VIRY.CZ

Přeji Vám dobrý večer.
Asi před týdnem se mi NTB uzamknul s hláškou o tzv. Policejnim viru. Známý provedl jeho odstranění ( říkal něco o návratu k bodu obnovy).
Počítač teď mohu používat, ale ted je hodně pomalý. Hlavně když zapnu prohlížeč na internet a při sledování např youtube je odezvy myši asi o 3s opožděna. Po vypnutí prohlížeče je to pomalé už celé. Antivirus mám aviru + Malwarebytes Anti-Malware jěčtě jsem použil CCleaner. Nic nepomohlo.

Proto bych Vás rád poprosil o chvilku Vašeho času a radu jak postupovat dále. Předem Vám děkuji.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-12-2013
Ran by Boris (administrator) on NTB on 25-12-2013 20:22:36
Running from C:\Users\Boris\Desktop
Windows 8 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(forum.viry.cz) C:\Users\Boris\Desktop\FRSTLauncher.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2873744 2013-02-13] (ELAN Microelectronics Corp.)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM-x32\...\Run: [BakupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [624192 2012-11-02] (NTI Corporation)
HKLM-x32\...\Run: [LManager] - [x]
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1644680 2013-03-10] (Ask)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-01-28] ( (Qualcomm Atheros Commnucations))
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1823656 2013-12-11] (Valve Corporation)
MountPoints2: {08c87ebe-622d-11e2-be71-b888e3c69261} - "E:\StartUp.exe"
MountPoints2: {16ad33ce-0266-11e2-be69-806e6f6e6963} - "D:\Setup.exe"
MountPoints2: {d86e1043-6338-11e2-be76-b888e3c69261} - "E:\Autorun.exe"
HKU\Barborka\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd)
HKU\Barborka\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
HKU\Barborka\...\Run: [DU Meter] - C:\Program Files (x86)\DU Meter\DUMeter.exe
HKU\Barborka\...\Run: [cz.seznam.software.szndesktop] - C:\Users\Barborka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\Barborka\...\Run: [cz.seznam.software.autoupdate] - C:\Users\Barborka\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\Default\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845392 2012-07-21] (Acer Incorporated)
HKU\Default User\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845392 2012-07-21] (Acer Incorporated)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll [266448 2013-05-12] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll [214448 2013-05-12] (NVIDIA Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
URLSearchHook: HKLM-x32 - Default Value = {74198672-5F7D-4FE9-A611-4AC1D5A66A15}
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
SearchScopes: HKLM - DefaultScope {F4D68537-EC62-4990-823F-9F41DCC114A8} URL = http://www.bing.com/search?q={searchTer ... &pc=MAARJS
SearchScopes: HKLM - {F4D68537-EC62-4990-823F-9F41DCC114A8} URL = http://www.bing.com/search?q={searchTer ... &pc=MAARJS
SearchScopes: HKLM-x32 - DefaultScope {F4D68537-EC62-4990-823F-9F41DCC114A8} URL = http://www.bing.com/search?q={searchTer ... &pc=MAARJS
SearchScopes: HKLM-x32 - {F4D68537-EC62-4990-823F-9F41DCC114A8} URL = http://www.bing.com/search?q={searchTer ... &pc=MAARJS
SearchScopes: HKCU - DefaultScope {0A66CB83-F930-4987-8D91-1B282811AA88} URL = http://blekko.com/ws/?source=536c75e7&t ... rms}&r=296
SearchScopes: HKCU - {0A66CB83-F930-4987-8D91-1B282811AA88} URL = http://blekko.com/ws/?source=536c75e7&t ... rms}&r=296
SearchScopes: HKCU - {432996AE-5BCA-4692-A3B7-C34D72DB643B} URL = http://websearch.ask.com/redirect?clien ... D48B1F08DC
SearchScopes: HKCU - {F4D68537-EC62-4990-823F-9F41DCC114A8} URL =
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO-x32: Groove GFS Browser Helper - {390C7E87-153C-12DB-2EA6-0BB301EB26E9} - C:\Windows\SysWOW64\autoplayy.dll ()
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

FireFox:
========
FF ProfilePath: C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\5463r1ej.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: thehappycloud.com/HappyCloudPlugin - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: WOT - C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\5463r1ej.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: anonymoX - C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\5463r1ej.default\Extensions\client@anonymox.net.xpi
FF Extension: NoScript - C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\5463r1ej.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: Adblock Plus - C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\5463r1ej.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox
FF HKLM\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\IB Updater\Firefox
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome:
=======
CHR Extension: (SimilarWeb) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoklmmgfnpapgjgcpechhaamimifchmp\2.0.0.1_0
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1011768 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227456 2013-01-28] (Qualcomm Atheros Commnucations)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-24] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated)
S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-23] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [92560 2013-02-13] (ELAN Microelectronics Corp.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S2 libusbd; C:\Windows\SysWow64\libusbd-nt.exe [18944 2005-03-09] (http://libusb-win32.sourceforge.net)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [5038448 2013-01-03] (INCA Internet Co., Ltd.)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-11-02] (NTI Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2013-03-09] ()
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-09-19] (Dritek System INC.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-04-01] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00A\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-01-20] (DT Soft Ltd)
S3 libusb0; C:\Windows\SysWow64\drivers\libusb0.sys [33792 2005-03-09] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-04-01] ()
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-09-19] (Dritek System Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2013-04-14] ()
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)
S3 pccsmcfd; \SystemRoot\system32\DRIVERS\pccsmcfdx64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-25 20:22 - 2013-12-25 20:22 - 00017391 _____ C:\Users\Boris\Desktop\FRST.txt
2013-12-25 20:22 - 2013-12-25 20:22 - 00000000 ____D C:\FRST
2013-12-25 19:32 - 2013-12-25 19:32 - 01928716 _____ (Farbar) C:\Users\Boris\Desktop\FRST64.exe
2013-12-25 19:32 - 2013-12-25 19:32 - 00112640 _____ (forum.viry.cz) C:\Users\Boris\Desktop\FRSTLauncher.exe
2013-12-25 19:30 - 2013-12-25 19:30 - 00001077 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-25 19:30 - 2013-12-25 19:30 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-25 19:30 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-25 14:49 - 2013-12-25 14:49 - 00000000 ____D C:\Users\Boris\AppData\Roaming\ParetoLogic
2013-12-25 14:49 - 2013-12-25 14:49 - 00000000 ____D C:\Users\Boris\AppData\Roaming\DriverCure
2013-12-25 14:47 - 2013-12-25 19:50 - 00000000 ____D C:\ProgramData\ParetoLogic
2013-12-22 20:18 - 2013-12-23 10:46 - 00000000 ____D C:\smaz
2013-12-22 18:41 - 2013-12-22 18:41 - 00000000 ___HD C:\$Windows.~BT
2013-12-22 14:16 - 2013-12-22 19:49 - 00000000 ____D C:\Users\Boris\AppData\Roaming\Apple Computer
2013-12-22 14:16 - 2013-12-22 14:16 - 00001747 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-12-22 14:16 - 2013-12-22 14:16 - 00000000 ____D C:\Users\Boris\AppData\Local\Apple Computer
2013-12-22 14:16 - 2013-12-22 14:16 - 00000000 ____D C:\ProgramData\Apple Computer
2013-12-22 14:16 - 2013-12-22 14:16 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-22 14:16 - 2013-12-22 14:16 - 00000000 ____D C:\Program Files\iTunes
2013-12-22 14:16 - 2013-12-22 14:16 - 00000000 ____D C:\Program Files\iPod
2013-12-22 14:16 - 2013-12-22 14:16 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-12-22 14:16 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2013-12-22 14:15 - 2013-12-22 14:15 - 00000000 ____D C:\Users\Boris\AppData\Local\Apple
2013-12-22 14:15 - 2013-12-22 14:15 - 00000000 ____D C:\ProgramData\Apple
2013-12-22 14:15 - 2013-12-22 14:15 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-12-22 14:15 - 2013-12-22 14:15 - 00000000 ____D C:\Program Files\Bonjour
2013-12-22 14:15 - 2013-12-22 14:15 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-12-22 14:15 - 2013-12-22 14:15 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-12-22 13:41 - 2013-12-22 14:04 - 100400976 _____ (Apple Inc.) C:\Users\Boris\Downloads\iTunes64Setup.exe
2013-12-22 13:11 - 2013-12-23 17:25 - 00001665 _____ C:\Windows\setupact.log
2013-12-22 13:11 - 2013-12-22 13:11 - 00000000 _____ C:\Windows\setuperr.log
2013-12-22 12:02 - 2013-12-25 20:17 - 00410421 _____ C:\Windows\WindowsUpdate.log
2013-12-22 12:01 - 2013-12-25 19:43 - 00003792 _____ C:\Windows\PFRO.log
2013-12-22 11:55 - 2013-12-25 19:04 - 00035026 _____ C:\Windows\DirectX.log
2013-12-22 11:45 - 2013-12-25 18:57 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2013-12-21 13:43 - 2013-07-18 19:24 - 00809496 ____R (Creative Labs Inc.) C:\Windows\SysWOW64\tmp67DD.tmp
2013-12-21 13:11 - 2013-12-21 13:11 - 00000000 ____D C:\ProgramData\Hagel Technologies
2013-12-21 13:04 - 2013-12-21 13:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-12-21 13:03 - 2013-12-21 13:03 - 05484016 _____ (Speedchecker Limited ) C:\Users\Boris\Downloads\zrychlenipocitace_4c558abead1c43dc8df02c828af92b59_.exe
2013-12-21 11:38 - 2013-12-21 11:38 - 00000000 ____D C:\ProgramData\ClassicShell
2013-12-21 11:36 - 2013-12-25 20:18 - 00000000 ____D C:\Users\Boris\AppData\Roaming\ClassicShell
2013-12-21 11:35 - 2013-12-21 11:35 - 00001334 _____ C:\Users\Boris\Desktop\Spanek.lnk
2013-12-21 11:33 - 2013-12-21 11:33 - 05629632 _____ (IvoSoft) C:\Users\Boris\Downloads\ClassicShellSetup_4_0_2.exe
2013-12-21 09:53 - 2013-12-21 09:53 - 00001137 _____ C:\Users\Public\Desktop\Opera.lnk
2013-12-21 09:53 - 2013-12-21 09:53 - 00000000 ____D C:\Users\Boris\AppData\Roaming\Opera Software
2013-12-21 09:53 - 2013-12-21 09:53 - 00000000 ____D C:\Users\Boris\AppData\Local\Opera Software
2013-12-21 09:53 - 2013-12-21 09:53 - 00000000 ____D C:\Program Files (x86)\Opera
2013-12-21 09:51 - 2013-12-21 09:52 - 33803296 _____ (Opera Software ASA) C:\Users\Boris\Downloads\Opera_18.0.1284.68_Setup.exe
2013-12-21 09:49 - 2013-12-21 09:49 - 00001155 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-21 09:49 - 2013-12-21 09:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-21 09:49 - 2013-12-21 09:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-20 12:09 - 2013-12-20 12:20 - 00000000 ____D C:\Users\Boris\AppData\Local\GOG.com
2013-12-19 15:07 - 2013-12-21 09:04 - 00329920 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-19 14:29 - 2013-12-19 14:29 - 00001369 _____ C:\Users\Boris\Desktop\Titan Quest Immortal Throne.lnk
2013-12-19 14:29 - 2013-12-19 14:29 - 00001228 _____ C:\Users\Boris\Desktop\Titan Quest.lnk
2013-12-19 14:29 - 2013-12-19 14:29 - 00000000 ____D C:\Users\Boris\AppData\Roaming\Titan Quest
2013-12-19 13:44 - 2013-12-19 13:44 - 00000000 ____D C:\Program Files (x86)\R.G. Mechanics
2013-12-18 17:37 - 2013-12-18 17:37 - 00000000 ____D C:\Users\Boris\Documents\Stronghold
2013-12-13 13:31 - 2013-12-13 13:31 - 00000222 _____ C:\Users\Boris\Desktop\LEGO Lord of the Rings.url
2013-12-12 15:34 - 2013-12-12 15:34 - 00000000 ____D C:\Users\Boris\AppData\Roaming\Warner Bros. Interactive Entertainment
2013-12-12 14:55 - 2013-12-12 14:55 - 00001775 _____ C:\Users\Boris\Desktop\Dishonored – zástupce.lnk
2013-12-12 13:32 - 2013-12-12 13:32 - 00001040 _____ C:\Users\Public\Desktop\Dishonored .lnk
2013-12-12 13:17 - 2013-12-12 14:26 - 00000000 ____D C:\Program Files (x86)\Dishonored
2013-12-12 12:34 - 2013-12-12 12:34 - 00000000 ____D C:\Users\Boris\AppData\Local\Blizzard
2013-12-12 09:29 - 2013-12-12 12:34 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2013-12-12 09:29 - 2013-12-12 09:29 - 00001191 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2013-12-12 09:27 - 2013-12-12 12:52 - 00000000 ____D C:\Users\Boris\AppData\Local\Battle.net
2013-12-12 09:27 - 2013-12-12 09:29 - 00000000 ____D C:\Users\Boris\AppData\Roaming\Battle.net
2013-12-12 09:27 - 2013-12-12 09:27 - 00001154 _____ C:\Users\Public\Desktop\Battle.net.lnk
2013-12-12 09:27 - 2013-12-12 09:27 - 00000000 ____D C:\Program Files (x86)\Battle.net
2013-12-11 21:06 - 2013-11-23 07:43 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-11 21:06 - 2013-11-23 06:05 - 00368640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-11 21:06 - 2013-11-01 06:38 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-11 21:06 - 2013-11-01 04:49 - 00273408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-11 08:36 - 2013-11-07 00:18 - 04036608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 08:36 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-11 08:36 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 08:36 - 2013-10-25 07:19 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-12-11 08:36 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-11 08:36 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-11 08:36 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-11 08:36 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-11 08:36 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-11 08:36 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-11 08:36 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-11 08:36 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-11 08:36 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-11 08:36 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-11 08:36 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-11 08:36 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-11 08:36 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-11 08:36 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-11 08:36 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-11 08:36 - 2013-10-19 06:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 08:36 - 2013-10-19 05:04 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 08:36 - 2013-10-10 10:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-11 08:36 - 2013-10-10 10:30 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
2013-12-11 08:36 - 2013-10-10 10:30 - 00156160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-11 08:36 - 2013-10-10 10:24 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 08:36 - 2013-10-10 10:23 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 08:36 - 2013-10-10 10:22 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2013-12-11 08:36 - 2013-10-10 10:22 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 08:36 - 2013-09-28 04:35 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-08 09:15 - 2013-12-08 09:15 - 00000964 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cef3edacb81fa4.job
2013-12-06 06:38 - 2013-12-06 06:38 - 00000000 ____D C:\Users\Barborka\AppData\Roaming\WinRAR
2013-12-05 19:14 - 2013-12-05 19:14 - 00000000 ____D C:\ProgramData\Melesta
2013-12-01 14:29 - 2013-12-01 14:29 - 00000000 ____D C:\ProgramData\CrioGames
2013-11-29 12:51 - 2013-12-01 16:12 - 00000000 ____D C:\Program Files\Microsoft Xbox 360 Accessories

