VIRY.CZ

Zdravim prosim o pomoc pri odstaneni haveti. Eset Online Scanner nasel 20 infiltraci, z toho 9 neodstranil

Log z notasu je zde

Diky moc za pomoc

Logfile of random's system information tool 1.06 (written by random/random)
Run by Lucka at 2013-12-31 11:13:02
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 324 GB (53%) free of 610 GB
Total RAM: 3022 MB (53% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2739945366-2785903207-2513892113-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2739945366-2785903207-2513892113-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Users\Lucka\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2010-12-13 141184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10 3834016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2013-04-30 1527432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-08-26 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll []
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2013-04-30 1527432]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-04-10 142680]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-04-10 176472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-04-10 175448]
"IntelWirelessWiMAX"=C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe [2011-06-02 1622016]
"ISBMgr.exe"=C:\Program Files\Sony\ISB Utility\ISBMgr.exe [2011-02-15 2757312]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]
"vProt"=C:\Program Files\AVG Secure Search\vprot.exe [2013-12-09 2471448]
"DocCreatorClient"=C:\Program Files\Global Graphics\gDoc\DocCreatorClient.exe [2009-11-24 292248]
"AVG_UI"=C:\Program Files\AVG\AVG2014\avgui.exe [2013-11-07 4956176]
""= []
"ApnUpdater"=C:\Program Files\Ask.com\Updater\Updater.exe [2013-04-30 1721480]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208]
"SDTray"=C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [2013-07-25 5624784]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"QIP Internet Guardian"=C:\Users\Lucka\AppData\Roaming\QipGuard\QipGuard.exe [2011-08-22 190336]
"Seznam Postak"=C:\Users\Lucka\AppData\Local\Seznam.cz\bin\postak.exe [2012-01-10 491040]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"Facebook Update"=C:\Users\Lucka\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11 138096]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 354304]
"HP Deskjet 3510 series (NET)"=C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe [2012-10-17 1837672]
"Cookienator"=C:\Program Files\Cookienator\cookienator.exe [2009-10-19 1333472]

C:\Users\Lucka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Facebook Messenger.lnk - C:\Users\Lucka\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
Sledovat výstrahy inkoustu - HP Deskjet 3510 series (Síť).lnk - C:\Windows\system32\RunDll32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-04-10 288768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon]
SDWinLogon.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vga.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vgasave.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E972-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E973-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E974-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E975-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon"
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6166b05c-edb8-11e0-a3e2-78843c91afae}]
shell\AutoRun\command - E:\AutoRun.exe

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2013-12-31 10:17:20 ----D---- C:\Program Files\ESET
2013-12-31 10:15:33 ----D---- C:\Program Files\trend micro
2013-12-31 10:15:32 ----D---- C:\rsit
2013-12-30 22:20:32 ----D---- C:\Program Files\Cookienator
2013-12-30 22:10:55 ----A---- C:\Windows\system32\sdnclean.exe
2013-12-30 22:10:54 ----D---- C:\ProgramData\Spybot - Search & Destroy
2013-12-30 22:10:51 ----D---- C:\Program Files\Spybot - Search & Destroy 2
2013-12-25 14:07:54 ----D---- C:\ProgramData\Visan
2013-12-25 14:07:54 ----D---- C:\ProgramData\HP Photo Creations
2013-12-25 14:07:54 ----D---- C:\Program Files\HP Photo Creations
2013-12-25 14:07:14 ----D---- C:\Users\Lucka\AppData\Roaming\HpUpdate
2013-12-25 14:07:11 ----N---- C:\Windows\system32\HPDiscoPMAD11.dll
2013-12-25 14:06:18 ----D---- C:\ProgramData\HP
2013-12-25 14:05:38 ----D---- C:\Program Files\HP
2013-12-25 14:05:26 ----A---- C:\ProgramData\Ament.ini
2013-12-12 22:17:04 ----A---- C:\Windows\system32\jsproxy.dll
2013-12-12 22:17:04 ----A---- C:\Windows\system32\ieui.dll
2013-12-12 22:17:04 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 22:17:04 ----A---- C:\Windows\system32\ie4uinit.exe
2013-12-12 22:17:03 ----A---- C:\Windows\system32\jscript9diag.dll
2013-12-12 22:17:03 ----A---- C:\Windows\system32\ieUnatt.exe
2013-12-12 22:17:03 ----A---- C:\Windows\system32\iesetup.dll
2013-12-12 22:17:03 ----A---- C:\Windows\system32\iernonce.dll
2013-12-12 22:17:03 ----A---- C:\Windows\system32\ieetwproxystub.dll
2013-12-12 22:17:03 ----A---- C:\Windows\system32\ieetwcollector.exe
2013-12-12 22:17:03 ----A---- C:\Windows\system32\ieapfltr.dll
2013-12-12 22:17:02 ----A---- C:\Windows\system32\wininet.dll
2013-12-12 22:17:02 ----A---- C:\Windows\system32\urlmon.dll
2013-12-12 22:17:02 ----A---- C:\Windows\system32\iertutil.dll
2013-12-12 22:17:01 ----A---- C:\Windows\system32\ieframe.dll
2013-12-12 22:17:00 ----A---- C:\Windows\system32\mshtml.dll
2013-12-12 22:17:00 ----A---- C:\Windows\system32\jscript9.dll
2013-12-12 22:13:59 ----A---- C:\Windows\system32\wmp.dll
2013-12-12 22:13:58 ----A---- C:\Windows\system32\wmploc.DLL
2013-12-12 19:48:14 ----A---- C:\Windows\system32\msieftp.dll
2013-12-12 19:48:13 ----A---- C:\Windows\system32\imagehlp.dll
2013-12-12 19:48:09 ----A---- C:\Windows\system32\tzres.dll
2013-12-12 19:48:07 ----A---- C:\Windows\system32\WMPhoto.dll
2013-12-12 19:48:06 ----A---- C:\Windows\system32\wscript.exe
2013-12-12 19:48:06 ----A---- C:\Windows\system32\scrrun.dll
2013-12-12 19:48:06 ----A---- C:\Windows\system32\cscript.exe
2013-12-08 21:49:40 ----D---- C:\Users\Lucka\AppData\Roaming\MoZiGo

======List of files/folders modified in the last 1 months======

2013-12-31 11:09:01 ----D---- C:\ProgramData\YTD Video Downloader
2013-12-31 11:08:44 ----D---- C:\Windows\system32\Tasks
2013-12-31 11:08:39 ----D---- C:\Windows\Tasks
2013-12-31 11:08:38 ----D---- C:\Windows\Temp
2013-12-31 11:08:38 ----D---- C:\ProgramData\Download and Sa
2013-12-31 10:23:01 ----D---- C:\Windows\system32\config
2013-12-31 10:17:20 ----RD---- C:\Program Files
2013-12-31 10:14:01 ----D---- C:\ProgramData\MFAData
2013-12-31 10:08:38 ----D---- C:\Windows\System32
2013-12-31 10:08:24 ----AD---- C:\Windows
2013-12-30 22:21:57 ----SHD---- C:\Windows\Installer
2013-12-30 22:20:26 ----SHD---- C:\System Volume Information
2013-12-30 22:10:58 ----SD---- C:\ProgramData\Microsoft
2013-12-30 22:10:54 ----HD---- C:\ProgramData
2013-12-30 20:28:10 ----D---- C:\Windows\debug
2013-12-29 20:49:56 ----D---- C:\Users\Lucka\AppData\Roaming\vlc
2013-12-26 19:45:56 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-12-25 14:40:42 ----D---- C:\Windows\system32\drivers
2013-12-25 14:18:06 ----D---- C:\Windows\inf
2013-12-25 14:07:05 ----D---- C:\Windows\system32\DriverStore
2013-12-25 14:07:05 ----D---- C:\Windows\system32\catroot
2013-12-25 14:06:59 ----D---- C:\Windows\system32\catroot2
2013-12-25 14:06:04 ----D---- C:\Windows\twain_32
2013-12-23 10:58:23 ----D---- C:\Program Files\Mozilla Firefox
2013-12-23 10:58:08 ----D---- C:\Windows\Prefetch
2013-12-17 22:58:34 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-12-17 10:10:23 ----D---- C:\Users\Lucka\AppData\Roaming\Nitro PDF
2013-12-13 09:15:01 ----D---- C:\Windows\winsxs
2013-12-13 09:12:04 ----D---- C:\Program Files\Internet Explorer
2013-12-13 09:12:01 ----D---- C:\Windows\system32\cs-CZ
2013-12-12 22:16:51 ----D---- C:\ProgramData\Microsoft Help
2013-12-12 22:15:52 ----D---- C:\Windows\system32\MRT
2013-12-12 22:14:18 ----A---- C:\Windows\system32\MRT.exe
2013-12-12 22:14:04 ----D---- C:\Program Files\Windows Media Player
2013-12-10 20:19:34 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-12-09 21:08:47 ----D---- C:\Program Files\Common Files\AVG Secure Search
2013-12-09 21:08:42 ----D---- C:\ProgramData\AVG Secure Search
2013-12-09 21:08:41 ----D---- C:\Program Files\AVG Secure Search
2013-12-09 12:49:20 ----SD---- C:\Users\Lucka\AppData\Roaming\Microsoft
2013-12-05 14:39:45 ----D---- C:\Program Files\MyHeritage
2013-12-01 10:39:42 ----D---- C:\Windows\Logs

