VIRY.CZ

Ahoj,

asi před čtyřmi dny se mi poprvé začalo sekat video na youtube a od té doby to jde s počítačem z kopce. Největším problémem je sekání jakéhokoliv pohlížeče, kdy se rozhodne neodpovídat, pak se rozjede a zase dokola. Co se týče běžného chodu počítače, tak to není až tak hrozné, ale ani tak není ve 100% kondici.

Proto Vás žádám o zkontrolování, kde je problém. Dělal jsem kontrolu i Esetem, ale ten nic speciálního, kromě starších cracků, nenašel.

Přikládám logy z FRSTu a pod ním z RSITu. Předem děkuji za věnování se mému problému.

FRST LOG:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-02-2014
Ran by Ja (administrator) on KUCHTA44 on 06-02-2014 14:30:14
Running from C:\Users\Ja\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
() C:\Program Files\EslWire\service\WireHelperSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Pandora.TV) C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(PandoraTV) C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Valve Corporation) C:\D\STEAM\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Daum Communications) C:\Program Files (x86)\Daum\PotPlayer\PotPlayerMini.exe
(forum.viry.cz) C:\Users\Ja\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10038304 2010-01-29] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [4030008 2013-09-17] (ESET)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] ()
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [hpqSRMon] - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-269704162-1563387727-845643652-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKU\S-1-5-21-269704162-1563387727-845643652-1000\...\Run: [CCleaner Monitoring] - C:\Program Files\CCleaner\CCleaner64.exe [6087448 2014-01-21] (Piriform Ltd)
HKU\S-1-5-21-269704162-1563387727-845643652-1000\...\MountPoints2: {372e48bc-2127-11e3-9c47-bcaec524ce76} - G:\Startme.exe
HKU\S-1-5-21-269704162-1563387727-845643652-1000\...\MountPoints2: {b9522aa4-4785-11e2-9d3d-bcaec524ce76} - E:\Autorun.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.ph ... &ch_id=osd
SearchScopes: HKLM-x32 - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?sr ... AEC524CE76}
SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?sr ... AEC524CE76}
SearchScopes: HKCU - DefaultScope {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... &ch_id=osd
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... &ch_id=osd
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?sr ... AEC524CE76}
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\7m78bmrq.default
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF SearchPlugin: C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\7m78bmrq.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\7m78bmrq.default\searchplugins\sweetim.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Český slovník pro kontrolu pravopisu - C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\7m78bmrq.default\Extensions\cs@dictionaries.addons.mozilla.org [2013-01-12]
FF Extension: Walnut for Firefox - C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\7m78bmrq.default\Extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}.xpi [2012-12-16]
FF Extension: Speed Dial - C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\7m78bmrq.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2012-12-16]
FF Extension: Adblock Plus - C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\7m78bmrq.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-05-28]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-09-17]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-12-16]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-09-17]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-12-16]

Chrome:
=======
CHR RestoreOnStartup: "sync": {
"suppress_start"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U10) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.100.18) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (Dokumenty Google) - C:\Users\Ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-01-13]
CHR Extension: (Disk Google) - C:\Users\Ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-13]
CHR Extension: (YouTube) - C:\Users\Ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-13]
CHR Extension: (Vyhledávání Google) - C:\Users\Ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-13]
CHR Extension: (AVG Secure Search) - C:\Users\Ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2013-01-13]
CHR Extension: (Peněženka Google) - C:\Users\Ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-06]
CHR Extension: (Gmail) - C:\Users\Ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-13]

==================== Services (Whitelisted) =================

R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [974944 2011-08-09] (ESET)
R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [663056 2013-06-11] ()
R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [1922600 2013-07-08] (Pandora.TV)

==================== Drivers (Whitelisted) ====================

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-12-16] (DT Soft Ltd)
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [202576 2011-08-09] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [146432 2011-08-04] (ESET)
R2 EkaProt6; C:\Windows\System32\DRIVERS\ekaprot6.sys [27288 2011-01-31] (Ekahau Inc.)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [187632 2011-08-04] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [38288 2011-08-04] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62496 2011-08-04] (ESET)
R0 ESLWireAC; C:\Windows\System32\drivers\ESLWireACD.sys [184968 2013-11-29] (<Turtle Entertainment>)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)
S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [19496 2009-03-25] (MCCI Corporation)
S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [153128 2009-03-25] (MCCI Corporation)
S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)
S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [34856 2009-03-25] (MCCI Corporation)
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)
S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-06 14:30 - 2014-02-06 14:32 - 00017056 _____ () C:\Users\Ja\Desktop\FRST.txt
2014-02-06 14:29 - 2014-02-06 14:30 - 00000000 ____D () C:\FRST
2014-02-06 14:29 - 2014-02-06 14:29 - 00029696 _____ () C:\Users\Ja\AppData\Local\MSGBOX.EXE
2014-02-06 14:29 - 2014-02-06 14:29 - 00015327 _____ () C:\Users\Ja\Desktop\LM.bat
2014-02-06 14:25 - 2014-02-06 14:26 - 02082304 _____ (Farbar) C:\Users\Ja\Desktop\FRST64.exe
2014-02-06 14:25 - 2014-02-06 14:26 - 00112640 _____ (forum.viry.cz) C:\Users\Ja\Desktop\FRSTLauncher.exe
2014-02-06 14:21 - 2014-02-06 14:22 - 00935175 _____ () C:\Users\Ja\Desktop\RSITx64.exe
2014-02-06 02:21 - 2014-02-06 02:21 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-06 02:19 - 2014-02-06 02:19 - 00002766 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-06 02:19 - 2014-02-06 02:19 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-06 02:07 - 2014-02-06 02:08 - 04721144 _____ (Piriform Ltd) C:\Users\Ja\Desktop\ccsetup410pro.exe
2014-02-06 01:39 - 2014-02-06 01:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-05 12:05 - 2014-02-06 02:20 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-04 23:43 - 2014-02-04 23:43 - 00000000 ____D () C:\Users\Ja\Desktop\DJ WICH - YEARBOOK 2013
2014-01-30 12:53 - 2014-01-30 12:53 - 00000229 _____ () C:\Users\Ja\Desktop\akadmici.txt
2014-01-17 16:06 - 2014-01-17 16:06 - 00048674 _____ () C:\Users\Ja\Desktop\Flimmer(0000229980).srt
2014-01-15 20:48 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 20:48 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 20:48 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 20:48 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 20:48 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 20:48 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 20:48 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 20:48 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 20:48 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-15 12:43 - 2014-01-15 12:45 - 25688607 _____ () C:\Users\Ja\Desktop\intro_new_pokus.mp4
2014-01-10 22:58 - 2014-02-04 19:27 - 00001714 _____ () C:\Users\Ja\Desktop\Redaktori.txt
2014-01-09 11:26 - 2014-01-09 11:28 - 00000000 ____D () C:\Users\Ja\Ekahau Site Survey
2014-01-09 11:25 - 2014-02-05 14:12 - 00000000 ____D () C:\Program Files\Ekahau
2014-01-09 11:24 - 2014-01-09 11:25 - 99205096 _____ (Ekahau) C:\Users\Ja\Desktop\Ekahau_HeatMapper-Setup.exe