==================== One Month Modified Files and Folders =======

2013-12-25 20:22 - 2013-12-25 20:22 - 00017391 _____ C:\Users\Boris\Desktop\FRST.txt
2013-12-25 20:22 - 2013-12-25 20:22 - 00000000 ____D C:\FRST
2013-12-25 20:19 - 2012-08-03 08:46 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-25 20:18 - 2013-12-21 11:36 - 00000000 ____D C:\Users\Boris\AppData\Roaming\ClassicShell
2013-12-25 20:17 - 2013-12-22 12:02 - 00410421 _____ C:\Windows\WindowsUpdate.log
2013-12-25 20:17 - 2013-05-26 08:03 - 00000000 ____D C:\Program Files (x86)\Steam
2013-12-25 20:17 - 2013-04-01 11:52 - 00000000 ____D C:\Program Files (x86)\Of Orcs And Men
2013-12-25 20:17 - 2012-09-19 16:07 - 00735800 _____ C:\Windows\system32\perfh005.dat
2013-12-25 20:17 - 2012-09-19 16:07 - 00152596 _____ C:\Windows\system32\perfc005.dat
2013-12-25 20:17 - 2012-07-26 08:28 - 01740092 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-25 20:15 - 2013-05-26 08:21 - 00000000 ____D C:\Users\Boris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-12-25 20:14 - 2013-08-19 17:03 - 00000000 ____D C:\Users\Boris\AppData\Local\Unity
2013-12-25 20:10 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-12-25 20:00 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\sru
2013-12-25 19:50 - 2013-12-25 14:47 - 00000000 ____D C:\ProgramData\ParetoLogic
2013-12-25 19:43 - 2013-12-22 12:01 - 00003792 _____ C:\Windows\PFRO.log
2013-12-25 19:32 - 2013-12-25 19:32 - 01928716 _____ (Farbar) C:\Users\Boris\Desktop\FRST64.exe
2013-12-25 19:32 - 2013-12-25 19:32 - 00112640 _____ (forum.viry.cz) C:\Users\Boris\Desktop\FRSTLauncher.exe
2013-12-25 19:30 - 2013-12-25 19:30 - 00001077 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-25 19:30 - 2013-12-25 19:30 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-25 19:07 - 2013-01-19 20:06 - 00000000 ____D C:\Users\Boris\AppData\Local\GHISLER
2013-12-25 19:04 - 2013-12-22 11:55 - 00035026 _____ C:\Windows\DirectX.log
2013-12-25 18:57 - 2013-12-22 11:45 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2013-12-25 18:51 - 2013-01-24 17:22 - 00000000 ____D C:\Users\Boris\AppData\Roaming\uTorrent
2013-12-25 14:59 - 2013-01-31 19:25 - 00000000 ____D C:\Zumpa
2013-12-25 14:49 - 2013-12-25 14:49 - 00000000 ____D C:\Users\Boris\AppData\Roaming\ParetoLogic
2013-12-25 14:49 - 2013-12-25 14:49 - 00000000 ____D C:\Users\Boris\AppData\Roaming\DriverCure
2013-12-23 17:26 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-12-23 17:25 - 2013-12-22 13:11 - 00001665 _____ C:\Windows\setupact.log
2013-12-23 10:46 - 2013-12-22 20:18 - 00000000 ____D C:\smaz
2013-12-22 19:49 - 2013-12-22 14:16 - 00000000 ____D C:\Users\Boris\AppData\Roaming\Apple Computer
2013-12-22 18:41 - 2013-12-22 18:41 - 00000000 ___HD C:\$Windows.~BT
2013-12-22 17:34 - 2013-01-19 13:45 - 00000000 ____D C:\Zumpa boda
2013-12-22 14:16 - 2013-12-22 14:16 - 00001747 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-12-22 14:16 - 2013-12-22 14:16 - 00000000 ____D C:\Users\Boris\AppData\Local\Apple Computer
2013-12-22 14:16 - 2013-12-22 14:16 - 00000000 ____D C:\ProgramData\Apple Computer
2013-12-22 14:16 - 2013-12-22 14:16 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-22 14:16 - 2013-12-22 14:16 - 00000000 ____D C:\Program Files\iTunes
2013-12-22 14:16 - 2013-12-22 14:16 - 00000000 ____D C:\Program Files\iPod
2013-12-22 14:16 - 2013-12-22 14:16 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-12-22 14:15 - 2013-12-22 14:15 - 00000000 ____D C:\Users\Boris\AppData\Local\Apple
2013-12-22 14:15 - 2013-12-22 14:15 - 00000000 ____D C:\ProgramData\Apple
2013-12-22 14:15 - 2013-12-22 14:15 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-12-22 14:15 - 2013-12-22 14:15 - 00000000 ____D C:\Program Files\Bonjour
2013-12-22 14:15 - 2013-12-22 14:15 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-12-22 14:15 - 2013-12-22 14:15 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-12-22 14:04 - 2013-12-22 13:41 - 100400976 _____ (Apple Inc.) C:\Users\Boris\Downloads\iTunes64Setup.exe
2013-12-22 13:11 - 2013-12-22 13:11 - 00000000 _____ C:\Windows\setuperr.log
2013-12-22 11:44 - 2013-01-19 20:02 - 00000000 ____D C:\Users\Boris\AppData\Roaming\DAEMON Tools Lite
2013-12-21 14:46 - 2013-01-19 19:52 - 00000000 ____D C:\Users\Boris\AppData\Local\CrashDumps
2013-12-21 14:05 - 2013-07-21 12:54 - 00000000 ____D C:\Games
2013-12-21 13:57 - 2013-11-23 14:59 - 00000000 ____D C:\Program Files (x86)\Agarest Generations of War
2013-12-21 13:44 - 2013-04-08 17:10 - 00000000 ____D C:\Users\Boris\AppData\Local\NokiaAccount
2013-12-21 13:44 - 2013-04-08 17:06 - 00000000 ____D C:\ProgramData\Nokia
2013-12-21 13:44 - 2013-04-08 17:04 - 00000000 ____D C:\Program Files (x86)\Nokia
2013-12-21 13:40 - 2013-07-14 18:28 - 00000000 ____D C:\Users\Boris\AppData\Roaming\Seznam.cz
2013-12-21 13:39 - 2013-06-21 14:18 - 00000000 ____D C:\Program Files\Bohemia Interactive
2013-12-21 13:38 - 2013-11-20 20:35 - 00000000 ____D C:\Program Files (x86)\The Wolf Among Us
2013-12-21 13:38 - 2013-05-01 17:45 - 00000000 ____D C:\MPS
2013-12-21 13:36 - 2013-01-19 13:48 - 00000000 ____D C:\Users\Boris\AppData\Roaming\WildTangent
2013-12-21 13:36 - 2012-08-03 08:43 - 00000000 ____D C:\ProgramData\WildTangent
2013-12-21 13:14 - 2013-07-20 20:19 - 00000000 ____D C:\ProgramData\HappyCloud
2013-12-21 13:13 - 2013-04-04 18:42 - 00000000 ____D C:\Program Files (x86)\GOG.com
2013-12-21 13:13 - 2013-01-19 11:14 - 00000000 ____D C:\Users\Boris
2013-12-21 13:11 - 2013-12-21 13:11 - 00000000 ____D C:\ProgramData\Hagel Technologies
2013-12-21 13:11 - 2013-06-28 16:12 - 00000000 ____D C:\Program Files (x86)\DU Meter
2013-12-21 13:11 - 2013-04-14 12:45 - 00000000 ____D C:\Program Files (x86)\Astonsoft
2013-12-21 13:08 - 2013-08-06 01:03 - 00000000 ____D C:\ProgramData\Big Fish
2013-12-21 13:04 - 2013-12-21 13:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-12-21 13:03 - 2013-12-21 13:03 - 05484016 _____ (Speedchecker Limited ) C:\Users\Boris\Downloads\zrychlenipocitace_4c558abead1c43dc8df02c828af92b59_.exe
2013-12-21 11:38 - 2013-12-21 11:38 - 00000000 ____D C:\ProgramData\ClassicShell
2013-12-21 11:35 - 2013-12-21 11:35 - 00001334 _____ C:\Users\Boris\Desktop\Spanek.lnk
2013-12-21 11:33 - 2013-12-21 11:33 - 05629632 _____ (IvoSoft) C:\Users\Boris\Downloads\ClassicShellSetup_4_0_2.exe
2013-12-21 09:53 - 2013-12-21 09:53 - 00001137 _____ C:\Users\Public\Desktop\Opera.lnk
2013-12-21 09:53 - 2013-12-21 09:53 - 00000000 ____D C:\Users\Boris\AppData\Roaming\Opera Software
2013-12-21 09:53 - 2013-12-21 09:53 - 00000000 ____D C:\Users\Boris\AppData\Local\Opera Software
2013-12-21 09:53 - 2013-12-21 09:53 - 00000000 ____D C:\Program Files (x86)\Opera
2013-12-21 09:52 - 2013-12-21 09:51 - 33803296 _____ (Opera Software ASA) C:\Users\Boris\Downloads\Opera_18.0.1284.68_Setup.exe
2013-12-21 09:50 - 2013-01-19 14:21 - 00000000 ____D C:\Users\Boris\AppData\Roaming\Mozilla
2013-12-21 09:49 - 2013-12-21 09:49 - 00001155 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-21 09:49 - 2013-12-21 09:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-21 09:49 - 2013-12-21 09:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-21 09:48 - 2013-07-01 17:44 - 00000000 ____D C:\Users\Boris\AppData\Local\DoNotTrackPlus
2013-12-21 09:04 - 2013-12-19 15:07 - 00329920 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-20 12:20 - 2013-12-20 12:09 - 00000000 ____D C:\Users\Boris\AppData\Local\GOG.com
2013-12-20 12:13 - 2013-05-24 19:40 - 00000000 ____D C:\GOG Games
2013-12-19 15:00 - 2013-01-31 19:38 - 00000000 ____D C:\Users\Boris\Documents\My Games
2013-12-19 14:29 - 2013-12-19 14:29 - 00001369 _____ C:\Users\Boris\Desktop\Titan Quest Immortal Throne.lnk
2013-12-19 14:29 - 2013-12-19 14:29 - 00001228 _____ C:\Users\Boris\Desktop\Titan Quest.lnk
2013-12-19 14:29 - 2013-12-19 14:29 - 00000000 ____D C:\Users\Boris\AppData\Roaming\Titan Quest
2013-12-19 13:44 - 2013-12-19 13:44 - 00000000 ____D C:\Program Files (x86)\R.G. Mechanics
2013-12-19 11:24 - 2013-08-19 17:41 - 00000000 ____D C:\Windows\system32\MRT
2013-12-19 11:24 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\SecureBootUpdates
2013-12-19 11:18 - 2013-01-20 11:16 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-19 11:18 - 2012-07-26 06:38 - 00000000 ____D C:\Windows\system32\oobe
2013-12-18 17:37 - 2013-12-18 17:37 - 00000000 ____D C:\Users\Boris\Documents\Stronghold
2013-12-18 14:47 - 2013-05-25 11:14 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-18 14:47 - 2013-05-25 11:12 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-18 14:47 - 2013-05-25 11:12 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-13 13:31 - 2013-12-13 13:31 - 00000222 _____ C:\Users\Boris\Desktop\LEGO Lord of the Rings.url
2013-12-13 08:00 - 2013-06-28 22:06 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-12 15:34 - 2013-12-12 15:34 - 00000000 ____D C:\Users\Boris\AppData\Roaming\Warner Bros. Interactive Entertainment
2013-12-12 14:55 - 2013-12-12 14:55 - 00001775 _____ C:\Users\Boris\Desktop\Dishonored – zástupce.lnk
2013-12-12 14:26 - 2013-12-12 13:17 - 00000000 ____D C:\Program Files (x86)\Dishonored
2013-12-12 13:32 - 2013-12-12 13:32 - 00001040 _____ C:\Users\Public\Desktop\Dishonored .lnk
2013-12-12 12:52 - 2013-12-12 09:27 - 00000000 ____D C:\Users\Boris\AppData\Local\Battle.net
2013-12-12 12:34 - 2013-12-12 12:34 - 00000000 ____D C:\Users\Boris\AppData\Local\Blizzard
2013-12-12 12:34 - 2013-12-12 09:29 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2013-12-12 10:16 - 2013-01-20 21:12 - 00000000 ____D C:\Program Files (x86)\Diablo III
2013-12-12 09:29 - 2013-12-12 09:29 - 00001191 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2013-12-12 09:29 - 2013-12-12 09:27 - 00000000 ____D C:\Users\Boris\AppData\Roaming\Battle.net
2013-12-12 09:27 - 2013-12-12 09:27 - 00001154 _____ C:\Users\Public\Desktop\Battle.net.lnk
2013-12-12 09:27 - 2013-12-12 09:27 - 00000000 ____D C:\Program Files (x86)\Battle.net
2013-12-11 21:04 - 2013-08-23 16:41 - 00000000 ____D C:\Users\Boris\AppData\Local\The Witcher
2013-12-11 20:48 - 2013-04-01 12:03 - 00000000 ____D C:\Users\Boris\Documents\Of Orcs and Men
2013-12-11 18:29 - 2013-07-21 13:05 - 00006232 _____ C:\Users\Boris\Documents\TombRaider.log
2013-12-10 18:16 - 2013-03-16 19:08 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-08 09:15 - 2013-12-08 09:15 - 00000964 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cef3edacb81fa4.job
2013-12-07 19:32 - 2013-11-13 21:38 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2013-12-07 17:52 - 2013-07-14 18:23 - 00000000 ____D C:\Program Files (x86)\Wakfu
2013-12-07 17:48 - 2013-06-11 19:44 - 00000000 ____D C:\Program Files (x86)\Foxy Games
2013-12-06 11:48 - 2013-01-31 18:14 - 00000000 ____D C:\Zumpa Baja
2013-12-06 11:41 - 2013-06-23 15:28 - 00003584 _____ C:\Users\Barborka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-06 06:42 - 2013-07-15 07:04 - 00000000 ____D C:\Users\Barborka\AppData\Roaming\Seznam.cz
2013-12-06 06:42 - 2013-01-31 18:13 - 00000000 ____D C:\Barborka veci
2013-12-06 06:38 - 2013-12-06 06:38 - 00000000 ____D C:\Users\Barborka\AppData\Roaming\WinRAR
2013-12-05 21:32 - 2013-01-19 23:38 - 00000000 ____D C:\Users\Boris\AppData\Local\SKIDROW
2013-12-05 19:14 - 2013-12-05 19:14 - 00000000 ____D C:\ProgramData\Melesta
2013-12-04 01:53 - 2013-11-15 22:58 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-04 01:53 - 2013-11-15 22:58 - 00078304 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-02 20:04 - 2013-07-20 20:27 - 00000000 ____D C:\Users\Boris\AppData\Local\Turbine
2013-12-01 16:13 - 2013-07-20 20:25 - 00000000 ____D C:\Users\Boris\Documents\The Lord of the Rings Online
2013-12-01 16:13 - 2013-03-04 19:15 - 00000000 ____D C:\Users\Boris\AppData\Roaming\IrfanView
2013-12-01 16:13 - 2013-01-19 20:01 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2013-12-01 16:13 - 2013-01-19 16:53 - 00000000 ____D C:\Users\Barborka
2013-12-01 16:13 - 2013-01-19 14:16 - 00000000 ____D C:\Users\Boris\AppData\Roaming\GHISLER
2013-12-01 16:12 - 2013-11-29 12:51 - 00000000 ____D C:\Program Files\Microsoft Xbox 360 Accessories
2013-12-01 16:11 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\registration
2013-12-01 14:29 - 2013-12-01 14:29 - 00000000 ____D C:\ProgramData\CrioGames
2013-11-25 16:47 - 2013-05-25 11:12 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys

Some content of TEMP:
====================
C:\Users\Barborka\AppData\Local\Temp\avgnt.exe
C:\Users\Boris\AppData\Local\Temp\avgnt.exe
C:\Users\Boris\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Boris\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-13 08:43




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (Acer) (Fixed) (Total:446.19 GB) (Free:114.07 GB) NTFS

Available physical RAM: 2580.4 MB
Total physical RAM: 3909.27 MB
Percentage of memory in use: 33%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 466 GB) (Disk ID: B76B77DB)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cef3edacb81fa4.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:DocumentSummaryInformation
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:SummaryInformation
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\ProgramData\Temp:12EA4DC9
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F
AlternateDataStreams: C:\ProgramData\Temp:57173DB4
AlternateDataStreams: C:\ProgramData\Temp:B2D32F1D
AlternateDataStreams: C:\ProgramData\Temp:CB959782
AlternateDataStreams: C:\ProgramData\Temp:E4BC4A41
AlternateDataStreams: C:\ProgramData\Temp:F6910DB1

==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Desktop (Disabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Disabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Boris\Desktop" je 2 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Zdravim a pekny vecer preji

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Děkuji, že jste se mi ozval.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 8 x64
Ran by Boris on st 25. 12. 2013 at 21:32:13,81
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9



~~~ Files



~~~ Folders

Failed to delete: [Folder] "C:\ProgramData\big fish"
Failed to delete: [Folder] "C:\ProgramData\big fish games"
Failed to delete: [Folder] "C:\ProgramData\boost_interprocess"



~~~ FireFox

Failed to delete: [File] C:\user.js



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 25. 12. 2013 at 21:35:10,44
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


# AdwCleaner v3.016 - Report created 25/12/2013 at 21:26:01
# Updated 23/12/2013 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : Boris - NTB
# Running from : C:\Zumpa boda\odstraneni viru\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\ParetoLogic
Folder Deleted : C:\ProgramData\AlawarEntertainment
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\SimilarSites
Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\Windows\SysWOW64\WNLT
Folder Deleted : C:\Windows\System32\ARFC
Folder Deleted : C:\Users\Boris\AppData\Local\AskToolbar
Folder Deleted : C:\Users\Boris\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Boris\AppData\Roaming\ParetoLogic
Folder Deleted : C:\Users\Boris\AppData\Roaming\AlawarEntertainment
Folder Deleted : C:\Users\Barborka\AppData\Local\AskToolbar
Folder Deleted : C:\Users\Barborka\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\5463r1ej.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
Folder Deleted : C:\Users\Barborka\AppData\Roaming\Mozilla\Firefox\Profiles\oq2slv6k.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
File Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}]
Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FE1DEEEA-DB6D-44B8-83F0-34FC0F9D1052}]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1005247F-A178-490A-8DC3-6BAF09EA427B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{05366194-3126-4601-AC1A-DDE573E093DC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{061F450C-37B9-4330-9235-0F25D9F75B33}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{26249267-15F4-4DA3-8247-C5A78E4FA918}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{39B217B4-8C69-4E45-A8DC-8CC4DAD3CF0A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CB4CE45-8849-4638-9226-D6B615A15827}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{43AB7B5D-4C40-4103-A549-7002A116A7D5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{996ED20F-A740-47A2-A7EF-9620D422BB4E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{061F450C-37B9-4330-9235-0F25D9F75B33}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36BCB13-778D-4A40-99C1-D686086D268F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D55DAA5-04AC-4036-B0BE-DA81EE9676CD}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{58CBF821-A0C7-4AE8-9430-77DD1AF38E99}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{72BCBFF7-2837-4CA0-B3B5-3DAED7F54601}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{824125FD-7732-4DA2-9277-3A7D0A0A0813}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CCA8F2AB-BE4E-41F0-A289-4D960CEA58EA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F994E0D9-8335-48F1-99C2-A712C21F8D5F}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A36BCB13-778D-4A40-99C1-D686086D268F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AskToolbar
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\Software\IB Updater
Key Deleted : HKLM\Software\ParetoLogic
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : [x64] HKLM\SOFTWARE\IB Updater
Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16537


-\\ Mozilla Firefox v26.0 (cs)

[ File : C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\5463r1ej.default\prefs.js ]


[ File : C:\Users\Barborka\AppData\Roaming\Mozilla\Firefox\Profiles\oq2slv6k.default\prefs.js ]

Line Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "");

-\\ Google Chrome v

[ File : C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [8197 octets] - [25/12/2013 21:25:17]
AdwCleaner[S0].txt - [8164 octets] - [25/12/2013 21:26:01]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8224 octets] ##########

JRT pusten jako "spravce"

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 8 x64
Ran by Boris on st 25. 12. 2013 at 21:41:43,19
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\big fish"
Successfully deleted: [Folder] "C:\ProgramData\big fish games"
Failed to delete: [Folder] "C:\ProgramData\boost_interprocess"



~~~ FireFox

Successfully deleted: [File] C:\user.js



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 25. 12. 2013 at 21:44:49,79
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ADWCleaner spusten jako spravce

# AdwCleaner v3.016 - Report created 25/12/2013 at 21:49:19
# Updated 23/12/2013 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : Boris - NTB
# Running from : C:\Zumpa boda\odstraneni viru\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\boost_interprocess

***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16537


-\\ Mozilla Firefox v26.0 (cs)

[ File : C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\5463r1ej.default\prefs.js ]


[ File : C:\Users\Barborka\AppData\Roaming\Mozilla\Firefox\Profiles\oq2slv6k.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [8197 octets] - [25/12/2013 21:25:17]
AdwCleaner[R1].txt - [1125 octets] - [25/12/2013 21:48:12]
AdwCleaner[S0].txt - [8336 octets] - [25/12/2013 21:26:01]
AdwCleaner[S1].txt - [1051 octets] - [25/12/2013 21:49:19]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1111 octets] ##########

Udelejte novy sken pres FRSTLauncher

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-12-2013
Ran by Boris (administrator) on NTB on 25-12-2013 22:06:11
Running from C:\Users\Boris\Desktop
Windows 8 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(forum.viry.cz) C:\Users\Boris\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2873744 2013-02-13] (ELAN Microelectronics Corp.)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM-x32\...\Run: [BakupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [624192 2012-11-02] (NTI Corporation)
HKLM-x32\...\Run: [LManager] - [x]
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-01-28] ( (Qualcomm Atheros Commnucations))
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1823656 2013-12-11] (Valve Corporation)
MountPoints2: {08c87ebe-622d-11e2-be71-b888e3c69261} - "E:\StartUp.exe"
MountPoints2: {16ad33ce-0266-11e2-be69-806e6f6e6963} - "D:\Setup.exe"
MountPoints2: {d86e1043-6338-11e2-be76-b888e3c69261} - "E:\Autorun.exe"
HKU\Barborka\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd)
HKU\Barborka\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
HKU\Barborka\...\Run: [DU Meter] - C:\Program Files (x86)\DU Meter\DUMeter.exe
HKU\Barborka\...\Run: [cz.seznam.software.szndesktop] - C:\Users\Barborka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\Barborka\...\Run: [cz.seznam.software.autoupdate] - C:\Users\Barborka\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\Default\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845392 2012-07-21] (Acer Incorporated)
HKU\Default User\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845392 2012-07-21] (Acer Incorporated)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll [266448 2013-05-12] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll [214448 2013-05-12] (NVIDIA Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
URLSearchHook: HKLM-x32 - Default Value = {74198672-5F7D-4FE9-A611-4AC1D5A66A15}
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
SearchScopes: HKLM - DefaultScope {F4D68537-EC62-4990-823F-9F41DCC114A8} URL = http://www.bing.com/search?q={searchTer ... &pc=MAARJS
SearchScopes: HKLM - {F4D68537-EC62-4990-823F-9F41DCC114A8} URL = http://www.bing.com/search?q={searchTer ... &pc=MAARJS
SearchScopes: HKLM-x32 - {F4D68537-EC62-4990-823F-9F41DCC114A8} URL = http://www.bing.com/search?q={searchTer ... &pc=MAARJS
SearchScopes: HKCU - {F4D68537-EC62-4990-823F-9F41DCC114A8} URL =
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO-x32: Groove GFS Browser Helper - {390C7E87-153C-12DB-2EA6-0BB301EB26E9} - C:\Windows\SysWOW64\autoplayy.dll ()
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\5463r1ej.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: thehappycloud.com/HappyCloudPlugin - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: anonymoX - C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\5463r1ej.default\Extensions\client@anonymox.net.xpi
FF Extension: NoScript - C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\5463r1ej.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: Adblock Plus - C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\5463r1ej.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome:
=======
CHR Extension: (SimilarWeb) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoklmmgfnpapgjgcpechhaamimifchmp\2.0.0.1_0

