VIRY.CZ

Dobrý den.
I když ukládám všechno na disk D Céčko se rychle plní. Prosím o pomoc při mazání nedůležitého balastu.. Snad není možné aby to takhle zacpaly jen aktuallizace..

Logfile of random's system information tool 1.10 (written by random/random)
Run by spok at 2014-08-21 23:08:21
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 4 GB (6%) free of 76 GB
Total RAM: 3325 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:08:32, on 21.8.2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16563)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\spok\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\ICQ7.7\ICQ.exe
C:\Program Files\Garmin\Express Tray\ExpressTray.exe
C:\Program Files\CineForm\Tools\GoProCineFormStatusViewer.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\spok\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Adobe\Adobe Photoshop CS5\Photoshop.exe
C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\spok\Desktop\Documents\RSIT.EXE
C:\Users\spok\Desktop\Documents\RSIT.EXE
C:\Program Files\trend micro\spok.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\spok\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.7\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: CineForm Status.lnk = C:\Program Files\CineForm\Tools\GoProCineFormStatusViewer.exe
O9 - Extra button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Performance Driver Service - Unknown owner - C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 6387 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-08 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-31 1227736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-31 1227736]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-10-31 4297136]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"Akamai NetSession Interface"=C:\Users\spok\AppData\Local\Akamai\netsession_win.exe [2014-04-17 4672920]
"ICQ"=C:\Program Files\ICQ7.7\ICQ.exe [2012-01-23 127040]
"GarminExpressTrayApp"=C:\Program Files\Garmin\Express Tray\ExpressTray.exe [2014-07-23 688984]
"AdobeBridge"= []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
CineForm Status.lnk - C:\Program Files\CineForm\Tools\GoProCineFormStatusViewer.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"vidc.mjpg"=pvmjpg30.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.CFHD"=CFHD.DLL

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-08-21 23:03:03 ----D---- C:\Program Files\trend micro
2014-08-21 23:03:01 ----D---- C:\rsit
2014-08-15 16:36:42 ----A---- C:\Windows\system32\infocardapi.dll
2014-08-15 16:36:40 ----A---- C:\Windows\system32\icardagt.exe
2014-08-15 16:36:34 ----A---- C:\Windows\system32\icardres.dll
2014-08-15 16:33:39 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-08-14 18:56:58 ----A---- C:\Windows\system32\msi.dll
2014-08-14 18:56:56 ----A---- C:\Windows\system32\consent.exe
2014-08-14 18:56:56 ----A---- C:\Windows\system32\authui.dll
2014-08-14 18:56:56 ----A---- C:\Windows\system32\appinfo.dll
2014-08-14 18:56:55 ----A---- C:\Windows\system32\msihnd.dll
2014-08-14 18:56:46 ----A---- C:\Windows\system32\tzres.dll
2014-08-14 18:56:41 ----A---- C:\Windows\system32\win32k.sys
2014-08-14 18:56:40 ----A---- C:\Windows\system32\gdi32.dll
2014-08-14 18:56:38 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-08-14 18:56:38 ----A---- C:\Windows\system32\cdd.dll
2014-08-14 18:56:31 ----A---- C:\Windows\system32\vbscript.dll
2014-08-14 18:56:30 ----A---- C:\Windows\system32\jscript9.dll
2014-08-14 18:56:30 ----A---- C:\Windows\system32\dxtmsft.dll
2014-08-14 18:56:29 ----A---- C:\Windows\system32\wininet.dll
2014-08-14 18:56:29 ----A---- C:\Windows\system32\jscript.dll
2014-08-14 18:56:29 ----A---- C:\Windows\system32\dxtrans.dll
2014-08-14 18:56:28 ----A---- C:\Windows\system32\mshtmled.dll
2014-08-14 18:56:28 ----A---- C:\Windows\system32\ieui.dll
2014-08-14 18:56:25 ----A---- C:\Windows\system32\mshtml.dll
2014-08-14 18:56:23 ----A---- C:\Windows\system32\urlmon.dll
2014-08-14 18:56:23 ----A---- C:\Windows\system32\mshta.exe
2014-08-14 18:56:23 ----A---- C:\Windows\system32\msfeedssync.exe
2014-08-14 18:56:23 ----A---- C:\Windows\system32\msfeedsbs.dll
2014-08-14 18:56:21 ----A---- C:\Windows\system32\jsproxy.dll
2014-08-14 18:56:19 ----A---- C:\Windows\system32\msfeeds.dll
2014-08-14 18:56:17 ----A---- C:\Windows\system32\ieUnatt.exe
2014-08-14 18:56:16 ----A---- C:\Windows\system32\url.dll
2014-08-14 18:56:16 ----A---- C:\Windows\system32\iertutil.dll
2014-08-14 18:56:13 ----A---- C:\Windows\system32\ieframe.dll
2014-08-06 21:37:42 ----D---- C:\Program Files\Common Files\Skype
2014-08-06 21:37:41 ----RD---- C:\Program Files\Skype
2014-08-03 13:10:53 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-08-03 13:10:16 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-08-03 13:10:16 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-08-03 13:10:15 ----D---- C:\ProgramData\Malwarebytes
2014-08-03 13:10:15 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2014-08-03 13:10:15 ----A---- C:\Windows\system32\drivers\mbam.sys