==================== One Month Modified Files and Folders =======

2014-02-06 14:32 - 2014-02-06 14:30 - 00017056 _____ () C:\Users\Ja\Desktop\FRST.txt
2014-02-06 14:30 - 2014-02-06 14:29 - 00000000 ____D () C:\FRST
2014-02-06 14:29 - 2014-02-06 14:29 - 00029696 _____ () C:\Users\Ja\AppData\Local\MSGBOX.EXE
2014-02-06 14:29 - 2014-02-06 14:29 - 00015327 _____ () C:\Users\Ja\Desktop\LM.bat
2014-02-06 14:26 - 2014-02-06 14:25 - 02082304 _____ (Farbar) C:\Users\Ja\Desktop\FRST64.exe
2014-02-06 14:26 - 2014-02-06 14:25 - 00112640 _____ (forum.viry.cz) C:\Users\Ja\Desktop\FRSTLauncher.exe
2014-02-06 14:22 - 2014-02-06 14:21 - 00935175 _____ () C:\Users\Ja\Desktop\RSITx64.exe
2014-02-06 14:07 - 2013-01-30 11:37 - 00000354 _____ () C:\Windows\Tasks\ROC_JAN2013_TB_rmv.job
2014-02-06 14:07 - 2013-01-13 20:25 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-06 14:04 - 2012-12-16 15:19 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-06 14:02 - 2013-01-13 20:25 - 00000944 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-06 13:07 - 2009-07-14 05:45 - 00022096 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-06 13:07 - 2009-07-14 05:45 - 00022096 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-06 13:03 - 2012-12-16 14:24 - 01997218 _____ () C:\Windows\WindowsUpdate.log
2014-02-06 12:59 - 2012-12-16 14:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-06 12:59 - 2012-12-16 14:33 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-06 12:59 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-06 12:59 - 2009-07-14 05:51 - 00091968 _____ () C:\Windows\setupact.log
2014-02-06 02:28 - 2013-09-13 15:27 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-02-06 02:21 - 2014-02-06 02:21 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-06 02:20 - 2014-02-05 12:05 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-06 02:19 - 2014-02-06 02:19 - 00002766 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-06 02:19 - 2014-02-06 02:19 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-06 02:10 - 2012-12-23 19:37 - 00000000 ____D () C:\BitLord
2014-02-06 02:08 - 2014-02-06 02:07 - 04721144 _____ (Piriform Ltd) C:\Users\Ja\Desktop\ccsetup410pro.exe
2014-02-06 02:05 - 2012-12-16 15:19 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-06 02:05 - 2012-12-16 15:19 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-06 02:05 - 2012-12-16 15:19 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-06 01:40 - 2014-02-06 01:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-06 01:06 - 2012-12-28 11:02 - 00000000 ____D () C:\Program Files (x86)\RelevantKnowledge
2014-02-05 14:12 - 2014-01-09 11:25 - 00000000 ____D () C:\Program Files\Ekahau
2014-02-05 14:12 - 2013-08-15 22:03 - 00000000 ____D () C:\Program Files\GIMP 2
2014-02-05 14:12 - 2013-04-05 18:31 - 00000000 ____D () C:\Users\Ja\AppData\Local\PokerStars
2014-02-05 14:12 - 2013-01-23 23:20 - 00000000 ____D () C:\Users\Ja\AppData\Local\ESL Wire Game Client
2014-02-05 14:12 - 2012-12-16 15:19 - 00000000 ____D () C:\Windows\system32\Macromed
2014-02-05 14:12 - 2012-12-16 14:52 - 00000000 ____D () C:\Users\Ja\AppData\Roaming\GHISLER
2014-02-05 14:12 - 2012-12-16 14:32 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-05 14:12 - 2012-12-16 14:25 - 00000000 ____D () C:\Users\Ja
2014-02-05 14:12 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-02-05 14:11 - 2013-03-28 20:44 - 00000000 ____D () C:\Users\Ja\AppData\Roaming\TeamViewer
2014-02-05 14:11 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-02-05 14:10 - 2013-06-30 20:51 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2014-02-05 14:10 - 2013-06-24 17:54 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-05 14:10 - 2012-12-16 14:57 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-02-05 12:00 - 2013-11-10 17:40 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-05 10:46 - 2011-04-12 09:45 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-02-05 00:02 - 2012-12-16 15:06 - 00000000 ____D () C:\Users\Ja\AppData\Roaming\TS3Client
2014-02-04 23:43 - 2014-02-04 23:43 - 00000000 ____D () C:\Users\Ja\Desktop\DJ WICH - YEARBOOK 2013
2014-02-04 19:27 - 2014-01-10 22:58 - 00001714 _____ () C:\Users\Ja\Desktop\Redaktori.txt
2014-01-30 12:53 - 2014-01-30 12:53 - 00000229 _____ () C:\Users\Ja\Desktop\akadmici.txt
2014-01-23 21:44 - 2012-12-16 15:25 - 00110088 _____ () C:\Users\Ja\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-21 11:20 - 2012-12-17 14:26 - 00000000 ____D () C:\Users\Ja\AppData\Local\Adobe
2014-01-17 16:06 - 2014-01-17 16:06 - 00048674 _____ () C:\Users\Ja\Desktop\Flimmer(0000229980).srt
2014-01-16 09:59 - 2010-11-21 04:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-16 09:17 - 2009-07-14 05:45 - 04976488 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-15 22:30 - 2013-01-28 21:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-15 22:29 - 2013-08-15 14:52 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-15 22:28 - 2013-01-19 10:17 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 12:45 - 2014-01-15 12:43 - 25688607 _____ () C:\Users\Ja\Desktop\intro_new_pokus.mp4
2014-01-11 15:46 - 2013-06-16 11:07 - 00000000 ____D () C:\Program Files (x86)\Shifters Anticheat
2014-01-10 14:25 - 2013-12-18 16:02 - 00000000 ____D () C:\Users\Ja\Desktop\Škola
2014-01-09 12:15 - 2013-05-19 02:07 - 00000000 ____D () C:\Users\Ja\Desktop\Kraviny
2014-01-09 11:28 - 2014-01-09 11:26 - 00000000 ____D () C:\Users\Ja\Ekahau Site Survey
2014-01-09 11:25 - 2014-01-09 11:24 - 99205096 _____ (Ekahau) C:\Users\Ja\Desktop\Ekahau_HeatMapper-Setup.exe
2014-01-07 11:37 - 2009-07-14 06:08 - 00032584 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

