Stránka 1 z 1

Prosím o radu a kontrolu logu, větrák stále běží

Napsal: 17 dub 2014 12:28
od krystof37
Dobrý den,

nastal problém kdy se po příhlášení spustil větrák a a nevypínal se.

Narazil jsem na tohle téma a postupoval podle návodu v daném topicu:
http://forum.viry.cz/viewtopic.php?f=30&t=134660

Po spuštění programů se větrák uklidnil.

Tady je výsledek frst logu:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-04-2014
Ran by Kryštof (administrator) on DV9 on 17-04-2014 13:17:46
Running from C:\Users\Kryštof\Desktop
Windows 8 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\windows\system32\WLANExt.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Broadcom Corporation.) C:\windows\system32\BtwRSupportService.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\windows\system32\dashost.exe
(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
() C:\Users\Kryštof\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Kryštof\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Malwarebytes Corporation) C:\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Malwarebytes Anti-Malware\mbam.exe
(forum.viry.cz) C:\Users\Kryštof\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynLenovoGestureMgr] => C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [656896 2012-09-20] (Synaptics)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-09-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-09-14] (Realtek Semiconductor)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-08-10] (Lenovo)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17080376 2012-12-21] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191544 2012-12-21] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [415680 2012-02-06] (Autodesk, Inc.)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\nvspcap64.dll [1225920 2014-04-02] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2201032 2014-04-02] (NVIDIA Corporation)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-08-16] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-07-26] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ADSK DLMSession] => C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1641368 2013-02-01] (Autodesk, Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\.DEFAULT\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\.DEFAULT\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Kryštof\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Kryštof\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\...\Run: [Akamai NetSession Interface] => C:\Users\Kryštof\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\...\Run: [FLV Player] => C:\Users\Kryštof\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\...\Policies\Explorer: []
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\...\Policies\Explorer: [HideSCAHealth] 0
AppInit_DLLs: c:\windows\system32\nvinitx.dll => c:\windows\system32\nvinitx.dll [174296 2014-03-04] (NVIDIA Corporation)
AppInit_DLLs: C:\PROGRA~3\ASSIST~1\ASSIST~2.DLL => C:\ProgramData\Assistant\Assistant_x64.dll [4319744 2014-04-03] ()
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [148016 2014-03-04] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\progra~3\assist~1\assist~1.dll => C:\ProgramData\Assistant\Assistant.dll [4116480 2014-04-03] ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=UP97&ocid=UP97DHP
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://www.google.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
SearchScopes: HKLM - DefaultScope {55AAFDA2-1AB4-40FA-8EF9-2AAF0521B098} URL = http://www.bing.com/search?q={searchTer ... &pc=MALNJS
SearchScopes: HKLM - {55AAFDA2-1AB4-40FA-8EF9-2AAF0521B098} URL = http://www.bing.com/search?q={searchTer ... &pc=MALNJS
SearchScopes: HKLM-x32 - {55AAFDA2-1AB4-40FA-8EF9-2AAF0521B098} URL = http://www.bing.com/search?q={searchTer ... &pc=MALNJS
SearchScopes: HKCU - {0EDD5A1A-21C0-4C0A-A96B-8524A192D7F4} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
SearchScopes: HKCU - {4C44EDDA-95E7-48BB-94D4-A9BF568BC334} URL = http://encyklopedie.seznam.cz/search?q= ... arch_13415
SearchScopes: HKCU - {50F90C0E-F9F5-4EF6-8746-654E1A023091} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_13415
SearchScopes: HKCU - {7D552393-2E41-4D47-8E21-82D6EA465697} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415
SearchScopes: HKCU - {8EA35406-84C7-4852-ABAA-17A84927B07A} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKCU - {BE150135-7E7B-46F1-A003-D4C9120F1767} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKCU - {CA50F9B2-A2D7-419C-8CD9-3F68DB16B83F} URL = http://www.novinky.cz/hledej?w={searchT ... arch_13415
SearchScopes: HKCU - {D7B8CC6F-B8BD-4156-BC21-0FCDFAA02617} URL = http://www.mapy.cz/?query={searchTerms} ... arch_13415
BHO: BietSSavoer - {16A9FC4C-BD96-71E6-10DF-3992B26D0D21} - C:\ProgramData\BietSSavoer\IFyd.x64.dll ()
BHO: YoutubeAdblocker - {2984E34A-BB16-F86A-FA54-4007BC8C00C3} - C:\Program Files (x86)\YoutubeAdblocker\g.x64.dll No File
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: BlockTeheAdAppp - {8FAB5165-691E-F165-6C82-D55731885ECD} - C:\ProgramData\BlockTeheAdAppp\vbYZu8.x64.dll ()
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: BietSSavoer - {16A9FC4C-BD96-71E6-10DF-3992B26D0D21} - C:\ProgramData\BietSSavoer\IFyd.dll ()
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: BlockTeheAdAppp - {8FAB5165-691E-F165-6C82-D55731885ECD} - C:\ProgramData\BlockTeheAdAppp\vbYZu8.dll ()
BHO-x32: Surftastic - {c6673938-a52b-4dc6-af05-783e7e2c8b65} - C:\Program Files (x86)\Surftastic\Surftasticbho.dll No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.6.1

FireFox:
========
FF ProfilePath: C:\Users\Kryštof\AppData\Roaming\Mozilla\Firefox\Profiles\ldkstv6b.default
FF DefaultSearchEngine: Bing
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: https://www.google.cz/
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @parallelgraphics.com/Cortona - C:\Program Files (x86)\Common Files\ParallelGraphics\Cortona\npcortona.dll (ParallelGraphics)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Surftastic - C:\Users\Kryštof\AppData\Roaming\Mozilla\Firefox\Profiles\ldkstv6b.default\Extensions\{01531192-f7ef-415f-a549-cfdb11836731}.xpi [2014-04-16]
FF Extension: Adblock Plus - C:\Users\Kryštof\AppData\Roaming\Mozilla\Firefox\Profiles\ldkstv6b.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-14]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-03-03]

Chrome:
=======
CHR HomePage: hxxp://google.cz/
CHR StartupUrls: "hxxp://rnrinmyblood.weebly.com/radio.html", "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP"
CHR Extension: (Dokumenty Google) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-27]
CHR Extension: (Disk Google) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-27]
CHR Extension: (YouTube) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-27]
CHR Extension: (GeoGebra) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee [2014-02-27]
CHR Extension: (Photo Downloader for Instagram™) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckjednilicaopeimldnhnlhojcpgelfe [2014-02-27]
CHR Extension: (Vyhledávání Google) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-27]
CHR Extension: (Skype Click to Call) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-04-06]
CHR Extension: (Into The Mist) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgihmkgobaljfehcadcckdggpeojaadh [2014-02-27]
CHR Extension: (Peněženka Google) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-14]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2014-03-14]
CHR Extension: (Instagram for Chrome) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb [2014-02-27]
CHR Extension: (Gmail) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-27]
CHR HKLM-x32\...\Chrome\Extension: [gdnafjfahbdfphihncgadbegiaebehio] - C:\Program Files (x86)\SquirrelWeb\gdnafjfahbdfphihncgadbegiaebehio.crx [2014-02-27]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-03-03]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

S2 699fd52f; C:\ProgramData\Assistant\AssistantSvc.dll [178000 2014-04-03] ()
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2227992 2012-10-01] (Broadcom Corporation.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [957816 2012-10-22] (Broadcom Corporation.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584 2014-03-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748608 2014-03-03] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2211000 2014-03-30] (Microsoft Corporation)
R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-30] (Diskeeper Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1615192 2014-04-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20541216 2014-04-02] (NVIDIA Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)
S2 Update Surftastic; "C:\Program Files (x86)\Surftastic\updateSurftastic.exe" [X]
S2 Util Surftastic; "C:\Program Files (x86)\Surftastic\bin\utilSurftastic.exe" [X]

