Prosím o kontrolu logu avast mi našel vír

Zpráva

Pavouk1 · #1 Příspěvek od **Pavouk1** » 19 čer 2014 14:29

Logfile of random's system information tool 1.09 (written by random/random)
Run by uzivatel at 2014-06-19 15:28:16
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 143 GB (30%) free of 477 GB
Total RAM: 4044 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:28:18, on 19.6.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
C:\Program Files (x86)\Systweak Support Dock\SystweakDock.exe
C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files\trend micro\uzivatel.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.buenosearch.com/?babsrc=HP_s ... 2&tsp=5273
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
O4 - Global Startup: AVer HID Receiver.lnk = C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
O4 - Global Startup: AVerQuick.lnk = C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AVerRemote - AVerMedia - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
O23 - Service: AVerScheduleService - Unknown owner - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
O23 - Service: AVerUpdateServer - AVerMedia TECHNOLOGIES, Inc. - C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Unknown owner - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe (file missing)
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9830 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
taskeng.exe {B3F64577-3F22-4D71-A482-5476D6203171}
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe"
"C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe"
"C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe"
"C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe"
taskeng.exe {CF05E00C-7A24-4B5D-A1EB-F48A18FA80EF}
"C:\Program Files (x86)\Systweak Support Dock\SystweakDock.exe" -autorun
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Windows\WindowsMobile\wmdc.exe"
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\msiexec.exe /V
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=1812.6bae9d0.1293766428 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 1812 "\\.\pipe\gecko-crash-server-pipe.1812" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe" --proxy-stub-channel=Flash2360.61F96010.31584 --host-broker-channel=Flash2360.61F96010.21493 --host-pid=2360 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe" --channel=2376.0024F570.887068117 --proxy-stub-channel=Flash2360.61F96010.31584 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll" --host-npapi-version=27 --type=renderer
"C:\totalcmd\TOTALCMD.EXE"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
taskeng.exe {68978C78-76CC-450C-903A-6DE3402A75E9}
C:\Windows\system32\igfxsrvc.exe -Embedding
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\uzivatel\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-1.job
C:\Windows\tasks\bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-3.job
C:\Windows\tasks\bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-4.job
C:\Windows\tasks\bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-5.job
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\hdw5gtoa.default

prefs.js - "browser.search.useDBForOrder" - false

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll

C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\hdw5gtoa.default\extensions\
048da175-3ee8-49e5-9d6f-2feb4d4793d5@3f15bd8f-93f6-4d68-a7c5-ae4f792d6bd4.com
matchersite@matchersite.com
staged
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\hdw5gtoa.default\searchplugins\
buenosearch.xml
firmycz.xml
mapycz.xml
zbocz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-06-19 218784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-04-09 724512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2014-06-19 885464]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-06-19 2335960]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-03-11 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-04-09 597816]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2014-06-19 709848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-03-11 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-14 2837288]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-08-09 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-08-09 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-08-09 416024]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"KiesAirMessage"=C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup []
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [2014-03-13 779776]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-04-09 3854640]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2014-04-23 311616]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2014-01-10 1861968]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AVer HID Receiver.lnk - C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
AVerQuick.lnk - C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-08-09 390144]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-06-19 15:28:16 ----D---- C:\rsit
2014-06-18 21:04:43 ----D---- C:\Program Files (x86)\Systweak Support Dock
2014-06-14 13:33:38 ----A---- C:\Windows\system32\drivers\{572f484b-455f-44b0-9d6a-da3ad2071365}Gw64.sys
2014-06-09 20:34:04 ----D---- C:\Program Files (x86)\Advanced System Protector
2014-06-09 20:33:58 ----D---- C:\Program Files (x86)\SecurityXploded
2014-06-09 20:33:45 ----A---- C:\Windows\system32\roboot64.exe
2014-06-09 20:33:40 ----D---- C:\Users\uzivatel\AppData\Roaming\systweak
2014-06-09 20:24:00 ----D---- C:\Program Files (x86)\globalUpdate
2014-06-09 20:23:59 ----D---- C:\Program Files (x86)\Plus-HD-9.6
2014-06-09 20:20:38 ----D---- C:\Program Files (x86)\SiteLookup
2014-06-09 20:20:26 ----D---- C:\Users\uzivatel\AppData\Roaming\SimilarSites
2014-06-03 11:52:03 ----D---- C:\Program Files (x86)\ZX Games
2014-05-25 18:17:00 ----D---- C:\9
2014-05-23 17:17:26 ----D---- C:\Users\uzivatel\AppData\Roaming\DivX
2014-05-23 17:17:25 ----D---- C:\Program Files\DivX
2014-05-23 17:15:20 ----D---- C:\Program Files (x86)\DivX
2014-05-23 17:14:39 ----D---- C:\ProgramData\DivX

======List of files/folders modified in the last 1 month======

2014-06-19 15:28:17 ----D---- C:\Windows\Temp
2014-06-19 15:28:17 ----D---- C:\Program Files\trend micro
2014-06-19 15:21:02 ----RD---- C:\Program Files (x86)
2014-06-19 15:20:53 ----D---- C:\Windows\system32\Tasks
2014-06-19 15:20:29 ----SHD---- C:\Windows\Installer
2014-06-19 15:20:29 ----D---- C:\Config.Msi
2014-06-19 15:18:51 ----D---- C:\Windows\system32\config
2014-06-19 15:17:05 ----D---- C:\Windows\Microsoft.NET
2014-06-19 15:16:57 ----RSD---- C:\Windows\assembly
2014-06-19 15:16:54 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-06-19 15:15:48 ----D---- C:\Windows\Tasks
2014-06-19 15:15:43 ----D---- C:\Program Files\Microsoft Office 15
2014-06-19 15:13:33 ----A---- C:\Windows\win.ini
2014-06-19 15:09:52 ----D---- C:\Windows\Prefetch
2014-06-18 21:04:37 ----D---- C:\ProgramData
2014-06-18 21:04:35 ----D---- C:\Windows\System32
2014-06-14 13:33:38 ----D---- C:\Windows\system32\drivers
2014-06-09 20:32:30 ----D---- C:\3
2014-06-09 20:28:39 ----D---- C:\2
2014-06-09 20:25:55 ----D---- C:\1
2014-06-08 11:30:41 ----SHD---- C:\System Volume Information
2014-06-05 18:51:17 ----D---- C:\české
2014-06-05 18:40:29 ----D---- C:\Windows\inf
2014-06-05 18:40:29 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-06-01 17:12:33 ----D---- C:\Windows\system32\wdi
2014-06-01 13:29:19 ----D---- C:\Users\uzivatel\AppData\Roaming\vlc