Some content of TEMP:
====================
C:\Users\Ja\AppData\Local\Temp\autorun.exe
C:\Users\Ja\AppData\Local\Temp\BitLord_1.1.exe
C:\Users\Ja\AppData\Local\Temp\drm_dyndata_7370007.dll
C:\Users\Ja\AppData\Local\Temp\drm_dyndata_7370012.dll
C:\Users\Ja\AppData\Local\Temp\EslWireSetup-1.15.2.7446-x64.exe
C:\Users\Ja\AppData\Local\Temp\EslWireSetup-1.16.0.7619-x64.exe
C:\Users\Ja\AppData\Local\Temp\EslWireSetup-1.16.0.7631-x64.exe
C:\Users\Ja\AppData\Local\Temp\EslWireSetup-1.16.0.7636-x64.exe
C:\Users\Ja\AppData\Local\Temp\EslWireSetup-1.17.0.7639-x64.exe
C:\Users\Ja\AppData\Local\Temp\EslWireSetup-1.17.1.7657-x64.exe
C:\Users\Ja\AppData\Local\Temp\EslWireSetup-1.17.2.7687-x64.exe
C:\Users\Ja\AppData\Local\Temp\EslWireSetup-1.17.3.7769-x64.exe
C:\Users\Ja\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe
C:\Users\Ja\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Ja\AppData\Local\Temp\FreemakeVideoConverter_4.0.0.2.exe
C:\Users\Ja\AppData\Local\Temp\GenericUninstall.exe
C:\Users\Ja\AppData\Local\Temp\icqsetup.exe
C:\Users\Ja\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Ja\AppData\Local\Temp\lua5.1.dll
C:\Users\Ja\AppData\Local\Temp\lua51.dll
C:\Users\Ja\AppData\Local\Temp\mgsqlite3.dll
C:\Users\Ja\AppData\Local\Temp\nvStInst.exe
C:\Users\Ja\AppData\Local\Temp\oi_{1231E3B2-6A61-4B1F-A45B-03675C22B742}.exe
C:\Users\Ja\AppData\Local\Temp\PIPInstaller_PTV_.exe
C:\Users\Ja\AppData\Local\Temp\ScriptHelper.exe
C:\Users\Ja\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Ja\AppData\Local\Temp\sfamcc00002.dll
C:\Users\Ja\AppData\Local\Temp\sfextra.dll
C:\Users\Ja\AppData\Local\Temp\SimboApp.exe
C:\Users\Ja\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\Ja\AppData\Local\Temp\sonarinst.exe
C:\Users\Ja\AppData\Local\Temp\SRLDetectionLibrary870657094533768062.dll
C:\Users\Ja\AppData\Local\Temp\ubi4264.tmp.exe
C:\Users\Ja\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\Ja\AppData\Local\Temp\uninstaller.exe
C:\Users\Ja\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Ja\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Ja\AppData\Local\Temp\~19C8.exe
C:\Users\Ja\AppData\Local\Temp\~686.exe
C:\Users\Ja\AppData\Local\Temp\~E83C.exe
C:\Users\Ja\AppData\Local\Temp\~EED1.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-29 16:29

==================== End Of Log ============================


RSIT LOG:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Ja at 2014-02-06 14:45:30
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 731 GB (77%) free of 954 GB
Total RAM: 6135 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:46:58, on 6.2.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\D\STEAM\Steam.exe
C:\Program Files (x86)\Daum\PotPlayer\PotPlayerMini.exe
C:\Program Files\trend micro\Ja.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: ESL Wire Helper Service (EslWireHelper) - Unknown owner - C:\Program Files\EslWire\service\WireHelperSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10880 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files\EslWire\service\WireHelperSvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe"
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe"
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe" KMPProcess
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Deskjet F300 Series#1355669071" -Startup
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\D\STEAM\Steam.exe"
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Daum\PotPlayer\PotPlayerMini.exe" "C:\E\PLAYLIST\3. 50 Cent - Get money.mp3"
"C:\Users\Ja\Desktop\RSITx64.exe"
"C:\Windows\system32\SearchFilterHost.exe" 0 536 540 548 65536 544
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\ROC_JAN2013_TB_rmv.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\7m78bmrq.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.44 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.3.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll


C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\7m78bmrq.default\extensions\
cs@dictionaries.addons.mozilla.org

C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\7m78bmrq.default\searchplugins\
icqplugin.xml
sweetim.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-02-27 75656]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-01-29 10038304]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-09-17 4030008]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-11-06 3673728]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-01-21 6087448]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2010-01-19 43632]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-04-27 113288]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208]
""= []
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-02-06 14:45:30 ----D---- C:\rsit
2014-02-06 14:45:30 ----D---- C:\Program Files\trend micro
2014-02-06 14:29:42 ----D---- C:\FRST
2014-02-06 01:39:53 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-02-05 12:05:03 ----D---- C:\Program Files\CCleaner
2014-01-15 20:48:04 ----A---- C:\Windows\system32\drivers\usbport.sys
2014-01-15 20:48:04 ----A---- C:\Windows\system32\drivers\usbehci.sys
2014-01-15 20:48:03 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2014-01-15 20:48:03 ----A---- C:\Windows\system32\drivers\usbohci.sys
2014-01-15 20:48:03 ----A---- C:\Windows\system32\drivers\usbhub.sys
2014-01-15 20:48:03 ----A---- C:\Windows\system32\drivers\usbd.sys
2014-01-15 20:48:03 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2014-01-15 20:48:02 ----A---- C:\Windows\system32\win32k.sys
2014-01-15 20:48:02 ----A---- C:\Windows\system32\drivers\netio.sys
2014-01-09 11:25:43 ----D---- C:\Program Files\Ekahau

======List of files/folders modified in the last 1 month======

2014-02-06 14:46:18 ----D---- C:\Windows\Prefetch
2014-02-06 14:45:38 ----D---- C:\Windows\Temp
2014-02-06 14:45:30 ----RD---- C:\Program Files
2014-02-06 14:33:46 ----D---- C:\Windows
2014-02-06 14:03:55 ----D---- C:\Windows\system32\config
2014-02-06 13:53:25 ----SHD---- C:\System Volume Information
2014-02-06 12:59:45 ----D---- C:\ProgramData\NVIDIA
2014-02-06 12:59:39 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-06 02:28:02 ----D---- C:\Program Files (x86)\SpeedFan
2014-02-06 02:21:29 ----RD---- C:\Program Files (x86)
2014-02-06 02:19:23 ----D---- C:\Windows\system32\Tasks
2014-02-06 02:10:37 ----D---- C:\BitLord
2014-02-06 02:05:36 ----D---- C:\Windows\SysWOW64
2014-02-06 02:05:32 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-02-06 01:06:56 ----D---- C:\Program Files (x86)\RelevantKnowledge
2014-02-06 00:01:49 ----A---- C:\Windows\ntbtlog.txt
2014-02-05 23:59:02 ----D---- C:\Windows\system32\catroot2
2014-02-05 14:13:53 ----RSD---- C:\Windows\Fonts
2014-02-05 14:13:53 ----D---- C:\Windows\Tasks
2014-02-05 14:13:53 ----D---- C:\Windows\system32\wfp
2014-02-05 14:13:51 ----D---- C:\Windows\system32\wbem
2014-02-05 14:12:33 ----D---- C:\Windows\system32\DriverStore
2014-02-05 14:12:33 ----D---- C:\Windows\system32\drivers
2014-02-05 14:12:33 ----D---- C:\Windows\System32
2014-02-05 14:12:32 ----D---- C:\Windows\system32\Macromed
2014-02-05 14:12:32 ----D---- C:\Windows\inf
2014-02-05 14:12:32 ----D---- C:\Windows\AppCompat
2014-02-05 14:12:30 ----D---- C:\Users\Ja\AppData\Roaming\GHISLER
2014-02-05 14:12:29 ----D---- C:\Program Files\GIMP 2
2014-02-05 14:12:20 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-02-05 14:12:19 ----D---- C:\Program Files (x86)\Common Files
2014-02-05 14:11:33 ----D---- C:\Windows\registration
2014-02-05 14:11:15 ----D---- C:\Users\Ja\AppData\Roaming\TeamViewer
2014-02-05 14:10:49 ----SD---- C:\ProgramData\Microsoft
2014-02-05 14:10:13 ----D---- C:\Program Files (x86)\TeamViewer
2014-02-05 14:10:09 ----D---- C:\Program Files (x86)\Rockstar Games
2014-02-05 14:10:00 ----D---- C:\Program Files (x86)\Java
2014-02-05 12:00:29 ----D---- C:\ProgramData\Oracle
2014-02-05 12:00:26 ----HD---- C:\Config.Msi
2014-02-05 00:02:34 ----D---- C:\Users\Ja\AppData\Roaming\TS3Client
2014-01-16 09:59:44 ----N---- C:\Windows\system32\MpSigStub.exe
2014-01-16 09:18:30 ----D---- C:\Windows\winsxs
2014-01-15 22:30:28 ----SHD---- C:\Windows\Installer
2014-01-15 22:30:26 ----D---- C:\ProgramData\Microsoft Help
2014-01-15 22:29:53 ----D---- C:\Windows\system32\MRT
2014-01-15 22:28:20 ----A---- C:\Windows\system32\MRT.exe
2014-01-15 20:47:58 ----D---- C:\Windows\system32\catroot
2014-01-11 15:46:20 ----D---- C:\Program Files (x86)\Shifters Anticheat