======List of files/folders modified in the last 1 month======

2014-08-21 23:08:32 ----D---- C:\Windows\Temp
2014-08-21 23:07:42 ----D---- C:\Windows\Prefetch
2014-08-21 23:03:03 ----RD---- C:\Program Files
2014-08-20 20:06:37 ----D---- C:\Users\spok\AppData\Roaming\vlc
2014-08-20 16:18:18 ----SHD---- C:\System Volume Information
2014-08-15 19:25:50 ----D---- C:\Windows\Microsoft.NET
2014-08-15 19:24:37 ----RSD---- C:\Windows\assembly
2014-08-15 17:35:57 ----D---- C:\Windows\rescache
2014-08-15 17:17:46 ----D---- C:\Windows\System32
2014-08-15 17:17:46 ----D---- C:\Windows\inf
2014-08-15 17:17:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-08-15 17:14:03 ----D---- C:\Users\spok\AppData\Roaming\ICQ
2014-08-15 17:09:48 ----D---- C:\ProgramData\NVIDIA
2014-08-15 17:06:03 ----D---- C:\Windows\system32\cs-CZ
2014-08-15 17:06:00 ----D---- C:\Windows\system32\migration
2014-08-15 17:06:00 ----D---- C:\Windows\system32\drivers
2014-08-15 17:06:00 ----D---- C:\Program Files\Internet Explorer
2014-08-15 16:48:16 ----D---- C:\Windows\system32\MRT
2014-08-15 16:43:38 ----A---- C:\Windows\system32\mrt.exe
2014-08-15 16:43:03 ----D---- C:\Windows\winsxs
2014-08-15 16:42:04 ----D---- C:\Windows\system32\catroot
2014-08-15 16:42:02 ----D---- C:\Windows\system32\catroot2
2014-08-06 22:12:30 ----D---- C:\Users\spok\AppData\Roaming\Skype
2014-08-06 21:37:49 ----SHD---- C:\Windows\Installer
2014-08-06 21:37:49 ----D---- C:\ProgramData\Skype
2014-08-06 21:37:42 ----D---- C:\Program Files\Common Files
2014-08-05 09:20:02 ----N---- C:\Windows\system32\MpSigStub.exe
2014-08-04 10:38:15 ----D---- C:\Users\spok\AppData\Roaming\Winamp
2014-08-03 13:23:13 ----D---- C:\Windows\en-US
2014-08-03 13:10:15 ----HD---- C:\ProgramData
2014-07-27 21:00:28 ----D---- C:\ProgramData\Package Cache
2014-07-27 20:59:30 ----D---- C:\ProgramData\Garmin
2014-07-27 20:59:12 ----D---- C:\Program Files\Garmin
2014-07-27 20:59:10 ----D---- C:\Windows\system32\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AswRdr;aswRdr; C:\Windows\system32\drivers\AswRdr.sys [2012-10-31 35928]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-10-31 738504]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-10-31 361032]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-10-31 54232]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-10-31 21256]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-10-31 58680]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2007-08-03 347648]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2007-06-05 179712]
R3 dc3d;MS Hardware Device Detection Driver (USB); C:\Windows\system32\DRIVERS\dc3d.sys [2011-08-10 45288]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-24 171520]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2014-08-17 110296]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2012-11-06 10892648]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point32.sys [2011-08-01 40936]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
S3 AF9035HB;AF9035 Hybrid Device; C:\Windows\System32\Drivers\AF9035HB.sys [2014-01-08 863616]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2006-11-02 467456]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-12-13 45056]
S3 usbser;DJI USB Virtual COM Driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 27648]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-01-07 43336]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-31 44808]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 Garmin Core Update Service;Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2014-07-23 438616]
R2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service; C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [2008-12-11 3575808]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-11-06 645992]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2008-12-31 247152]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-11-06 382824]
R3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-01-15 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08 262320]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-01-15 116648]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-02-06 553288]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Zdravim

