Files\trend micro
2013-10-21 13:29 - 2013-10-21 13:29 - 00935175 _____ C:\Users\venca\Downloads\RSITx64.exe
2013-10-21 13:29 - 2013-10-21 13:29 - 00000000 ____D C:\rsit
2013-10-21 13:24 - 2010-12-11 11:52 - 00000000 ____D C:\Users\venca\AppData\Roaming\Skype
2013-10-21 13:22 - 2009-12-06 18:20 - 00000000 ____D C:\Users\venca\AppData\Local\Google
2013-10-21 13:22 - 2009-08-14 12:40 - 00000000 ____D C:\ProgramData\Google
2013-10-21 13:18 - 2012-10-13 16:22 - 00000000 ____D C:\Firefox
2013-10-21 13:16 - 2013-10-21 13:16 - 00000000 ____D C:\Windows\pss
2013-10-21 13:16 - 2009-12-04 20:30 - 00000000 ___RD C:\Users\venca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-21 13:14 - 2013-10-21 13:14 - 00113228 _____ C:\Users\venca\Documents\cc_20131021_131411.reg
2013-10-21 13:11 - 2011-02-27 14:33 - 00000000 ____D C:\Windows\Minidump
2013-10-21 13:11 - 2007-07-12 03:49 - 00000000 ____D C:\Windows\Panther
2013-10-21 13:09 - 2013-10-21 13:09 - 00001272 _____ C:\Users\venca\Desktop\Revo Uninstaller.lnk
2013-10-21 13:09 - 2013-10-21 13:09 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-10-21 13:07 - 2013-10-21 13:07 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\venca\Downloads\revosetup.exe
2013-10-21 13:06 - 2013-10-21 13:06 - 00002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-10-21 13:06 - 2012-04-05 10:04 - 00000826 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-10-21 13:06 - 2012-04-05 10:04 - 00000000 ____D C:\Program Files\CCleaner
2013-10-21 13:03 - 2013-10-21 13:02 - 10787798 _____ C:\Users\venca\Downloads\cc-setup.exe
2013-10-21 13:00 - 2013-07-15 17:21 - 00000000 ____D C:\Users\venca\AppData\Roaming\Seznam.cz
2013-10-21 12:29 - 2011-05-28 14:08 - 00000000 ____D C:\Users\venca\AppData\Roaming\go
2013-10-18 08:06 - 2010-10-04 21:44 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-18 08:06 - 2010-10-04 21:44 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-17 11:12 - 2010-12-11 11:56 - 00002187 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-10-16 14:36 - 2011-03-30 16:30 - 00001912 _____ C:\Windows\epplauncher.mif
2013-10-16 14:36 - 2011-03-30 16:30 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-10-16 14:36 - 2011-03-30 16:30 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-10-14 12:45 - 2013-08-15 14:15 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-10 15:23 - 2009-07-14 06:45 - 00336624 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-10 13:40 - 2009-08-14 12:24 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-10 13:36 - 2013-03-14 09:55 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-10 13:36 - 2013-03-14 09:55 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-10 13:34 - 2011-03-30 16:30 - 01743358 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-10 13:34 - 2009-10-12 19:02 - 00732828 _____ C:\Windows\system32\perfh005.dat
2013-10-10 13:34 - 2009-10-12 19:02 - 00165582 _____ C:\Windows\system32\perfc005.dat
2013-10-10 13:34 - 2009-07-14 07:13 - 01743358 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-10 13:28 - 2013-08-15 11:59 - 00000000 ____D C:\Windows\system32\MRT
2013-10-10 13:27 - 2011-03-30 17:05 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-09 18:16 - 2012-04-07 11:26 - 00963584 ___SH C:\Users\venca\Desktop\Thumbs.db
2013-10-09 18:02 - 2012-04-09 09:57 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-09 18:02 - 2012-04-09 09:57 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-09 18:02 - 2012-04-09 09:57 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-01 16:14 - 2013-08-12 13:39 - 00000000 ____D C:\Users\venca\Desktop\Maryann Peťa a Alice
2013-09-27 17:58 - 2013-07-08 14:17 - 00000000 ____D C:\Users\venca\Desktop\Bluetooth
2013-09-23 01:28 - 2013-10-10 13:38 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-23 01:28 - 2013-10-10 13:38 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-23 01:27 - 2013-10-10 13:38 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-23 01:27 - 2013-10-10 13:38 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-23 01:27 - 2013-10-10 13:38 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-23 01:27 - 2013-10-10 13:38 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-23 01:27 - 2013-10-10 13:38 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-23 01:27 - 2013-10-10 13:38 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-23 01:27 - 2013-10-10 13:38 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-23 01:27 - 2013-10-10 13:38 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-23 01:27 - 2013-10-10 13:38 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-23 01:27 - 2013-10-10 13:38 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-23 01:27 - 2013-10-10 13:38 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-23 00:55 - 2013-10-10 13:38 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-23 00:55 - 2013-10-10 13:38 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-23 00:55 - 2013-10-10 13:38 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-23 00:54 - 2013-10-10 13:38 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-23 00:54 - 2013-10-10 13:38 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-23 00:54 - 2013-10-10 13:38 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-23 00:54 - 2013-10-10 13:38 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-23 00:54 - 2013-10-10 13:38 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-23 00:54 - 2013-10-10 13:38 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-23 00:54 - 2013-10-10 13:38 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-23 00:54 - 2013-10-10 13:38 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-23 00:54 - 2013-10-10 13:38 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-23 00:54 - 2013-10-10 13:38 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-23 00:54 - 2013-10-10 13:38 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-21 05:38 - 2013-10-10 13:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-21 05:30 - 2013-10-10 13:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-21 04:48 - 2013-10-10 13:38 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-21 04:39 - 2013-10-10 13:38 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