2014-05-27 17:42:42 ----D---- C:\7
2014-05-27 11:12:21 ----D---- C:\Windows\system32\catroot2
2014-05-25 17:58:06 ----D---- C:\Windows
2014-05-24 20:40:17 ----D---- C:\Windows\SysWOW64
2014-05-24 20:40:13 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-05-23 17:17:34 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-05-23 17:17:25 ----RD---- C:\Program Files
2014-05-23 17:17:11 ----D---- C:\Windows\winsxs
2014-05-23 17:17:03 ----D---- C:\Program Files (x86)\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-04-09 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-04-09 208928]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 {572f484b-455f-44b0-9d6a-da3ad2071365}Gw64;{572f484b-455f-44b0-9d6a-da3ad2071365}Gw64; C:\Windows\system32\drivers\{572f484b-455f-44b0-9d6a-da3ad2071365}Gw64.sys [2014-06-09 61120]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-04-09 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-04-09 1039096]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-04-09 423240]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-04-09 79184]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-08-18 9981952]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-08-17 310272]
R3 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-04-09 84816]
R3 AVerFx2hbtv64;AVerMedia USB SW Hybrid Tuner; C:\Windows\system32\drivers\AVerFx2hbtv64.sys [2012-09-19 691968]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2012-02-01 134696]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2011-08-09 12289472]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2012-09-14 43832]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-10-14 396848]
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-07-01 4745280]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-04-11 110336]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-08-09 12289472]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-09-02 339048]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-04-11 206080]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudserd.sys [2014-04-11 206080]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-08-17 204288]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-04-09 50344]
R2 AVerRemote;AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [2011-08-19 360448]
R2 AVerScheduleService;AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [2011-04-01 403456]
R2 AVerUpdateServer;AVerUpdateServer; C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe [2011-10-31 167936]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-05-21 2279608]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Freemake Improver;Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2014-02-25 108032]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2014-03-30 5132888]
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-06-09 68608]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-24 257712]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-01-30 279000]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe -s DefaultInstance []
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-06-09 68608]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-05-12 119408]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-03-30 150600]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-04-15 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 19 čer 2014 14:35

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Pavouk1 · #3 Příspěvek od **Pavouk1** » 19 čer 2014 14:53

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by uzivatel on źt 19.06.2014 at 15:44:26,28
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1179131461-2123647519-3716675352-1001\Software\Microsoft\Internet Explorer\Main\\Start Page

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\secman.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Myfree Codec
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\distromatic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installedbrowserextensions
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\systweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Myfree Codec
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\installedbrowserextensions
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\Users\uzivatel\AppData\Roaming\similarsites"
Successfully deleted: [Folder] "C:\Users\uzivatel\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Program Files (x86)\advanced system protector"
Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"

~~~ FireFox

Successfully deleted: [File] C:\Users\uzivatel\AppData\Roaming\mozilla\firefox\profiles\hdw5gtoa.default\user.js
Successfully deleted: [File] C:\Users\uzivatel\AppData\Roaming\mozilla\firefox\profiles\hdw5gtoa.default\invalidprefs.js
Successfully deleted: [Folder] C:\Users\uzivatel\AppData\Roaming\mozilla\firefox\profiles\hdw5gtoa.default\extensions\staged
Successfully deleted the following from C:\Users\uzivatel\AppData\Roaming\mozilla\firefox\profiles\hdw5gtoa.default\prefs.js

user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A
user_pref("extensions.buenosearch.lastB", "hxxp://www.buenosearch.com/?babsrc=HP_ss&mntrI ... 2&tsp=5273");
user_pref("extensions.buenosearch.tb_url", "hxxp://www.buenosearch.com/?q={searchTerms}&ba ... 2&tsp=5273");
user_pref("extensions.buenosearch.tlbrSrchUrl", "hxxp://www.buenosearch.com/?q={searchTerms}&ba ... 2&tsp=5273");
user_pref("extensions.crossrider.bic", "14681dfb1f1d4a210f7ba4bd6c13a147");
Emptied folder: C:\Users\uzivatel\AppData\Roaming\mozilla\firefox\profiles\hdw5gtoa.default\minidumps [39 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 19.06.2014 at 15:52:09,17
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Pavouk1 · #4 Příspěvek od **Pavouk1** » 19 čer 2014 14:57

# AdwCleaner v3.212 - Report created 19/06/2014 at 15:55:23
# Updated 05/06/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : uzivatel - UZIVATEL-PC
# Running from : C:\Users\uzivatel\Desktop\adwcleaner_3.2121.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Cleaner
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Systweak Support Dock
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\PC Cleaner
Folder Deleted : C:\Program Files (x86)\Systweak Support Dock
Folder Deleted : C:\Users\uzivatel\AppData\Local\globalUpdate
Folder Deleted : C:\Users\uzivatel\AppData\Roaming\Systweak
Folder Deleted : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\hdw5gtoa.default\Extensions\048da175-3ee8-49e5-9d6f-2feb4d4793d5@3f15bd8f-93f6-4d68-a7c5-ae4f792d6bd4.com
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\hdw5gtoa.default\searchplugins\buenosearch.xml
File Deleted : C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
File Deleted : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
File Deleted : C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
File Deleted : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
File Deleted : C:\Windows\Tasks\bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-1.job
File Deleted : C:\Windows\System32\Tasks\bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-1
File Deleted : C:\Windows\Tasks\bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-3.job
File Deleted : C:\Windows\System32\Tasks\bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-3
File Deleted : C:\Windows\Tasks\bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-4.job
File Deleted : C:\Windows\System32\Tasks\bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-4