==================== Drivers (Whitelisted) ====================

R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [169240 2012-10-01] (Broadcom Corporation.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2013-12-14] (Disc Soft Ltd)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-30] (Diskeeper Corporation)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [95024 2012-03-30] (Diskeeper Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-17] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4273192 2012-08-20] (Intel Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-21] (NVIDIA Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8229264 2012-09-28] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-09-17] (Synaptics Incorporated)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-10] (Windows (R) Win 7 DDK provider)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-10] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-17 13:17 - 2014-04-17 13:17 - 00024081 _____ () C:\Users\Kryštof\Desktop\FRST.txt
2014-04-17 13:17 - 2014-04-17 13:17 - 00000000 ____D () C:\FRST
2014-04-17 13:16 - 2014-04-17 13:15 - 00112640 _____ (forum.viry.cz) C:\Users\Kryštof\Desktop\FRSTLauncher.exe
2014-04-17 13:15 - 2014-04-17 13:15 - 02158592 _____ (Farbar) C:\Users\Kryštof\Downloads\FRST64.exe
2014-04-17 13:15 - 2014-04-17 13:15 - 02158592 _____ (Farbar) C:\Users\Kryštof\Desktop\FRST64.exe
2014-04-17 13:15 - 2014-04-17 13:15 - 00112640 _____ (forum.viry.cz) C:\Users\Kryštof\Downloads\FRSTLauncher.exe
2014-04-17 13:11 - 2014-04-17 13:11 - 00013622 _____ () C:\Users\Kryštof\Desktop\mbam.txt
2014-04-17 12:57 - 2014-04-17 12:58 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-17 12:57 - 2014-04-17 12:57 - 00000712 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-17 12:57 - 2014-04-17 12:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-17 12:57 - 2014-04-17 12:57 - 00000000 ____D () C:\Malwarebytes Anti-Malware
2014-04-17 12:57 - 2014-04-17 12:56 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Kryštof\Desktop\mbam-setup-2.0.1.1004.exe
2014-04-17 12:57 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-04-17 12:57 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-04-17 12:57 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-04-17 12:56 - 2014-04-17 12:56 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Kryštof\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-17 12:55 - 2014-04-17 12:55 - 00004361 _____ () C:\Users\Kryštof\Desktop\AdwCleaner[S0].txt
2014-04-17 12:45 - 2014-04-17 12:53 - 00000000 ____D () C:\AdwCleaner
2014-04-17 12:45 - 2014-04-17 12:45 - 01426178 _____ () C:\Users\Kryštof\Downloads\adwcleaner.exe
2014-04-17 12:45 - 2014-04-17 12:45 - 01426178 _____ () C:\Users\Kryštof\Desktop\adwcleaner.exe
2014-04-17 12:43 - 2014-04-17 12:43 - 00004497 _____ () C:\Users\Kryštof\Desktop\JRT.txt
2014-04-17 12:32 - 2014-04-17 12:32 - 01016261 _____ (Thisisu) C:\Users\Kryštof\Downloads\JRT.exe
2014-04-17 12:32 - 2014-04-17 12:32 - 01016261 _____ (Thisisu) C:\Users\Kryštof\Desktop\JRT.exe
2014-04-17 12:32 - 2014-04-17 12:32 - 00000000 ____D () C:\windows\ERUNT
2014-04-16 23:58 - 2014-04-16 23:58 - 00000000 ____D () C:\Users\Kryštof\AppData\Local\Prompt Downloader
2014-04-16 23:57 - 2014-04-17 00:03 - 00000000 ____D () C:\Program Files\PCDApp
2014-04-16 14:19 - 2014-04-16 16:19 - 1079363057 _____ () C:\Users\Kryštof\Downloads\Pompeje-2014-TS-CZ-tit..mp4
2014-04-14 22:14 - 2014-04-14 22:14 - 00054168 _____ () C:\Users\Kryštof\Downloads\got402.srt
2014-04-14 22:12 - 2014-04-14 22:12 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-04-14 22:12 - 2014-04-14 22:12 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-04-14 22:11 - 2014-04-14 22:12 - 13084896 _____ (Microsoft Corporation) C:\Users\Kryštof\Downloads\Silverlight_x64(1).exe
2014-04-13 19:07 - 2014-04-13 19:07 - 00004225 _____ () C:\Users\Kryštof\Desktop\p1.ggb
2014-04-13 18:25 - 2014-04-13 18:25 - 00000000 ____D () C:\Users\Kryštof\AppData\Roaming\GeoGebra 4.4
2014-04-11 22:25 - 2014-04-11 22:25 - 00000000 ____D () C:\Users\Kryštof\Downloads\South-Park_-The-Stick-of-Truth-Torrent-PLNÁ-HRA
2014-04-11 10:51 - 2014-04-11 10:51 - 00038984 _____ () C:\Users\Kryštof\Downloads\v207.srt
2014-04-11 10:25 - 2014-04-11 10:25 - 00032565 _____ () C:\Users\Kryštof\Downloads\tbbt720.srt
2014-04-11 00:25 - 2014-04-11 00:25 - 00004164 _____ () C:\windows\System32\Tasks\MigrationUpdateTask
2014-04-11 00:25 - 2014-04-11 00:25 - 00000000 ____D () C:\Users\Kryštof\AppData\Roaming\RBotPlus
2014-04-11 00:24 - 2014-04-11 10:30 - 00000000 ____D () C:\Users\Kryštof\AppData\Local\MigsUpdater
2014-04-11 00:23 - 2014-04-11 00:23 - 00368960 _____ (http://www.roulettebotplus.com) C:\Users\Kryštof\Downloads\RBPSetupCS_gi66o.exe
2014-04-09 22:06 - 2014-04-09 22:29 - 00025653 _____ () C:\Users\Kryštof\Downloads\v203.srt
2014-04-09 21:15 - 2014-04-09 21:16 - 00000000 ____D () C:\Users\Kryštof\Downloads\Vikings-02x02-Invasion.EXCELLENCE.English.HI_.C.orig_.Addic7ed.com_
2014-04-09 21:15 - 2014-03-07 16:41 - 00030468 _____ () C:\Users\Kryštof\Downloads\Vikings - 02x02 - Invasion.EXCELLENCE.English.HI.C.orig.Addic7ed.com.srt
2014-04-08 20:57 - 2014-04-08 20:57 - 00000000 ____D () C:\windows\LastGood
2014-04-08 20:57 - 2014-03-21 21:43 - 00040392 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvad64v.sys
2014-04-08 20:57 - 2014-03-21 21:43 - 00033568 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvaudcap32v.dll
2014-04-06 20:36 - 2014-04-06 20:36 - 00000000 ____D () C:\Users\Kryštof\Downloads\Knihy-v-PDB-podle-autoru
2014-04-06 19:50 - 2014-04-06 20:35 - 804639307 _____ () C:\Users\Kryštof\Downloads\Knihy-v-PDB-podle-autoru.zip
2014-04-06 18:21 - 2014-04-06 18:21 - 00208659 _____ () C:\Users\Kryštof\Downloads\PDB-reader(1).rar
2014-04-06 15:28 - 2014-04-06 15:28 - 00000000 ____D () C:\Users\Kryštof\AppData\Local\Skype
2014-04-06 15:27 - 2014-04-06 19:44 - 00000000 ____D () C:\Users\Kryštof\AppData\Roaming\Skype
2014-04-06 15:27 - 2014-04-06 15:28 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-06 15:27 - 2014-04-06 15:27 - 00000000 ____D () C:\ProgramData\Skype
2014-04-06 15:26 - 2014-04-06 15:27 - 41012122 _____ () C:\Users\Kryštof\Downloads\skype-setup.exe
2014-04-06 15:25 - 2014-04-06 15:25 - 00733312 _____ () C:\Users\Kryštof\Downloads\skype-lista-centrumcz.exe
2014-04-06 14:49 - 2014-04-06 14:49 - 00000000 ____D () C:\Users\Kryštof\Downloads\E-knihy-České
2014-04-06 14:35 - 2014-04-06 14:35 - 00000000 ____D () C:\Users\Kryštof\Downloads\knihy
2014-04-06 14:34 - 2014-04-06 14:49 - 261893857 _____ () C:\Users\Kryštof\Downloads\ee.rar
2014-04-06 14:24 - 2014-04-06 14:34 - 165724713 _____ () C:\Users\Kryštof\Downloads\knihy.zip
2014-04-04 10:10 - 2014-04-04 10:10 - 00031292 _____ () C:\Users\Kryštof\Downloads\tbbt 719.srt
2014-04-02 21:48 - 2014-04-02 21:48 - 00024942 _____ () C:\Users\Kryštof\Downloads\watership.down.(1978).cze.1cd.(116795).zip
2014-04-02 21:48 - 2014-04-02 21:48 - 00000000 ____D () C:\Users\Kryštof\Downloads\watership.down.(1978).cze.1cd.(116795)
2014-04-01 23:13 - 2014-04-01 23:13 - 00000000 ____D () C:\Users\Kryštof\Downloads\02x
2014-04-01 23:11 - 2014-04-01 23:12 - 03221341 _____ () C:\Users\Kryštof\Downloads\02x.rar
2014-04-01 23:00 - 2014-04-01 23:00 - 00243534 _____ () C:\Users\Kryštof\Downloads\Pavel Kohout - Bůček ke kávě (ID 860 - eBookEater.cz).mobi
2014-04-01 23:00 - 2014-04-01 23:00 - 00201328 _____ () C:\Users\Kryštof\Downloads\Pavel Kohout - Bůček ke kávě (ID 860 - eBookEater.cz).epub
2014-03-31 23:06 - 2014-03-31 21:57 - 00023856 _____ () C:\Users\Kryštof\Downloads\01.04.2014 MIX.txt
2014-03-31 13:01 - 2014-03-31 13:01 - 00000000 ____D () C:\Users\Kryštof\Downloads\31-Mar
2014-03-30 22:03 - 2014-03-30 22:04 - 13084896 _____ (Microsoft Corporation) C:\Users\Kryštof\Downloads\Silverlight_x64.exe