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2011-08-04 62496]
R0 ESLWireAC;ESLWireAC; C:\Windows\system32\drivers\ESLWireACD.sys [2013-11-29 184968]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2010-05-31 116848]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-16 283200]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2011-08-04 146432]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2011-08-04 38288]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2011-08-09 202576]
R2 EkaProt6;Ekahau User Protocol Driver for NDIS 6; C:\Windows\system32\DRIVERS\ekaprot6.sys [2011-01-31 27288]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2011-08-04 187632]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-01-29 2260256]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2005-03-29 8192]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 83080]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 184968]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-07-03 189288]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-03-22 347680]
S3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2013-11-30 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2013-11-30 27760]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\Windows\system32\DRIVERS\s1018bus.sys [2009-03-25 113704]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 19496]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 153128]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 133160]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 34856]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1018obex.sys [2009-03-25 128552]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1018unic.sys [2009-03-25 146472]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WinUsb;Sony so0103 ADB Interface; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2011-08-09 974944]
R2 EslWireHelper;ESL Wire Helper Service; C:\Program Files\EslWire\service\WireHelperSvc.exe [2013-06-11 663056]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 884512]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [2013-07-08 1922600]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
R2 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-04-23 3574624]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-01-27 571816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-08 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-13 116648]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-25 1260320]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-06 257928]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-13 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-02-06 118896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-12-17 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]

-----------------EOF-----------------

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Děkuji za reakci, zde jsou dané logy -

JRT LOG:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows 7 Professional x64
Ran by Ja on źt 06.02.2014 at 18:09:18,28
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-269704162-1563387727-845643652-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\updater.amiupd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\updater.amiupd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bundlesweetimsetup_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bundlesweetimsetup_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetpacksupdatemanager_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{99c91fc5-db5b-4aa0-bb70-5d89c5a4df96}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APN_ATU3__RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APN_ATU3__RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
Successfully deleted: [Registry Key] "hkey_current_user\software\pip"