File Deleted : C:\Windows\Tasks\bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-5.job
File Deleted : C:\Windows\System32\Tasks\bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-5

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKCU\Software\systweak
Key Deleted : HKLM\Software\systweak
Key Deleted : [x64] HKLM\SOFTWARE\installedbrowserextensions

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041

-\\ Mozilla Firefox v29.0.1 (cs)

[ File : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\hdw5gtoa.default\prefs.js ]

Line Deleted : user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
Line Deleted : user_pref("extensions.buenosearch.admin", false);
Line Deleted : user_pref("extensions.buenosearch.aflt", "babsst");
Line Deleted : user_pref("extensions.buenosearch.appId", "{37EB75F2-7392-4DBE-B5AD-147EC6D7BF5F}");
Line Deleted : user_pref("extensions.buenosearch.autoRvrt", "false");
Line Deleted : user_pref("extensions.buenosearch.bbDpng", "19");
Line Deleted : user_pref("extensions.buenosearch.cntry", "CZ");
Line Deleted : user_pref("extensions.buenosearch.dfltLng", "cs");
Line Deleted : user_pref("extensions.buenosearch.excTlbr", false);
Line Deleted : user_pref("extensions.buenosearch.ffxUnstlRst", true);
Line Deleted : user_pref("extensions.buenosearch.hdrMd5", "3090E4C05502A35A6C8C8965580CEE8C");
Line Deleted : user_pref("extensions.buenosearch.id", "245cd0720000000000003859f9ed0a6f");
Line Deleted : user_pref("extensions.buenosearch.instlDay", "16230");
Line Deleted : user_pref("extensions.buenosearch.instlRef", "sst");
Line Deleted : user_pref("extensions.buenosearch.lastVrsnTs", "1.8.28.720:20:49");
Line Deleted : user_pref("extensions.buenosearch.newTab", false);
Line Deleted : user_pref("extensions.buenosearch.prdct", "buenosearch");
Line Deleted : user_pref("extensions.buenosearch.prtnrId", "buenosearch");
Line Deleted : user_pref("extensions.buenosearch.rvrt", "false");
Line Deleted : user_pref("extensions.buenosearch.sg", "azb");
Line Deleted : user_pref("extensions.buenosearch.smplGrp", "none");
Line Deleted : user_pref("extensions.buenosearch.tlbrId", "base");
Line Deleted : user_pref("extensions.buenosearch.vrsn", "1.8.28.7");
Line Deleted : user_pref("extensions.buenosearch.vrsnTs", "1.8.28.720:20:49");
Line Deleted : user_pref("extensions.buenosearch.vrsni", "1.8.28.7");

*************************

AdwCleaner[R2].txt - [5817 octets] - [19/06/2014 15:54:36]
AdwCleaner[S2].txt - [5816 octets] - [19/06/2014 15:55:23]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [5876 octets] ##########

#5 Příspěvek od **vyosek** » 19 čer 2014 15:08

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Pavouk1 · #6 Příspěvek od **Pavouk1** » 19 čer 2014 15:32

Zoek.exe v5.0.0.0 Updated 16-June-2014
Tool run by uzivatel on źt 19.06.2014 at 16:11:51,52.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\uzivatel\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

19.6.2014 16:12:38 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1179131461-2123647519-3716675352-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\hdw5gtoa.default\prefs.js:
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.useDBForOrder", false);

Added to C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\hdw5gtoa.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\hdw5gtoa.default

user.js not found
---- Lines a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304 removed from prefs.js ----
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d6
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d6
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.active", true);
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.addressbar", "NA");
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.addressbarenhanced", "");
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.asyncdb.was_copied", "true");
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.asyncdb_dbWasSet", true);
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.asyncdb_dbWasSet_FF25_FIX", true);
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.asyncinternaldb.was_copied", "true");
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.asyncinternaldb_dbWasSet", true);
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.asyncinternaldb_dbWasSet_FF25_FIX", true);
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.backgroundver", 1);
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.certdomaininstaller", "");
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.cookie.InstallationTime.expiration", "Fri Feb 01
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.cookie.InstallationTime.value", "%221402338235%2
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.cookie.InstallerParams.expiration", "Fri Feb 01
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.cookie.jw_token.expiration", "Fri Feb 01 2030 00
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.cookie.jw_token.value", "%22f4f971e1-948f-c3c1-5
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.description", "Turn YouTube videos to High Defin
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.domain", "");
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.enablesearch", false);
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.homepage", "");
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.changeprevious", false);
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.iframe", false);
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.InstallationThankYouPage", true);
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.InstallationTime", 1402338235);
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.internaldb.__defualt_browser__.expiration", "Fri
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.internaldb.__defualt_browser__.value", "%22ff%22
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.internaldb._installer_additional_info.expiration
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.internaldb._installer_additional_info.value", "%
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.internaldb.installer.expiration", "Fri Feb 01 20
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.internaldb.installer.value", "%7B%22InstallerIde
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.internaldb.InstallerIdentifiers.expiration", "Fr
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.internaldb.InstallerIdentifiers.value", "%7B%22i
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.internaldb.InstallerParams.expiration", "Fri Feb
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.internaldb.InstallerParams.value", "%7B%22source
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.internaldb.InstallerParamsCache.expiration", "Fr
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.internaldb.InstallerParamsCache.value", "%7B%22s
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.internaldb.InstallerUserIdentifiersCache.expirat
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.internaldb.InstallerUserIdentifiersCache.value",
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.internaldb.monetization_plugin_bundledUrls.expir
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.internaldb.monetization_plugin_bundledWithHash.e
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.internaldb.monetization_plugin_bundledWithHash.v
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.internaldb.monetization_plugin_notBundledArr_.ex