Jeste posilam vysledek Eset Online Scannaru

C:\Users\All Users\Download and Sa\5081b39cb6a4c.ocx Win32/Adware.MultiPlug.D aplikace
C:\Users\All Users\Download and Sa\5081b39cb6a85.html Win32/Adware.MultiPlug.H aplikace
C:\Users\All Users\Download and Sa\5081b539597b6.ocx Win32/Adware.MultiPlug.D aplikace
C:\Users\All Users\Download and Sa\5081b539597ee.html Win32/Adware.MultiPlug.H aplikace
C:\Users\All Users\Download and Sa\akcmcblgpiejeenmfficamieibnjghom.crx Win32/Adware.MultiPlug.H aplikace
C:\Users\All Users\Download and Sa\ocilnpoobhmkkoalfjjemnnklnodahlm.crx Win32/Adware.MultiPlug.H aplikace
C:\Users\All Users\Premium\OptimizerPro1\OptimizerPro1.exe Win32/GenUpdater aplikace
C:\Users\All Users\Premium\OptimizerPro1\run3919.tmp Win32/GenUpdater aplikace
C:\Users\All Users\YTD Video Downloader\ytd_installer.exe více infiltrací
C:\ProgramData\Download and Sa\5081b39cb6a4c.ocx Win32/Adware.MultiPlug.D aplikace vylé?en smazáním - ulo?en do karantény
C:\ProgramData\Download and Sa\5081b39cb6a85.html Win32/Adware.MultiPlug.H aplikace vylé?en smazáním - ulo?en do karantény
C:\ProgramData\Download and Sa\5081b539597b6.ocx Win32/Adware.MultiPlug.D aplikace vylé?en smazáním - ulo?en do karantény
C:\ProgramData\Download and Sa\5081b539597ee.html Win32/Adware.MultiPlug.H aplikace vylé?en smazáním - ulo?en do karantény
C:\ProgramData\Download and Sa\akcmcblgpiejeenmfficamieibnjghom.crx Win32/Adware.MultiPlug.H aplikace smazán - ulo?en do karantény
C:\ProgramData\Download and Sa\ocilnpoobhmkkoalfjjemnnklnodahlm.crx Win32/Adware.MultiPlug.H aplikace smazán - ulo?en do karantény
C:\ProgramData\Premium\OptimizerPro1\OptimizerPro1.exe Win32/GenUpdater aplikace vylé?en smazáním (po nejbli??ím restartu) - ulo?en do karantény
C:\ProgramData\Premium\OptimizerPro1\run3919.tmp Win32/GenUpdater aplikace vylé?en smazáním - ulo?en do karantény
C:\ProgramData\YTD Video Downloader\ytd_installer.exe více infiltrací vylé?en smazáním - ulo?en do karantény
C:\Users\Lucka\AppData\LocalLow\AskToolbar\setup.exe varianta infiltrace Win32/Bundled.Toolbar.Ask aplikace vylé?en smazáním - ulo?en do karantény
C:\Users\Lucka\ZOHAN\Programy\SoftonicDownloader_for_spb-time.exe Win32/SoftonicDownloader.C aplikace vylé?en smazáním - ulo?en do karantény

Zdravim

Odinstalujte Spybot - Search & Destroy - program ma uz nejlepsi leta davno za sebou a posledni cca 3 roky neni schopen celit aktualnim hrozbam

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Trvate na antiviru AVG - u nas neni moc obliben - vysoka zatez systemu, slabsi detekce

Zdravím

Dobrá AVG odinstaluji a dám tady Avas!

přikládám log Adw

# AdwCleaner v3.016 - Report created 31/12/2013 at 14:34:50
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Lucka - SONY
# Running from : C:\Users\Lucka\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\Download and Sa
Folder Deleted : C:\ProgramData\Premium
[/!\] Not Deleted ( Junction ) : C:\ProgramData\Download and Sa
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Download and Sa
Folder Deleted : C:\Program Files\AVG Secure Search
Folder Deleted : C:\Program Files\GreenTree Applications
Folder Deleted : C:\Program Files\WinZip Registry Optimizer
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Users\Lucka\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Lucka\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Lucka\AppData\Roaming\Mozilla\Firefox\Profiles\4eomhzio.default-1351237613122\Extensions\{241aae70-0022-11de-87af-0800200c9a66}
File Deleted : C:\Users\Lucka\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
File Deleted : C:\Users\Lucka\AppData\Roaming\Mozilla\Firefox\Profiles\4eomhzio.default-1351237613122\searchplugins\Askcom.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ocilnpoobhmkkoalfjjemnnklnodahlm
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D2682734-9D73-6ED3-741E-5FB7D53FBB70}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2682734-9D73-6ED3-741E-5FB7D53FBB70}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2682734-9D73-6ED3-741E-5FB7D53FBB70}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Speedchecker Limited
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{20E7BC40-33F6-4A81-9D52-B58349326206}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

-\\ Mozilla Firefox v26.0 (cs)

[ File : C:\Users\Lucka\AppData\Roaming\Mozilla\Firefox\Profiles\4eomhzio.default-1351237613122\prefs.js ]

Line Deleted : user_pref("browser.search.order.1", "Ask.com");

-\\ Google Chrome v

[ File : C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage

*************************

AdwCleaner[R0].txt - [10454 octets] - [31/12/2013 14:28:48]
AdwCleaner[R1].txt - [10515 octets] - [31/12/2013 14:33:58]
AdwCleaner[S0].txt - [10188 octets] - [31/12/2013 14:34:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10249 octets] ##########

Avast je velmi dobra volba

Poprosim o log dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=30&t=133101

Dobrý den a hezký Nový rok 2014

Avast nainstalován

Log FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-12-2013
Ran by Lucka (administrator) on SONY on 01-01-2014 15:11:18
Running from C:\Users\Lucka\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Realsil Microelectronics Inc.) C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Nitro PDF Software) C:\Program Files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe
(Nalpeiron Ltd.) C:\Windows\System32\NLSSRV32.EXE
(QIP.ru) C:\Program Files\QipGuard\QipGuard.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
(Red Bend Ltd.) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe
(Sony Corporation) C:\Program Files\Sony\ISB Utility\ISBMgr.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Global Graphics Software Ltd.) C:\Program Files\Global Graphics\gDoc\DocCreatorClient.exe
(Global Graphics Software Ltd) C:\Windows\System32\DCMessages.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
() C:\Users\Lucka\AppData\Local\Seznam.cz\bin\postak.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicatorCom.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
forum.viry.cz) C:\Users\Lucka\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IntelWirelessWiMAX] - C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe [1622016 2011-06-02] (Intel® Corporation)
HKLM\...\Run: [ISBMgr.exe] - C:\Program Files\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [DocCreatorClient] - C:\Program Files\Global Graphics\gDoc\DocCreatorClient.exe [292248 2009-11-24] (Global Graphics Software Ltd.)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\hpwuschd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-01] (AVAST Software)
HKCU\...\Run: [Seznam Postak] - C:\Users\Lucka\AppData\Local\Seznam.cz\bin\postak.exe [491040 2012-01-10] ()
HKCU\...\Run: [Facebook Update] - "C:\Users\Lucka\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
HKCU\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [354304 2009-07-14] (Microsoft Corporation)
HKCU\...\Run: [HP Deskjet 3510 series (NET)] - C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.)
HKCU\...\Run: [Cookienator] - C:\Program Files\Cookienator\cookienator.exe [1333472 2009-10-19] (CodeFromThe70s.org)
HKCU\...\Run: [AVG-Secure-Search-Update_1213b] - C:\Users\Lucka\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=dc714cd2c77f47d1bcfca9cd7a75465d-455f5bef840fd1a6af9be63ae259d531b5bfc636 /CMPID=1213b
MountPoints2: {6166b05c-edb8-11e0-a3e2-78843c91afae} - E:\AutoRun.exe
Startup: C:\Users\Lucka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 3510 series (Síť).lnk
ShortcutTarget: Sledovat výstrahy inkoustu - HP Deskjet 3510 series (Síť).lnk -> C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {95289393-33EA-4F8D-B952-483415B9C955} URL = http://search.qip.ru/?query={searchTerms}
SearchScopes: HKCU - {5D23370E-AEE8-4E07-BBA3-F28FEEBC3A3E} URL = http://www.google.cz/search?q={searchTe ... {startPage}
SearchScopes: HKCU - {B12C9402-D1BD-48FF-B6DB-35C1A386CEFC} URL = http://websearch.ask.com/redirect?clien ... 3AF5852E04
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Lucka\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Lucka\AppData\Roaming\Mozilla\Firefox\Profiles\3cxp3wm4.default-1388579106733
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Fast Dial - C:\Users\Lucka\AppData\Roaming\Mozilla\Firefox\Profiles\3cxp3wm4.default-1388579106733\Extensions\fastdial@telega.phpnet.us
FF Extension: Blue Fox - C:\Users\Lucka\AppData\Roaming\Mozilla\Firefox\Profiles\3cxp3wm4.default-1388579106733\Extensions\{241aae70-0022-11de-87af-0800200c9a66}
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR Extension: (Click to call with Skype) - C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8153_0
CHR HKLM\...\Chrome\Extension: [akcmcblgpiejeenmfficamieibnjghom] - C:\ProgramData\Download and Sa\akcmcblgpiejeenmfficamieibnjghom.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-01] (AVAST Software)
R3 DCMessages; C:\Windows\System32\DCMessages.exe [99720 2009-11-24] (Global Graphics Software Ltd)
R2 DMAgent; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [450560 2011-06-06] (Red Bend Ltd.)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2012-04-08] (Flexera Software, Inc.)
R2 IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1817088 2011-04-17] (Realsil Microelectronics Inc.)
R2 NitroDriverReadSpool2; C:\Program Files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe [196896 2011-11-02] (Nitro PDF Software)
R2 QipGuard; C:\Program Files\QipGuard\QipGuard.exe [190336 2011-08-22] (QIP.ru)
R2 VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [64704 2011-03-05] (Sony Corporation)
R2 WiMAXAppSrv; C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [765952 2011-06-06] (Intel(R) Corporation)
S2 vToolbarUpdater17.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe [x]