2014-03-29 00:20 - 2014-03-29 00:20 - 00000000 ____D () C:\Users\Kryštof\Downloads\753
2014-03-26 12:17 - 2014-03-26 12:17 - 00000000 ____D () C:\Users\Kryštof\Downloads\metronom
2014-03-26 12:16 - 2014-03-26 12:16 - 00503044 _____ () C:\Users\Kryštof\Downloads\metronom.zip
2014-03-25 22:40 - 2014-03-25 22:40 - 00020776 _____ () C:\Users\Kryštof\Downloads\sl-5x5-advanced.zip
2014-03-25 21:53 - 2014-03-25 21:53 - 00014141 _____ () C:\Users\Kryštof\Downloads\smolov.stronglifts.zip
2014-03-25 14:41 - 2014-03-25 15:15 - 00111616 _____ () C:\Users\Kryštof\Downloads\sl-5x5-tracker-kg.xls
2014-03-25 14:27 - 2014-03-25 14:27 - 00031570 _____ () C:\Users\Kryštof\Downloads\stronglifts-madcow-5x5.zip
2014-03-25 12:00 - 2014-03-25 13:26 - 07167765 _____ () C:\Users\Kryštof\Downloads\Poruba_7.dwg
2014-03-25 12:00 - 2014-03-25 13:25 - 07167765 _____ () C:\Users\Kryštof\Downloads\Poruba_7.bak
2014-03-24 00:45 - 2014-03-24 00:45 - 00095552 _____ () C:\Users\Kryštof\Downloads\190077.dwg
2014-03-23 23:55 - 2014-03-23 23:55 - 01337548 _____ () C:\Users\Kryštof\Downloads\203849.dwg
2014-03-23 23:10 - 2014-03-23 23:10 - 03176960 _____ () C:\Users\Kryštof\Downloads\Dopravni_stavby_cv6_leto_2013.ppt
2014-03-23 23:08 - 2014-03-24 00:35 - 04267848 _____ () C:\Users\Kryštof\Downloads\pIII.dwg
2014-03-23 23:08 - 2014-03-24 00:18 - 04260983 _____ () C:\Users\Kryštof\Downloads\pIII.bak
2014-03-23 23:05 - 2014-04-06 21:02 - 00000584 _____ () C:\Users\Kryštof\Documents\plot.log
2014-03-23 20:57 - 2014-04-03 19:41 - 00000000 ____D () C:\ProgramData\Assistant
2014-03-23 14:52 - 2014-04-06 21:20 - 00000000 ____D () C:\Users\Kryštof\Desktop\dopravni stavby
2014-03-21 21:11 - 2014-03-21 21:12 - 00081505 _____ () C:\Users\Kryštof\Downloads\Blank Texas Method - Current version.xlsx
2014-03-20 12:51 - 2014-04-17 12:53 - 00000000 ____D () C:\Users\Kryštof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player
2014-03-20 12:51 - 2014-04-04 23:01 - 00002152 _____ () C:\Users\Kryštof\Desktop\FLV Player.lnk
2014-03-19 21:27 - 2014-03-19 21:27 - 00000000 ____D () C:\Users\Kryštof\AppData\Roaming\com.valve.FTP
2014-03-19 20:55 - 2014-04-15 20:53 - 00000000 ____D () C:\Users\Kryštof\Desktop\Nová složka
2014-03-19 14:15 - 2014-03-19 14:15 - 00000000 _____ () C:\Users\Kryštof\Sti_Trace.log
2014-03-19 14:10 - 2014-03-19 14:10 - 00000000 ____D () C:\Program Files (x86)\epson
2014-03-19 14:10 - 2007-03-27 01:00 - 00101376 _____ (SEIKO EPSON CORP.) C:\windows\system32\esxcwiad.dll
2014-03-19 14:09 - 2014-03-19 14:09 - 13627392 _____ () C:\Users\Kryštof\Downloads\epson318017eu.exe
2014-03-19 00:36 - 2014-03-19 00:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-04-17 13:17 - 2014-04-17 13:17 - 00024081 _____ () C:\Users\Kryštof\Desktop\FRST.txt
2014-04-17 13:17 - 2014-04-17 13:17 - 00000000 ____D () C:\FRST
2014-04-17 13:15 - 2014-04-17 13:16 - 00112640 _____ (forum.viry.cz) C:\Users\Kryštof\Desktop\FRSTLauncher.exe
2014-04-17 13:15 - 2014-04-17 13:15 - 02158592 _____ (Farbar) C:\Users\Kryštof\Downloads\FRST64.exe
2014-04-17 13:15 - 2014-04-17 13:15 - 02158592 _____ (Farbar) C:\Users\Kryštof\Desktop\FRST64.exe
2014-04-17 13:15 - 2014-04-17 13:15 - 00112640 _____ (forum.viry.cz) C:\Users\Kryštof\Downloads\FRSTLauncher.exe
2014-04-17 13:15 - 2013-11-19 01:26 - 00004960 _____ () C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for DV9-Kryštof dv9
2014-04-17 13:11 - 2014-04-17 13:11 - 00013622 _____ () C:\Users\Kryštof\Desktop\mbam.txt
2014-04-17 13:02 - 2013-11-12 09:16 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-04-17 13:00 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\sru
2014-04-17 12:59 - 2013-11-15 13:33 - 00000000 ____D () C:\Users\Kryštof\AppData\Roaming\Seznam.cz
2014-04-17 12:59 - 2013-11-14 10:00 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1001773883-2206983416-447035505-1002
2014-04-17 12:58 - 2014-04-17 12:57 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-17 12:57 - 2014-04-17 12:57 - 00000712 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-17 12:57 - 2014-04-17 12:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-17 12:57 - 2014-04-17 12:57 - 00000000 ____D () C:\Malwarebytes Anti-Malware
2014-04-17 12:56 - 2014-04-17 12:57 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Kryštof\Desktop\mbam-setup-2.0.1.1004.exe
2014-04-17 12:56 - 2014-04-17 12:56 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Kryštof\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-17 12:55 - 2014-04-17 12:55 - 00004361 _____ () C:\Users\Kryštof\Desktop\AdwCleaner[S0].txt
2014-04-17 12:55 - 2013-12-22 18:34 - 00000000 ____D () C:\Program Files\KMSpico
2014-04-17 12:54 - 2014-02-27 22:19 - 00000958 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-17 12:54 - 2014-01-05 00:12 - 00000476 ____H () C:\windows\Tasks\GS-Enabler-S-1622525965.job
2014-04-17 12:54 - 2013-12-26 14:53 - 00002892 _____ () C:\windows\System32\Tasks\AutoKMS
2014-04-17 12:54 - 2013-12-26 14:53 - 00000282 _____ () C:\windows\Tasks\AutoKMS.job
2014-04-17 12:54 - 2012-12-21 07:40 - 02120465 _____ () C:\windows\WindowsUpdate.log
2014-04-17 12:54 - 2012-10-10 01:08 - 00026684 _____ () C:\windows\PFRO.log
2014-04-17 12:54 - 2012-07-26 09:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-04-17 12:54 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-04-17 12:53 - 2014-04-17 12:45 - 00000000 ____D () C:\AdwCleaner
2014-04-17 12:53 - 2014-03-20 12:51 - 00000000 ____D () C:\Users\Kryštof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player
2014-04-17 12:46 - 2014-01-05 00:10 - 00000000 ____D () C:\ProgramData\27776457982a3b3f
2014-04-17 12:45 - 2014-04-17 12:45 - 01426178 _____ () C:\Users\Kryštof\Downloads\adwcleaner.exe
2014-04-17 12:45 - 2014-04-17 12:45 - 01426178 _____ () C:\Users\Kryštof\Desktop\adwcleaner.exe
2014-04-17 12:43 - 2014-04-17 12:43 - 00004497 _____ () C:\Users\Kryštof\Desktop\JRT.txt
2014-04-17 12:32 - 2014-04-17 12:32 - 01016261 _____ (Thisisu) C:\Users\Kryštof\Downloads\JRT.exe
2014-04-17 12:32 - 2014-04-17 12:32 - 01016261 _____ (Thisisu) C:\Users\Kryštof\Desktop\JRT.exe
2014-04-17 12:32 - 2014-04-17 12:32 - 00000000 ____D () C:\windows\ERUNT
2014-04-17 00:03 - 2014-04-16 23:57 - 00000000 ____D () C:\Program Files\PCDApp
2014-04-16 23:58 - 2014-04-16 23:58 - 00000000 ____D () C:\Users\Kryštof\AppData\Local\Prompt Downloader
2014-04-16 23:24 - 2014-02-27 22:19 - 00000962 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-16 22:53 - 2013-11-17 01:32 - 01947136 ___SH () C:\Users\Kryštof\Desktop\Thumbs.db
2014-04-16 18:16 - 2013-12-07 21:27 - 00000000 ____D () C:\Users\Kryštof\AppData\Roaming\vlc
2014-04-16 16:19 - 2014-04-16 14:19 - 1079363057 _____ () C:\Users\Kryštof\Downloads\Pompeje-2014-TS-CZ-tit..mp4
2014-04-15 20:53 - 2014-03-19 20:55 - 00000000 ____D () C:\Users\Kryštof\Desktop\Nová složka
2014-04-14 22:14 - 2014-04-14 22:14 - 00054168 _____ () C:\Users\Kryštof\Downloads\got402.srt
2014-04-14 22:12 - 2014-04-14 22:12 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-04-14 22:12 - 2014-04-14 22:12 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-04-14 22:12 - 2014-04-14 22:11 - 13084896 _____ (Microsoft Corporation) C:\Users\Kryštof\Downloads\Silverlight_x64(1).exe
2014-04-13 19:07 - 2014-04-13 19:07 - 00004225 _____ () C:\Users\Kryštof\Desktop\p1.ggb
2014-04-13 18:25 - 2014-04-13 18:25 - 00000000 ____D () C:\Users\Kryštof\AppData\Roaming\GeoGebra 4.4
2014-04-11 23:58 - 2013-11-16 22:09 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-04-11 22:25 - 2014-04-11 22:25 - 00000000 ____D () C:\Users\Kryštof\Downloads\South-Park_-The-Stick-of-Truth-Torrent-PLNÁ-HRA
2014-04-11 10:51 - 2014-04-11 10:51 - 00038984 _____ () C:\Users\Kryštof\Downloads\v207.srt
2014-04-11 10:30 - 2014-04-11 00:24 - 00000000 ____D () C:\Users\Kryštof\AppData\Local\MigsUpdater