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.internaldb.monetization_plugin_notBundledArr_.va
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.internaldb.Resources_appVer.expiration", "Fri Fe
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.internaldb.Resources_appVer.value", "53");
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.internaldb.Resources_lastVersion.expiration", "F
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.internaldb.Resources_lastVersion.value", "1");
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.internaldb.Resources_meta.expiration", "Fri Feb
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.internaldb.Resources_meta.value", "%7B%7D");
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.internaldb.Resources_nextCheck.expiration", "Thu
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.internaldb.Resources_nextCheck.value", "true");
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.internaldb.Resources_queue.expiration", "Fri Feb
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.internaldb.Resources_queue.value", "%7B%7D");
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.internaldb.Resources_remote_resources.expiration
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.internaldb.Resources_remote_resources.value", "%
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.lastDailyReport", "1403183404840");
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.lastUpdate", "1403183404092");
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.manifesturl", "");
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.name", "Plus-HD-9.6");
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.newtab", "");
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.opensearch", "");
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.pluginsurl", "http://js.datagenserv.com/plugin/a
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.pluginsversion", 47);
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.publisher", "Plus HD");
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.searchstatus", 0);
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.setnewtab", false);
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.thankyou", "");
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.updateinterval", 360);
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.57304.ver", 53);
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.apps", "57304");
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.bic", "14681dfb1f1d4a210f7ba4bd6c13a147");
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.cid", 57304);
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.firstrun", false);
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.hadappinstalled", true);
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.installationdate", 1402338259);
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.modetype", "production");
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.reportInstall", true);
user_pref("extensions.a048da1753ee849e59d6f2feb4d4793d53f15bd8f93f64d68a7c5ae4f792d6bd4com57304.statsDailyCounter", 7);
---- FireFox user.js and prefs.js backups ----

prefs_19.06.2014_1621_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted
C:\PROGRA~2\Plus-HD-9.6 deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec deleted
C:\Users\uzivatel\Downloads\SoftonicDownloader_for_password-viewer.exe deleted
C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\hdw5gtoa.default\jetpack deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [09.04.2014 20:42]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [09.04.2014 20:42]

==== Firefox Extensions ======================

ProfilePath: C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\hdw5gtoa.default
- Site Matcher - %ProfilePath%\extensions\matchersite@matchersite.com
- Seznam litika - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\hdw5gtoa.default
A58DE0A570148AF5FF3512B2A340D09F - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll - Shockwave Flash
18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013

==== Chrome Look ======================

Comodo Web Inspector - uzivatel\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdngekjahnmlkinegnhdmmbcfnmbclnn
Plus-HD-9.6 - uzivatel\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne

==== Chrome Fix ======================

C:\Users\uzivatel\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{005DC5FE-526D-4DD5-BBAB-B571C92EF656} Encyklopedie Seznam Url="http://encyklopedie.seznam.cz/search?q= ... arch_12454"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{448244BE-C91D-4674-A643-93F2279C2DE5} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_12454"
{5434CA23-B6EE-4DBB-9436-81629B171C6B} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchT ... arch_12454"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"
{97FF3DDF-1040-4D48-AF92-366729F262D9} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms} ... arch_12454"
{99CC6ED6-0612-4BEE-A0A4-F87E9F1ED2CE} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454"
{CA61B324-EEDB-4B2B-BB27-31C1760949A1} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_12454"
{F49027AC-C844-48E9-9B68-05DE04E92FF2} Firmy.cz Url="http://www.firmy.cz/?q={searchTerms}&so ... arch_12454"
{FCFD227E-89A9-4541-991D-D2FB17483835} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_12454"

==== Reset Google Chrome ======================

C:\Users\uzivatel\AppData\Local\Comodo\Dragon\User Data\Default\Preferences was reset successfully
C:\Users\uzivatel\AppData\Local\Comodo\Dragon\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-9.6 deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\uzivatel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\uzivatel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\uzivatel\AppData\Local\Mozilla\Firefox\Profiles\hdw5gtoa.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\uzivatel\AppData\Local\Comodo\Dragon\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=95 folders=18 7689111 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\uzivatel\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\uzivatel\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on źt 19.06.2014 at 16:29:44,53 ======================

#7 Příspěvek od **vyosek** » 19 čer 2014 15:33

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

Pavouk1 · #8 Příspěvek od **Pavouk1** » 19 čer 2014 15:38

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-06-2014
Ran by uzivatel (administrator) on UZIVATEL-PC on 19-06-2014 16:36:36
Running from C:\Users\uzivatel\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
() C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-04-09] (AVAST Software)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-04-23] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1179131461-2123647519-3716675352-1001\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-1179131461-2123647519-3716675352-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [779776 2014-03-13] (ZONER software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk
ShortcutTarget: AVerQuick.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
URLSearchHook: HKLM-x32 - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {005DC5FE-526D-4DD5-BBAB-B571C92EF656} URL = http://encyklopedie.seznam.cz/search?q= ... arch_12454
SearchScopes: HKCU - {448244BE-C91D-4674-A643-93F2279C2DE5} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