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1011768 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227456 2013-01-28] (Qualcomm Atheros Commnucations)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-24] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated)
S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-23] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [92560 2013-02-13] (ELAN Microelectronics Corp.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S2 libusbd; C:\Windows\SysWow64\libusbd-nt.exe [18944 2005-03-09] (http://libusb-win32.sourceforge.net)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [5038448 2013-01-03] (INCA Internet Co., Ltd.)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-11-02] (NTI Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2013-03-09] ()
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-09-19] (Dritek System INC.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-04-01] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00A\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-01-20] (DT Soft Ltd)
S3 libusb0; C:\Windows\SysWow64\drivers\libusb0.sys [33792 2005-03-09] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-04-01] ()
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-09-19] (Dritek System Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2013-04-14] ()
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)
S3 pccsmcfd; \SystemRoot\system32\DRIVERS\pccsmcfdx64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-25 22:05 - 2013-12-25 22:05 - 00029696 _____ C:\Users\Boris\AppData\Local\MSGBOX.EXE
2013-12-25 22:05 - 2013-12-25 22:05 - 00015327 _____ C:\Users\Boris\Desktop\LM.bat
2013-12-25 21:51 - 2013-12-25 21:51 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-12-25 21:44 - 2013-12-25 21:44 - 00001004 _____ C:\Users\Boris\Desktop\JRT.txt
2013-12-25 21:24 - 2013-12-25 21:49 - 00000000 ____D C:\AdwCleaner
2013-12-25 21:13 - 2013-12-25 21:13 - 00000000 ____D C:\Windows\ERUNT
2013-12-25 20:33 - 2013-12-25 20:33 - 00005840 _____ C:\Users\Boris\Desktop\Addition.rar
2013-12-25 20:22 - 2013-12-25 22:06 - 00015293 _____ C:\Users\Boris\Desktop\FRST.txt
2013-12-25 20:22 - 2013-12-25 20:22 - 00000000 ____D C:\FRST
2013-12-25 19:32 - 2013-12-25 19:32 - 01928716 _____ (Farbar) C:\Users\Boris\Desktop\FRST64.exe
2013-12-25 19:32 - 2013-12-25 19:32 - 00112640 _____ (forum.viry.cz) C:\Users\Boris\Desktop\FRSTLauncher.exe
2013-12-25 19:30 - 2013-12-25 19:30 - 00001077 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-25 19:30 - 2013-12-25 19:30 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-25 19:30 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-22 20:18 - 2013-12-23 10:46 - 00000000 ____D C:\smaz
2013-12-22 18:41 - 2013-12-22 18:41 - 00000000 ___HD C:\$Windows.~BT
2013-12-22 14:16 - 2013-12-22 19:49 - 00000000 ____D C:\Users\Boris\AppData\Roaming\Apple Computer
2013-12-22 14:16 - 2013-12-22 14:16 - 00001747 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-12-22 14:16 - 2013-12-22 14:16 - 00000000 ____D C:\Users\Boris\AppData\Local\Apple Computer
2013-12-22 14:16 - 2013-12-22 14:16 - 00000000 ____D C:\ProgramData\Apple Computer
2013-12-22 14:16 - 2013-12-22 14:16 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-22 14:16 - 2013-12-22 14:16 - 00000000 ____D C:\Program Files\iTunes
2013-12-22 14:16 - 2013-12-22 14:16 - 00000000 ____D C:\Program Files\iPod
2013-12-22 14:16 - 2013-12-22 14:16 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-12-22 14:16 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2013-12-22 14:15 - 2013-12-22 14:15 - 00000000 ____D C:\Users\Boris\AppData\Local\Apple
2013-12-22 14:15 - 2013-12-22 14:15 - 00000000 ____D C:\ProgramData\Apple
2013-12-22 14:15 - 2013-12-22 14:15 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-12-22 14:15 - 2013-12-22 14:15 - 00000000 ____D C:\Program Files\Bonjour
2013-12-22 14:15 - 2013-12-22 14:15 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-12-22 14:15 - 2013-12-22 14:15 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-12-22 13:41 - 2013-12-22 14:04 - 100400976 _____ (Apple Inc.) C:\Users\Boris\Downloads\iTunes64Setup.exe
2013-12-22 13:11 - 2013-12-23 17:25 - 00001665 _____ C:\Windows\setupact.log
2013-12-22 13:11 - 2013-12-22 13:11 - 00000000 _____ C:\Windows\setuperr.log
2013-12-22 12:02 - 2013-12-25 22:03 - 00479391 _____ C:\Windows\WindowsUpdate.log
2013-12-22 12:01 - 2013-12-25 19:43 - 00003792 _____ C:\Windows\PFRO.log
2013-12-22 11:55 - 2013-12-25 19:04 - 00035026 _____ C:\Windows\DirectX.log
2013-12-22 11:45 - 2013-12-25 18:57 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2013-12-21 13:43 - 2013-07-18 19:24 - 00809496 ____R (Creative Labs Inc.) C:\Windows\SysWOW64\tmp67DD.tmp
2013-12-21 13:11 - 2013-12-21 13:11 - 00000000 ____D C:\ProgramData\Hagel Technologies
2013-12-21 13:04 - 2013-12-21 13:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-12-21 13:03 - 2013-12-21 13:03 - 05484016 _____ (Speedchecker Limited ) C:\Users\Boris\Downloads\zrychlenipocitace_4c558abead1c43dc8df02c828af92b59_.exe
2013-12-21 11:38 - 2013-12-21 11:38 - 00000000 ____D C:\ProgramData\ClassicShell
2013-12-21 11:36 - 2013-12-25 20:18 - 00000000 ____D C:\Users\Boris\AppData\Roaming\ClassicShell
2013-12-21 11:35 - 2013-12-21 11:35 - 00001334 _____ C:\Users\Boris\Desktop\Spanek.lnk
2013-12-21 11:33 - 2013-12-21 11:33 - 05629632 _____ (IvoSoft) C:\Users\Boris\Downloads\ClassicShellSetup_4_0_2.exe
2013-12-21 09:53 - 2013-12-21 09:53 - 00001137 _____ C:\Users\Public\Desktop\Opera.lnk
2013-12-21 09:53 - 2013-12-21 09:53 - 00000000 ____D C:\Users\Boris\AppData\Roaming\Opera Software
2013-12-21 09:53 - 2013-12-21 09:53 - 00000000 ____D C:\Users\Boris\AppData\Local\Opera Software
2013-12-21 09:53 - 2013-12-21 09:53 - 00000000 ____D C:\Program Files (x86)\Opera
2013-12-21 09:51 - 2013-12-21 09:52 - 33803296 _____ (Opera Software ASA) C:\Users\Boris\Downloads\Opera_18.0.1284.68_Setup.exe
2013-12-21 09:49 - 2013-12-21 09:49 - 00001155 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-21 09:49 - 2013-12-21 09:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-21 09:49 - 2013-12-21 09:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-20 12:09 - 2013-12-20 12:20 - 00000000 ____D C:\Users\Boris\AppData\Local\GOG.com
2013-12-19 15:07 - 2013-12-21 09:04 - 00329920 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-19 14:29 - 2013-12-19 14:29 - 00001369 _____ C:\Users\Boris\Desktop\Titan Quest Immortal Throne.lnk
2013-12-19 14:29 - 2013-12-19 14:29 - 00001228 _____ C:\Users\Boris\Desktop\Titan Quest.lnk
2013-12-19 14:29 - 2013-12-19 14:29 - 00000000 ____D C:\Users\Boris\AppData\Roaming\Titan Quest
2013-12-19 13:44 - 2013-12-19 13:44 - 00000000 ____D C:\Program Files (x86)\R.G. Mechanics
2013-12-18 17:37 - 2013-12-18 17:37 - 00000000 ____D C:\Users\Boris\Documents\Stronghold
2013-12-13 13:31 - 2013-12-13 13:31 - 00000222 _____ C:\Users\Boris\Desktop\LEGO Lord of the Rings.url
2013-12-12 15:34 - 2013-12-12 15:34 - 00000000 ____D C:\Users\Boris\AppData\Roaming\Warner Bros. Interactive Entertainment
2013-12-12 14:55 - 2013-12-12 14:55 - 00001775 _____ C:\Users\Boris\Desktop\Dishonored – zástupce.lnk
2013-12-12 13:32 - 2013-12-12 13:32 - 00001040 _____ C:\Users\Public\Desktop\Dishonored .lnk
2013-12-12 13:17 - 2013-12-12 14:26 - 00000000 ____D C:\Program Files (x86)\Dishonored
2013-12-12 12:34 - 2013-12-12 12:34 - 00000000 ____D C:\Users\Boris\AppData\Local\Blizzard
2013-12-12 09:29 - 2013-12-12 12:34 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2013-12-12 09:29 - 2013-12-12 09:29 - 00001191 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2013-12-12 09:27 - 2013-12-12 12:52 - 00000000 ____D C:\Users\Boris\AppData\Local\Battle.net
2013-12-12 09:27 - 2013-12-12 09:29 - 00000000 ____D C:\Users\Boris\AppData\Roaming\Battle.net
2013-12-12 09:27 - 2013-12-12 09:27 - 00001154 _____ C:\Users\Public\Desktop\Battle.net.lnk
2013-12-12 09:27 - 2013-12-12 09:27 - 00000000 ____D C:\Program Files (x86)\Battle.net
2013-12-11 21:06 - 2013-11-23 07:43 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-11 21:06 - 2013-11-23 06:05 - 00368640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-11 21:06 - 2013-11-01 06:38 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-11 21:06 - 2013-11-01 04:49 - 00273408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-11 08:36 - 2013-11-07 00:18 - 04036608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 08:36 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-11 08:36 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 08:36 - 2013-10-25 07:19 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-12-11 08:36 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-11 08:36 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-11 08:36 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-11 08:36 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-11 08:36 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-11 08:36 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-11 08:36 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-11 08:36 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-11 08:36 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-11 08:36 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-11 08:36 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-11 08:36 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-11 08:36 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-11 08:36 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-11 08:36 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-11 08:36 - 2013-10-19 06:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 08:36 - 2013-10-19 05:04 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 08:36 - 2013-10-10 10:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-11 08:36 - 2013-10-10 10:30 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
2013-12-11 08:36 - 2013-10-10 10:30 - 00156160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-11 08:36 - 2013-10-10 10:24 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 08:36 - 2013-10-10 10:23 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 08:36 - 2013-10-10 10:22 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2013-12-11 08:36 - 2013-10-10 10:22 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 08:36 - 2013-09-28 04:35 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-08 09:15 - 2013-12-08 09:15 - 00000964 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cef3edacb81fa4.job
2013-12-06 06:38 - 2013-12-06 06:38 - 00000000 ____D C:\Users\Barborka\AppData\Roaming\WinRAR
2013-12-05 19:14 - 2013-12-05 19:14 - 00000000 ____D C:\ProgramData\Melesta
2013-12-01 14:29 - 2013-12-01 14:29 - 00000000 ____D C:\ProgramData\CrioGames
2013-11-29 12:51 - 2013-12-01 16:12 - 00000000 ____D C:\Program Files\Microsoft Xbox 360 Accessories