Files to move or delete:
====================
C:\Users\Microsoft Visual Basic 2010 pln verze\Microsoft Visual Basic 2010 pln verze.exe
C:\Users\Microsoft Visual Basic 2010 pln verze\unins000.dat
C:\Users\Microsoft Visual Basic 2010 pln verze\unins000.exe
C:\Users\venca\msvcr71.dll
C:\Users\venca\picasa36cz-setup.exe

Some content of TEMP:
====================
C:\Users\venca\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-10-21 17:18

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (Acer) (Fixed) (Total:453.66 GB) (Free:358.59 GB) NTFS

Available physical RAM: 2688.1 MB
Total physical RAM: 4025.98 MB
Percentage of memory in use: 33%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 8AA8BDF4)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=102 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=454 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\WinRE{33875bcb0-c571-4ac4-9d2d-87796275a886}:$WIMMOUNTDATA
AlternateDataStreams: C:\ProgramData\Temp:0B9176C0
AlternateDataStreams: C:\ProgramData\Temp:1D32EC29
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:93DE1838
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D
AlternateDataStreams: C:\ProgramData\Temp:E3C56885

==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 28_09_2013 (06)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\venca\Desktop" je 2266 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater
"C:\Program Files (x86)\Ask.com\Updater\Updater.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint
C:\Program Files\Apoint2K\Apoint.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Users\venca\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop
"C:\Users\venca\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\facemoods
"C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodssrv.exe" /md I [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GameXN GO
"C:\ProgramData\GameXN\GameXNGO.exe" /startup [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Global Registration
"C:\Program Files (x86)\Acer\Registration\GREG.exe" BOOT [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}
"C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager
C:\Program Files (x86)\Launch Manager\LManager.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan
"C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NtVdmSrv
C:\Windows\inf\ntvdm.vbe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce
"C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg
"C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^venca^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^V��ezy obrazovky a spu�t�n� aplikace OneNote 2007.lnk
C:\PROGRA~2\MICROS~1\Office12\ONENOTEM.EXE

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#7 Příspěvek od **vyosek** » 21 říj 2013 18:54

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKCU\...\Run: [OEXPRESS] - [x]
MountPoints2: {c59930be-e28b-11de-b739-00262266aa1a} - F:\Menu.exe
HKLM-x32\...\Run: [NortonOnlineBackupReminder] - C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-25] (Symantec Corporation)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-22] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-22] ()