SearchScopes: HKCU - {5434CA23-B6EE-4DBB-9436-81629B171C6B} URL = http://www.novinky.cz/hledej?w={searchT ... arch_12454
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {97FF3DDF-1040-4D48-AF92-366729F262D9} URL = http://www.mapy.cz/?query={searchTerms} ... arch_12454
SearchScopes: HKCU - {99CC6ED6-0612-4BEE-A0A4-F87E9F1ED2CE} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454
SearchScopes: HKCU - {CA61B324-EEDB-4B2B-BB27-31C1760949A1} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKCU - {F49027AC-C844-48E9-9B68-05DE04E92FF2} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_12454
SearchScopes: HKCU - {FCFD227E-89A9-4541-991D-D2FB17483835} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.2

FireFox:
========
FF ProfilePath: C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\hdw5gtoa.default
FF NewTab: hxxp://www.google.com/
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\hdw5gtoa.default\searchplugins\firmycz.xml
FF SearchPlugin: C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\hdw5gtoa.default\searchplugins\mapycz.xml
FF SearchPlugin: C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\hdw5gtoa.default\searchplugins\zbocz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Site Matcher - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\hdw5gtoa.default\Extensions\matchersite@matchersite.com [2014-06-09]
FF Extension: Seznam lištička - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\hdw5gtoa.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-06-05]
FF Extension: Adblock Plus - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\hdw5gtoa.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-15]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-13]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-04-09]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-04-09]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-09] (AVAST Software)
R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [360448 2011-08-19] (AVerMedia) [File not signed]
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [403456 2011-04-01] () [File not signed]
R2 AVerUpdateServer; C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe [167936 2011-10-31] (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2279608 2014-05-21] (Microsoft Corporation)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-02-25] (Freemake) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 FirebirdServerDefaultInstance; "C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe" -s DefaultInstance [X]

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-09] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [84816 2014-04-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-04-09] ()
R3 AVerFx2hbtv64; C:\Windows\System32\drivers\AVerFx2hbtv64.sys [691968 2012-09-19] (AVerMedia TECHNOLOGIES, Inc.)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2012-02-01] (Broadcom Corporation.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [43832 2012-09-14] (Synaptics Incorporated)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [206080 2014-04-11] (DEVGURU Co., LTD.(www.devguru.co.kr))
R1 {572f484b-455f-44b0-9d6a-da3ad2071365}Gw64; C:\Windows\System32\drivers\{572f484b-455f-44b0-9d6a-da3ad2071365}Gw64.sys [61120 2014-06-09] (StdLib)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-06-19 16:36 - 2014-06-19 16:37 - 00015510 _____ () C:\Users\uzivatel\Desktop\FRST.txt
2014-06-19 16:36 - 2014-06-19 16:36 - 00000000 ____D () C:\FRST
2014-06-19 16:36 - 2014-06-19 16:35 - 02082304 _____ (Farbar) C:\Users\uzivatel\Desktop\FRST64.exe
2014-06-19 16:35 - 2014-06-19 16:35 - 02082304 _____ (Farbar) C:\Users\uzivatel\Downloads\FRST64.exe
2014-06-19 16:24 - 2014-06-19 16:11 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-06-19 16:12 - 2014-06-19 16:29 - 00021247 _____ () C:\zoek-results.log
2014-06-19 16:11 - 2014-06-19 16:23 - 00000000 ____D () C:\zoek_backup
2014-06-19 16:10 - 2014-06-19 16:09 - 01285120 _____ () C:\Users\uzivatel\Desktop\zoek.exe
2014-06-19 16:09 - 2014-06-19 16:09 - 01285120 _____ () C:\Users\uzivatel\Downloads\zoek.exe
2014-06-19 15:54 - 2014-06-19 15:55 - 00000000 ____D () C:\AdwCleaner
2014-06-19 15:54 - 2014-06-19 15:43 - 01333465 _____ () C:\Users\uzivatel\Desktop\adwcleaner_3.2121.exe
2014-06-19 15:53 - 2014-06-19 15:53 - 00001149 _____ () C:\Users\Public\Desktop\PC Cleaner.lnk
2014-06-19 15:52 - 2014-06-19 15:52 - 00004743 _____ () C:\Users\uzivatel\Desktop\JRT.txt
2014-06-19 15:43 - 2014-06-19 15:43 - 01333465 _____ () C:\Users\uzivatel\Desktop\adwcleaner_3.212.exe
2014-06-19 15:43 - 2014-06-19 15:42 - 01016261 _____ (Thisisu) C:\Users\uzivatel\Desktop\JRT.exe
2014-06-19 15:42 - 2014-06-19 15:43 - 01333465 _____ () C:\Users\uzivatel\Downloads\adwcleaner_3.212.exe
2014-06-19 15:42 - 2014-06-19 15:42 - 01016261 _____ (Thisisu) C:\Users\uzivatel\Downloads\JRT.exe
2014-06-19 15:28 - 2014-06-19 15:28 - 00000000 ____D () C:\rsit
2014-06-18 21:04 - 2014-06-19 15:15 - 00001162 _____ () C:\Users\uzivatel\Desktop\Live PC Help.lnk
2014-06-18 21:04 - 2014-06-18 21:04 - 00003154 _____ () C:\Windows\System32\Tasks\Systweak Support Dock
2014-06-18 21:04 - 2014-06-18 21:04 - 00001301 _____ () C:\Users\Public\Desktop\Systweak Support Dock.lnk
2014-06-14 13:33 - 2014-06-09 12:16 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{572f484b-455f-44b0-9d6a-da3ad2071365}Gw64.sys
2014-06-09 20:34 - 2014-06-09 20:34 - 00001318 _____ () C:\Users\uzivatel\Desktop\FirePasswordViewer.lnk
2014-06-09 20:33 - 2014-06-09 20:33 - 00000000 ____D () C:\Program Files (x86)\SecurityXploded
2014-06-09 20:32 - 2014-06-09 20:32 - 01861282 _____ () C:\Users\uzivatel\Downloads\FirePasswordViewer.zip
2014-06-09 20:28 - 2014-06-09 20:28 - 00073745 _____ () C:\Users\uzivatel\Downloads\SimplePasswordViewer-1.1.3.zip
2014-06-09 20:25 - 2014-06-09 20:25 - 00121063 _____ () C:\Users\uzivatel\Downloads\password-viewer.zip
2014-06-09 20:23 - 2014-06-09 20:23 - 00029816 _____ () C:\Users\uzivatel\Desktop\pwd_view[1].zip
2014-06-09 20:20 - 2014-06-09 20:20 - 00029816 _____ () C:\Users\uzivatel\Desktop\pwd_view.zip
2014-06-09 20:20 - 2014-06-09 20:20 - 00000000 ____D () C:\Program Files (x86)\SiteLookup
2014-06-03 11:52 - 2014-06-03 11:52 - 00001133 _____ () C:\Users\uzivatel\Desktop\Puzznic.lnk
2014-06-03 11:52 - 2014-06-03 11:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZX Games
2014-06-03 11:52 - 2014-06-03 11:52 - 00000000 ____D () C:\Program Files (x86)\ZX Games
2014-05-30 19:57 - 2014-05-30 19:57 - 00042084 _____ () C:\Users\uzivatel\Downloads\Červen 2014.xlsx
2014-05-25 18:17 - 2014-06-02 12:00 - 00000000 ____D () C:\9
2014-05-25 17:58 - 2014-06-19 16:28 - 00017732 _____ () C:\Windows\PFRO.log
2014-05-24 15:04 - 2014-06-19 15:40 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-23 17:17 - 2014-05-23 17:17 - 00001627 _____ () C:\Users\uzivatel\Desktop\DivX Movies.lnk
2014-05-23 17:17 - 2014-05-23 17:17 - 00001138 _____ () C:\Users\Public\Desktop\DivX Converter.lnk
2014-05-23 17:17 - 2014-05-23 17:17 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\DivX
2014-05-23 17:17 - 2014-05-23 17:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2014-05-23 17:17 - 2014-05-23 17:17 - 00000000 ____D () C:\Program Files\DivX
2014-05-23 17:15 - 2014-05-23 17:17 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-05-23 17:14 - 2014-05-23 17:17 - 00000000 ____D () C:\ProgramData\DivX
2014-05-23 17:14 - 2014-05-23 17:14 - 01001280 _____ (DivX, LLC) C:\Users\uzivatel\Downloads\DivXInstaller.exe