==================== One Month Modified Files and Folders =======

2013-12-25 22:06 - 2013-12-25 20:22 - 00015293 _____ C:\Users\Boris\Desktop\FRST.txt
2013-12-25 22:05 - 2013-12-25 22:05 - 00029696 _____ C:\Users\Boris\AppData\Local\MSGBOX.EXE
2013-12-25 22:05 - 2013-12-25 22:05 - 00015327 _____ C:\Users\Boris\Desktop\LM.bat
2013-12-25 22:03 - 2013-12-22 12:02 - 00479391 _____ C:\Windows\WindowsUpdate.log
2013-12-25 22:00 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\sru
2013-12-25 21:51 - 2013-12-25 21:51 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-12-25 21:49 - 2013-12-25 21:24 - 00000000 ____D C:\AdwCleaner
2013-12-25 21:44 - 2013-12-25 21:44 - 00001004 _____ C:\Users\Boris\Desktop\JRT.txt
2013-12-25 21:13 - 2013-12-25 21:13 - 00000000 ____D C:\Windows\ERUNT
2013-12-25 21:12 - 2013-01-19 13:45 - 00000000 ____D C:\Zumpa boda
2013-12-25 20:33 - 2013-12-25 20:33 - 00005840 _____ C:\Users\Boris\Desktop\Addition.rar
2013-12-25 20:22 - 2013-12-25 20:22 - 00000000 ____D C:\FRST
2013-12-25 20:19 - 2012-08-03 08:46 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-25 20:18 - 2013-12-21 11:36 - 00000000 ____D C:\Users\Boris\AppData\Roaming\ClassicShell
2013-12-25 20:17 - 2013-05-26 08:03 - 00000000 ____D C:\Program Files (x86)\Steam
2013-12-25 20:17 - 2013-04-01 11:52 - 00000000 ____D C:\Program Files (x86)\Of Orcs And Men
2013-12-25 20:17 - 2012-09-19 16:07 - 00735800 _____ C:\Windows\system32\perfh005.dat
2013-12-25 20:17 - 2012-09-19 16:07 - 00152596 _____ C:\Windows\system32\perfc005.dat
2013-12-25 20:17 - 2012-07-26 08:28 - 01740092 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-25 20:15 - 2013-05-26 08:21 - 00000000 ____D C:\Users\Boris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-12-25 20:14 - 2013-08-19 17:03 - 00000000 ____D C:\Users\Boris\AppData\Local\Unity
2013-12-25 20:10 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-12-25 19:43 - 2013-12-22 12:01 - 00003792 _____ C:\Windows\PFRO.log
2013-12-25 19:32 - 2013-12-25 19:32 - 01928716 _____ (Farbar) C:\Users\Boris\Desktop\FRST64.exe
2013-12-25 19:32 - 2013-12-25 19:32 - 00112640 _____ (forum.viry.cz) C:\Users\Boris\Desktop\FRSTLauncher.exe
2013-12-25 19:30 - 2013-12-25 19:30 - 00001077 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-25 19:30 - 2013-12-25 19:30 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-25 19:07 - 2013-01-19 20:06 - 00000000 ____D C:\Users\Boris\AppData\Local\GHISLER
2013-12-25 19:04 - 2013-12-22 11:55 - 00035026 _____ C:\Windows\DirectX.log
2013-12-25 18:57 - 2013-12-22 11:45 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2013-12-25 18:51 - 2013-01-24 17:22 - 00000000 ____D C:\Users\Boris\AppData\Roaming\uTorrent
2013-12-25 14:59 - 2013-01-31 19:25 - 00000000 ____D C:\Zumpa
2013-12-23 17:26 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-12-23 17:25 - 2013-12-22 13:11 - 00001665 _____ C:\Windows\setupact.log
2013-12-23 10:46 - 2013-12-22 20:18 - 00000000 ____D C:\smaz
2013-12-22 19:49 - 2013-12-22 14:16 - 00000000 ____D C:\Users\Boris\AppData\Roaming\Apple Computer
2013-12-22 18:41 - 2013-12-22 18:41 - 00000000 ___HD C:\$Windows.~BT
2013-12-22 14:16 - 2013-12-22 14:16 - 00001747 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-12-22 14:16 - 2013-12-22 14:16 - 00000000 ____D C:\Users\Boris\AppData\Local\Apple Computer
2013-12-22 14:16 - 2013-12-22 14:16 - 00000000 ____D C:\ProgramData\Apple Computer
2013-12-22 14:16 - 2013-12-22 14:16 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-22 14:16 - 2013-12-22 14:16 - 00000000 ____D C:\Program Files\iTunes
2013-12-22 14:16 - 2013-12-22 14:16 - 00000000 ____D C:\Program Files\iPod
2013-12-22 14:16 - 2013-12-22 14:16 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-12-22 14:15 - 2013-12-22 14:15 - 00000000 ____D C:\Users\Boris\AppData\Local\Apple
2013-12-22 14:15 - 2013-12-22 14:15 - 00000000 ____D C:\ProgramData\Apple
2013-12-22 14:15 - 2013-12-22 14:15 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-12-22 14:15 - 2013-12-22 14:15 - 00000000 ____D C:\Program Files\Bonjour
2013-12-22 14:15 - 2013-12-22 14:15 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-12-22 14:15 - 2013-12-22 14:15 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-12-22 14:04 - 2013-12-22 13:41 - 100400976 _____ (Apple Inc.) C:\Users\Boris\Downloads\iTunes64Setup.exe
2013-12-22 13:11 - 2013-12-22 13:11 - 00000000 _____ C:\Windows\setuperr.log
2013-12-22 11:44 - 2013-01-19 20:02 - 00000000 ____D C:\Users\Boris\AppData\Roaming\DAEMON Tools Lite
2013-12-21 14:46 - 2013-01-19 19:52 - 00000000 ____D C:\Users\Boris\AppData\Local\CrashDumps
2013-12-21 14:05 - 2013-07-21 12:54 - 00000000 ____D C:\Games
2013-12-21 13:57 - 2013-11-23 14:59 - 00000000 ____D C:\Program Files (x86)\Agarest Generations of War
2013-12-21 13:44 - 2013-04-08 17:10 - 00000000 ____D C:\Users\Boris\AppData\Local\NokiaAccount
2013-12-21 13:44 - 2013-04-08 17:06 - 00000000 ____D C:\ProgramData\Nokia
2013-12-21 13:44 - 2013-04-08 17:04 - 00000000 ____D C:\Program Files (x86)\Nokia
2013-12-21 13:40 - 2013-07-14 18:28 - 00000000 ____D C:\Users\Boris\AppData\Roaming\Seznam.cz
2013-12-21 13:39 - 2013-06-21 14:18 - 00000000 ____D C:\Program Files\Bohemia Interactive
2013-12-21 13:38 - 2013-11-20 20:35 - 00000000 ____D C:\Program Files (x86)\The Wolf Among Us
2013-12-21 13:38 - 2013-05-01 17:45 - 00000000 ____D C:\MPS
2013-12-21 13:36 - 2013-01-19 13:48 - 00000000 ____D C:\Users\Boris\AppData\Roaming\WildTangent
2013-12-21 13:36 - 2012-08-03 08:43 - 00000000 ____D C:\ProgramData\WildTangent
2013-12-21 13:14 - 2013-07-20 20:19 - 00000000 ____D C:\ProgramData\HappyCloud
2013-12-21 13:13 - 2013-04-04 18:42 - 00000000 ____D C:\Program Files (x86)\GOG.com
2013-12-21 13:13 - 2013-01-19 11:14 - 00000000 ____D C:\Users\Boris
2013-12-21 13:11 - 2013-12-21 13:11 - 00000000 ____D C:\ProgramData\Hagel Technologies
2013-12-21 13:11 - 2013-06-28 16:12 - 00000000 ____D C:\Program Files (x86)\DU Meter
2013-12-21 13:11 - 2013-04-14 12:45 - 00000000 ____D C:\Program Files (x86)\Astonsoft
2013-12-21 13:04 - 2013-12-21 13:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-12-21 13:03 - 2013-12-21 13:03 - 05484016 _____ (Speedchecker Limited ) C:\Users\Boris\Downloads\zrychlenipocitace_4c558abead1c43dc8df02c828af92b59_.exe
2013-12-21 11:38 - 2013-12-21 11:38 - 00000000 ____D C:\ProgramData\ClassicShell