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-01-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [79720 2014-01-01] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2014-01-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2014-01-01] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410528 2014-01-01] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [64168 2014-01-01] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [180248 2014-01-01] ()
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-11-10] (AVG Technologies)
R3 bpenum; C:\Windows\System32\DRIVERS\bpenum.sys [67584 2011-05-19] (Intel Corporation)
R3 bpmp; C:\Windows\System32\DRIVERS\bpmp.sys [149504 2011-05-19] (Intel Corporation)
R3 bpusb; C:\Windows\System32\Drivers\bpusb.sys [70144 2011-05-19] (Intel Corporation)
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [9344 2009-04-17] (GARMIN Corp.)
S3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [23424 2009-12-15] (Huawei Tech. Co., Ltd.)
R3 NETwNs32; C:\Windows\System32\DRIVERS\NETwNs32.sys [7513088 2011-05-01] (Intel Corporation)
R3 RSPCIESTOR; C:\Windows\System32\DRIVERS\RtsPStor.sys [250984 2011-04-17] (Realtek Semiconductor Corp.)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [198656 2009-12-15] (Huawei Technologies Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-01-01 15:11 - 2014-01-01 15:11 - 00012168 _____ C:\Users\Lucka\Desktop\FRST.txt
2014-01-01 15:10 - 2014-01-01 15:10 - 00112640 _____ (forum.viry.cz) C:\Users\Lucka\Desktop\FRSTLauncher.exe
2014-01-01 15:06 - 2014-01-01 15:06 - 00000000 ____D C:\Users\Lucka\AppData\Roaming\AVAST Software
2014-01-01 15:05 - 2014-01-01 15:06 - 00064168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-01 15:05 - 2014-01-01 15:05 - 00775952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-01 15:05 - 2014-01-01 15:05 - 00410528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-01-01 15:05 - 2014-01-01 15:05 - 00270240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-01 15:05 - 2014-01-01 15:05 - 00180248 _____ C:\Windows\system32\Drivers\aswVmm.sys
2014-01-01 15:05 - 2014-01-01 15:05 - 00079720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-01-01 15:05 - 2014-01-01 15:05 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-01 15:05 - 2014-01-01 15:05 - 00066752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys.1388585161
2014-01-01 15:05 - 2014-01-01 15:05 - 00049944 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2014-01-01 15:05 - 2014-01-01 15:05 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-01 15:03 - 2014-01-01 15:03 - 00000000 ____D C:\Program Files\AVAST Software
2014-01-01 15:02 - 2014-01-01 15:02 - 00000000 ____D C:\ProgramData\AVAST Software
2014-01-01 15:01 - 2014-01-01 15:01 - 00012744 _____ C:\Windows\PFRO.log
2014-01-01 15:01 - 2014-01-01 15:01 - 00000056 _____ C:\Windows\setupact.log
2014-01-01 15:01 - 2014-01-01 15:01 - 00000000 _____ C:\Windows\setuperr.log
2014-01-01 14:46 - 2014-01-01 14:46 - 00000000 ____D C:\FRST
2014-01-01 14:40 - 2014-01-01 14:40 - 01064333 _____ (Farbar) C:\Users\Lucka\Desktop\FRST.exe
2013-12-31 14:28 - 2013-12-31 14:35 - 00000000 ____D C:\AdwCleaner
2013-12-31 14:28 - 2013-12-31 14:28 - 01233962 _____ C:\Users\Lucka\Desktop\adwcleaner.exe
2013-12-31 12:18 - 2013-12-31 14:30 - 00002000 _____ C:\Windows\wininit.ini
2013-12-31 10:15 - 2013-12-31 11:13 - 00000000 ____D C:\Program Files\trend micro
2013-12-31 10:15 - 2013-12-31 10:15 - 00000000 ____D C:\rsit
2013-12-30 22:28 - 2013-12-30 22:29 - 00001428 _____ C:\Users\Lucka\Desktop\Cookienator.lnk
2013-12-30 22:20 - 2013-12-30 22:21 - 00002979 _____ C:\Users\Lucka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cookienator.lnk
2013-12-30 22:20 - 2013-12-30 22:20 - 00000000 ____D C:\Program Files\Cookienator
2013-12-30 22:10 - 2013-12-31 14:32 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2013-12-30 22:10 - 2013-12-31 14:30 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-12-27 19:01 - 2013-12-27 19:02 - 00000000 ____D C:\Users\Lucka\Documents\Ostatní
2013-12-25 14:07 - 2014-01-01 14:14 - 00000000 ____D C:\Users\Lucka\AppData\Roaming\HpUpdate
2013-12-25 14:07 - 2013-12-25 14:07 - 00002212 _____ C:\Users\Public\Desktop\HP Deskjet 3510 series.lnk
2013-12-25 14:07 - 2013-12-25 14:07 - 00001953 _____ C:\Users\Public\Desktop\HP Photo Creations.lnk
2013-12-25 14:07 - 2013-12-25 14:07 - 00000000 ____D C:\ProgramData\Visan
2013-12-25 14:07 - 2013-12-25 14:07 - 00000000 ____D C:\ProgramData\HP Photo Creations
2013-12-25 14:07 - 2013-12-25 14:07 - 00000000 ____D C:\Program Files\HP Photo Creations
2013-12-25 14:07 - 2012-10-17 04:04 - 00580712 ____N (Hewlett-Packard Co.) C:\Windows\system32\HPDiscoPMAD11.dll
2013-12-25 14:06 - 2013-12-25 14:06 - 00000000 ____D C:\ProgramData\HP
2013-12-25 14:05 - 2013-12-25 14:07 - 00000000 ____D C:\Program Files\HP
2013-12-25 14:05 - 2013-12-25 14:05 - 00000057 _____ C:\ProgramData\Ament.ini
2013-12-25 14:03 - 2013-12-25 14:18 - 00000000 ____D C:\Users\Lucka\AppData\Local\HP
2013-12-12 22:17 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 22:17 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-12 22:17 - 2013-11-26 10:22 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 22:17 - 2013-11-26 09:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-12 22:17 - 2013-11-26 09:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-12 22:17 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 22:17 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-12 22:17 - 2013-11-26 09:36 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-12 22:17 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-12 22:17 - 2013-11-26 09:29 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-12 22:17 - 2013-11-26 09:29 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-12 22:17 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-12 22:17 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 22:17 - 2013-11-26 09:13 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-12 22:17 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-12 22:17 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 22:17 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-12 22:17 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 22:17 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-12 22:13 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-12 22:13 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-12 19:48 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-12 19:48 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-12 19:48 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-12 19:48 - 2013-10-30 02:27 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-12 19:48 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-12 19:48 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-12 19:48 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-12 19:48 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-12 19:48 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-12 19:48 - 2013-10-04 02:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-12 19:48 - 2013-10-04 02:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-08 21:49 - 2013-12-09 17:31 - 00000000 ____D C:\Users\Lucka\AppData\Roaming\MoZiGo

==================== One Month Modified Files and Folders =======

2014-01-01 15:11 - 2014-01-01 15:11 - 00012168 _____ C:\Users\Lucka\Desktop\FRST.txt
2014-01-01 15:10 - 2014-01-01 15:10 - 00112640 _____ (forum.viry.cz) C:\Users\Lucka\Desktop\FRSTLauncher.exe
2014-01-01 15:08 - 2009-07-14 05:34 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-01 15:08 - 2009-07-14 05:34 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-01 15:06 - 2014-01-01 15:06 - 00000000 ____D C:\Users\Lucka\AppData\Roaming\AVAST Software
2014-01-01 15:06 - 2014-01-01 15:05 - 00064168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-01 15:05 - 2014-01-01 15:05 - 00775952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-01 15:05 - 2014-01-01 15:05 - 00410528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-01-01 15:05 - 2014-01-01 15:05 - 00270240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-01 15:05 - 2014-01-01 15:05 - 00180248 _____ C:\Windows\system32\Drivers\aswVmm.sys
2014-01-01 15:05 - 2014-01-01 15:05 - 00079720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-01-01 15:05 - 2014-01-01 15:05 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-01 15:05 - 2014-01-01 15:05 - 00066752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys.1388585161
2014-01-01 15:05 - 2014-01-01 15:05 - 00049944 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2014-01-01 15:05 - 2014-01-01 15:05 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-01 15:05 - 2011-08-24 11:13 - 01455901 _____ C:\Windows\WindowsUpdate.log
2014-01-01 15:03 - 2014-01-01 15:03 - 00000000 ____D C:\Program Files\AVAST Software
2014-01-01 15:02 - 2014-01-01 15:02 - 00000000 ____D C:\ProgramData\AVAST Software
2014-01-01 15:01 - 2014-01-01 15:01 - 00012744 _____ C:\Windows\PFRO.log
2014-01-01 15:01 - 2014-01-01 15:01 - 00000056 _____ C:\Windows\setupact.log
2014-01-01 15:01 - 2014-01-01 15:01 - 00000000 _____ C:\Windows\setuperr.log
2014-01-01 15:01 - 2013-05-31 20:13 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-01-01 15:01 - 2011-08-28 11:57 - 00000000 ____D C:\ProgramData\MFAData
2014-01-01 15:01 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-01 15:00 - 2011-08-28 12:00 - 00000000 ____D C:\Program Files\AVG
2014-01-01 14:46 - 2014-01-01 14:46 - 00000000 ____D C:\FRST
2014-01-01 14:41 - 2011-08-24 11:14 - 00000000 ___RD C:\Users\Lucka\Stažené soubory
2014-01-01 14:40 - 2014-01-01 14:40 - 01064333 _____ (Farbar) C:\Users\Lucka\Desktop\FRST.exe
2014-01-01 14:19 - 2012-06-08 08:16 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-01 14:14 - 2013-12-25 14:07 - 00000000 ____D C:\Users\Lucka\AppData\Roaming\HpUpdate
2014-01-01 13:43 - 2012-04-14 15:33 - 00000982 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2739945366-2785903207-2513892113-1000UA.job
2013-12-31 14:35 - 2013-12-31 14:28 - 00000000 ____D C:\AdwCleaner
2013-12-31 14:32 - 2013-12-30 22:10 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2013-12-31 14:30 - 2013-12-31 12:18 - 00002000 _____ C:\Windows\wininit.ini
2013-12-31 14:30 - 2013-12-30 22:10 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-12-31 14:28 - 2013-12-31 14:28 - 01233962 _____ C:\Users\Lucka\Desktop\adwcleaner.exe
2013-12-31 13:03 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2013-12-31 11:13 - 2013-12-31 10:15 - 00000000 ____D C:\Program Files\trend micro
2013-12-31 11:09 - 2013-01-10 15:30 - 00000000 ____D C:\ProgramData\YTD Video Downloader
2013-12-31 10:15 - 2013-12-31 10:15 - 00000000 ____D C:\rsit
2013-12-30 22:29 - 2013-12-30 22:28 - 00001428 _____ C:\Users\Lucka\Desktop\Cookienator.lnk
2013-12-30 22:21 - 2013-12-30 22:20 - 00002979 _____ C:\Users\Lucka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cookienator.lnk
2013-12-30 22:20 - 2013-12-30 22:20 - 00000000 ____D C:\Program Files\Cookienator
2013-12-30 22:03 - 2011-09-21 16:32 - 00000000 ____D C:\Users\Lucka\Filmy
2013-12-29 22:43 - 2012-04-14 15:33 - 00000960 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2739945366-2785903207-2513892113-1000Core.job
2013-12-29 20:49 - 2011-11-01 19:54 - 00000000 ____D C:\Users\Lucka\AppData\Roaming\vlc
2013-12-27 19:02 - 2013-12-27 19:01 - 00000000 ____D C:\Users\Lucka\Documents\Ostatní
2013-12-26 19:45 - 2012-04-26 21:00 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-25 14:18 - 2013-12-25 14:03 - 00000000 ____D C:\Users\Lucka\AppData\Local\HP
2013-12-25 14:07 - 2013-12-25 14:07 - 00002212 _____ C:\Users\Public\Desktop\HP Deskjet 3510 series.lnk
2013-12-25 14:07 - 2013-12-25 14:07 - 00001953 _____ C:\Users\Public\Desktop\HP Photo Creations.lnk
2013-12-25 14:07 - 2013-12-25 14:07 - 00000000 ____D C:\ProgramData\Visan
2013-12-25 14:07 - 2013-12-25 14:07 - 00000000 ____D C:\ProgramData\HP Photo Creations
2013-12-25 14:07 - 2013-12-25 14:07 - 00000000 ____D C:\Program Files\HP Photo Creations
2013-12-25 14:07 - 2013-12-25 14:05 - 00000000 ____D C:\Program Files\HP
2013-12-25 14:06 - 2013-12-25 14:06 - 00000000 ____D C:\ProgramData\HP
2013-12-25 14:06 - 2009-07-14 05:52 - 00000000 ____D C:\Windows\twain_32
2013-12-25 14:05 - 2013-12-25 14:05 - 00000057 _____ C:\ProgramData\Ament.ini
2013-12-23 10:58 - 2013-11-15 22:06 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-17 22:58 - 2010-11-20 22:01 - 01464520 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-17 10:11 - 2011-08-24 11:14 - 00000000 ____D C:\Users\Lucka
2013-12-17 10:10 - 2011-12-10 16:33 - 00000000 ____D C:\Users\Lucka\AppData\Roaming\Nitro PDF
2013-12-17 09:37 - 2013-01-10 15:32 - 00000000 ____D C:\Users\Lucka\Desktop\YouTube
2013-12-13 09:14 - 2009-07-14 05:33 - 00409960 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-12 22:16 - 2011-08-27 09:17 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-12 22:15 - 2013-09-02 22:09 - 00000000 ____D C:\Windows\system32\MRT
2013-12-12 22:14 - 2011-08-24 11:48 - 88123800 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-10 20:19 - 2012-06-08 08:16 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-12-10 20:19 - 2011-08-24 11:26 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-12-09 21:08 - 2013-06-21 17:15 - 00003728 _____ C:\Program Files\Mozilla Firefoxavg-secure-search.xml
2013-12-09 17:31 - 2013-12-08 21:49 - 00000000 ____D C:\Users\Lucka\AppData\Roaming\MoZiGo
2013-12-05 14:39 - 2013-08-01 16:39 - 00000000 ____D C:\Program Files\MyHeritage