2014-05-21 19:34 - 2014-05-21 19:34 - 00000000 __SHD () C:\Users\uzivatel\AppData\Local\EmieUserList
2014-05-21 19:34 - 2014-05-21 19:34 - 00000000 __SHD () C:\Users\uzivatel\AppData\Local\EmieSiteList

==================== One Month Modified Files and Folders =======

2014-06-19 16:37 - 2014-06-19 16:36 - 00015510 _____ () C:\Users\uzivatel\Desktop\FRST.txt
2014-06-19 16:36 - 2014-06-19 16:36 - 00000000 ____D () C:\FRST
2014-06-19 16:36 - 2009-07-14 06:45 - 00021904 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-19 16:36 - 2009-07-14 06:45 - 00021904 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-19 16:35 - 2014-06-19 16:36 - 02082304 _____ (Farbar) C:\Users\uzivatel\Desktop\FRST64.exe
2014-06-19 16:35 - 2014-06-19 16:35 - 02082304 _____ (Farbar) C:\Users\uzivatel\Downloads\FRST64.exe
2014-06-19 16:34 - 2014-02-06 10:28 - 01352607 _____ () C:\Windows\WindowsUpdate.log
2014-06-19 16:29 - 2014-06-19 16:12 - 00021247 _____ () C:\zoek-results.log
2014-06-19 16:28 - 2014-05-25 17:58 - 00017732 _____ () C:\Windows\PFRO.log
2014-06-19 16:28 - 2014-05-04 16:47 - 00009918 _____ () C:\Windows\setupact.log
2014-06-19 16:28 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-19 16:23 - 2014-06-19 16:11 - 00000000 ____D () C:\zoek_backup
2014-06-19 16:11 - 2014-06-19 16:24 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-06-19 16:09 - 2014-06-19 16:10 - 01285120 _____ () C:\Users\uzivatel\Desktop\zoek.exe
2014-06-19 16:09 - 2014-06-19 16:09 - 01285120 _____ () C:\Users\uzivatel\Downloads\zoek.exe
2014-06-19 15:55 - 2014-06-19 15:54 - 00000000 ____D () C:\AdwCleaner
2014-06-19 15:53 - 2014-06-19 15:53 - 00001149 _____ () C:\Users\Public\Desktop\PC Cleaner.lnk
2014-06-19 15:52 - 2014-06-19 15:52 - 00004743 _____ () C:\Users\uzivatel\Desktop\JRT.txt
2014-06-19 15:43 - 2014-06-19 15:54 - 01333465 _____ () C:\Users\uzivatel\Desktop\adwcleaner_3.2121.exe
2014-06-19 15:43 - 2014-06-19 15:43 - 01333465 _____ () C:\Users\uzivatel\Desktop\adwcleaner_3.212.exe
2014-06-19 15:43 - 2014-06-19 15:42 - 01333465 _____ () C:\Users\uzivatel\Downloads\adwcleaner_3.212.exe
2014-06-19 15:42 - 2014-06-19 15:43 - 01016261 _____ (Thisisu) C:\Users\uzivatel\Desktop\JRT.exe
2014-06-19 15:42 - 2014-06-19 15:42 - 01016261 _____ (Thisisu) C:\Users\uzivatel\Downloads\JRT.exe
2014-06-19 15:40 - 2014-05-24 15:04 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-19 15:35 - 2014-05-09 21:10 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\vlc
2014-06-19 15:28 - 2014-06-19 15:28 - 00000000 ____D () C:\rsit
2014-06-19 15:28 - 2014-03-21 17:16 - 00000000 ____D () C:\Program Files\trend micro
2014-06-19 15:18 - 2014-04-09 16:12 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-19 15:15 - 2014-06-18 21:04 - 00001162 _____ () C:\Users\uzivatel\Desktop\Live PC Help.lnk
2014-06-19 15:15 - 2014-04-14 14:01 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-06-19 15:13 - 2009-07-14 04:34 - 00000505 _____ () C:\Windows\win.ini
2014-06-18 21:04 - 2014-06-18 21:04 - 00003154 _____ () C:\Windows\System32\Tasks\Systweak Support Dock
2014-06-18 21:04 - 2014-06-18 21:04 - 00001301 _____ () C:\Users\Public\Desktop\Systweak Support Dock.lnk
2014-06-10 19:57 - 2014-05-11 13:26 - 00000000 ____D () C:\Users\uzivatel\Documents\AVerTV
2014-06-09 20:34 - 2014-06-09 20:34 - 00001318 _____ () C:\Users\uzivatel\Desktop\FirePasswordViewer.lnk
2014-06-09 20:33 - 2014-06-09 20:33 - 00000000 ____D () C:\Program Files (x86)\SecurityXploded
2014-06-09 20:32 - 2014-06-09 20:32 - 01861282 _____ () C:\Users\uzivatel\Downloads\FirePasswordViewer.zip
2014-06-09 20:32 - 2014-03-23 19:27 - 00000000 ____D () C:\3
2014-06-09 20:28 - 2014-06-09 20:28 - 00073745 _____ () C:\Users\uzivatel\Downloads\SimplePasswordViewer-1.1.3.zip
2014-06-09 20:28 - 2014-03-22 20:20 - 00000000 ____D () C:\2
2014-06-09 20:25 - 2014-06-09 20:25 - 00121063 _____ () C:\Users\uzivatel\Downloads\password-viewer.zip
2014-06-09 20:25 - 2014-03-20 12:23 - 00000000 ____D () C:\1
2014-06-09 20:23 - 2014-06-09 20:23 - 00029816 _____ () C:\Users\uzivatel\Desktop\pwd_view[1].zip
2014-06-09 20:20 - 2014-06-09 20:20 - 00029816 _____ () C:\Users\uzivatel\Desktop\pwd_view.zip
2014-06-09 20:20 - 2014-06-09 20:20 - 00000000 ____D () C:\Program Files (x86)\SiteLookup
2014-06-09 12:16 - 2014-06-14 13:33 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{572f484b-455f-44b0-9d6a-da3ad2071365}Gw64.sys
2014-06-05 18:51 - 2014-03-31 15:48 - 00000000 ____D () C:\české
2014-06-05 18:40 - 2011-04-12 10:34 - 00669116 _____ () C:\Windows\system32\perfh005.dat
2014-06-05 18:40 - 2011-04-12 10:34 - 00141744 _____ () C:\Windows\system32\perfc005.dat
2014-06-05 18:40 - 2009-07-14 07:13 - 01584554 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-03 11:52 - 2014-06-03 11:52 - 00001133 _____ () C:\Users\uzivatel\Desktop\Puzznic.lnk
2014-06-03 11:52 - 2014-06-03 11:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZX Games
2014-06-03 11:52 - 2014-06-03 11:52 - 00000000 ____D () C:\Program Files (x86)\ZX Games
2014-06-02 12:00 - 2014-05-25 18:17 - 00000000 ____D () C:\9
2014-05-30 19:57 - 2014-05-30 19:57 - 00042084 _____ () C:\Users\uzivatel\Downloads\Červen 2014.xlsx
2014-05-27 17:42 - 2014-04-02 08:15 - 00000000 ____D () C:\7
2014-05-24 20:40 - 2014-04-15 10:48 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-24 20:40 - 2014-02-18 11:17 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-24 20:40 - 2012-05-25 16:09 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-23 17:17 - 2014-05-23 17:17 - 00001627 _____ () C:\Users\uzivatel\Desktop\DivX Movies.lnk
2014-05-23 17:17 - 2014-05-23 17:17 - 00001138 _____ () C:\Users\Public\Desktop\DivX Converter.lnk
2014-05-23 17:17 - 2014-05-23 17:17 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\DivX
2014-05-23 17:17 - 2014-05-23 17:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2014-05-23 17:17 - 2014-05-23 17:17 - 00000000 ____D () C:\Program Files\DivX
2014-05-23 17:17 - 2014-05-23 17:15 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-05-23 17:17 - 2014-05-23 17:14 - 00000000 ____D () C:\ProgramData\DivX
2014-05-23 17:17 - 2014-05-12 12:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-23 17:14 - 2014-05-23 17:14 - 01001280 _____ (DivX, LLC) C:\Users\uzivatel\Downloads\DivXInstaller.exe
2014-05-21 19:34 - 2014-05-21 19:34 - 00000000 __SHD () C:\Users\uzivatel\AppData\Local\EmieUserList
2014-05-21 19:34 - 2014-05-21 19:34 - 00000000 __SHD () C:\Users\uzivatel\AppData\Local\EmieSiteList

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-06-08 21:49

==================== End Of Log ============================

Pavouk1 · #9 Příspěvek od **Pavouk1** » 19 čer 2014 15:38

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-06-2014
Ran by uzivatel at 2014-06-19 16:37:23
Running from C:\Users\uzivatel\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Acoustica CD/DVD Label Maker (HKLM-x32\...\Acoustica CD/DVD Label Maker) (Version: - )
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
Ashampoo Burning Studio 6 FREE v.6.80 (HKLM-x32\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.0 - ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2016 - Avast Software)
AVerMedia A827 USB TV Tuner 2.1.64.159 (HKLM-x32\...\AVerMedia A827 USB TV Tuner) (Version: 2.1.64.159 - AVerMedia TECHNOLOGIES, Inc.)
AVerMedia Media Center Plug-ins 2.0.16.0 (HKLM-x32\...\AVerMedia Media Center Plug-ins) (Version: 2.0.16.0 - AVerMedia TECHNOLOGIES, Inc.)
AVerTV 3D (HKLM-x32\...\InstallShield_{5016185F-05AF-455F-AA70-6B6E5D6D4E70}) (Version: 6.5.2.14 - AVerMedia Technologies, Inc.)