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Ja\AppData\Roaming\big fish games"
Successfully deleted: [Folder] "C:\Users\Ja\appdata\local\tempdir"
Successfully deleted: [Folder] "C:\Program Files (x86)\icq6toolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\relevantknowledge"
Successfully deleted: [Folder] "C:\Program Files (x86)\sweetim"



~~~ FireFox

Successfully deleted: [File] C:\Users\Ja\AppData\Roaming\mozilla\firefox\profiles\7m78bmrq.default\invalidprefs.js
Successfully deleted: [File] C:\Users\Ja\AppData\Roaming\mozilla\firefox\profiles\7m78bmrq.default\searchplugins\sweetim.xml
Emptied folder: C:\Users\Ja\AppData\Roaming\mozilla\firefox\profiles\7m78bmrq.default\minidumps [126 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 06.02.2014 at 18:30:20,20
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



ADWCLEANER LOG:

# AdwCleaner v3.018 - Report created 06/02/2014 at 19:03:45
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Ja - KUCHTA44
# Running from : C:\Users\Ja\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

[!] Folder Deleted : C:\BitLord
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitLord
Folder Deleted : C:\Program Files (x86)\BitLord
Folder Deleted : C:\Users\Ja\AppData\Roaming\BitLord
Folder Deleted : C:\Users\Ja\Documents\BitLord
Folder Deleted : C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\g208khso.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
Folder Deleted : C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\r0xcdenv.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
Folder Deleted : C:\Users\Ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
File Deleted : C:\Users\Ja\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\7m78bmrq.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\g208khso.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\r0xcdenv.default\searchplugins\icqplugin.xml

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\PIP

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

-\\ Mozilla Firefox v27.0 (cs)

[ File : C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\7m78bmrq.default\prefs.js ]


[ File : C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\g208khso.default\prefs.js ]

Line Deleted : user_pref("icqtoolbar.skip_default_search", "yes");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://start.icq.com/");
Line Deleted : user_pref("icqtoolbar.installsource", "1");
Line Deleted : user_pref("icqtoolbar.showPc", true);

[ File : C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\r0xcdenv.default\prefs.js ]

Line Deleted : user_pref("icqtoolbar.skip_default_search", "yes");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://start.icq.com/");
Line Deleted : user_pref("icqtoolbar.installsource", "1");
Line Deleted : user_pref("icqtoolbar.showPc", true);

-\\ Google Chrome v32.0.1700.107

[ File : C:\Users\Ja\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [3506 octets] - [06/02/2014 19:01:39]
AdwCleaner[S0].txt - [3325 octets] - [06/02/2014 19:03:45]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3385 octets] ##########

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  srinfo;
  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Trvalo to skoro hodinu a půl, tak snad to bude stát za to

ZOEK LOG:


Zoek.exe v5.0.0.0 Updated 31-January-2014
Tool run by Ja on źt 06.02.2014 at 22:02:23,02.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Ja\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

6.2.2014 22:17:26 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Creating Sample_06.02.2014_2242.zip ======================

Copied file C:\Users\Ja\AppData\Local\MSGBOX.EXE to sample\MSGBOX.EXE
sample\MSGBOX.EXE renamed to DD091A1C8075F061811515A1B13A5E07

C:\Users\Public\Desktop\sample_06.02.2014_2242.zip created successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\7m78bmrq.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.seznam.cz/");

Added to C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\7m78bmrq.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\g208khso.default\prefs.js:
user_pref("browser.search.defaultenginename", "ICQ Search");
user_pref("browser.search.selectedEngine", "ICQ Search");

Added to C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\g208khso.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\r0xcdenv.default\prefs.js:
user_pref("browser.search.defaultenginename", "ICQ Search");
user_pref("browser.search.selectedEngine", "ICQ Search");

Added to C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\r0xcdenv.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\7m78bmrq.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_06.02.2014_2247_.backup

ProfilePath: C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\g208khso.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_06.02.2014_2247_.backup

ProfilePath: C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\r0xcdenv.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_06.02.2014_2247_.backup

==== Deleting Files \ Folders ======================

C:\Users\Ja\.android deleted
C:\Users\Ja\AppData\Roaming\burnaware.ini deleted
C:\ProgramData\ICQ deleted
C:\ProgramData\Package Cache deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\Windows\tasks\ROC_JAN2013_TB_rmv.job deleted
C:\windows\SysNative\tasks\ROC_JAN2013_TB_rmv deleted
C:\Windows\Syswow64\tmp4D82.tmp deleted
C:\Windows\Syswow64\tmp4DC2.tmp deleted
C:\Windows\Syswow64\tmp6C0C.tmp deleted
C:\Windows\Syswow64\tmp6C0D.tmp deleted
C:\Windows\Syswow64\tmp888.tmp deleted
C:\Windows\Syswow64\tmp8A9.tmp deleted
C:\Users\Ja\AppData\Local\MSGBOX.EXE deleted

======== System Restore Points ========

RP213: 6.2.2014 22:16:18 - zoek.exe restore point

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [16.12.2012 15:41]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [16.12.2012 15:41]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\7m78bmrq.default
- Undetermined - %ProfilePath%\extensions\sfStatistics.xml
- esk slovnk pro kontrolu pravopisu - %ProfilePath%\extensions\cs@dictionaries.addons.mozilla.org
- Walnut pour Firefox em:descriptionWalnut pour Firefox bas sur des icnes de art.gnome.org. Inclut le support de DOM inspector downloadstatusbar QuickNote Offline Googlebar tabsidebar Stylish adblockplus DataManager Flagfox Forecast Weather Hide Caption ViewAbout TabMixPlus AllInOneSidebar StumbleUpon et Favicon Restorer. - %ProfilePath%\extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}.xpi
- Speed Dial - %ProfilePath%\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\7m78bmrq.default
FD6ACD9D85177259D442A0C4AC15F7B8 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll - Shockwave Flash
0C0C5C207121C7A78414A8250E8E099A - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll - Shockwave for Director / Shockwave for Director


==== Chrome Look ======================


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"ICQ Search"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="C:\\ProgramData\\ICQ\\ICQNewTab\\newTab.html"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="C:\\ProgramData\\ICQ\\ICQNewTab\\newTab.html"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"ICQ Search"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"

==== Reset Google Chrome ======================

C:\Users\Ja\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Ja\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Ja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Ja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Ja\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Ja\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Ja\AppData\Local\Mozilla\Firefox\Profiles\7m78bmrq.default\Cache emptied successfully
C:\Users\Ja\AppData\Local\Mozilla\Firefox\Profiles\r0xcdenv.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Ja\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=90 folders=24 139299551 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Users\Ja\AppData\Local\Temp will be emptied at reboot
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Ja\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not found

==== EOF on źt 06.02.2014 at 23:34:46,69 ======================

Poprosim o log del tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100

PC uz by mel dychat aspon o trochu lepe

Abych pravdu řekl, tak je na tom stále bídně

FRST LOG:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-02-2014