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5t48i2x04s
SearchScopes: HKLM - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=AgnUpd&cd=2XzuyEtN2Y1L1QzutD0C0E0E0EyC0A0B0BzyyEzyyEyCyE0AtN0D0Tzu0CyDtCyCtN1L2XzutN1L1Czu&cr=85158656&ir=
SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=AgnUpd&cd=2XzuyEtN2Y1L1QzutD0C0E0E0EyC0A0B0BzyyEzyyEyCyE0AtN0D0Tzu0CyDtCyCtN1L2XzutN1L1Czu&cr=85158656&ir=
SearchScopes: HKCU - {0F25DA4E-788D-47D6-ACD1-0E9DC16A68E7} URL = http://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKCU - {169DD2AB-F824-4116-80A3-2D81F0EF22C3} URL = http://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKCU - {69493BB5-5513-4623-A023-9017846218DB} URL = http://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKCU - {8D0EC3D1-DC36-4A4A-9C8B-5A0CB217575F} URL = http://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKCU - {BD68637F-EE73-47FB-B782-552DC9882329} URL = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKCU - {C34E4FA6-7203-4E06-BECE-A8190B3A219A} URL = http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_12454
SearchScopes: HKCU - {E0D999B6-74EE-4435-ABCE-0C9950B482A0} URL = http://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKCU - {E14523B4-D88E-4E17-A7B9-DAACE437CA87} URL = http://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

DisableService: NMIndexingService
DisableService: Nero BackItUp Scheduler 3

C:\Users\venca\msvcr71.dll
C:\Program Files (x86)\Ask.com
C:\Program Files (x86)\SweetIM
C:\Program Files (x86)\facemoods.com
C:\Windows\inf\ntvdm.vbe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\WinRE{33875bcb0-c571-4ac4-9d2d-87796275a886}:$WIMMOUNTDATA
AlternateDataStreams: C:\ProgramData\Temp:0B9176C0
AlternateDataStreams: C:\ProgramData\Temp:1D32EC29
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:93DE1838
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D
AlternateDataStreams: C:\ProgramData\Temp:E3C56885

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\facemoods" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GameXN GO" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Global Registration" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NtVdmSrv" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^venca^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^V��ezy obrazovky a spu�t�n� aplikace OneNote 2007.lnk" /f

Hosts:

End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

d.a.p · #8 Příspěvek od **d.a.p** » 21 říj 2013 19:01

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 21-10-2013
Ran by venca at 2013-10-21 20:01:20 Run:1
Running from C:\Users\venca\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKCU\...\Run: [OEXPRESS] - [x]
MountPoints2: {c59930be-e28b-11de-b739-00262266aa1a} - F:\Menu.exe
HKLM-x32\...\Run: [NortonOnlineBackupReminder] - C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-25] (Symantec Corporation)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-22] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-22] ()

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5t48i2x04s
SearchScopes: HKLM - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://searchfunmoods.com/results.php?f ... 158656&ir=
SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://searchfunmoods.com/results.php?f ... 158656&ir=
SearchScopes: HKCU - {0F25DA4E-788D-47D6-ACD1-0E9DC16A68E7} URL = http://www.mapy.cz/?query={searchTerms} ... arch_12454
SearchScopes: HKCU - {169DD2AB-F824-4116-80A3-2D81F0EF22C3} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKCU - {69493BB5-5513-4623-A023-9017846218DB} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKCU - {8D0EC3D1-DC36-4A4A-9C8B-5A0CB217575F} URL = http://encyklopedie.seznam.cz/search?q= ... arch_12454
SearchScopes: HKCU - {BD68637F-EE73-47FB-B782-552DC9882329} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
SearchScopes: HKCU - {C34E4FA6-7203-4E06-BECE-A8190B3A219A} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454
SearchScopes: HKCU - {E0D999B6-74EE-4435-ABCE-0C9950B482A0} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_12454
SearchScopes: HKCU - {E14523B4-D88E-4E17-A7B9-DAACE437CA87} URL = http://www.novinky.cz/hledej?w={searchT ... arch_12454
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

DisableService: NMIndexingService
DisableService: Nero BackItUp Scheduler 3

C:\Users\venca\msvcr71.dll
C:\Program Files (x86)\Ask.com
C:\Program Files (x86)\SweetIM
C:\Program Files (x86)\facemoods.com
C:\Windows\inf\ntvdm.vbe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\WinRE{33875bcb0-c571-4ac4-9d2d-87796275a886}:$WIMMOUNTDATA
AlternateDataStreams: C:\ProgramData\Temp:0B9176C0
AlternateDataStreams: C:\ProgramData\Temp:1D32EC29
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:93DE1838
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D
AlternateDataStreams: C:\ProgramData\Temp:E3C56885