2014-04-11 10:25 - 2014-04-11 10:25 - 00032565 _____ () C:\Users\Kryštof\Downloads\tbbt720.srt
2014-04-11 00:25 - 2014-04-11 00:25 - 00004164 _____ () C:\windows\System32\Tasks\MigrationUpdateTask
2014-04-11 00:25 - 2014-04-11 00:25 - 00000000 ____D () C:\Users\Kryštof\AppData\Roaming\RBotPlus
2014-04-11 00:23 - 2014-04-11 00:23 - 00368960 _____ (http://www.roulettebotplus.com) C:\Users\Kryštof\Downloads\RBPSetupCS_gi66o.exe
2014-04-09 22:29 - 2014-04-09 22:06 - 00025653 _____ () C:\Users\Kryštof\Downloads\v203.srt
2014-04-09 21:16 - 2014-04-09 21:15 - 00000000 ____D () C:\Users\Kryštof\Downloads\Vikings-02x02-Invasion.EXCELLENCE.English.HI_.C.orig_.Addic7ed.com_
2014-04-08 20:58 - 2013-11-16 22:20 - 00000000 ____D () C:\Users\Kryštof\AppData\Local\NVIDIA Corporation
2014-04-08 20:58 - 2012-12-21 06:55 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-04-08 20:57 - 2014-04-08 20:57 - 00000000 ____D () C:\windows\LastGood
2014-04-08 20:57 - 2012-12-21 06:55 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-04-08 20:57 - 2012-07-26 09:21 - 00039436 _____ () C:\windows\setupact.log
2014-04-06 21:20 - 2014-03-23 14:52 - 00000000 ____D () C:\Users\Kryštof\Desktop\dopravni stavby
2014-04-06 21:19 - 2014-02-07 12:29 - 00000000 ___RD () C:\Users\Kryštof\Desktop\programy
2014-04-06 21:19 - 2013-11-16 20:38 - 00000000 ____D () C:\Users\Kryštof\AppData\Local\cache
2014-04-06 21:02 - 2014-03-23 23:05 - 00000584 _____ () C:\Users\Kryštof\Documents\plot.log
2014-04-06 20:36 - 2014-04-06 20:36 - 00000000 ____D () C:\Users\Kryštof\Downloads\Knihy-v-PDB-podle-autoru
2014-04-06 20:35 - 2014-04-06 19:50 - 804639307 _____ () C:\Users\Kryštof\Downloads\Knihy-v-PDB-podle-autoru.zip
2014-04-06 19:44 - 2014-04-06 15:27 - 00000000 ____D () C:\Users\Kryštof\AppData\Roaming\Skype
2014-04-06 18:21 - 2014-04-06 18:21 - 00208659 _____ () C:\Users\Kryštof\Downloads\PDB-reader(1).rar
2014-04-06 15:28 - 2014-04-06 15:28 - 00000000 ____D () C:\Users\Kryštof\AppData\Local\Skype
2014-04-06 15:28 - 2014-04-06 15:27 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-06 15:27 - 2014-04-06 15:27 - 00000000 ____D () C:\ProgramData\Skype
2014-04-06 15:27 - 2014-04-06 15:26 - 41012122 _____ () C:\Users\Kryštof\Downloads\skype-setup.exe
2014-04-06 15:25 - 2014-04-06 15:25 - 00733312 _____ () C:\Users\Kryštof\Downloads\skype-lista-centrumcz.exe
2014-04-06 14:49 - 2014-04-06 14:49 - 00000000 ____D () C:\Users\Kryštof\Downloads\E-knihy-České
2014-04-06 14:49 - 2014-04-06 14:34 - 261893857 _____ () C:\Users\Kryštof\Downloads\ee.rar
2014-04-06 14:35 - 2014-04-06 14:35 - 00000000 ____D () C:\Users\Kryštof\Downloads\knihy
2014-04-06 14:34 - 2014-04-06 14:24 - 165724713 _____ () C:\Users\Kryštof\Downloads\knihy.zip
2014-04-06 14:22 - 2012-12-21 07:42 - 01504678 _____ () C:\windows\system32\perfh005.dat
2014-04-06 14:22 - 2012-12-21 07:42 - 00397330 _____ () C:\windows\system32\perfc005.dat
2014-04-06 14:22 - 2012-07-26 09:28 - 00005640 _____ () C:\windows\system32\PerfStringBackup.INI
2014-04-04 23:01 - 2014-03-20 12:51 - 00002152 _____ () C:\Users\Kryštof\Desktop\FLV Player.lnk
2014-04-04 10:10 - 2014-04-04 10:10 - 00031292 _____ () C:\Users\Kryštof\Downloads\tbbt 719.srt
2014-04-03 19:41 - 2014-03-23 20:57 - 00000000 ____D () C:\ProgramData\Assistant
2014-04-03 09:51 - 2014-04-17 12:57 - 00088280 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-17 12:57 - 00063192 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-17 12:57 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-04-02 21:48 - 2014-04-02 21:48 - 00024942 _____ () C:\Users\Kryštof\Downloads\watership.down.(1978).cze.1cd.(116795).zip
2014-04-02 21:48 - 2014-04-02 21:48 - 00000000 ____D () C:\Users\Kryštof\Downloads\watership.down.(1978).cze.1cd.(116795)
2014-04-02 15:27 - 2013-11-16 22:15 - 01225920 _____ (NVIDIA Corporation) C:\windows\system32\nvspcap64.dll
2014-04-02 15:27 - 2013-11-16 22:15 - 01081112 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspcap.dll
2014-04-02 13:59 - 2014-02-18 10:53 - 00000000 ____D () C:\Users\Kryštof\Desktop\fyzika
2014-04-01 23:13 - 2014-04-01 23:13 - 00000000 ____D () C:\Users\Kryštof\Downloads\02x
2014-04-01 23:12 - 2014-04-01 23:11 - 03221341 _____ () C:\Users\Kryštof\Downloads\02x.rar
2014-04-01 23:00 - 2014-04-01 23:00 - 00243534 _____ () C:\Users\Kryštof\Downloads\Pavel Kohout - Bůček ke kávě (ID 860 - eBookEater.cz).mobi
2014-04-01 23:00 - 2014-04-01 23:00 - 00201328 _____ () C:\Users\Kryštof\Downloads\Pavel Kohout - Bůček ke kávě (ID 860 - eBookEater.cz).epub
2014-03-31 21:57 - 2014-03-31 23:06 - 00023856 _____ () C:\Users\Kryštof\Downloads\01.04.2014 MIX.txt
2014-03-31 13:01 - 2014-03-31 13:01 - 00000000 ____D () C:\Users\Kryštof\Downloads\31-Mar
2014-03-30 22:04 - 2014-03-30 22:03 - 13084896 _____ (Microsoft Corporation) C:\Users\Kryštof\Downloads\Silverlight_x64.exe
2014-03-29 00:20 - 2014-03-29 00:20 - 00000000 ____D () C:\Users\Kryštof\Downloads\753
2014-03-28 20:46 - 2013-11-12 09:09 - 00000000 ____D () C:\ProgramData\Adobe
2014-03-26 12:17 - 2014-03-26 12:17 - 00000000 ____D () C:\Users\Kryštof\Downloads\metronom
2014-03-26 12:16 - 2014-03-26 12:16 - 00503044 _____ () C:\Users\Kryštof\Downloads\metronom.zip
2014-03-25 22:40 - 2014-03-25 22:40 - 00020776 _____ () C:\Users\Kryštof\Downloads\sl-5x5-advanced.zip
2014-03-25 21:53 - 2014-03-25 21:53 - 00014141 _____ () C:\Users\Kryštof\Downloads\smolov.stronglifts.zip
2014-03-25 15:15 - 2014-03-25 14:41 - 00111616 _____ () C:\Users\Kryštof\Downloads\sl-5x5-tracker-kg.xls
2014-03-25 14:27 - 2014-03-25 14:27 - 00031570 _____ () C:\Users\Kryštof\Downloads\stronglifts-madcow-5x5.zip
2014-03-25 13:26 - 2014-03-25 12:00 - 07167765 _____ () C:\Users\Kryštof\Downloads\Poruba_7.dwg
2014-03-25 13:25 - 2014-03-25 12:00 - 07167765 _____ () C:\Users\Kryštof\Downloads\Poruba_7.bak
2014-03-24 00:45 - 2014-03-24 00:45 - 00095552 _____ () C:\Users\Kryštof\Downloads\190077.dwg
2014-03-24 00:35 - 2014-03-23 23:08 - 04267848 _____ () C:\Users\Kryštof\Downloads\pIII.dwg
2014-03-24 00:18 - 2014-03-23 23:08 - 04260983 _____ () C:\Users\Kryštof\Downloads\pIII.bak
2014-03-23 23:55 - 2014-03-23 23:55 - 01337548 _____ () C:\Users\Kryštof\Downloads\203849.dwg
2014-03-23 23:10 - 2014-03-23 23:10 - 03176960 _____ () C:\Users\Kryštof\Downloads\Dopravni_stavby_cv6_leto_2013.ppt
2014-03-23 19:12 - 2014-02-06 14:27 - 00012859 _____ () C:\Users\Kryštof\Desktop\LS2014.xlsx
2014-03-21 21:43 - 2014-04-08 20:57 - 00040392 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvad64v.sys
2014-03-21 21:43 - 2014-04-08 20:57 - 00033568 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvaudcap32v.dll
2014-03-21 21:43 - 2013-11-16 22:09 - 00037320 _____ (NVIDIA Corporation) C:\windows\system32\nvaudcap64v.dll
2014-03-21 21:12 - 2014-03-21 21:11 - 00081505 _____ () C:\Users\Kryštof\Downloads\Blank Texas Method - Current version.xlsx
2014-03-19 22:09 - 2013-11-30 22:04 - 00728064 ___SH () C:\Users\Kryštof\Downloads\Thumbs.db
2014-03-19 21:27 - 2014-03-19 21:27 - 00000000 ____D () C:\Users\Kryštof\AppData\Roaming\com.valve.FTP
2014-03-19 21:27 - 2013-11-23 13:08 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-19 14:15 - 2014-03-19 14:15 - 00000000 _____ () C:\Users\Kryštof\Sti_Trace.log
2014-03-19 14:15 - 2013-11-14 09:49 - 00000000 ____D () C:\Users\Kryštof
2014-03-19 14:11 - 2014-03-10 17:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-19 14:10 - 2014-03-19 14:10 - 00000000 ____D () C:\Program Files (x86)\epson
2014-03-19 14:09 - 2014-03-19 14:09 - 13627392 _____ () C:\Users\Kryštof\Downloads\epson318017eu.exe
2014-03-19 12:21 - 2014-02-27 22:19 - 00002266 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-19 00:37 - 2014-03-19 00:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-18 11:34 - 2013-11-23 13:15 - 00000000 ____D () C:\Users\Kryštof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