Ran by Ja (administrator) on KUCHTA44 on 07-02-2014 09:56:24
Running from C:\Users\Ja\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
() C:\Program Files\EslWire\service\WireHelperSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Pandora.TV) C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(PandoraTV) C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Users\Ja\Desktop\FRSTLauncher.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10038304 2010-01-29] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [4030008 2013-09-17] (ESET)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] ()
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [hpqSRMon] - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-269704162-1563387727-845643652-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKU\S-1-5-21-269704162-1563387727-845643652-1000\...\Run: [CCleaner Monitoring] - C:\Program Files\CCleaner\CCleaner64.exe [6087448 2014-01-21] (Piriform Ltd)
HKU\S-1-5-21-269704162-1563387727-845643652-1000\...\MountPoints2: {372e48bc-2127-11e3-9c47-bcaec524ce76} - G:\Startme.exe
HKU\S-1-5-21-269704162-1563387727-845643652-1000\...\MountPoints2: {b9522aa4-4785-11e2-9d3d-bcaec524ce76} - E:\Autorun.exe

==================== Internet (Whitelisted) ====================

SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\7m78bmrq.default
FF NewTab: hxxp://www.google.com/
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Český slovník pro kontrolu pravopisu - C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\7m78bmrq.default\Extensions\cs@dictionaries.addons.mozilla.org [2013-01-12]
FF Extension: Walnut for Firefox - C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\7m78bmrq.default\Extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}.xpi [2012-12-16]
FF Extension: Speed Dial - C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\7m78bmrq.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2012-12-16]
FF Extension: Adblock Plus - C:\Users\Ja\AppData\Roaming\Mozilla\Firefox\Profiles\7m78bmrq.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-05-28]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-09-17]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-12-16]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-09-17]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-12-16]

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Google Docs) - C:\Users\Ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-01-13]
CHR Extension: (Google Drive) - C:\Users\Ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-13]
CHR Extension: (YouTube) - C:\Users\Ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-13]
CHR Extension: (Google Search) - C:\Users\Ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-13]
CHR Extension: (No Name) - C:\Users\Ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2013-01-13]
CHR Extension: (Google Wallet) - C:\Users\Ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-06]
CHR Extension: (Gmail) - C:\Users\Ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-13]

==================== Services (Whitelisted) =================

R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [974944 2011-08-09] (ESET)
R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [663056 2013-06-11] ()
R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [1922600 2013-07-08] (Pandora.TV)

==================== Drivers (Whitelisted) ====================

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-12-16] (DT Soft Ltd)
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [202576 2011-08-09] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [146432 2011-08-04] (ESET)
R2 EkaProt6; C:\Windows\System32\DRIVERS\ekaprot6.sys [27288 2011-01-31] (Ekahau Inc.)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [187632 2011-08-04] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [38288 2011-08-04] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62496 2011-08-04] (ESET)
R0 ESLWireAC; C:\Windows\System32\drivers\ESLWireACD.sys [184968 2013-11-29] (<Turtle Entertainment>)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)
S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [19496 2009-03-25] (MCCI Corporation)
S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [153128 2009-03-25] (MCCI Corporation)
S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)
S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [34856 2009-03-25] (MCCI Corporation)
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)
S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-07 09:56 - 2014-02-07 09:58 - 00014868 _____ () C:\Users\Ja\Desktop\FRST.txt
2014-02-07 09:55 - 2014-02-07 09:55 - 00000000 ____D () C:\Users\Ja\Desktop\FRST-OlderVersion
2014-02-06 23:05 - 2014-02-06 21:56 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-02-06 22:43 - 2014-02-06 22:43 - 00007161 _____ () C:\Users\Public\Desktop\sample_06.02.2014_2242.zip
2014-02-06 22:16 - 2014-02-06 23:34 - 00012449 _____ () C:\zoek-results.log
2014-02-06 21:56 - 2014-02-06 22:55 - 00000000 ____D () C:\zoek_backup
2014-02-06 21:53 - 2014-02-06 21:53 - 01283584 _____ () C:\Users\Ja\Desktop\zoek.exe
2014-02-06 19:59 - 2014-02-06 19:59 - 00003884 _____ () C:\Users\Ja\Desktop\config.cfg
2014-02-06 19:00 - 2014-02-06 19:16 - 00000000 ____D () C:\AdwCleaner
2014-02-06 18:30 - 2014-02-06 18:30 - 00004961 _____ () C:\Users\Ja\Desktop\JRT.txt
2014-02-06 18:07 - 2014-02-06 18:07 - 00000000 ____D () C:\Windows\ERUNT
2014-02-06 18:05 - 2014-02-06 18:05 - 01166132 _____ () C:\Users\Ja\Desktop\adwcleaner.exe
2014-02-06 18:04 - 2014-02-06 18:04 - 01037530 _____ (Thisisu) C:\Users\Ja\Desktop\JRT.exe
2014-02-06 16:49 - 2014-02-06 16:49 - 00036398 _____ () C:\Users\Ja\Desktop\Community-S05E04(0000230412).srt
2014-02-06 16:49 - 2014-02-06 16:49 - 00031627 _____ () C:\Users\Ja\Desktop\Community-S05E06(0000231299).srt
2014-02-06 16:49 - 2014-02-06 16:49 - 00029411 _____ () C:\Users\Ja\Desktop\Community-S05E05(0000230815).srt
2014-02-06 16:20 - 2014-02-06 16:25 - 88039817 _____ () C:\Users\Ja\Desktop\new_gv_custom-preview.mp4
2014-02-06 14:45 - 2014-02-06 14:47 - 00000000 ____D () C:\rsit
2014-02-06 14:45 - 2014-02-06 14:46 - 00000000 ____D () C:\Program Files\trend micro
2014-02-06 14:34 - 2014-02-06 14:34 - 00029408 _____ () C:\Users\Ja\Desktop\FRST2.txt
2014-02-06 14:29 - 2014-02-07 09:56 - 00000000 ____D () C:\FRST
2014-02-06 14:25 - 2014-02-07 09:55 - 02079744 _____ (Farbar) C:\Users\Ja\Desktop\FRST64.exe
2014-02-06 14:21 - 2014-02-06 14:22 - 00935175 _____ () C:\Users\Ja\Desktop\RSITx64.exe
2014-02-06 02:21 - 2014-02-06 02:21 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-06 02:19 - 2014-02-06 02:19 - 00002766 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-06 02:19 - 2014-02-06 02:19 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-06 02:07 - 2014-02-06 02:08 - 04721144 _____ (Piriform Ltd) C:\Users\Ja\Desktop\ccsetup410pro.exe
2014-02-06 01:39 - 2014-02-06 01:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-05 12:05 - 2014-02-06 02:20 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-04 23:43 - 2014-02-04 23:43 - 00000000 ____D () C:\Users\Ja\Desktop\DJ WICH - YEARBOOK 2013
2014-01-30 12:53 - 2014-01-30 12:53 - 00000229 _____ () C:\Users\Ja\Desktop\akadmici.txt
2014-01-17 16:06 - 2014-01-17 16:06 - 00048674 _____ () C:\Users\Ja\Desktop\Flimmer(0000229980).srt
2014-01-15 20:48 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 20:48 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 20:48 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 20:48 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 20:48 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 20:48 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 20:48 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 20:48 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 20:48 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-15 12:43 - 2014-01-15 12:45 - 25688607 _____ () C:\Users\Ja\Desktop\intro_new_pokus.mp4
2014-01-10 22:58 - 2014-02-04 19:27 - 00001714 _____ () C:\Users\Ja\Desktop\Redaktori.txt
2014-01-09 11:26 - 2014-01-09 11:28 - 00000000 ____D () C:\Users\Ja\Ekahau Site Survey
2014-01-09 11:25 - 2014-02-05 14:12 - 00000000 ____D () C:\Program Files\Ekahau
2014-01-09 11:24 - 2014-01-09 11:25 - 99205096 _____ (Ekahau) C:\Users\Ja\Desktop\Ekahau_HeatMapper-Setup.exe

==================== One Month Modified Files and Folders =======

2014-02-07 09:58 - 2014-02-07 09:56 - 00014868 _____ () C:\Users\Ja\Desktop\FRST.txt