AVerTV 3D (x32 Version: 6.5.2.14 - AVerMedia Technologies, Inc.) Hidden
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
CCleaner (HKLM-x32\...\CCleaner) (Version: 2.36 - Piriform)
Centrum zařízení Windows Mobile (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.22 - DivX, LLC)
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Formix SE - formuláře kanceláře (HKLM-x32\...\Formix SE_is1) (Version: - Martin Roubec)
Freemake Video Converter verze 4.1.3 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.3 - Ellora Assets Corporation)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Update Helper (x32 Version: 1.3.25.0 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
K-Lite Mega Codec Pack 10.4.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.4.0 - )
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.1 (CSY) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 15.0.4623.1003 - Microsoft Corporation)
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 29.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 cs)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4615.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4615.1002 - Microsoft Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{220C463A-2890-4C7F-B97C-C49FE175B849}) (Version: 4.01.9714 - Apache Software Foundation)
PC Cleaner (HKLM-x32\...\{25780A42-8553-4a2e-AA54-F413C5D8DA19}_is1) (Version: 2.1.1000.510 - Systweak Software)
Photo Story 3 pro Windows (HKLM-x32\...\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}) (Version: 3.0.1115.10 - Microsoft Corporation)
Puzznic 1.5 (HKLM-x32\...\Puzznic_is1) (Version: - ZX Games)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14034.17 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14034.17 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.43.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Seznam Software (HKCU\...\SeznamInstall) (Version: - Seznam.cz)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
Systweak Support Dock (HKLM-x32\...\{266DBE1C-B640-46ee-9A6D-86F0A1E483B9}_is1) (Version: 1.2.100.15960 - Systweak Software)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.8.0.123 - PandoraTV)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.56a - Ghisler Software GmbH)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Vypínač na dobrou noc verze 2.0 (HKLM-x32\...\Vypínač na dobrou noc_is1) (Version: - )
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Zoner Photo Studio 15 (HKLM\...\ZonerPhotoStudio15_CZ_is1) (Version: 15.0.1.8 - ZONER software)

==================== Restore Points =========================

21-05-2014 17:36:26 Windows Update
29-05-2014 17:45:13 Naplánovaný kontrolní bod
03-06-2014 09:48:15 Windows Update
08-06-2014 09:30:13 Windows Update
19-06-2014 14:12:19 zoek.exe restore point

==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-06-19 16:12 - 00000840 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0B9EEDC3-0F5A-40BF-90A0-296D56FFE1E9} - System32\Tasks\{7C7FDC71-9FA5-40DE-91E3-82F7F6EE8485} => C:\WolfGL-3D.2\SETUP.EXE
Task: {14C48BEF-10F8-44DB-82F3-58C963221C89} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-06-19] (Microsoft Corporation)
Task: {16B50554-6D6E-40DA-9F37-D8EF030461D0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-24] (Adobe Systems Incorporated)
Task: {19385DB4-86CC-4D5F-85CC-0A735378E9EC} - \bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-1 No Task File <==== ATTENTION
Task: {20F7D45A-EF33-4FE6-BB3F-76C53EECBE3C} - \bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-4 No Task File <==== ATTENTION
Task: {3426FD38-4DE1-4B64-A1CF-B607C4EA8CDF} - System32\Tasks\{20200F01-35D2-4481-8573-A10ECEF151A9} => C:\WolfGL-3D.2\SETUP.EXE
Task: {488EBAA7-5DBA-4B10-9D8D-5E1F3BA9EFBD} - System32\Tasks\Systweak Support Dock => C:\Program Files (x86)\Systweak Support Dock\SystweakDock.exe
Task: {49B9D42D-FC6D-483C-A2DB-1940301C95C1} - System32\Tasks\{EB189F10-F115-423D-9D7E-C50E20B8BEF0} => C:\WolfGL-3D.2\SETUP.EXE
Task: {593B8589-39B1-4E7A-A131-D4EE5E3F44C3} - \bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-5 No Task File <==== ATTENTION
Task: {78CADBF5-32E1-4592-A7DC-D77940A11DF9} - System32\Tasks\Online aktualizační program HP => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-05-08] (Hewlett-Packard)
Task: {857122F6-4862-475D-8371-0F39E92F2605} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {8C62417D-7667-4F5B-8C9A-5BDA1D3B8285} - \bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-3 No Task File <==== ATTENTION
Task: {A1164B45-6579-4C8F-A539-2BC641CB7DC3} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-04-09] (AVAST Software)
Task: {AD5AC5DD-E824-4AD0-B153-610DDD319640} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-05-13] (Microsoft Corporation)
Task: {F3424D8B-0C5A-4E00-9EA3-434CB5A7C28B} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {FEA85BEE-F93E-48E9-BFFF-6A615D02F75B} - System32\Tasks\{04690A67-3D01-45D4-96D9-EEF5D20EE42C} => C:\WolfGL-3D.2\SETUP.EXE
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-05-11 13:23 - 2011-04-01 22:52 - 00403456 _____ () C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
2014-04-14 14:01 - 2013-10-31 18:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-03-24 16:31 - 2011-05-28 23:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2014-05-11 13:23 - 2012-10-17 23:24 - 00163840 _____ () C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
2014-01-30 00:02 - 2014-01-30 00:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-01-10 07:26 - 2014-01-10 07:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2014-06-19 15:11 - 2014-06-19 15:11 - 02783232 _____ () C:\Program Files\AVAST Software\Avast\defs\14061900\algo.dll
2014-05-11 13:23 - 2012-06-10 02:33 - 00053248 _____ () C:\Program Files (x86)\Common Files\AVerMedia\dll\MsgLog.DLL
2014-02-13 11:21 - 2014-02-13 11:21 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-01-10 07:28 - 2014-01-10 07:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-05-12 12:12 - 2014-05-12 12:12 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-05-24 15:04 - 2014-05-24 15:04 - 16361136 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

==================== EXE Association (whitelisted) =============

==================== MSCONFIG/TASK MANAGER disabled items =========

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Broadcom 802.11n Network Adapter
Description: Broadcom 802.11n Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: BCM43XX
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (06/19/2014 04:30:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/19/2014 03:57:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (06/19/2014 04:21:35 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (06/19/2014 04:21:35 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (06/19/2014 04:21:34 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (06/19/2014 04:21:33 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (06/19/2014 04:21:33 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Microsoft Office Sessions:
=========================
Error: (06/19/2014 04:30:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/19/2014 03:57:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

CodeIntegrity Errors:
===================================
Date: 2014-04-30 16:26:28.055
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-04-30 16:26:27.993
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-04-30 16:26:27.930
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-04-30 16:26:27.883
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-04-30 16:21:25.071
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-04-30 16:21:25.009
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-04-30 16:21:24.962
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-04-30 16:21:24.900
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-04-29 12:47:43.127
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-04-29 12:47:43.065
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Percentage of memory in use: 46%
Total physical RAM: 4043.86 MB
Available physical RAM: 2181.2 MB
Total Pagefile: 8085.9 MB
Available Pagefile: 6025.29 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:465.56 GB) (Free:139.18 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: CB8FDC35)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================

#10 Příspěvek od **vyosek** » 19 čer 2014 15:40

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-04-23] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKU\S-1-5-21-1179131461-2123647519-3716675352-1001\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-1179131461-2123647519-3716675352-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [779776 2014-03-13] (ZONER software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk

URLSearchHook: HKLM-x32 - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.

014-06-19 16:35 - 2014-06-19 16:35 - 02082304 _____ (Farbar) C:\Users\uzivatel\Downloads\FRST64.exe
2014-06-19 16:24 - 2014-06-19 16:11 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-06-19 16:12 - 2014-06-19 16:29 - 00021247 _____ () C:\zoek-results.log
2014-06-19 16:11 - 2014-06-19 16:23 - 00000000 ____D () C:\zoek_backup
2014-06-19 16:10 - 2014-06-19 16:09 - 01285120 _____ () C:\Users\uzivatel\Desktop\zoek.exe
2014-06-19 16:09 - 2014-06-19 16:09 - 01285120 _____ () C:\Users\uzivatel\Downloads\zoek.exe
2014-06-19 15:54 - 2014-06-19 15:55 - 00000000 ____D () C:\AdwCleaner
2014-06-19 15:54 - 2014-06-19 15:43 - 01333465 _____ () C:\Users\uzivatel\Desktop\adwcleaner_3.2121.exe
2014-06-19 15:53 - 2014-06-19 15:53 - 00001149 _____ () C:\Users\Public\Desktop\PC Cleaner.lnk
2014-06-19 15:52 - 2014-06-19 15:52 - 00004743 _____ () C:\Users\uzivatel\Desktop\JRT.txt
2014-06-19 15:43 - 2014-06-19 15:43 - 01333465 _____ () C:\Users\uzivatel\Desktop\adwcleaner_3.212.exe
2014-06-19 15:43 - 2014-06-19 15:42 - 01016261 _____ (Thisisu) C:\Users\uzivatel\Desktop\JRT.exe
2014-06-19 15:42 - 2014-06-19 15:43 - 01333465 _____ () C:\Users\uzivatel\Downloads\adwcleaner_3.212.exe
2014-06-19 15:42 - 2014-06-19 15:42 - 01016261 _____ (Thisisu) C:\Users\uzivatel\Downloads\JRT.exe
2014-06-19 15:28 - 2014-06-19 15:28 - 00000000 ____D () C:\rsit
2014-06-18 21:04 - 2014-06-19 15:15 - 00001162 _____ () C:\Users\uzivatel\Desktop\Live PC Help.lnk
2014-06-18 21:04 - 2014-06-18 21:04 - 00003154 _____ () C:\Windows\System32\Tasks\Systweak Support Dock
2014-06-18 21:04 - 2014-06-18 21:04 - 00001301 _____ () C:\Users\Public\Desktop\Systweak Support Dock.lnk

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-1.job
C:\Windows\tasks\bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-3.job
C:\Windows\tasks\bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-4.job
C:\Windows\tasks\bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-5.job
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job

Hosts:
End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Pavouk1 · #11 Příspěvek od **Pavouk1** » 19 čer 2014 15:55

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 18-06-2014
Ran by uzivatel at 2014-06-19 16:47:27 Run:1
Running from C:\Users\uzivatel\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-04-23] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKU\S-1-5-21-1179131461-2123647519-3716675352-1001\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-1179131461-2123647519-3716675352-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [779776 2014-03-13] (ZONER software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk

URLSearchHook: HKLM-x32 - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.