Some content of TEMP:
====================
C:\Users\Kryštof\AppData\Local\Temp\7z920.exe
C:\Users\Kryštof\AppData\Local\Temp\AcDeltree.exe
C:\Users\Kryštof\AppData\Local\Temp\appshat_generic.exe
C:\Users\Kryštof\AppData\Local\Temp\BI_RunOnce.exe
C:\Users\Kryštof\AppData\Local\Temp\COMAP.EXE
C:\Users\Kryštof\AppData\Local\Temp\down.6568.newtab_setup.exe
C:\Users\Kryštof\AppData\Local\Temp\downloader.dll
C:\Users\Kryštof\AppData\Local\Temp\FLVPlayerSetup.exe
C:\Users\Kryštof\AppData\Local\Temp\FLVPlayerUpdate_downloader_by_FLVPlayerUpdate.exe
C:\Users\Kryštof\AppData\Local\Temp\javagiac0.012628266479066563.dll
C:\Users\Kryštof\AppData\Local\Temp\javagiac0.1746547281866735.dll
C:\Users\Kryštof\AppData\Local\Temp\listicka-partner-13415-1.1.2-offline.exe
C:\Users\Kryštof\AppData\Local\Temp\MovieStudio.exe
C:\Users\Kryštof\AppData\Local\Temp\msi57240.exe
C:\Users\Kryštof\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Kryštof\AppData\Local\Temp\Quarantine.exe
C:\Users\Kryštof\AppData\Local\Temp\runupdater.exe
C:\Users\Kryštof\AppData\Local\Temp\SpeedUpMyComputer.exe
C:\Users\Kryštof\AppData\Local\Temp\Tsu24F85397.dll
C:\Users\Kryštof\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Kryštof\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-17 12:43