2014-02-07 09:56 - 2014-02-06 14:29 - 00000000 ____D () C:\FRST
2014-02-07 09:55 - 2014-02-07 09:55 - 00000000 ____D () C:\Users\Ja\Desktop\FRST-OlderVersion
2014-02-07 09:55 - 2014-02-06 14:25 - 02079744 _____ (Farbar) C:\Users\Ja\Desktop\FRST64.exe
2014-02-07 09:45 - 2013-01-13 20:25 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-07 09:32 - 2012-12-16 14:24 - 01055038 _____ () C:\Windows\WindowsUpdate.log
2014-02-07 09:30 - 2009-07-14 05:45 - 00022096 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-07 09:30 - 2009-07-14 05:45 - 00022096 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-07 09:23 - 2012-12-16 14:33 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-07 09:23 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-07 09:23 - 2009-07-14 05:51 - 00092192 _____ () C:\Windows\setupact.log
2014-02-07 00:17 - 2013-09-13 15:27 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-02-07 00:04 - 2012-12-16 15:19 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-07 00:02 - 2013-01-13 20:25 - 00000944 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-06 23:34 - 2014-02-06 22:16 - 00012449 _____ () C:\zoek-results.log
2014-02-06 23:28 - 2010-11-21 04:47 - 00178058 _____ () C:\Windows\PFRO.log
2014-02-06 22:55 - 2014-02-06 21:56 - 00000000 ____D () C:\zoek_backup
2014-02-06 22:55 - 2012-12-16 14:25 - 00000000 ____D () C:\Users\Ja
2014-02-06 22:43 - 2014-02-06 22:43 - 00007161 _____ () C:\Users\Public\Desktop\sample_06.02.2014_2242.zip
2014-02-06 21:56 - 2014-02-06 23:05 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-02-06 21:55 - 2012-12-16 15:06 - 00000000 ____D () C:\Users\Ja\AppData\Roaming\TS3Client
2014-02-06 21:53 - 2014-02-06 21:53 - 01283584 _____ () C:\Users\Ja\Desktop\zoek.exe
2014-02-06 19:59 - 2014-02-06 19:59 - 00003884 _____ () C:\Users\Ja\Desktop\config.cfg
2014-02-06 19:16 - 2014-02-06 19:00 - 00000000 ____D () C:\AdwCleaner
2014-02-06 18:30 - 2014-02-06 18:30 - 00004961 _____ () C:\Users\Ja\Desktop\JRT.txt
2014-02-06 18:07 - 2014-02-06 18:07 - 00000000 ____D () C:\Windows\ERUNT
2014-02-06 18:05 - 2014-02-06 18:05 - 01166132 _____ () C:\Users\Ja\Desktop\adwcleaner.exe
2014-02-06 18:04 - 2014-02-06 18:04 - 01037530 _____ (Thisisu) C:\Users\Ja\Desktop\JRT.exe
2014-02-06 17:44 - 2012-12-16 15:25 - 00110088 _____ () C:\Users\Ja\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-06 16:49 - 2014-02-06 16:49 - 00036398 _____ () C:\Users\Ja\Desktop\Community-S05E04(0000230412).srt
2014-02-06 16:49 - 2014-02-06 16:49 - 00031627 _____ () C:\Users\Ja\Desktop\Community-S05E06(0000231299).srt
2014-02-06 16:49 - 2014-02-06 16:49 - 00029411 _____ () C:\Users\Ja\Desktop\Community-S05E05(0000230815).srt
2014-02-06 16:25 - 2014-02-06 16:20 - 88039817 _____ () C:\Users\Ja\Desktop\new_gv_custom-preview.mp4
2014-02-06 14:47 - 2014-02-06 14:45 - 00000000 ____D () C:\rsit
2014-02-06 14:46 - 2014-02-06 14:45 - 00000000 ____D () C:\Program Files\trend micro
2014-02-06 14:34 - 2014-02-06 14:34 - 00029408 _____ () C:\Users\Ja\Desktop\FRST2.txt
2014-02-06 14:22 - 2014-02-06 14:21 - 00935175 _____ () C:\Users\Ja\Desktop\RSITx64.exe
2014-02-06 12:59 - 2012-12-16 14:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-06 02:21 - 2014-02-06 02:21 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-06 02:20 - 2014-02-05 12:05 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-06 02:19 - 2014-02-06 02:19 - 00002766 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-06 02:19 - 2014-02-06 02:19 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-06 02:08 - 2014-02-06 02:07 - 04721144 _____ (Piriform Ltd) C:\Users\Ja\Desktop\ccsetup410pro.exe
2014-02-06 02:05 - 2012-12-16 15:19 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-06 02:05 - 2012-12-16 15:19 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-06 02:05 - 2012-12-16 15:19 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-06 01:40 - 2014-02-06 01:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-05 14:12 - 2014-01-09 11:25 - 00000000 ____D () C:\Program Files\Ekahau
2014-02-05 14:12 - 2013-08-15 22:03 - 00000000 ____D () C:\Program Files\GIMP 2
2014-02-05 14:12 - 2013-04-05 18:31 - 00000000 ____D () C:\Users\Ja\AppData\Local\PokerStars
2014-02-05 14:12 - 2013-01-23 23:20 - 00000000 ____D () C:\Users\Ja\AppData\Local\ESL Wire Game Client
2014-02-05 14:12 - 2012-12-16 15:19 - 00000000 ____D () C:\Windows\system32\Macromed
2014-02-05 14:12 - 2012-12-16 14:52 - 00000000 ____D () C:\Users\Ja\AppData\Roaming\GHISLER
2014-02-05 14:12 - 2012-12-16 14:32 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-05 14:12 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-02-05 14:11 - 2013-03-28 20:44 - 00000000 ____D () C:\Users\Ja\AppData\Roaming\TeamViewer
2014-02-05 14:11 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-02-05 14:10 - 2013-06-30 20:51 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2014-02-05 14:10 - 2013-06-24 17:54 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-05 14:10 - 2012-12-16 14:57 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-02-05 12:00 - 2013-11-10 17:40 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-05 10:46 - 2011-04-12 09:45 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-02-04 23:43 - 2014-02-04 23:43 - 00000000 ____D () C:\Users\Ja\Desktop\DJ WICH - YEARBOOK 2013
2014-02-04 19:27 - 2014-01-10 22:58 - 00001714 _____ () C:\Users\Ja\Desktop\Redaktori.txt
2014-01-30 12:53 - 2014-01-30 12:53 - 00000229 _____ () C:\Users\Ja\Desktop\akadmici.txt
2014-01-21 11:20 - 2012-12-17 14:26 - 00000000 ____D () C:\Users\Ja\AppData\Local\Adobe
2014-01-17 16:06 - 2014-01-17 16:06 - 00048674 _____ () C:\Users\Ja\Desktop\Flimmer(0000229980).srt
2014-01-16 09:59 - 2010-11-21 04:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-16 09:17 - 2009-07-14 05:45 - 04976488 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-15 22:30 - 2013-01-28 21:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-15 22:29 - 2013-08-15 14:52 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-15 22:28 - 2013-01-19 10:17 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 12:45 - 2014-01-15 12:43 - 25688607 _____ () C:\Users\Ja\Desktop\intro_new_pokus.mp4
2014-01-11 15:46 - 2013-06-16 11:07 - 00000000 ____D () C:\Program Files (x86)\Shifters Anticheat
2014-01-10 14:25 - 2013-12-18 16:02 - 00000000 ____D () C:\Users\Ja\Desktop\Škola
2014-01-09 12:15 - 2013-05-19 02:07 - 00000000 ____D () C:\Users\Ja\Desktop\Kraviny
2014-01-09 11:28 - 2014-01-09 11:26 - 00000000 ____D () C:\Users\Ja\Ekahau Site Survey
2014-01-09 11:25 - 2014-01-09 11:24 - 99205096 _____ (Ekahau) C:\Users\Ja\Desktop\Ekahau_HeatMapper-Setup.exe

Some content of TEMP:
====================
C:\Users\Ja\AppData\Local\Temp\sfamcc00001.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: ESET Smart Security 5.0 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET Smart Security 5.0 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall (Enabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Ja\Desktop" je 33217 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================


Addition je v příloze.

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
  HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
  HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
  HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
  HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
  HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
  HKLM-x32\...\Run: [] - [X]
  HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
  HKU\S-1-5-21-269704162-1563387727-845643652-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
  HKU\S-1-5-21-269704162-1563387727-845643652-1000\...\Run: [CCleaner Monitoring] - C:\Program Files\CCleaner\CCleaner64.exe [6087448 2014-01-21] (Piriform Ltd)
  HKU\S-1-5-21-269704162-1563387727-845643652-1000\...\MountPoints2: {372e48bc-2127-11e3-9c47-bcaec524ce76} - G:\Startme.exe
  HKU\S-1-5-21-269704162-1563387727-845643652-1000\...\MountPoints2: {b9522aa4-4785-11e2-9d3d-bcaec524ce76} - E:\Autorun.exe
  
  SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
  SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
  
  R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [1922600 2013-07-08] (Pandora.TV)
  
  2014-02-07 09:55 - 2014-02-07 09:55 - 00000000 ____D () C:\Users\Ja\Desktop\FRST-OlderVersion
  2014-02-06 23:05 - 2014-02-06 21:56 - 00024064 _____ () C:\Windows\zoek-delete.exe