Some content of TEMP:
====================
C:\Users\Lucka\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-12-31 12:56

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:596.07 GB) (Free:316.53 GB) NTFS

Available physical RAM: 1923.09 MB
Total physical RAM: 3021.86 MB
Percentage of memory in use: 36%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 628D66CD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=596 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{438BF377-A605-4A7C-BD48-F8B57FCC04E9}.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2739945366-2785903207-2513892113-1000Core.job => C:\Users\Lucka\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2739945366-2785903207-2513892113-1000UA.job => C:\Users\Lucka\AppData\Local\Facebook\Update\FacebookUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Windows:nlsPreferences

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Lucka\Desktop" je 3767 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

LOG Addition.txt viz ZIP

Prosím o radu AVAST hlásí něco ohledně poštovního štítu a hláška vyskakuje x-krát za minutu

viz příloha

Dobre rano a PF 2014

Jak si prohlizite maily, pres nejaky mailovy klient (Outlook, Thunderbird) nebo pre webove rozhrani (zadate napr. seznam.cz a tam se prihlasite)?

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\hpwuschd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKCU\...\Run: [Seznam Postak] - C:\Users\Lucka\AppData\Local\Seznam.cz\bin\postak.exe [491040 2012-01-10] ()
HKCU\...\Run: [Facebook Update] - "C:\Users\Lucka\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
HKCU\...\Run: [AVG-Secure-Search-Update_1213b] - C:\Users\Lucka\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=dc714cd2c77f47d1bcfca9cd7a75465d-455f5bef840fd1a6af9be63ae259d531b5bfc636 /CMPID=1213b
MountPoints2: {6166b05c-edb8-11e0-a3e2-78843c91afae} - E:\AutoRun.exe

SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {95289393-33EA-4F8D-B952-483415B9C955} URL = http://search.qip.ru/?query={searchTerms}
SearchScopes: HKCU - {5D23370E-AEE8-4E07-BBA3-F28FEEBC3A3E} URL = http://www.google.cz/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {B12C9402-D1BD-48FF-B6DB-35C1A386CEFC} URL = http://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=en_EU&apn_ptnrs=^AHO&apn_dtid=^YYYYYY^YY^CZ&apn_uid=22ddf719-0239-4e56-814d-dad1212f5491&apn_sauid=1CFFE9C1-0DA5-4785-9917-8C3AF5852E04
BHO: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Lucka\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File

CHR HKLM\...\Chrome\Extension: [akcmcblgpiejeenmfficamieibnjghom] - C:\ProgramData\Download and Sa\akcmcblgpiejeenmfficamieibnjghom.crx

S2 vToolbarUpdater17.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe [x]
R2 QipGuard; C:\Program Files\QipGuard\QipGuard.exe [190336 2011-08-22] (QIP.ru)

2013-12-31 14:28 - 2013-12-31 14:28 - 01233962 _____ C:\Users\Lucka\Desktop\adwcleaner.exe
2013-12-30 22:10 - 2013-12-31 14:32 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2013-12-30 22:10 - 2013-12-31 14:30 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2014-01-01 15:00 - 2011-08-28 12:00 - 00000000 ____D C:\Program Files\AVG
C:\Users\Lucka\AppData\Roaming\AVG 1213b Campaign
C:\Program Files\Common Files\AVG Secure Search
C:\Program Files\QipGuard

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{438BF377-A605-4A7C-BD48-F8B57FCC04E9}.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2739945366-2785903207-2513892113-1000Core.job => C:\Users\Lucka\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2739945366-2785903207-2513892113-1000UA.job => C:\Users\Lucka\AppData\Local\Facebook\Update\FacebookUpdate.exe

AlternateDataStreams: C:\Windows:nlsPreferences

Hosts:
CMD: shutdown /r /f /t 2

End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Hezký den

Pro poštu používáme webové rozhraní + aplikaci Seznam Pošťák

Nastal problém, kdy dáme nový panel v prohlížeči Firefox, tak vyjede AVG Secure Search a nejde se toho zbavit a není v programech install/odinstall a nejde vidět ani ve správci vyhledávacích modulů. Dříve tam byl rychlí přístup k webovým stránkám a teď tam naskočilo to AVG, můžete prosím poradit

Log Fixlog viz příloha

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

Log OTL

OTL logfile created on: 2.1.2014 19:26:07 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lucka\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,95 Gb Total Physical Memory | 1,93 Gb Available Physical Memory | 65,38% Memory free
5,90 Gb Paging File | 4,73 Gb Available in Paging File | 80,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 596,07 Gb Total Space | 316,84 Gb Free Space | 53,16% Space Free | Partition Type: NTFS

Computer Name: SONY | User Name: Lucka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2014.01.02 19:25:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lucka\Desktop\OTL.exe
PRC - [2014.01.01 22:54:14 | 002,151,744 | ---- | M] (IObit) -- C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
PRC - [2014.01.01 15:05:29 | 003,764,024 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014.01.01 15:05:29 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013.12.23 10:58:22 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013.05.10 08:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.11.23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012.10.17 04:05:54 | 001,837,672 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe
PRC - [2012.10.17 04:02:20 | 000,790,120 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicatorCom.exe
PRC - [2011.11.02 08:24:04 | 000,068,896 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\System32\NLSSRV32.EXE
PRC - [2011.11.02 08:23:44 | 000,196,896 | ---- | M] (Nitro PDF Software) -- C:\Program Files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe
PRC - [2011.06.06 15:13:46 | 000,450,560 | ---- | M] (Red Bend Ltd.) -- C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
PRC - [2011.06.06 15:08:08 | 000,765,952 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
PRC - [2011.06.02 14:53:08 | 001,622,016 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe
PRC - [2011.04.17 12:38:12 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) -- C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
PRC - [2011.03.05 15:42:36 | 000,180,928 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2011.03.05 15:42:36 | 000,064,704 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.02.15 10:47:02 | 002,757,312 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\ISB Utility\ISBMgr.exe
PRC - [2009.11.24 10:53:50 | 000,292,248 | ---- | M] (Global Graphics Software Ltd.) -- C:\Program Files\Global Graphics\gDoc\DocCreatorClient.exe
PRC - [2009.11.24 10:53:44 | 000,099,720 | ---- | M] (Global Graphics Software Ltd) -- C:\Windows\System32\DCMessages.exe
PRC - [2009.07.14 02:14:41 | 000,354,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\StikyNot.exe

========== Modules (No Company Name) ==========

MOD - [2014.01.01 15:05:29 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013.12.23 10:58:22 | 003,559,024 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013.10.12 19:00:19 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2013.09.03 07:48:11 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013.09.03 07:47:54 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013.09.03 07:47:50 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013.07.29 22:15:20 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2011.04.10 09:40:40 | 000,094,208 | ---- | M] () -- C:\Windows\System32\IccLibDll.dll
MOD - [2010.11.13 02:54:29 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_cs_b77a5c561934e089\System.Windows.Forms.resources.dll