2013-12-21 11:35 - 2013-12-21 11:35 - 00001334 _____ C:\Users\Boris\Desktop\Spanek.lnk
2013-12-21 11:33 - 2013-12-21 11:33 - 05629632 _____ (IvoSoft) C:\Users\Boris\Downloads\ClassicShellSetup_4_0_2.exe
2013-12-21 09:53 - 2013-12-21 09:53 - 00001137 _____ C:\Users\Public\Desktop\Opera.lnk
2013-12-21 09:53 - 2013-12-21 09:53 - 00000000 ____D C:\Users\Boris\AppData\Roaming\Opera Software
2013-12-21 09:53 - 2013-12-21 09:53 - 00000000 ____D C:\Users\Boris\AppData\Local\Opera Software
2013-12-21 09:53 - 2013-12-21 09:53 - 00000000 ____D C:\Program Files (x86)\Opera
2013-12-21 09:52 - 2013-12-21 09:51 - 33803296 _____ (Opera Software ASA) C:\Users\Boris\Downloads\Opera_18.0.1284.68_Setup.exe
2013-12-21 09:50 - 2013-01-19 14:21 - 00000000 ____D C:\Users\Boris\AppData\Roaming\Mozilla
2013-12-21 09:49 - 2013-12-21 09:49 - 00001155 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-21 09:49 - 2013-12-21 09:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-21 09:49 - 2013-12-21 09:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-21 09:48 - 2013-07-01 17:44 - 00000000 ____D C:\Users\Boris\AppData\Local\DoNotTrackPlus
2013-12-21 09:04 - 2013-12-19 15:07 - 00329920 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-20 12:20 - 2013-12-20 12:09 - 00000000 ____D C:\Users\Boris\AppData\Local\GOG.com
2013-12-20 12:13 - 2013-05-24 19:40 - 00000000 ____D C:\GOG Games
2013-12-19 15:00 - 2013-01-31 19:38 - 00000000 ____D C:\Users\Boris\Documents\My Games
2013-12-19 14:29 - 2013-12-19 14:29 - 00001369 _____ C:\Users\Boris\Desktop\Titan Quest Immortal Throne.lnk
2013-12-19 14:29 - 2013-12-19 14:29 - 00001228 _____ C:\Users\Boris\Desktop\Titan Quest.lnk
2013-12-19 14:29 - 2013-12-19 14:29 - 00000000 ____D C:\Users\Boris\AppData\Roaming\Titan Quest
2013-12-19 13:44 - 2013-12-19 13:44 - 00000000 ____D C:\Program Files (x86)\R.G. Mechanics
2013-12-19 11:24 - 2013-08-19 17:41 - 00000000 ____D C:\Windows\system32\MRT
2013-12-19 11:24 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\SecureBootUpdates
2013-12-19 11:18 - 2013-01-20 11:16 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-19 11:18 - 2012-07-26 06:38 - 00000000 ____D C:\Windows\system32\oobe
2013-12-18 17:37 - 2013-12-18 17:37 - 00000000 ____D C:\Users\Boris\Documents\Stronghold
2013-12-18 14:47 - 2013-05-25 11:14 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-18 14:47 - 2013-05-25 11:12 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-18 14:47 - 2013-05-25 11:12 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-13 13:31 - 2013-12-13 13:31 - 00000222 _____ C:\Users\Boris\Desktop\LEGO Lord of the Rings.url
2013-12-13 08:00 - 2013-06-28 22:06 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-12 15:34 - 2013-12-12 15:34 - 00000000 ____D C:\Users\Boris\AppData\Roaming\Warner Bros. Interactive Entertainment
2013-12-12 14:55 - 2013-12-12 14:55 - 00001775 _____ C:\Users\Boris\Desktop\Dishonored – zástupce.lnk
2013-12-12 14:26 - 2013-12-12 13:17 - 00000000 ____D C:\Program Files (x86)\Dishonored
2013-12-12 13:32 - 2013-12-12 13:32 - 00001040 _____ C:\Users\Public\Desktop\Dishonored .lnk
2013-12-12 12:52 - 2013-12-12 09:27 - 00000000 ____D C:\Users\Boris\AppData\Local\Battle.net
2013-12-12 12:34 - 2013-12-12 12:34 - 00000000 ____D C:\Users\Boris\AppData\Local\Blizzard
2013-12-12 12:34 - 2013-12-12 09:29 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2013-12-12 10:16 - 2013-01-20 21:12 - 00000000 ____D C:\Program Files (x86)\Diablo III
2013-12-12 09:29 - 2013-12-12 09:29 - 00001191 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2013-12-12 09:29 - 2013-12-12 09:27 - 00000000 ____D C:\Users\Boris\AppData\Roaming\Battle.net
2013-12-12 09:27 - 2013-12-12 09:27 - 00001154 _____ C:\Users\Public\Desktop\Battle.net.lnk
2013-12-12 09:27 - 2013-12-12 09:27 - 00000000 ____D C:\Program Files (x86)\Battle.net
2013-12-11 21:04 - 2013-08-23 16:41 - 00000000 ____D C:\Users\Boris\AppData\Local\The Witcher
2013-12-11 20:48 - 2013-04-01 12:03 - 00000000 ____D C:\Users\Boris\Documents\Of Orcs and Men
2013-12-11 18:29 - 2013-07-21 13:05 - 00006232 _____ C:\Users\Boris\Documents\TombRaider.log
2013-12-10 18:16 - 2013-03-16 19:08 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-08 09:15 - 2013-12-08 09:15 - 00000964 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cef3edacb81fa4.job
2013-12-07 19:32 - 2013-11-13 21:38 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2013-12-07 17:52 - 2013-07-14 18:23 - 00000000 ____D C:\Program Files (x86)\Wakfu
2013-12-07 17:48 - 2013-06-11 19:44 - 00000000 ____D C:\Program Files (x86)\Foxy Games
2013-12-06 11:48 - 2013-01-31 18:14 - 00000000 ____D C:\Zumpa Baja
2013-12-06 11:41 - 2013-06-23 15:28 - 00003584 _____ C:\Users\Barborka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-06 06:42 - 2013-07-15 07:04 - 00000000 ____D C:\Users\Barborka\AppData\Roaming\Seznam.cz
2013-12-06 06:42 - 2013-01-31 18:13 - 00000000 ____D C:\Barborka veci
2013-12-06 06:38 - 2013-12-06 06:38 - 00000000 ____D C:\Users\Barborka\AppData\Roaming\WinRAR
2013-12-05 21:32 - 2013-01-19 23:38 - 00000000 ____D C:\Users\Boris\AppData\Local\SKIDROW
2013-12-05 19:14 - 2013-12-05 19:14 - 00000000 ____D C:\ProgramData\Melesta
2013-12-04 01:53 - 2013-11-15 22:58 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-04 01:53 - 2013-11-15 22:58 - 00078304 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-02 20:04 - 2013-07-20 20:27 - 00000000 ____D C:\Users\Boris\AppData\Local\Turbine
2013-12-01 16:13 - 2013-07-20 20:25 - 00000000 ____D C:\Users\Boris\Documents\The Lord of the Rings Online
2013-12-01 16:13 - 2013-03-04 19:15 - 00000000 ____D C:\Users\Boris\AppData\Roaming\IrfanView
2013-12-01 16:13 - 2013-01-19 20:01 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2013-12-01 16:13 - 2013-01-19 16:53 - 00000000 ____D C:\Users\Barborka
2013-12-01 16:13 - 2013-01-19 14:16 - 00000000 ____D C:\Users\Boris\AppData\Roaming\GHISLER
2013-12-01 16:12 - 2013-11-29 12:51 - 00000000 ____D C:\Program Files\Microsoft Xbox 360 Accessories
2013-12-01 16:11 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\registration
2013-12-01 14:29 - 2013-12-01 14:29 - 00000000 ____D C:\ProgramData\CrioGames
2013-11-25 16:47 - 2013-05-25 11:12 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys

Some content of TEMP:
====================
C:\Users\Barborka\AppData\Local\Temp\avgnt.exe
C:\Users\Boris\AppData\Local\Temp\avgnt.exe
C:\Users\Boris\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Boris\AppData\Local\Temp\Quarantine.exe
C:\Users\Boris\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-13 08:43

==================== End Of Log ============================

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKLM-x32\...\Run: [LManager] - [x]
  HKLM-x32\...\Run: [] - [x]
  HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
  HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
  HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
  HKLM\...\Policies\Explorer: [NoControlPanel] 0
  HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd)
  HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1823656 2013-12-11] (Valve Corporation)
  MountPoints2: {08c87ebe-622d-11e2-be71-b888e3c69261} - "E:\StartUp.exe"
  MountPoints2: {16ad33ce-0266-11e2-be69-806e6f6e6963} - "D:\Setup.exe"
  MountPoints2: {d86e1043-6338-11e2-be76-b888e3c69261} - "E:\Autorun.exe"
  HKU\Barborka\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd)
  HKU\Barborka\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
  HKU\Barborka\...\Run: [cz.seznam.software.szndesktop] - C:\Users\Barborka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
  HKU\Barborka\...\Run: [cz.seznam.software.autoupdate] - C:\Users\Barborka\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
  HKU\Default\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845392 2012-07-21] (Acer Incorporated)
  HKU\Default User\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845392 2012-07-21] (Acer Incorporated)
  BootExecute: autocheck autochk * sdnclean64.exe
  
  HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
  URLSearchHook: HKLM-x32 - Default Value = {74198672-5F7D-4FE9-A611-4AC1D5A66A15}
  URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
  SearchScopes: HKLM - DefaultScope {F4D68537-EC62-4990-823F-9F41DCC114A8} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
  SearchScopes: HKLM - {F4D68537-EC62-4990-823F-9F41DCC114A8} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
  SearchScopes: HKLM-x32 - {F4D68537-EC62-4990-823F-9F41DCC114A8} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
  SearchScopes: HKCU - {F4D68537-EC62-4990-823F-9F41DCC114A8} URL = 
  BHO-x32: Groove GFS Browser Helper - {390C7E87-153C-12DB-2EA6-0BB301EB26E9} - C:\Windows\SysWOW64\autoplayy.dll ()
  
  FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
  
  CHR Extension: (SimilarWeb) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoklmmgfnpapgjgcpechhaamimifchmp\2.0.0.1_0
  
  2013-12-25 22:05 - 2013-12-25 22:05 - 00029696 _____ C:\Users\Boris\AppData\Local\MSGBOX.EXE
  2013-12-25 22:05 - 2013-12-25 22:05 - 00015327 _____ C:\Users\Boris\Desktop\LM.bat
  2013-12-25 19:32 - 2013-12-25 19:32 - 00112640 _____ (forum.viry.cz) C:\Users\Boris\Desktop\FRSTLauncher.exe
  2013-12-21 13:03 - 2013-12-21 13:03 - 05484016 _____ (Speedchecker Limited ) C:\Users\Boris\Downloads\zrychlenipocitace_4c558abead1c43dc8df02c828af92b59_.exe
  c:\Users\Barborka\AppData\Local\Temp\avgnt.exe
  C:\Users\Boris\AppData\Local\Temp\avgnt.exe
  C:\Users\Boris\AppData\Local\Temp\NOSEventMessages.dll
  C:\Users\Boris\AppData\Local\Temp\Quarantine.exe
  C:\Users\Boris\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
  
  Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cef3edacb81fa4.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  
  AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:DocumentSummaryInformation
  AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:SummaryInformation
  AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
  AlternateDataStreams: C:\ProgramData\Temp:12EA4DC9
  AlternateDataStreams: C:\ProgramData\Temp:2CB9631F
  AlternateDataStreams: C:\ProgramData\Temp:57173DB4
  AlternateDataStreams: C:\ProgramData\Temp:B2D32F1D
  AlternateDataStreams: C:\ProgramData\Temp:CB959782
  AlternateDataStreams: C:\ProgramData\Temp:E4BC4A41
  AlternateDataStreams: C:\ProgramData\Temp:F6910DB1
  
  Hosts:
  CMD: shutdown /r /f /t 2
  
  End

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-12-2013
Ran by Boris at 2013-12-26 20:42:24 Run:2
Running from C:\Users\Boris\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [LManager] - [x]
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1823656 2013-12-11] (Valve Corporation)
MountPoints2: {08c87ebe-622d-11e2-be71-b888e3c69261} - "E:\StartUp.exe"
MountPoints2: {16ad33ce-0266-11e2-be69-806e6f6e6963} - "D:\Setup.exe"
MountPoints2: {d86e1043-6338-11e2-be76-b888e3c69261} - "E:\Autorun.exe"
HKU\Barborka\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd)
HKU\Barborka\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
HKU\Barborka\...\Run: [cz.seznam.software.szndesktop] - C:\Users\Barborka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\Barborka\...\Run: [cz.seznam.software.autoupdate] - C:\Users\Barborka\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\Default\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845392 2012-07-21] (Acer Incorporated)
HKU\Default User\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845392 2012-07-21] (Acer Incorporated)
BootExecute: autocheck autochk * sdnclean64.exe

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
URLSearchHook: HKLM-x32 - Default Value = {74198672-5F7D-4FE9-A611-4AC1D5A66A15}
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
SearchScopes: HKLM - DefaultScope {F4D68537-EC62-4990-823F-9F41DCC114A8} URL = http://www.bing.com/search?q={searchTer ... &pc=MAARJS
SearchScopes: HKLM - {F4D68537-EC62-4990-823F-9F41DCC114A8} URL = http://www.bing.com/search?q={searchTer ... &pc=MAARJS
SearchScopes: HKLM-x32 - {F4D68537-EC62-4990-823F-9F41DCC114A8} URL = http://www.bing.com/search?q={searchTer ... &pc=MAARJS
SearchScopes: HKCU - {F4D68537-EC62-4990-823F-9F41DCC114A8} URL =
BHO-x32: Groove GFS Browser Helper - {390C7E87-153C-12DB-2EA6-0BB301EB26E9} - C:\Windows\SysWOW64\autoplayy.dll ()

FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

CHR Extension: (SimilarWeb) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoklmmgfnpapgjgcpechhaamimifchmp\2.0.0.1_0

2013-12-25 22:05 - 2013-12-25 22:05 - 00029696 _____ C:\Users\Boris\AppData\Local\MSGBOX.EXE
2013-12-25 22:05 - 2013-12-25 22:05 - 00015327 _____ C:\Users\Boris\Desktop\LM.bat
2013-12-25 19:32 - 2013-12-25 19:32 - 00112640 _____ (forum.viry.cz) C:\Users\Boris\Desktop\FRSTLauncher.exe
2013-12-21 13:03 - 2013-12-21 13:03 - 05484016 _____ (Speedchecker Limited ) C:\Users\Boris\Downloads\zrychlenipocitace_4c558abead1c43dc8df02c828af92b59_.exe
c:\Users\Barborka\AppData\Local\Temp\avgnt.exe
C:\Users\Boris\AppData\Local\Temp\avgnt.exe
C:\Users\Boris\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Boris\AppData\Local\Temp\Quarantine.exe
C:\Users\Boris\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cef3edacb81fa4.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:DocumentSummaryInformation
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:SummaryInformation
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\ProgramData\Temp:12EA4DC9
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F
AlternateDataStreams: C:\ProgramData\Temp:57173DB4
AlternateDataStreams: C:\ProgramData\Temp:B2D32F1D
AlternateDataStreams: C:\ProgramData\Temp:CB959782
AlternateDataStreams: C:\ProgramData\Temp:E4BC4A41
AlternateDataStreams: C:\ProgramData\Temp:F6910DB1

Hosts:
CMD: shutdown /r /f /t 2

End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\LManager => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => Value not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Steam => Value not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{08c87ebe-622d-11e2-be71-b888e3c69261} => Key not found.
HKCR\CLSID\{08c87ebe-622d-11e2-be71-b888e3c69261} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{16ad33ce-0266-11e2-be69-806e6f6e6963} => Key deleted successfully.
HKCR\CLSID\{16ad33ce-0266-11e2-be69-806e6f6e6963} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d86e1043-6338-11e2-be76-b888e3c69261} => Key not found.
HKCR\CLSID\{d86e1043-6338-11e2-be76-b888e3c69261} => Key not found.
HKU\Barborka\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value not found.
HKU\Barborka\Software\Microsoft\Windows\CurrentVersion\Run\\Pando Media Booster => Value not found.
HKU\Barborka\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => Value not found.
HKU\Barborka\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => Value not found.
HKU\Default\Software\Microsoft\Windows\CurrentVersion\RunOnce\\RegAutoPlay => Value not found.
HKU\Default User\Software\Microsoft\Windows\CurrentVersion\RunOnce\\RegAutoPlay => Value not found.
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\ => Value not found.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} => Value not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F4D68537-EC62-4990-823F-9F41DCC114A8} => Key not found.
HKCR\CLSID\{F4D68537-EC62-4990-823F-9F41DCC114A8} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{F4D68537-EC62-4990-823F-9F41DCC114A8} => Key not found.
HKCR\Wow6432Node\CLSID\{F4D68537-EC62-4990-823F-9F41DCC114A8} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F4D68537-EC62-4990-823F-9F41DCC114A8} => Key not found.
HKCR\CLSID\{F4D68537-EC62-4990-823F-9F41DCC114A8} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{390C7E87-153C-12DB-2EA6-0BB301EB26E9} => Key not found.
HKCR\Wow6432Node\CLSID\{390C7E87-153C-12DB-2EA6-0BB301EB26E9} => Key not found.
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\msktbird@mcafee.com => Value not found.
C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoklmmgfnpapgjgcpechhaamimifchmp directory not found.
"C:\Users\Boris\AppData\Local\MSGBOX.EXE" => File/Directory not found.
"C:\Users\Boris\Desktop\LM.bat" => File/Directory not found.
"C:\Users\Boris\Desktop\FRSTLauncher.exe" => File/Directory not found.
"C:\Users\Boris\Downloads\zrychlenipocitace_4c558abead1c43dc8df02c828af92b59_.exe" => File/Directory not found.
"c:\Users\Barborka\AppData\Local\Temp\avgnt.exe" => File/Directory not found.
C:\Users\Boris\AppData\Local\Temp\avgnt.exe => Moved successfully.
"C:\Users\Boris\AppData\Local\Temp\NOSEventMessages.dll" => File/Directory not found.
"C:\Users\Boris\AppData\Local\Temp\Quarantine.exe" => File/Directory not found.
"C:\Users\Boris\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe" => File/Directory not found.
C:\Windows\Tasks\Adobe Flash Player Updater.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cef3edacb81fa4.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job not found.
"C:\Windows\SysWOW64\zlib.dll" => ":DocumentSummaryInformation" ADS not found.
"C:\Windows\SysWOW64\zlib.dll" => ":SummaryInformation" ADS not found.
"C:\Windows\SysWOW64\zlib.dll" => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS not found.
"C:\ProgramData\Temp" => ":12EA4DC9" ADS not found.
"C:\ProgramData\Temp" => ":2CB9631F" ADS not found.
"C:\ProgramData\Temp" => ":57173DB4" ADS not found.
"C:\ProgramData\Temp" => ":B2D32F1D" ADS not found.
"C:\ProgramData\Temp" => ":CB959782" ADS not found.
"C:\ProgramData\Temp" => ":E4BC4A41" ADS not found.
"C:\ProgramData\Temp" => ":F6910DB1" ADS not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========


========= End of CMD: =========


==== End of Fixlog ====

Jak se chova nas pacient??

Dle mého názoru již vše funguje jak má. Z vašeho odborného pohledu je to také v pořádku?

Pokud ano, dovolte mi poslední dva dotazy.

1. prosim Vás o nasměřování na nějaké šikovné stánky, kde se dozvím jak si lépe zabezpečit NTB. Snažil jsem se mít vše OK, ale dobře do nebylo. A nechci aby se situace ještě opakovala a já Vás musel znovu obtěžovat. Je mi jasné, že toho máte moc, proto poprosím jenom o odkaz. Vše potřebné si nastuduji sám. Ono je toho hodně spousta antiviru, "odstranovačů všeho možného" a je těžko se v tom vyznat. Ideálně něco kde se dočtu jaký antivirus používat, jaký prohlížeč a jak to mít vše nastavené....

2. je možno Vás podpořit finančně? Jsem maximálně spokojený, a také jsem rád že takové služby vůbec existují... Proto bych rád přispěl menší částkou na provoz.

Ps. Samozřejmně děkuji Vám i celému týmu za ukázkovou pomoc....

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden



Neco malo o doporucenem zabezpeceni je zde http://forum.viry.cz/viewtopic.php?f=29&t=6152 . Zadny antivir neochrani na 100%, nejdulezitejsi je rozum = neklikat na kdejakou blikajici a skakajici blbinu typu "vyhrajte iPad" atd... A pak jak kolega zminil, dulezite je i zaplatovat cely system a dalsi programy - vice zde http://www.viry.cz/kdyz-dirou-systemu-t ... nebo-javu/

Moznosti podpory fora jsou zde http://forum.viry.cz/viewtopic.php?f=7&t=78175


A pokud nejsou problemy ci dotazy, je to z me strany vse

Podporu jsem zaslal a se zbytkem si už poradím. Dovolte mi ještě jednou Vám poděkovat.

Hezké svátky a úspěšný nový rok Vám všem.

Nemate zac, rad jsem pomohl Zase nekdy

Za podporu fora jmenem celeho tymu dekuji

A na zaklade Pravidla o zamykani temat