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (Windows8_OS) (Fixed) (Total:884.18 GB) (Free:537.72 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:21.97 GB) NTFS

Available physical RAM: 4410.94 MB
Total physical RAM: 8057.77 MB
Percentage of memory in use: 45%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 15 GB) (Disk ID: E0B1BD59)
Disk: 1 (Size: 932 GB) (Disk ID: E0B1BD54)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GS-Enabler-S-1622525965.job => c:\programdata\softwarehouse\gs-enabler\GS-Enabler.exe <==== ATTENTION

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\Temp:A1EDB939

==================== Security Center ==================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Kry�tof\Desktop" je 1928 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================


Tady log z MBAM

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 17. 4. 2014
Scan Time: 13:11:12
Logfile: mbam.txt
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.04.17.02
Rootkit Database: v2014.03.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled

OS: Windows 8
CPU: x64
File System: NTFS
User: KryA!tof

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 318212
Time Elapsed: 12 min, 26 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 44
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{8FAB5165-691E-F165-6C82-D55731885ECD}, , [d39375b63d3e64d20edb5aea28d9b54b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{8FAB5165-691E-F165-6C82-D55731885ECD}, , [d39375b63d3e64d20edb5aea28d9b54b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{8FAB5165-691E-F165-6C82-D55731885ECD}, , [d39375b63d3e64d20edb5aea28d9b54b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\BloCkTiHeAAdAApp.BloCkTiHeAAdAApp, , [d39375b63d3e64d20edb5aea28d9b54b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\BloCkTiHeAAdAApp.BloCkTiHeAAdAApp.3.2, , [d39375b63d3e64d20edb5aea28d9b54b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\BloCkTiHeAAdAApp.BloCkTiHeAAdAApp, , [d39375b63d3e64d20edb5aea28d9b54b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\BloCkTiHeAAdAApp.BloCkTiHeAAdAApp.3.2, , [d39375b63d3e64d20edb5aea28d9b54b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{8FAB5165-691E-F165-6C82-D55731885ECD}, , [d39375b63d3e64d20edb5aea28d9b54b],
PUP.Optional.MultiPlug.A, HKU\S-1-5-21-1001773883-2206983416-447035505-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{8FAB5165-691E-F165-6C82-D55731885ECD}, , [d39375b63d3e64d20edb5aea28d9b54b],
PUP.Optional.MultiPlug.A, HKU\S-1-5-21-1001773883-2206983416-447035505-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{8FAB5165-691E-F165-6C82-D55731885ECD}, , [d39375b63d3e64d20edb5aea28d9b54b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{8FAB5165-691E-F165-6C82-D55731885ECD}, , [d39375b63d3e64d20edb5aea28d9b54b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{8FAB5165-691E-F165-6C82-D55731885ECD}, , [d39375b63d3e64d20edb5aea28d9b54b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{8FAB5165-691E-F165-6C82-D55731885ECD}\INPROCSERVER32, , [d39375b63d3e64d20edb5aea28d9b54b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{16A9FC4C-BD96-71E6-10DF-3992B26D0D21}, , [0c5a4ae11e5d95a1638677cdd42dc13f],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{16A9FC4C-BD96-71E6-10DF-3992B26D0D21}, , [0c5a4ae11e5d95a1638677cdd42dc13f],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{16A9FC4C-BD96-71E6-10DF-3992B26D0D21}, , [0c5a4ae11e5d95a1638677cdd42dc13f],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\BiitSaveer.BiitSaveer, , [0c5a4ae11e5d95a1638677cdd42dc13f],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\BiitSaveer.BiitSaveer.5.1, , [0c5a4ae11e5d95a1638677cdd42dc13f],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\BiitSaveer.BiitSaveer, , [0c5a4ae11e5d95a1638677cdd42dc13f],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\BiitSaveer.BiitSaveer.5.1, , [0c5a4ae11e5d95a1638677cdd42dc13f],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{16A9FC4C-BD96-71E6-10DF-3992B26D0D21}, , [0c5a4ae11e5d95a1638677cdd42dc13f],
PUP.Optional.MultiPlug.A, HKU\S-1-5-21-1001773883-2206983416-447035505-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{16A9FC4C-BD96-71E6-10DF-3992B26D0D21}, , [0c5a4ae11e5d95a1638677cdd42dc13f],
PUP.Optional.MultiPlug.A, HKU\S-1-5-21-1001773883-2206983416-447035505-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{16A9FC4C-BD96-71E6-10DF-3992B26D0D21}, , [0c5a4ae11e5d95a1638677cdd42dc13f],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{16A9FC4C-BD96-71E6-10DF-3992B26D0D21}, , [0c5a4ae11e5d95a1638677cdd42dc13f],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{16A9FC4C-BD96-71E6-10DF-3992B26D0D21}, , [0c5a4ae11e5d95a1638677cdd42dc13f],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{16A9FC4C-BD96-71E6-10DF-3992B26D0D21}\INPROCSERVER32, , [0c5a4ae11e5d95a1638677cdd42dc13f],
PUP.Optional.Surftastic.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{c6673938-a52b-4dc6-af05-783e7e2c8b65}, , [69fd9992611a51e56c5c0e074db560a0],
PUP.Optional.Surftastic.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{07eeef8a-080a-4478-94b6-778245d7a04f}, , [69fd9992611a51e56c5c0e074db560a0],
PUP.Optional.Surftastic.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{861E67AE-B5A7-4EC6-9B02-54AA7825F2DC}, , [69fd9992611a51e56c5c0e074db560a0],
PUP.Optional.Surftastic.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{861E67AE-B5A7-4EC6-9B02-54AA7825F2DC}, , [69fd9992611a51e56c5c0e074db560a0],
PUP.Optional.Surftastic.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{07eeef8a-080a-4478-94b6-778245d7a04f}, , [69fd9992611a51e56c5c0e074db560a0],
PUP.Optional.Surftastic.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{C6673938-A52B-4DC6-AF05-783E7E2C8B65}, , [69fd9992611a51e56c5c0e074db560a0],
PUP.Optional.SquirrelWeb.A, HKU\S-1-5-21-1001773883-2206983416-447035505-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{DD86AF49-1EF1-4532-89F7-41EDA1DBBE6D}, , [2d393af1314ace68d46846d142c0857b],
PUP.Optional.SquirrelWeb.A, HKU\S-1-5-21-1001773883-2206983416-447035505-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{DD86AF49-1EF1-4532-89F7-41EDA1DBBE6D}, , [2d393af1314ace68d46846d142c0857b],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{A3FC46A0-9B62-0EF3-B475-743B3A2762B1}, , [baacc665611a3303f4f5d470af523ec2],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{C5BEEF27-CB82-4A8B-0498-92143CA75423}, , [bfa755d6f98281b597523d07ff0250b0],
PUP.Optional.SquirrelWeb.A, HKLM\SOFTWARE\WOW6432NODE\SquirrelWeb, , [aabca487b4c745f1ba9e881a6c97ea16],
PUP.Optional.Surftastic.A, HKLM\SOFTWARE\WOW6432NODE\Surftastic, , [8bdb4ae199e24ee8152cd0aa7a88ff01],
PUP.Optional.Surftastic.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Surftastic, , [2d390c1f5823fb3b2e144931c73bb14f],
PUP.Optional.AppsHat.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Apps Hat, , [bfa73fec7605ed499780f87c4fb36c94],
PUP.Optional.SquirrelWeb.A, HKU\S-1-5-21-1001773883-2206983416-447035505-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SquirrelWeb, , [3135ba7196e587af1247ddc59c67b64a],
PUP.Optional.Surftastic.A, HKU\S-1-5-21-1001773883-2206983416-447035505-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Surftastic, , [6afc39f288f3a393db65344641c19967],
PUP.Optional.AppsHat.A, HKU\S-1-5-21-1001773883-2206983416-447035505-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Apps Hat, , [f4728c9fb9c283b3d44390e4996921df],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1001773883-2206983416-447035505-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [442257d45c1f51e521982e79798ab64a],