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Díky moc!
Disku je hned o něco volněji. Jen ten log to nevyhodilo.. Najdu k němu nějakou cestu?
Kdyžtak to celé zkusím ještě jednou.

Mel by byt C:\zoek-results.log

OK. Hned jak to bude možné, pošlu.

Jde tento postup s progamem zoek a příkazem který jste poslal použít na jiný počítač nebo i OS XP?
Bude to fungovat stejně?

Složka tam je ale log není..
Posílám tedy jen rsit

Pokud to mám s zoek zopakovat, rád udělám.
Jde zoek s příkazem který jste poslal použít i najiném počítači s os wind vista nebo xp?

Logfile of random's system information tool 1.10 (written by random/random)
Run by spok at 2014-08-25 18:48:35
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 19 GB (26%) free of 76 GB
Total RAM: 3325 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:48:44, on 25.8.2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16563)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\spok\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\ICQ7.7\ICQ.exe
C:\Program Files\Garmin\Express Tray\ExpressTray.exe
C:\Program Files\CineForm\Tools\GoProCineFormStatusViewer.exe
C:\Users\spok\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Adobe\Adobe Photoshop CS5\Photoshop.exe
C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\spok\Desktop\Documents\RSIT.EXE
C:\Program Files\trend micro\spok.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\spok\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.7\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: CineForm Status.lnk = C:\Program Files\CineForm\Tools\GoProCineFormStatusViewer.exe
O9 - Extra button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Performance Driver Service - Unknown owner - C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 6242 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-08 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-31 1227736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-31 1227736]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-10-31 4297136]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"Akamai NetSession Interface"=C:\Users\spok\AppData\Local\Akamai\netsession_win.exe [2014-04-17 4672920]
"ICQ"=C:\Program Files\ICQ7.7\ICQ.exe [2012-01-23 127040]
"GarminExpressTrayApp"=C:\Program Files\Garmin\Express Tray\ExpressTray.exe [2014-07-23 688984]
"AdobeBridge"= []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
CineForm Status.lnk - C:\Program Files\CineForm\Tools\GoProCineFormStatusViewer.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"vidc.mjpg"=pvmjpg30.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.CFHD"=CFHD.DLL