========== Services (SafeList) ==========

SRV - [2014.01.01 22:54:14 | 002,151,744 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2014.01.01 15:05:29 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013.12.23 10:58:22 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.12.10 20:19:35 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.11.26 09:29:52 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2013.05.27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.05.10 08:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.04.08 10:25:56 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011.11.02 08:24:04 | 000,068,896 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\System32\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2011.11.02 08:23:44 | 000,196,896 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe -- (NitroDriverReadSpool2)
SRV - [2011.08.24 11:40:10 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011.06.06 15:13:46 | 000,450,560 | ---- | M] (Red Bend Ltd.) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe -- (DMAgent)
SRV - [2011.06.06 15:08:08 | 000,765,952 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe -- (WiMAXAppSrv)
SRV - [2011.04.17 12:38:12 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011.03.05 15:42:36 | 000,064,704 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2009.11.24 10:53:44 | 000,099,720 | ---- | M] (Global Graphics Software Ltd) [On_Demand | Running] -- C:\Windows\System32\DCMessages.exe -- (DCMessages)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2007.05.31 15:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 15:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)

========== Driver Services (SafeList) ==========

DRV - [2014.01.01 15:06:01 | 000,064,168 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\aswstm.sys -- (aswStm)
DRV - [2014.01.01 15:05:30 | 000,775,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014.01.01 15:05:30 | 000,410,528 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2014.01.01 15:05:30 | 000,180,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014.01.01 15:05:30 | 000,079,720 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2014.01.01 15:05:30 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014.01.01 15:05:30 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013.11.10 17:15:29 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2011.08.24 12:04:52 | 000,068,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2011.05.19 12:25:38 | 000,149,504 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bpmp.sys -- (bpmp)
DRV - [2011.05.19 12:25:34 | 000,070,144 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bpusb.sys -- (bpusb)
DRV - [2011.05.19 12:25:30 | 000,067,584 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bpenum.sys -- (bpenum)
DRV - [2011.05.01 22:32:08 | 007,513,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETwNs32.sys -- (NETwNs32)
DRV - [2011.04.17 12:38:14 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV - [2010.11.20 22:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 22:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)
DRV - [2010.11.20 22:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010.11.11 01:11:46 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2010.11.11 01:11:46 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2010.11.11 01:11:46 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2010.10.15 00:27:20 | 000,269,824 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud)
DRV - [2009.12.15 13:05:42 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.12.15 13:05:42 | 000,101,120 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009.12.15 13:05:42 | 000,023,424 | ---- | M] (Huawei Tech. Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewdcsc.sys -- (Huawei)
DRV - [2007.08.03 04:36:10 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}: "URL" = http://search.qip.ru/?query={searchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}: "URL" = http://search.qip.ru/?query={searchTerms}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2739945366-2785903207-2513892113-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-2739945366-2785903207-2513892113-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKU\S-1-5-21-2739945366-2785903207-2513892113-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKU\S-1-5-21-2739945366-2785903207-2513892113-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2739945366-2785903207-2513892113-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.bing.com
IE - HKU\S-1-5-21-2739945366-2785903207-2513892113-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKU\S-1-5-21-2739945366-2785903207-2513892113-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-2739945366-2785903207-2513892113-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2739945366-2785903207-2513892113-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE10SR
IE - HKU\S-1-5-21-2739945366-2785903207-2513892113-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7B241aae70-0022-11de-87af-0800200c9a66%7D:26.0.29.12.13
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014.01.01 15:05:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011.08.27 07:49:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lucka\AppData\Roaming\Mozilla\Extensions
[2014.01.01 22:58:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lucka\AppData\Roaming\Mozilla\Firefox\Profiles\i8diibmk.default-1388613448403\extensions
[2014.01.01 22:58:45 | 000,000,000 | ---D | M] (Blue Fox) -- C:\Users\Lucka\AppData\Roaming\Mozilla\Firefox\Profiles\i8diibmk.default-1388613448403\extensions\{241aae70-0022-11de-87af-0800200c9a66}
[2013.11.15 22:06:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.11.15 22:06:53 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.11.15 22:06:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.12.23 10:58:22 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - Extension: No name found = C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8153_0\

O1 HOSTS File: ([2014.01.02 17:10:01 | 000,000,035 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DocCreatorClient] C:\Program Files\Global Graphics\gDoc\DocCreatorClient.exe (Global Graphics Software Ltd.)
O4 - HKLM..\Run: [IntelWirelessWiMAX] C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe (Intel® Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKU\S-1-5-21-2739945366-2785903207-2513892113-1000..\Run: [Cookienator] C:\Program Files\Cookienator\cookienator.exe (CodeFromThe70s.org)
O4 - HKU\S-1-5-21-2739945366-2785903207-2513892113-1000..\Run: [HP Deskjet 3510 series (NET)] C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKU\S-1-5-21-2739945366-2785903207-2513892113-1000..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2739945366-2785903207-2513892113-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{382D011A-B1C4-49DC-A210-75673A503475}: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7D3E3ECB-6F56-4815-AAD2-54A4A831C1CF}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.04.08 10:12:49 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.divxa32 - C:\Windows\System32\divxa32.acm (Kristal StudioDFileDescription)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\Windows\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.HFYU - C:\Windows\System32\huffyuv.dll (Disappearing Inc.)
Drivers32: vidc.iv41 - C:\Windows\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\Windows\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.LAGS - C:\Windows\System32\lagarith.dll ( )
Drivers32: VIDC.VP70 - C:\Windows\System32\vp7vfw.dll (On2.com)
Drivers32: VIDC.X264 - C:\Windows\System32\x264vfw.dll ()
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2014.01.02 19:25:06 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Lucka\Desktop\OTL.exe
[2014.01.01 22:54:19 | 000,000,000 | ---D | C] -- C:\Users\Lucka\AppData\Roaming\IObit
[2014.01.01 22:54:18 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2014.01.01 22:54:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
[2014.01.01 22:54:16 | 000,000,000 | ---D | C] -- C:\ProgramData\ProductData
[2014.01.01 22:54:14 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2014.01.01 15:10:56 | 000,112,640 | ---- | C] (forum.viry.cz) -- C:\Users\Lucka\Desktop\FRSTLauncher.exe
[2014.01.01 15:06:19 | 000,000,000 | ---D | C] -- C:\Users\Lucka\AppData\Roaming\AVAST Software
[2014.01.01 15:06:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014.01.01 15:05:40 | 000,064,168 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswstm.sys
[2014.01.01 15:05:37 | 000,775,952 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014.01.01 15:05:36 | 000,410,528 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2014.01.01 15:05:36 | 000,067,824 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014.01.01 15:05:35 | 000,079,720 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2014.01.01 15:05:33 | 000,270,240 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014.01.01 15:05:30 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014.01.01 15:03:40 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014.01.01 15:02:31 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014.01.01 14:58:07 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014.01.01 14:46:45 | 000,000,000 | ---D | C] -- C:\FRST
[2014.01.01 14:40:34 | 001,064,481 | ---- | C] (Farbar) -- C:\Users\Lucka\Desktop\FRST.exe
[2013.12.31 14:28:34 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.12.31 10:15:33 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.12.31 10:15:32 | 000,000,000 | ---D | C] -- C:\rsit
[2013.12.30 22:20:32 | 000,000,000 | ---D | C] -- C:\Program Files\Cookienator
[2013.12.30 22:10:31 | 000,000,000 | ---D | C] -- C:\Users\Lucka\AppData\Local\Programs
[2013.12.27 19:01:47 | 000,000,000 | ---D | C] -- C:\Users\Lucka\Documents\Ostatní

========== Files - Modified Within 7 Days ==========

[2014.01.02 19:27:33 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.01.02 19:25:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lucka\Desktop\OTL.exe
[2014.01.02 17:44:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.01.02 17:19:39 | 000,028,352 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.01.02 17:19:39 | 000,028,352 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.01.02 17:13:28 | 000,001,992 | ---- | M] () -- C:\Users\Lucka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 3510 series (Síť).lnk
[2014.01.02 17:12:11 | 2376,486,912 | -HS- | M] () -- C:\hiberfil.sys
[2014.01.02 17:10:01 | 000,000,035 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2014.01.02 17:08:49 | 001,064,481 | ---- | M] (Farbar) -- C:\Users\Lucka\Desktop\FRST.exe
[2014.01.01 15:10:57 | 000,112,640 | ---- | M] (forum.viry.cz) -- C:\Users\Lucka\Desktop\FRSTLauncher.exe
[2014.01.01 15:06:01 | 000,064,168 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswstm.sys
[2014.01.01 15:05:30 | 000,775,952 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014.01.01 15:05:30 | 000,410,528 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2014.01.01 15:05:30 | 000,270,240 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014.01.01 15:05:30 | 000,180,248 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014.01.01 15:05:30 | 000,079,720 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2014.01.01 15:05:30 | 000,067,824 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014.01.01 15:05:30 | 000,049,944 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014.01.01 15:05:30 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.12.31 14:30:15 | 000,002,000 | ---- | M] () -- C:\Windows\wininit.ini
[2013.12.31 14:28:23 | 001,233,962 | ---- | M] () -- C:\Users\Lucka\Desktop\adwcleaner.exe
[2013.12.30 22:29:16 | 000,001,428 | ---- | M] () -- C:\Users\Lucka\Desktop\Cookienator.lnk