Registry Values: 0
(No malicious items detected)

Registry Data: 1
Trojan.SProtector, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, c:\windows\syswow64\nvinit.dll c:\progra~3\assist~1\assist~1.dll, Good: (), Bad: (c:\progra~3\assist~1\assist~1.dll),,[184ec9625d1e42f469e0173e58a9659b]

Folders: 3
PUP.Optional.GreatSaver.A, C:\ProgramData\SoftWarehouse\GS-Enabler, , [95d12605d6a54de9f291d18eb25041bf],
PUP.Optional.SquirrelWeb.A, C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdnafjfahbdfphihncgadbegiaebehio, , [bda9b7742358c373935695cb907218e8],
PUP.Optional.SquirrelWeb.A, C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdnafjfahbdfphihncgadbegiaebehio\1.0.1_0, , [bda9b7742358c373935695cb907218e8],

Files: 33
Trojan.SProtector, C:\ProgramData\Assistant\Assistant.dll, , [184ec9625d1e42f469e0173e58a9659b],
PUP.Optional.MultiPlug.A, C:\ProgramData\BlockTeheAdAppp\vbYZu8.x64.dll, , [d39375b63d3e64d20edb5aea28d9b54b],
PUP.Optional.MultiPlug.A, C:\ProgramData\BlockTeheAdAppp\vbYZu8.dll, , [d39375b63d3e64d20edb5aea28d9b54b],
PUP.Optional.MultiPlug.A, C:\ProgramData\BietSSavoer\IFyd.x64.dll, , [0c5a4ae11e5d95a1638677cdd42dc13f],
PUP.Optional.MultiPlug.A, C:\ProgramData\BietSSavoer\IFyd.dll, , [0c5a4ae11e5d95a1638677cdd42dc13f],
Trojan.SProtector, C:\ProgramData\Assistant\AssistantSvc.dll, , [4b1b33f83a41ba7c52f8173e25dce51b],
PUP.Optional.MultiPlug.A, C:\ProgramData\BietSSavoer\IFyd.exe, , [baacc665611a3303f4f5d470af523ec2],
PUP.Optional.MultiPlug.A, C:\ProgramData\BlockTeheAdAppp\vbYZu8.exe, , [bfa755d6f98281b597523d07ff0250b0],
PUP.Optional.RelevantKnowledge, C:\Users\KryA!tof\AppData\Local\Temp\CSMA905.tmp, , [b2b46fbc96e55adcd01a44e762a255ab],
PUP.Optional.Somoto.A, C:\Users\KryA!tof\AppData\Local\Temp\appshat_generic.exe, , [70f65bd09be02e08d9432cf609f79b65],
PUP.Optional.Somoto.A, C:\Users\KryA!tof\AppData\Local\Temp\FLVPlayerSetup.exe, , [b5b166c5601b9b9b00c24ce5728efc04],
PUP.Optional.Somoto, C:\Users\KryA!tof\AppData\Local\Temp\FLVPlayerUpdate_downloader_by_FLVPlayerUpdate.exe, , [12542803d6a589ada9415bed956fc23e],
PUP.Optional.Somoto, C:\Users\KryA!tof\AppData\Local\Temp\UpdateCheckerSetup.exe, , [2a3c969552292313ce1fa680b54b53ad],
PUP.Optional.Somoto.A, C:\Users\KryA!tof\AppData\Local\Temp\BI_RunOnce.exe, , [40262308b2c9f14579fe47cb6e937c84],
PUP.Optional.MultiPlug.A, C:\Users\KryA!tof\AppData\Local\Temp\down.6568.newtab_setup.exe, , [68fe68c3afcc86b08b38956781829e62],
PUP.Optional.MultiPlug.A, C:\Users\KryA!tof\AppData\Local\Temp\{0CB3F609-B24D-4809-AAE2-FA6FD750D4FF}\Addons\browsecoupon_setup.exe, , [2046f8332b5064d2bd06e61635cefc04],
PUP.Optional.MultiPlug.A, C:\Users\KryA!tof\AppData\Local\Temp\{0CB3F609-B24D-4809-AAE2-FA6FD750D4FF}\Addons\extIE_setup.exe, , [2b3bbe6d4d2e2f07764dba4233d0629e],
PUP.Optional.MultiPlug.A, C:\Users\KryA!tof\AppData\Local\Temp\{0CB3F609-B24D-4809-AAE2-FA6FD750D4FF}\Addons\ext_setup.exe, , [16509695de9d3df923a0609cf211fb05],
PUP.Optional.EZDownloader.A, C:\Users\KryA!tof\AppData\Local\Temp\{0CB3F609-B24D-4809-AAE2-FA6FD750D4FF}\Addons\EzDownloader_setup.exe, , [78eedd4e0576b086671853cc926efe02],
PUP.Optional.MultiPlug.A, C:\Users\KryA!tof\AppData\Local\Temp\{0CB3F609-B24D-4809-AAE2-FA6FD750D4FF}\Addons\helper_setup.exe, , [a3c39a91cfac5bdbabdabc7042bf8b75],
PUP.Optional.NextLive.A, C:\Users\KryA!tof\AppData\Local\Temp\{0CB3F609-B24D-4809-AAE2-FA6FD750D4FF}\Addons\Mobogenie_Setup_2.1.26_519.exe, , [fe6874b7f18a053100364a05e31e56aa],
PUP.Optional.MultiPlug.A, C:\Users\KryA!tof\AppData\Local\Temp\{0CB3F609-B24D-4809-AAE2-FA6FD750D4FF}\Addons\ytab_setup.exe, , [f670c3683e3dd561744fe517a75c7789],
PUP.Optional.MultiPlug.A, C:\Users\KryA!tof\AppData\Local\Temp\{0CB3F609-B24D-4809-AAE2-FA6FD750D4FF}\Addons\ytbmk_setup.exe, , [343219125a213501477c8e6e9f64936d],
Trojan.Agent.CK, C:\Users\KryA!tof\Downloads\Autodesk-2014-X-force-KeyGen.zip, , [89ddc8634536092d06e363a87b8745bb],
PUP.Optional.Somoto.A, C:\Users\KryA!tof\Downloads\a_downloader-coETZe67.exe, , [e2849d8ed2a98ea816fd3fc1f70d7c84],
PUP.Optional.OpenCandy, C:\Users\KryA!tof\Downloads\DTLite4481-0347.exe, , [1b4b1219dc9fda5c951d262321e3fb05],
PUP.Optional.Surftastic.A, C:\Users\KryA!tof\AppData\Roaming\Mozilla\Firefox\Profiles\ldkstv6b.default\extensions\{01531192-f7ef-415f-a549-cfdb11836731}.xpi, , [1f47cf5c512a14225034234ff012f907],
PUP.Optional.GreatSaver.A, C:\Windows\Tasks\GS-Enabler-S-1622525965.job, , [0165a9823447082e7e197ffd54ae20e0],
PUP.Optional.GreatSaver.A, C:\ProgramData\SoftWarehouse\GS-Enabler\1622525965.ini, , [95d12605d6a54de9f291d18eb25041bf],
PUP.Optional.SquirrelWeb.A, C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdnafjfahbdfphihncgadbegiaebehio\1.0.1_0\background.js, , [bda9b7742358c373935695cb907218e8],
PUP.Optional.SquirrelWeb.A, C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdnafjfahbdfphihncgadbegiaebehio\1.0.1_0\content.js, , [bda9b7742358c373935695cb907218e8],
PUP.Optional.SquirrelWeb.A, C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdnafjfahbdfphihncgadbegiaebehio\1.0.1_0\icon.png, , [bda9b7742358c373935695cb907218e8],
PUP.Optional.SquirrelWeb.A, C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdnafjfahbdfphihncgadbegiaebehio\1.0.1_0\manifest.json, , [bda9b7742358c373935695cb907218e8],