014-06-19 16:35 - 2014-06-19 16:35 - 02082304 _____ (Farbar) C:\Users\uzivatel\Downloads\FRST64.exe
2014-06-19 16:24 - 2014-06-19 16:11 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-06-19 16:12 - 2014-06-19 16:29 - 00021247 _____ () C:\zoek-results.log
2014-06-19 16:11 - 2014-06-19 16:23 - 00000000 ____D () C:\zoek_backup
2014-06-19 16:10 - 2014-06-19 16:09 - 01285120 _____ () C:\Users\uzivatel\Desktop\zoek.exe
2014-06-19 16:09 - 2014-06-19 16:09 - 01285120 _____ () C:\Users\uzivatel\Downloads\zoek.exe
2014-06-19 15:54 - 2014-06-19 15:55 - 00000000 ____D () C:\AdwCleaner
2014-06-19 15:54 - 2014-06-19 15:43 - 01333465 _____ () C:\Users\uzivatel\Desktop\adwcleaner_3.2121.exe
2014-06-19 15:53 - 2014-06-19 15:53 - 00001149 _____ () C:\Users\Public\Desktop\PC Cleaner.lnk
2014-06-19 15:52 - 2014-06-19 15:52 - 00004743 _____ () C:\Users\uzivatel\Desktop\JRT.txt
2014-06-19 15:43 - 2014-06-19 15:43 - 01333465 _____ () C:\Users\uzivatel\Desktop\adwcleaner_3.212.exe
2014-06-19 15:43 - 2014-06-19 15:42 - 01016261 _____ (Thisisu) C:\Users\uzivatel\Desktop\JRT.exe
2014-06-19 15:42 - 2014-06-19 15:43 - 01333465 _____ () C:\Users\uzivatel\Downloads\adwcleaner_3.212.exe
2014-06-19 15:42 - 2014-06-19 15:42 - 01016261 _____ (Thisisu) C:\Users\uzivatel\Downloads\JRT.exe
2014-06-19 15:28 - 2014-06-19 15:28 - 00000000 ____D () C:\rsit
2014-06-18 21:04 - 2014-06-19 15:15 - 00001162 _____ () C:\Users\uzivatel\Desktop\Live PC Help.lnk
2014-06-18 21:04 - 2014-06-18 21:04 - 00003154 _____ () C:\Windows\System32\Tasks\Systweak Support Dock
2014-06-18 21:04 - 2014-06-18 21:04 - 00001301 _____ () C:\Users\Public\Desktop\Systweak Support Dock.lnk

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-1.job
C:\Windows\tasks\bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-3.job
C:\Windows\tasks\bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-4.job
C:\Windows\tasks\bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-5.job
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job

Hosts:
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\KiesTrayAgent => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\DivXUpdate => value deleted successfully.
HKU\S-1-5-21-1179131461-2123647519-3716675352-1001\Software\Microsoft\Windows\CurrentVersion\Run\\KiesAirMessage => value deleted successfully.
HKU\S-1-5-21-1179131461-2123647519-3716675352-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Autoupdate => value deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk => Moved successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\ => value deleted successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\uzivatel\Desktop\zoek.exe => Moved successfully.
C:\Users\uzivatel\Downloads\zoek.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\uzivatel\Desktop\adwcleaner_3.2121.exe => Moved successfully.
C:\Users\Public\Desktop\PC Cleaner.lnk => Moved successfully.
C:\Users\uzivatel\Desktop\JRT.txt => Moved successfully.
C:\Users\uzivatel\Desktop\adwcleaner_3.212.exe => Moved successfully.
C:\Users\uzivatel\Desktop\JRT.exe => Moved successfully.
C:\Users\uzivatel\Downloads\adwcleaner_3.212.exe => Moved successfully.
C:\Users\uzivatel\Downloads\JRT.exe => Moved successfully.
C:\rsit => Moved successfully.
C:\Users\uzivatel\Desktop\Live PC Help.lnk => Moved successfully.
C:\Windows\System32\Tasks\Systweak Support Dock => Moved successfully.
C:\Users\Public\Desktop\Systweak Support Dock.lnk => Moved successfully.
C:\Windows\tasks\Adobe Flash Player Updater.job => Moved successfully.
"C:\Windows\tasks\bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-1.job" => File/Directory not found.
"C:\Windows\tasks\bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-3.job" => File/Directory not found.
"C:\Windows\tasks\bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-4.job" => File/Directory not found.
"C:\Windows\tasks\bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-5.job" => File/Directory not found.
"C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job" => File/Directory not found.
"C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job" => File/Directory not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

==== End of Fixlog ====

#12 Příspěvek od **vyosek** » 19 čer 2014 16:03

Jak se chova PC???

Pavouk1 · #13 Příspěvek od **Pavouk1** » 19 čer 2014 16:10

Velmi dobře, odstranil jste mi všechny šmejdy. Děkuji

#14 Příspěvek od **vyosek** » 19 čer 2014 16:13

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

VIRY.CZ

Prosím o kontrolu logu avast mi našel vír

Prosím o kontrolu logu avast mi našel vír

Re: Prosím o kontrolu logu avast mi našel vír

Re: Prosím o kontrolu logu avast mi našel vír

Re: Prosím o kontrolu logu avast mi našel vír

Re: Prosím o kontrolu logu avast mi našel vír

Re: Prosím o kontrolu logu avast mi našel vír

Re: Prosím o kontrolu logu avast mi našel vír

Re: Prosím o kontrolu logu avast mi našel vír

Re: Prosím o kontrolu logu avast mi našel vír

Re: Prosím o kontrolu logu avast mi našel vír

Re: Prosím o kontrolu logu avast mi našel vír

Re: Prosím o kontrolu logu avast mi našel vír

Re: Prosím o kontrolu logu avast mi našel vír

Re: Prosím o kontrolu logu avast mi našel vír