========== Files Created - No Company Name ==========

[2014.01.02 19:27:33 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.01.01 15:05:38 | 000,180,248 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014.01.01 15:05:36 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013.12.31 14:28:22 | 001,233,962 | ---- | C] () -- C:\Users\Lucka\Desktop\adwcleaner.exe
[2013.12.31 12:18:47 | 000,002,000 | ---- | C] () -- C:\Windows\wininit.ini
[2013.12.30 22:28:49 | 000,001,428 | ---- | C] () -- C:\Users\Lucka\Desktop\Cookienator.lnk
[2013.12.30 22:20:32 | 000,002,979 | ---- | C] () -- C:\Users\Lucka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cookienator.lnk
[2013.12.25 14:05:26 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013.08.01 16:51:15 | 000,000,489 | ---- | C] () -- C:\Windows\Viewer.INI
[2013.06.21 17:15:27 | 000,003,728 | ---- | C] () -- C:\Program Files\Mozilla Firefoxavg-secure-search.xml
[2013.01.07 20:52:23 | 007,629,368 | ---- | C] () -- C:\Users\Lucka\sony.pdf
[2012.10.26 08:18:19 | 000,027,520 | ---- | C] () -- C:\Users\Lucka\AppData\Local\dt.dat
[2012.05.04 16:16:59 | 000,042,584 | ---- | C] () -- C:\Windows\SETUPQSB.EXE
[2012.05.01 18:27:39 | 000,009,216 | ---- | C] () -- C:\Users\Lucka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.04.08 10:26:33 | 000,000,147 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011.09.02 17:48:39 | 001,332,961 | ---- | C] () -- C:\Users\Lucka\AppData\Roaming\UserTile.png

========== ZeroAccess Check ==========

[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 22:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012.11.09 09:59:27 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2012.11.09 09:59:27 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2013.10.16 14:47:05 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Ancestry
[2011.08.24 11:50:59 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Auslogics
[2012.04.08 10:29:23 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Autodesk
[2014.01.01 15:06:19 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\AVAST Software
[2011.09.06 18:47:17 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\DAEMON Tools Lite
[2011.12.10 16:31:55 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Downloaded Installations
[2011.09.28 10:14:06 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\GARMIN
[2014.01.01 22:54:19 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\IObit
[2012.04.08 11:45:19 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\IrfanView
[2013.12.09 17:31:29 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\MoZiGo
[2013.11.14 21:38:20 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Nico Mak Computing
[2013.12.17 10:10:23 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Nitro PDF
[2012.02.03 16:03:53 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\QIP
[2011.10.06 17:36:31 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Telefónica Móviles
[2012.11.05 16:18:42 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\TuneUp Software

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.07.14 05:53:46 | 000,032,610 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_a5025d31bee4647c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_df26d4d57fdef5b0\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_dfc9143c98e9a6c4\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 22:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 22:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.20 22:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 22:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 22:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2010.11.20 22:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 22:29:19 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 22:29:19 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll

< MD5 for: SCECLI.DLL >
[2010.11.20 22:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 22:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.06.21 06:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2012.08.22 18:05:21 | 001,306,992 | ---- | M] (Microsoft Corporation) MD5=23790A44D9A6B67F8690C34D4F516446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_b55b785ade04500f\tcpip.sys
[2011.04.25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2010.11.20 22:29:20 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011.09.29 17:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2013.01.04 05:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2013.07.06 06:05:35 | 001,293,760 | ---- | M] (Microsoft Corporation) MD5=4E8B9BE71B807B3BAEDB7F4243F85E3C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_b52f2f65c4a146e5\tcpip.sys
[2013.07.06 05:57:37 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=528F7CC60391DD0FAB0344F32F051FDF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_b5721e2eddf328f9\tcpip.sys
[2013.05.08 07:15:22 | 001,309,032 | ---- | M] (Microsoft Corporation) MD5=6088D01FAD49729EA0A5A3D9B9BA8B84 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_b5b3fe00ddc19aaa\tcpip.sys
[2011.09.29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2013.09.07 03:06:48 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=6C4F3D92764FFA22D28061A4D9235446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_b58e8eb0ddde6cf1\tcpip.sys
[2011.04.25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013.01.03 06:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2012.03.30 11:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2012.03.30 10:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2012.08.22 18:16:54 | 001,292,144 | ---- | M] (Microsoft Corporation) MD5=A5EBB8F648000E88B7D9390B514976BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_b514e56fc4b40532\tcpip.sys
[2013.09.08 03:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\System32\drivers\tcpip.sys
[2013.09.08 03:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_b4fa2013c4c8ebf1\tcpip.sys
[2013.05.08 06:38:00 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=D32FDAC73FCD76B85389C39BC1087F2A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_b508ef41c4bd3835\tcpip.sys
[2012.10.03 17:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2011.06.21 07:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
[2012.10.03 17:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 22:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 22:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 22:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 22:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe

< >

< %systemroot%*.* /U /s >
[5 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2007.11.07 07:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.08.26 21:40:51 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Adobe
[2013.10.16 14:47:05 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Ancestry
[2011.08.24 11:50:59 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Auslogics
[2012.04.08 10:29:23 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Autodesk
[2014.01.01 15:06:19 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\AVAST Software
[2011.09.06 18:47:17 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\DAEMON Tools Lite
[2011.12.10 16:31:55 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Downloaded Installations
[2013.05.10 10:54:00 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\dvdcss
[2011.10.07 19:18:48 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\FastStone
[2011.09.28 10:14:06 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\GARMIN
[2014.01.01 14:14:06 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\HpUpdate
[2011.08.24 11:14:18 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Identities
[2014.01.01 22:54:19 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\IObit
[2012.04.08 11:45:19 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\IrfanView
[2011.08.24 11:26:52 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Macromedia
[2010.11.21 02:24:44 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Media Center Programs
[2013.12.09 12:49:20 | 000,000,000 | --SD | M] -- C:\Users\Lucka\AppData\Roaming\Microsoft
[2013.12.09 17:31:29 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\MoZiGo
[2011.08.27 07:49:33 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Mozilla
[2013.11.14 21:38:20 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Nico Mak Computing
[2013.12.17 10:10:23 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Nitro PDF
[2012.02.03 16:03:53 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\QIP
[2013.02.28 18:33:49 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Skype
[2011.08.26 21:41:50 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Sony Corporation
[2011.10.06 17:36:31 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Telefónica Móviles
[2012.11.05 16:18:42 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\TuneUp Software
[2014.01.02 12:57:16 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\vlc

< %APPDATA%\*.exe /s >
[2012.03.11 16:45:16 | 000,001,406 | R--- | M] () -- C:\Users\Lucka\AppData\Roaming\Microsoft\Installer\{874F937F-42D9-49A6-874E-D797BBF78165}\_3F85B7C96F1987D23625EB.exe
[2012.03.11 16:45:16 | 000,001,406 | R--- | M] () -- C:\Users\Lucka\AppData\Roaming\Microsoft\Installer\{874F937F-42D9-49A6-874E-D797BBF78165}\_6FEFF9B68218417F98F549.exe
[2013.12.30 22:21:56 | 000,086,358 | R--- | M] () -- C:\Users\Lucka\AppData\Roaming\Microsoft\Installer\{BF307EDA-A176-4D83-9775-D337810CF7A7}\_EA3E2819DD980FBD00EEEC.exe
[2011.01.06 14:57:32 | 000,344,576 | ---- | M] () -- C:\Users\Lucka\AppData\Roaming\MoZiGo\backup\Barla.exe
[2013.06.10 20:14:54 | 008,904,192 | ---- | M] (Home) -- C:\Users\Lucka\AppData\Roaming\MoZiGo\backup\MoZiGo.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >
[2014.01.01 15:05:30 | 000,067,824 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswMonFlt.sys
[2014.01.01 15:05:30 | 000,079,720 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswRdr2.sys
[2014.01.01 15:05:30 | 000,049,944 | ---- | M] () -- C:\Windows\system32\drivers\aswRvrt.sys
[2014.01.01 15:05:30 | 000,775,952 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswSnx.sys
[2014.01.01 15:05:30 | 000,410,528 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswSP.sys
[2014.01.01 15:06:01 | 000,064,168 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswstm.sys
[2014.01.01 15:05:30 | 000,180,248 | ---- | M] () -- C:\Windows\system32\drivers\aswVmm.sys

< %systemroot%\system32\*.* /3 >
[2014.01.02 17:19:39 | 000,028,352 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.01.02 17:19:39 | 000,028,352 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.01.01 15:05:30 | 000,270,240 | ---- | M] (AVAST Software) -- C:\Windows\system32\aswBoot.exe

< %SYSTEMDRIVE%\*.exe >
[2007.11.07 07:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 22:29:41 | 001,174,016 | ---- | M] (Microsoft Corporation)
"RESTART_STICKY_NOTES" = C:\Windows\System32\StikyNot.exe -- [2009.07.14 02:14:41 | 000,354,304 | ---- | M] (Microsoft Corporation)
"HP Deskjet 3510 series (NET)" = "C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN3581PM8M05Y8:NW" -scfn "HP Deskjet 3510 series (NET)" -AutoStart 1 -- [2012.10.17 04:05:54 | 001,837,672 | ---- | M] (Hewlett-Packard Co.)
"Cookienator" = "C:\Program Files\Cookienator\cookienator.exe" /auto -- [2009.10.19 00:29:22 | 001,333,472 | ---- | M] (CodeFromThe70s.org)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2013.12.23 10:58:22 | 000,275,568 | ---- | M] (Mozilla Corporation) MD5=1EEA6C1B35191DC177EA83672B9C3FC0 -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013.11.26 22:50:04 | 000,806,096 | ---- | M] (Microsoft Corporation) MD5=C8A8321292A459B0A17FB39A782A5C74 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.01.02 19:27:33 | 000,000,512 | ---- | M] () MD5=B78A975347A19C70FCFB05E60DBE7961 -- C:\PhysicalMBR.bin

< End of report >

Log Extras

OTL Extras logfile created on: 2.1.2014 19:26:07 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lucka\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,95 Gb Total Physical Memory | 1,93 Gb Available Physical Memory | 65,38% Memory free
5,90 Gb Paging File | 4,73 Gb Available in Paging File | 80,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 596,07 Gb Total Space | 316,84 Gb Free Space | 53,16% Space Free | Partition Type: NTFS