Physical Sectors: 0
(No malicious items detected)


(end)

Smazat všechno?



Prosím o radu ohledně dalšího postupu, děkuji.

Re: Prosím o radu a kontrolu logu, větrák stále běží

Napsal: 17 dub 2014 16:42
od Rudy
Zdravím!
Vše, co MBA? nalezl, smažte. Dále otevřte poznámkový blok a zkopírujte do něj:
Start
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1001773883-2206983416-447035505-1002\...\Run: [Akamai NetSession Interface] => C:\Users\Kryštof\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
C:\Users\Kryštof\AppData\Local\Akamai
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
SearchScopes: HKLM - DefaultScope {55AAFDA2-1AB4-40FA-8EF9-2AAF0521B098} URL = http://www.bing.com/search?q={searchTer ... &pc=MALNJS
SearchScopes: HKLM - {55AAFDA2-1AB4-40FA-8EF9-2AAF0521B098} URL = http://www.bing.com/search?q={searchTer ... &pc=MALNJS
SearchScopes: HKLM-x32 - {55AAFDA2-1AB4-40FA-8EF9-2AAF0521B098} URL = http://www.bing.com/search?q={searchTer ... &pc=MALNJS
BHO: BietSSavoer - {16A9FC4C-BD96-71E6-10DF-3992B26D0D21} - C:\ProgramData\BietSSavoer\IFyd.x64.dll ()
BHO: BlockTeheAdAppp - {8FAB5165-691E-F165-6C82-D55731885ECD} - C:\ProgramData\BlockTeheAdAppp\vbYZu8.x64.dll ()
BHO-x32: BietSSavoer - {16A9FC4C-BD96-71E6-10DF-3992B26D0D21} - C:\ProgramData\BietSSavoer\IFyd.dll ()
BHO-x32: BlockTeheAdAppp - {8FAB5165-691E-F165-6C82-D55731885ECD} - C:\ProgramData\BlockTeheAdAppp\vbYZu8.dll ()
BHO-x32: Surftastic - {c6673938-a52b-4dc6-af05-783e7e2c8b65} - C:\Program Files (x86)\Surftastic\Surftasticbho.dll No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
FF ProfilePath: C:\Users\Kryštof\AppData\Roaming\Mozilla\Firefox\Profiles\ldkstv6b.default
FF DefaultSearchEngine: Bing
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
CHR Extension: (Into The Mist) - C:\Users\Kryštof\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgihmkgobaljfehcadcckdggpeojaadh [2014-02-27]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S2 699fd52f; C:\ProgramData\Assistant\AssistantSvc.dll [178000 2014-04-03] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584 2014-03-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748608 2014-03-03] (Microsoft Corporation)
S2 Update Surftastic; "C:\Program Files (x86)\Surftastic\updateSurftastic.exe" [X]
S2 Util Surftastic; "C:\Program Files (x86)\Surftastic\bin\utilSurftastic.exe" [X]
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\windows\Tasks\GS-Enabler-S-1622525965.job
C:\windows\System32\Tasks\AutoKMS
C:\windows\Tasks\AutoKMS.job
C:\ProgramData\27776457982a3b3f
C:\Users\Kryštof\AppData\Local\Temp
Task: C:\windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GS-Enabler-S-1622525965.job => c:\programdata\softwarehouse\gs-enabler\GS-Enabler.exe <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:A1EDB939
Task: {9DD5D8BE-1BDD-4EB7-A39F-A3FAF08D75CE} - System32\Tasks\SomotoUpdateCheckerAutoStart => C:\Users\Kryštof\AppData\Local\FilesFrog Update Checker\update_checker.exe <==== ATTENTION
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Prosím o radu a kontrolu logu, větrák stále běží

Napsal: 17 dub 2014 19:04
od krystof37
Log je moc dlouhý...

Přikládám celý soubor.

Re: Prosím o radu a kontrolu logu, větrák stále běží

Napsal: 17 dub 2014 19:17
od Rudy
Smazáno, log je již OK.

Re: Prosím o radu a kontrolu logu, větrák stále běží

Napsal: 17 dub 2014 19:29
od krystof37
Děkuji Vám za pomoc.

Re: Prosím o radu a kontrolu logu, větrák stále běží

Napsal: 17 dub 2014 20:26
od Rudy
Rádo se stalo! :)