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\facemoods" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GameXN GO" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Global Registration" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NtVdmSrv" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^venca^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^V??ezy obrazovky a spu?t?n? aplikace OneNote 2007.lnk" /f

Hosts:

End
*****************

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\OEXPRESS => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c59930be-e28b-11de-b739-00262266aa1a} => Key deleted successfully.
HKCR\CLSID\{c59930be-e28b-11de-b739-00262266aa1a} => Key not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\NortonOnlineBackupReminder => Value deleted successfully.
HKU\Default\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ScrSav => Value deleted successfully.
HKU\Default User\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ScrSav => Value not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key deleted successfully.
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0F25DA4E-788D-47D6-ACD1-0E9DC16A68E7} => Key deleted successfully.
HKCR\CLSID\{0F25DA4E-788D-47D6-ACD1-0E9DC16A68E7} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{169DD2AB-F824-4116-80A3-2D81F0EF22C3} => Key deleted successfully.
HKCR\CLSID\{169DD2AB-F824-4116-80A3-2D81F0EF22C3} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{69493BB5-5513-4623-A023-9017846218DB} => Key deleted successfully.
HKCR\CLSID\{69493BB5-5513-4623-A023-9017846218DB} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8D0EC3D1-DC36-4A4A-9C8B-5A0CB217575F} => Key deleted successfully.
HKCR\CLSID\{8D0EC3D1-DC36-4A4A-9C8B-5A0CB217575F} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BD68637F-EE73-47FB-B782-552DC9882329} => Key deleted successfully.
HKCR\CLSID\{BD68637F-EE73-47FB-B782-552DC9882329} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C34E4FA6-7203-4E06-BECE-A8190B3A219A} => Key deleted successfully.
HKCR\CLSID\{C34E4FA6-7203-4E06-BECE-A8190B3A219A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E0D999B6-74EE-4435-ABCE-0C9950B482A0} => Key deleted successfully.
HKCR\CLSID\{E0D999B6-74EE-4435-ABCE-0C9950B482A0} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E14523B4-D88E-4E17-A7B9-DAACE437CA87} => Key deleted successfully.
HKCR\CLSID\{E14523B4-D88E-4E17-A7B9-DAACE437CA87} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => Key deleted successfully.
C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx => Moved successfully.
NMIndexingService service was disabled
Nero BackItUp Scheduler 3 service was disabled
C:\Users\venca\msvcr71.dll => Moved successfully.
"C:\Program Files (x86)\Ask.com" => File/Directory not found.
"C:\Program Files (x86)\SweetIM" => File/Directory not found.
"C:\Program Files (x86)\facemoods.com" => File/Directory not found.
C:\Windows\inf\ntvdm.vbe => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\WinRE{33875bcb0-c571-4ac4-9d2d-87796275a886} => ":$WIMMOUNTDATA" ADS removed successfully.
C:\ProgramData\Temp => ":0B9176C0" ADS removed successfully.
C:\ProgramData\Temp => ":1D32EC29" ADS removed successfully.
C:\ProgramData\Temp => ":4CF61E54" ADS removed successfully.
C:\ProgramData\Temp => ":4D066AD2" ADS removed successfully.
C:\ProgramData\Temp => ":93DE1838" ADS removed successfully.
C:\ProgramData\Temp => ":AB689DEA" ADS removed successfully.
C:\ProgramData\Temp => ":ABE89FFE" ADS removed successfully.
C:\ProgramData\Temp => ":E1F04E8D" ADS removed successfully.
C:\ProgramData\Temp => ":E3C56885" ADS removed successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\facemoods" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GameXN GO" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Global Registration" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NtVdmSrv" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^venca^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^V??ezy obrazovky a spu?t?n? aplikace OneNote 2007.lnk" /f =========

Chyba: Syst‚m nenalezl zadaně klˇź registru nebo po§adovanou hodnotu.

========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

==== End of Fixlog ====

#9 Příspěvek od **vyosek** » 21 říj 2013 19:13

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

VIRY.CZ

pomalý ntb

pomalý ntb

Re: pomalý ntb

Re: pomalý ntb

Re: pomalý ntb

Re: pomalý ntb

Re: pomalý ntb

Re: pomalý ntb

Re: pomalý ntb

Re: pomalý ntb