Computer Name: SONY | User Name: Lucka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2739945366-2785903207-2513892113-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1346AF04-621C-4C62-A5A3-4AD5A93CF7FC}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{2905CDA7-8926-4FA9-A1BD-28AC4105EC36}" = rport=137 | protocol=17 | dir=out | app=system |
"{36CB7ECF-FB61-4420-A5D2-A972D1D15E90}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{3C948034-B886-4C06-B98A-5290602B1FEF}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=%systemroot%\microsoft.net\framework\v3.0\windows communication foundation\smsvchost.exe |
"{44C5E5E9-E2DC-4999-B149-60C09E5CBD54}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{4FD1BD79-98F6-444B-8C5B-228E7A84D3CC}" = rport=445 | protocol=6 | dir=out | app=system |
"{5188B174-D81F-4B28-B3B0-F658C3FE4D35}" = lport=445 | protocol=6 | dir=in | app=system |
"{5FE32EF8-F2C9-45BC-8715-B74AF19CA3A4}" = lport=138 | protocol=17 | dir=in | app=system |
"{66BCAB4D-2E18-4CA0-82C7-ED3B98A674B9}" = rport=138 | protocol=17 | dir=out | app=system |
"{754454DC-650B-400E-B5D7-518DE4E8533A}" = lport=139 | protocol=6 | dir=in | app=system |
"{78A820C8-FCD6-4EA0-9A11-4A5DE77E5374}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7E6EA348-40B0-4E71-8661-37639CF2FAA7}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{8A3893F9-8D15-4B33-8409-454F1B68391E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AF0C0325-DA41-43A8-82F7-DFE7B572FBA3}" = rport=139 | protocol=6 | dir=out | app=system |
"{AF47D258-0BFC-4859-89CD-15BAA033285A}" = lport=137 | protocol=17 | dir=in | app=system |
"{D2EB4E6F-06AB-449D-9541-CD5DF4099F14}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D3663978-45CA-476F-AAE8-A6DD6FEBBEC4}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{E7E1C81E-3AE0-44A1-A4AE-38BB9475DF0F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{EACADE0A-12EF-4761-B035-CCFE0DF4FA04}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00709286-4215-4E27-BA65-D347C38647E3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{33C98724-3A80-4286-BF5C-719D8B846814}" = dir=in | app=c:\program files\hp\hp deskjet 3510 series\bin\devicesetup.exe |
"{3C095A35-A3E3-4717-83A5-F74EC0631D0A}" = protocol=6 | dir=in | app=c:\program files\intel\wimax\bin\dmagent.exe |
"{45A4847B-5511-441E-BD2A-F516EFDFD188}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{465786F0-3AC4-477E-A37A-2D960638837C}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{4767C750-E688-441D-B00A-6795F35A7205}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{481B6D78-65CF-4F14-BF78-A07A7E27F9BE}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{48417B56-B5DF-4C59-8CE7-468B4D960087}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{4E1164EA-8EF2-48E7-A577-DEA4AB4E7E36}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{55E3E1F6-9F25-458B-BEB6-24F27A4A3F8A}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{5A23BCD9-4D02-48C4-835A-BD9EBD076612}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{5B65F86B-8851-4E1F-ACA2-2A72D4FB2E53}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgmfapx.exe |
"{5DBD5834-E4FC-4416-BC24-9C5B5E380360}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{720D62CA-E817-49DC-9FB7-E21360530803}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{76385401-5004-4707-AD4F-DC209C135E2C}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgmfapx.exe |
"{7D6BDA8C-0C00-4A60-ADD7-1E8F5A9BF7A9}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |
"{818E7BB8-A63A-4428-AF9C-A56705D2FAC2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{89BC744F-A722-4575-A769-6DC3FA326F2D}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{9F9DAC1F-7353-4B9B-9255-8157540B4C62}" = protocol=17 | dir=in | app=c:\program files\intel\wimax\bin\appsrv.exe |
"{A60064D4-FAC8-4EBC-A86D-FD66375CA6D3}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{ACED381B-CBD8-402B-BF76-345BC9792B03}" = dir=in | app=c:\program files\hp\hp deskjet 3510 series\bin\hpnetworkcommunicatorcom.exe |
"{AE567B83-9E0E-470E-9363-1B5380CF6863}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B1ECE818-1F79-43A9-BC8C-86CCE36565BD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B8B2B182-A666-4828-8B4E-122B1313C02C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B97AF60F-EE38-448E-8E10-C8401B9A30BC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B9907BCD-2F8E-4C72-96E5-D5611D2322F5}" = dir=in | app=c:\program files\winzip driver updater\winzipdu.exe |
"{BEC76DFD-A736-4D9E-A06F-F4C16CAA436C}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C7219D21-1677-4F39-BEA7-DD7BCF021EB9}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{CA564907-1D9F-450A-A546-E9F033115AB9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D795E41F-B50C-48BB-9533-80A2B7E191AF}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{D825EE11-0D34-48AB-8E6B-D214B442CF6D}" = protocol=6 | dir=in | app=c:\program files\intel\wimax\bin\appsrv.exe |
"{DFFD0159-4890-4A41-8A25-8EB01743078D}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{E248F6F2-80C9-4611-80CC-1907598ABD2B}" = protocol=17 | dir=in | app=c:\program files\intel\wimax\bin\dmagent.exe |
"{E5010FF2-602A-487A-817D-BA9E7ACFC5AD}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgnsx.exe |
"{F02F7B50-6A2D-4D45-AFD6-452EB76E9CD0}" = dir=in | app=c:\program files\hp\hp deskjet 3510 series\bin\hpnetworkcommunicator.exe |
"{FDD800E5-6CAD-45A2-9E4D-3CC8F3E785F5}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgnsx.exe |
"{FE2BACC8-1FFC-478A-BE75-8BE09B2E0332}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |
"TCP Query User{105A78B0-68DA-4940-A3E4-60E874A84EA8}C:\program files\qip 2010\qip.exe" = protocol=6 | dir=in | app=c:\program files\qip 2010\qip.exe |
"TCP Query User{BBA7BDBD-30E1-4C0C-9E44-A0683B31BCD2}C:\program files\qip 2010\qip.exe" = protocol=6 | dir=in | app=c:\program files\qip 2010\qip.exe |
"TCP Query User{EB310D5F-E967-4224-BBE3-E1FE2C358DF5}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{36EB9260-0A93-40AC-9B8B-CABBD75A0A9D}C:\program files\qip 2010\qip.exe" = protocol=17 | dir=in | app=c:\program files\qip 2010\qip.exe |
"UDP Query User{E75FDE85-E350-4CAC-9C1C-316445530AA5}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{EE220571-B7CA-4427-AD2B-408F1A702936}C:\program files\qip 2010\qip.exe" = protocol=17 | dir=in | app=c:\program files\qip 2010\qip.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01D55832-B40C-45C3-A8B4-17923394FDF6}" = HP Deskjet 3510 series Nápověda
"{06DC6C98-BBF6-4543-A052-95BB21CA5C54}" = gDoc Installer
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 4.7
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216027FF}" = Java(TM) 6 Update 27
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{3A94F54D-A8A4-4B82-B346-92B4D56A2708}" = VESx86
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D9E5B51-ED02-4F31-98B7-F99BABE958D0}" = gDocExcel2007AddIn
"{414A373B-59DF-4102-94CA-9FE9A74CBDDA}" = Garmin Trip and Waypoint Manager v5
"{48AD3E2E-5AEE-4FF8-8BF6-02D5846F3D25}" = TOPO Czech 2011
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{5C1DA3D9-F590-4317-A4FB-274F658E504B}" = Intel® PROSet/Wireless WiMAX Software
"{63C43435-F428-42BA-8E7B-5848749D9262}" = SSLx86
"{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}" = HP Update
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7204BDEE-1A48-4D95-A964-44A9250B439E}" = Facebook Messenger 2.1.4814.0
"{73D8886A-D416-4687-B609-0D3836BA410C}" = VAIO Event Service
"{75CAF285-3130-4DD1-A077-58463F2E5DBC}" = Nitro Pro 7
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{874F937F-42D9-49A6-874E-D797BBF78165}" = Binary Clock
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Centrum zařízení Windows Mobile
"{978D05B9-5ECD-4806-941E-99E4CB44B53B}" = gDoc Installer
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9B088046-8A01-4355-99DD-8530C022F682}" = VCCx86
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.8) - Czech
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BF307EDA-A176-4D83-9775-D337810CF7A7}" = Cookienator
"{C0E05CBA-6900-4103-B396-2A6500E67A54}" = gDocWord2007AddIn
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{E5604D13-205E-43EA-A024-A41F194D9D65}" = Základní software zařízení HP Deskjet 3510 series
"{EABCE84D-314C-4D47-8B8D-2743B45A4686}" = gDoc
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F5E3017E-47B0-43E9-A13D-8BCA3EC84EEA}" = gDocPowerPoint2007AddIn
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"ENTERPRISE" = Microsoft Office Enterprise 2007
"HP Photo Creations" = HP Photo Creations
"IObitUninstall" = IObit Uninstaller
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 7.6.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Microsoft Visual Studio 2005 Tools for Office Runtime
"Mozilla Firefox 26.0 (x86 cs)" = Mozilla Firefox 26.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"O2CZ" = O2
"OptimizerPro1" = OptimizerPro1
"Picasa 3" = Picasa 3
"ProInst" = Intel PROSet Wireless
"VLC media player" = VLC media player 1.1.11

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2739945366-2785903207-2513892113-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"QIP 2010" = QIP 2010 3.1.6116
"QIP 2012" = QIP 2012 4.0.7102
"QipGuard" = QIP Internet Guardian
"szn-software-postak" = Seznam Pošťák 2 (Pouze já.)