  2014-02-06 22:43 - 2014-02-06 22:43 - 00007161 _____ () C:\Users\Public\Desktop\sample_06.02.2014_2242.zip
  2014-02-06 22:16 - 2014-02-06 23:34 - 00012449 _____ () C:\zoek-results.log
  2014-02-06 21:56 - 2014-02-06 22:55 - 00000000 ____D () C:\zoek_backup
  2014-02-06 21:53 - 2014-02-06 21:53 - 01283584 _____ () C:\Users\Ja\Desktop\zoek.exe
  2014-02-06 18:30 - 2014-02-06 18:30 - 00004961 _____ () C:\Users\Ja\Desktop\JRT.txt
  2014-02-06 18:05 - 2014-02-06 18:05 - 01166132 _____ () C:\Users\Ja\Desktop\adwcleaner.exe
  2014-02-06 18:04 - 2014-02-06 18:04 - 01037530 _____ (Thisisu) C:\Users\Ja\Desktop\JRT.exe
  2014-02-06 14:34 - 2014-02-06 14:34 - 00029408 _____ () C:\Users\Ja\Desktop\FRST2.txt
  2014-02-06 14:21 - 2014-02-06 14:22 - 00935175 _____ () C:\Users\Ja\Desktop\RSITx64.exe
  
  Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  
  C:\Program Files (x86)\PANDORA.TV
  
  Hosts:
  CMD: shutdown /r /f /t 2
  
  End

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Provedeno, fixlog.txt je zde:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-02-2014
Ran by Ja at 2014-02-07 23:52:25 Run:1
Running from C:\Users\Ja\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-269704162-1563387727-845643652-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKU\S-1-5-21-269704162-1563387727-845643652-1000\...\Run: [CCleaner Monitoring] - C:\Program Files\CCleaner\CCleaner64.exe [6087448 2014-01-21] (Piriform Ltd)
HKU\S-1-5-21-269704162-1563387727-845643652-1000\...\MountPoints2: {372e48bc-2127-11e3-9c47-bcaec524ce76} - G:\Startme.exe
HKU\S-1-5-21-269704162-1563387727-845643652-1000\...\MountPoints2: {b9522aa4-4785-11e2-9d3d-bcaec524ce76} - E:\Autorun.exe

SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}

R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [1922600 2013-07-08] (Pandora.TV)

2014-02-07 09:55 - 2014-02-07 09:55 - 00000000 ____D () C:\Users\Ja\Desktop\FRST-OlderVersion
2014-02-06 23:05 - 2014-02-06 21:56 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-02-06 22:43 - 2014-02-06 22:43 - 00007161 _____ () C:\Users\Public\Desktop\sample_06.02.2014_2242.zip
2014-02-06 22:16 - 2014-02-06 23:34 - 00012449 _____ () C:\zoek-results.log
2014-02-06 21:56 - 2014-02-06 22:55 - 00000000 ____D () C:\zoek_backup
2014-02-06 21:53 - 2014-02-06 21:53 - 01283584 _____ () C:\Users\Ja\Desktop\zoek.exe
2014-02-06 18:30 - 2014-02-06 18:30 - 00004961 _____ () C:\Users\Ja\Desktop\JRT.txt
2014-02-06 18:05 - 2014-02-06 18:05 - 01166132 _____ () C:\Users\Ja\Desktop\adwcleaner.exe
2014-02-06 18:04 - 2014-02-06 18:04 - 01037530 _____ (Thisisu) C:\Users\Ja\Desktop\JRT.exe
2014-02-06 14:34 - 2014-02-06 14:34 - 00029408 _____ () C:\Users\Ja\Desktop\FRST2.txt
2014-02-06 14:21 - 2014-02-06 14:22 - 00935175 _____ () C:\Users\Ja\Desktop\RSITx64.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

C:\Program Files (x86)\PANDORA.TV

Hosts:
CMD: shutdown /r /f /t 2

End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS5ServiceManager => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKU\S-1-5-21-269704162-1563387727-845643652-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKU\S-1-5-21-269704162-1563387727-845643652-1000\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => Value deleted successfully.
HKU\1\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{372e48bc-2127-11e3-9c47-bcaec524ce76} => Key not found.
HKCR\CLSID\{372e48bc-2127-11e3-9c47-bcaec524ce76} => Key not found.
HKU\1\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b9522aa4-4785-11e2-9d3d-bcaec524ce76} => Key not found.
HKCR\CLSID\{b9522aa4-4785-11e2-9d3d-bcaec524ce76} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key deleted successfully.
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
PanService => Service deleted successfully.
C:\Users\Ja\Desktop\FRST-OlderVersion => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\Users\Public\Desktop\sample_06.02.2014_2242.zip => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Ja\Desktop\zoek.exe => Moved successfully.
C:\Users\Ja\Desktop\JRT.txt => Moved successfully.
C:\Users\Ja\Desktop\adwcleaner.exe => Moved successfully.
C:\Users\Ja\Desktop\JRT.exe => Moved successfully.
"C:\Users\Ja\Desktop\FRST2.txt" => File/Directory not found.
C:\Users\Ja\Desktop\RSITx64.exe => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Program Files (x86)\PANDORA.TV => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========


========= End of CMD: =========



The system needs a manual reboot.

==== End of Fixlog ====

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Doporucuji provest defragmentaci disku

• Nejjednodussi (ale nejmene ucinny) zpusob je pomoci utility ve windowsech
  • Kliknete na Tento pocitac, dale na disk kliknete pravym tlacitkem, vyberte Vlastnosti
  • prepnete se do zalozky Nastroje
  • Nyni vidite pomucky Defragmentace - spustte ji kliknutim na Defragmentovat
  • Toto provedte se vsemi disky
• Dalsi moznosti (a mnou doporucenou) je pres programek Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
  • Program stahnete, nainstalujte (dejte fajfku pryc u yahoo toolbaru) a spustte
  • Kliknete na Analyzovat
  • Pokud je ve sloupci Fragmentováno vice jak 5%, doporucuji provest defragmentaci (klik na Defragmentovat)
  • Postup provedte se vsemi disky
• Posledni moznost je pres jednoduchy programek JKDefrag http://www.stahuj.centrum.cz/utility_a_ ... /jkdefrag/
  • Vyhodou programku je, ze se neinstaluje
  • Staci tedy jen stahnout dle verze vaseho OS a rozbalit
  • Nasledne spustit pomoci souboru JKDefrag pripadne JKDefrag64
  • Probehne analyza disku a nasledne i defragmentace

Napiste co PC

Všechno provedeno, ale stále stejné. Prohlížeč se seká, často je úplně nepoužitelný. Programy startujou pomaleji a i během chodu se sekají. Nějaký další návrh?

Udelejte CDI dle kolegy

MiliNess píše:Stáhni CrystalDiskInfo, v nabídce Úpravy zvol Kopírovat a obsah schránky sem vlož pomocí Ctrl+V.

Tady to jest:

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Professional SP1 [6.1 Build 7601] (x64)
Date : 2014/02/09 11:49:42

-- Controller Map ----------------------------------------------------------
- ATA Channel 0 (0) [ATA]
- ATA Channel 1 (1) [ATA]
- ATA Channel 0 (0) [ATA]
+ ATA Channel 1 (1) [ATA]
- TSSTcorp CDDVDW SH-S223L ATA Device
+ Intel(R) ICH10 Family 4 port Serial ATA Storage Controller 1 - 3A20 [ATA]
- ATA Channel 0 (0)
+ ATA Channel 1 (1)
- Marvell 91xx Config ATA Device
- WDC WD1002FAEX-007BA0 ATA Device
+ Intel(R) ICH10 Family 2 port Serial ATA Storage Controller 2 - 3A26 [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
- JMicron JMB36X Controller [SCSI]

-- Disk List ---------------------------------------------------------------
(1) WDC WD1002FAEX-007BA0 : 1000,2 GB [0/2/0, pd1]

----------------------------------------------------------------------------
(1) WDC WD1002FAEX-007BA0
----------------------------------------------------------------------------
Model : WDC WD1002FAEX-007BA0
Firmware : 05.01D05
Serial Number : WD-WMAY00654212
Disk Size : 1000,2 GB (8,4/137,4/1000,2)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/600
Power On Hours : 10597 hod.
Power On Count : 1348 krát
Temparature : 33 C (91 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 253 253 _21 000000002204 Čas na roztočení ploten
04 _99 _99 __0 00000000054D Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _86 _86 __0 000000002965 Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _99 _99 __0 000000000544 Počet cyklů zapnutí zařízení
C0 199 199 __0 0000000002F6 Počet vypnutí disku
C1 200 200 __0 000000000256 Počet cyklů načítání/vymazání
C2 119 106 __0 000000000021 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 __0 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2057 442D 574D 3030 3030 3635 3432 3132
020: 0000 0000 0032 3035 2E30 3035 3035 5744 4320 5744
030: 3130 3032 4641 4558 2D30 4241 4241 3020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8008 0000 2F00
050: 4001 0000 0000 0007 3FFF 003F 003F FC10 00FB 0100
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 170E 170E 0006 0044 0040
080: 01FE 0000 746B 7F61 4123 BC41 BC41 4123 407F 004D
090: 004D 0000 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 0000 0000 5001 4EE0
110: 0281 F967 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 16FE 010E 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 3037 3037 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 101E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 0EA5

Je problem i v nouzovem rezimu??

Nee, jenom v klasice.