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 31.12.2013 8:29:03 | Computer Name = SONY | Source = MsiInstaller | ID = 11001
Description =

Error - 31.12.2013 8:29:28 | Computer Name = SONY | Source = MsiInstaller | ID = 11001
Description =

Error - 31.12.2013 9:33:53 | Computer Name = SONY | Source = WinMgmt | ID = 10
Description =

Error - 31.12.2013 9:38:25 | Computer Name = SONY | Source = WinMgmt | ID = 10
Description =

Error - 1.1.2014 7:10:17 | Computer Name = SONY | Source = WinMgmt | ID = 10
Description =

Error - 1.1.2014 10:03:02 | Computer Name = SONY | Source = WinMgmt | ID = 10
Description =

Error - 1.1.2014 10:03:23 | Computer Name = SONY | Source = VSS | ID = 8194
Description =

Error - 2.1.2014 4:12:46 | Computer Name = SONY | Source = WinMgmt | ID = 10
Description =

Error - 2.1.2014 7:57:08 | Computer Name = SONY | Source = Application Error | ID = 1000
Description = Název chybující aplikace: vlc.exe, verze: 1.1.11.0, časové razítko:
0x4e1edf37 Název chybujícího modulu: vlc.exe, verze: 1.1.11.0, časové razítko: 0x4e1edf37
Kód
výjimky: 0xc0000005 Posun chyby: 0x000016ee ID chybujícího procesu: 0x1874 Čas spuštění
chybující aplikace: 0x01cf07b1c0237eda Cesta k chybující aplikaci: C:\Program Files\VideoLAN\VLC\vlc.exe
Cesta
k chybujícímu modulu: C:\Program Files\VideoLAN\VLC\vlc.exe ID zprávy: 014eefcd-73a5-11e3-a953-78843c91afae

Error - 2.1.2014 11:10:07 | Computer Name = SONY | Source = WinMgmt | ID = 10
Description =

Error - 2.1.2014 12:14:03 | Computer Name = SONY | Source = WinMgmt | ID = 10
Description =

[ OSession Events ]
Error - 27.2.2012 9:17:59 | Computer Name = SONY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 16
seconds with 0 seconds of active time. This session ended with a crash.

Error - 4.5.2012 2:35:52 | Computer Name = SONY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 9
seconds with 0 seconds of active time. This session ended with a crash.

Error - 21.6.2012 11:11:44 | Computer Name = SONY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.

Error - 27.2.2013 15:29:49 | Computer Name = SONY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 22
seconds with 0 seconds of active time. This session ended with a crash.

Error - 23.3.2013 12:04:00 | Computer Name = SONY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 8
seconds with 0 seconds of active time. This session ended with a crash.

Error - 15.4.2013 12:45:38 | Computer Name = SONY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 8
seconds with 0 seconds of active time. This session ended with a crash.

Error - 3.6.2013 6:03:07 | Computer Name = SONY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 16
seconds with 0 seconds of active time. This session ended with a crash.

Error - 19.6.2013 9:50:38 | Computer Name = SONY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 7
seconds with 0 seconds of active time. This session ended with a crash.

Error - 27.11.2013 14:51:24 | Computer Name = SONY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 29
seconds with 0 seconds of active time. This session ended with a crash.

Error - 1.12.2013 8:41:43 | Computer Name = SONY | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 15
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 2.1.2014 11:52:32 | Computer Name = SONY | Source = Schannel | ID = 36888
Description = Byla vygenerována následující výstraha o závažné chybě: 43. Stav interní
chyby: 552

Error - 2.1.2014 11:52:32 | Computer Name = SONY | Source = Schannel | ID = 36876
Description = Certifikát získaný ze vzdáleného serveru nebyl správně ověřen. Kód
chyby je 0x80092012. Žádost o připojení SSL byla odmítnuta. Připojená data obsahují
certifikát serveru.

Error - 2.1.2014 11:58:22 | Computer Name = SONY | Source = Schannel | ID = 36888
Description = Byla vygenerována následující výstraha o závažné chybě: 43. Stav interní
chyby: 552

Error - 2.1.2014 11:58:22 | Computer Name = SONY | Source = Schannel | ID = 36876
Description = Certifikát získaný ze vzdáleného serveru nebyl správně ověřen. Kód
chyby je 0x80092012. Žádost o připojení SSL byla odmítnuta. Připojená data obsahují
certifikát serveru.

Error - 2.1.2014 11:58:54 | Computer Name = SONY | Source = Schannel | ID = 36888
Description = Byla vygenerována následující výstraha o závažné chybě: 43. Stav interní
chyby: 552

Error - 2.1.2014 11:58:54 | Computer Name = SONY | Source = Schannel | ID = 36876
Description = Certifikát získaný ze vzdáleného serveru nebyl správně ověřen. Kód
chyby je 0x80092012. Žádost o připojení SSL byla odmítnuta. Připojená data obsahují
certifikát serveru.

Error - 2.1.2014 12:04:44 | Computer Name = SONY | Source = Schannel | ID = 36888
Description = Byla vygenerována následující výstraha o závažné chybě: 43. Stav interní
chyby: 552

Error - 2.1.2014 12:04:44 | Computer Name = SONY | Source = Schannel | ID = 36876
Description = Certifikát získaný ze vzdáleného serveru nebyl správně ověřen. Kód
chyby je 0x80092012. Žádost o připojení SSL byla odmítnuta. Připojená data obsahují
certifikát serveru.

Error - 2.1.2014 12:10:35 | Computer Name = SONY | Source = Schannel | ID = 36888
Description = Byla vygenerována následující výstraha o závažné chybě: 43. Stav interní
chyby: 552

Error - 2.1.2014 12:10:35 | Computer Name = SONY | Source = Schannel | ID = 36876
Description = Certifikát získaný ze vzdáleného serveru nebyl správně ověřen. Kód
chyby je 0x80092012. Žádost o připojení SSL byla odmítnuta. Připojená data obsahují
certifikát serveru.

< End of report >

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
SRV - [2014.01.01 22:54:14 | 002,151,744 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
DRV - [2013.11.10 17:15:29 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}: "URL" = http://search.qip.ru/?query={searchTerms}
IE - HKU\S-1-5-18\..\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}: "URL" = http://search.qip.ru/?query={searchTerms}
IE - HKU\S-1-5-21-2739945366-2785903207-2513892113-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-2739945366-2785903207-2513892113-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2739945366-2785903207-2513892113-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
O2 - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
O13 - gopher Prefix: missing
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2014.01.01 22:54:19 | 000,000,000 | ---D | C] -- C:\Users\Lucka\AppData\Roaming\IObit
[2014.01.01 22:54:18 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2014.01.01 22:54:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
[2014.01.01 22:54:16 | 000,000,000 | ---D | C] -- C:\ProgramData\ProductData
[2014.01.01 22:54:14 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2014.01.01 15:10:56 | 000,112,640 | ---- | C] (forum.viry.cz) -- C:\Users\Lucka\Desktop\FRSTLauncher.exe
[2013.06.21 17:15:27 | 000,003,728 | ---- | C] () -- C:\Program Files\Mozilla Firefoxavg-secure-search.xml
[2014.01.01 22:54:19 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\IObit
[5 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

:files
C:\Program Files\IObit
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

AVG stále prudí

Log OTL

All processes killed
========== OTL ==========
Service LiveUpdateSvc stopped successfully!
Service LiveUpdateSvc deleted successfully!
C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe moved successfully.
Service avgtp stopped successfully!
Service avgtp deleted successfully!
C:\Windows\System32\drivers\avgtpx86.sys moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.
Registry value HKEY_USERS\S-1-5-21-2739945366-2785903207-2513892113-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
HKEY_USERS\S-1-5-21-2739945366-2785903207-2513892113-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2739945366-2785903207-2513892113-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}\ deleted successfully.
C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Users\Lucka\AppData\Roaming\IObit\IObit Uninstaller folder moved successfully.
C:\Users\Lucka\AppData\Roaming\IObit folder moved successfully.
C:\ProgramData\IObit folder moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller folder moved successfully.
C:\ProgramData\ProductData folder moved successfully.
C:\Program Files\IObit\LiveUpdate\update\Uninstaller folder moved successfully.
C:\Program Files\IObit\LiveUpdate\update folder moved successfully.
C:\Program Files\IObit\LiveUpdate\Language folder moved successfully.
C:\Program Files\IObit\LiveUpdate folder moved successfully.
C:\Program Files\IObit\IObit Uninstaller\LatestNews folder moved successfully.
C:\Program Files\IObit\IObit Uninstaller\Lan_LiveUpt folder moved successfully.
C:\Program Files\IObit\IObit Uninstaller\Language folder moved successfully.
C:\Program Files\IObit\IObit Uninstaller\Images folder moved successfully.
C:\Program Files\IObit\IObit Uninstaller folder moved successfully.
C:\Program Files\IObit folder moved successfully.
C:\Users\Lucka\Desktop\FRSTLauncher.exe moved successfully.
C:\Program Files\Mozilla Firefoxavg-secure-search.xml moved successfully.
Folder C:\Users\Lucka\AppData\Roaming\IObit\ not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP57A1.tmp\System.Data.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP57A1.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E64.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7C7F.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8545.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPDF78.tmp folder deleted successfully.
C:\Windows\Temp\A1D0.tmp deleted successfully.
========== FILES ==========
File\Folder C:\Program Files\IObit not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Lucka
->Temp folder emptied: 109579782 bytes
->Temporary Internet Files folder emptied: 6524900 bytes
->Java cache emptied: 210626004 bytes
->FireFox cache emptied: 357510700 bytes
->Google Chrome cache emptied: 6504624 bytes
->Flash cache emptied: 1358 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 674983 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 659,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Lucka
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Lucka
->Java cache emptied: 0 bytes

User: Public

Total Java Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 01022014_203417

Files\Folders moved on Reboot...
C:\Users\Lucka\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Fajn, jak se chova nas pacient??

výsledek logu viz výše

jen AVG stále dělá neplechu

Zkusime jeste dle kolegy

Márty84 píše: Zkuste jeste spustit mozillu a do adresniho radku napsat about:config a odentrujte. Slibte ji, ze tam budete opatrna a najedte tam.

Napiste avg a vse smazte

VIRY.CZ

VIRY nejdou odstranit z notasu...pls help

VIRY nejdou odstranit z notasu...pls help

Re: VIRY nejdou odstranit z notasu...pls help

Re: VIRY nejdou odstranit z notasu...pls help

Re: VIRY nejdou odstranit z notasu...pls help

Re: VIRY nejdou odstranit z notasu...pls help

Re: VIRY nejdou odstranit z notasu...pls help

Re: VIRY nejdou odstranit z notasu...pls help

Re: VIRY nejdou odstranit z notasu...pls help

Re: VIRY nejdou odstranit z notasu...pls help

Re: VIRY nejdou odstranit z notasu...pls help

Re: VIRY nejdou odstranit z notasu...pls help

Re: VIRY nejdou odstranit z notasu...pls help

Re: VIRY nejdou odstranit z notasu...pls help

Re: VIRY nejdou odstranit z notasu...pls help

Re: VIRY nejdou odstranit z notasu...pls help