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-08-24 21:26:06 ----A---- C:\runcheck.txt
2014-08-24 21:25:57 ----D---- C:\zoek_backup
2014-08-21 23:03:03 ----D---- C:\Program Files\trend micro
2014-08-21 23:03:01 ----D---- C:\rsit
2014-08-15 16:36:42 ----A---- C:\Windows\system32\infocardapi.dll
2014-08-15 16:36:40 ----A---- C:\Windows\system32\icardagt.exe
2014-08-15 16:36:34 ----A---- C:\Windows\system32\icardres.dll
2014-08-15 16:33:39 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-08-14 18:56:58 ----A---- C:\Windows\system32\msi.dll
2014-08-14 18:56:56 ----A---- C:\Windows\system32\consent.exe
2014-08-14 18:56:56 ----A---- C:\Windows\system32\authui.dll
2014-08-14 18:56:56 ----A---- C:\Windows\system32\appinfo.dll
2014-08-14 18:56:55 ----A---- C:\Windows\system32\msihnd.dll
2014-08-14 18:56:46 ----A---- C:\Windows\system32\tzres.dll
2014-08-14 18:56:41 ----A---- C:\Windows\system32\win32k.sys
2014-08-14 18:56:40 ----A---- C:\Windows\system32\gdi32.dll
2014-08-14 18:56:38 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-08-14 18:56:38 ----A---- C:\Windows\system32\cdd.dll
2014-08-14 18:56:31 ----A---- C:\Windows\system32\vbscript.dll
2014-08-14 18:56:30 ----A---- C:\Windows\system32\jscript9.dll
2014-08-14 18:56:30 ----A---- C:\Windows\system32\dxtmsft.dll
2014-08-14 18:56:29 ----A---- C:\Windows\system32\wininet.dll
2014-08-14 18:56:29 ----A---- C:\Windows\system32\jscript.dll
2014-08-14 18:56:29 ----A---- C:\Windows\system32\dxtrans.dll
2014-08-14 18:56:28 ----A---- C:\Windows\system32\mshtmled.dll
2014-08-14 18:56:28 ----A---- C:\Windows\system32\ieui.dll
2014-08-14 18:56:25 ----A---- C:\Windows\system32\mshtml.dll
2014-08-14 18:56:23 ----A---- C:\Windows\system32\urlmon.dll
2014-08-14 18:56:23 ----A---- C:\Windows\system32\mshta.exe
2014-08-14 18:56:23 ----A---- C:\Windows\system32\msfeedssync.exe
2014-08-14 18:56:23 ----A---- C:\Windows\system32\msfeedsbs.dll
2014-08-14 18:56:21 ----A---- C:\Windows\system32\jsproxy.dll
2014-08-14 18:56:19 ----A---- C:\Windows\system32\msfeeds.dll
2014-08-14 18:56:17 ----A---- C:\Windows\system32\ieUnatt.exe
2014-08-14 18:56:16 ----A---- C:\Windows\system32\url.dll
2014-08-14 18:56:16 ----A---- C:\Windows\system32\iertutil.dll
2014-08-14 18:56:13 ----A---- C:\Windows\system32\ieframe.dll
2014-08-06 21:37:42 ----D---- C:\Program Files\Common Files\Skype
2014-08-06 21:37:41 ----RD---- C:\Program Files\Skype
2014-08-03 13:10:53 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-08-03 13:10:16 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-08-03 13:10:16 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-08-03 13:10:15 ----D---- C:\ProgramData\Malwarebytes
2014-08-03 13:10:15 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2014-08-03 13:10:15 ----A---- C:\Windows\system32\drivers\mbam.sys

======List of files/folders modified in the last 1 month======

2014-08-25 18:48:38 ----D---- C:\Windows\Temp
2014-08-24 21:29:12 ----D---- C:\Windows\Minidump
2014-08-24 21:29:12 ----D---- C:\ProgramData\NVIDIA
2014-08-24 21:28:48 ----SHD---- C:\System Volume Information
2014-08-24 21:28:38 ----D---- C:\Windows
2014-08-24 21:27:49 ----D---- C:\Windows\system32\drivers\etc
2014-08-24 21:25:58 ----D---- C:\Windows\System32
2014-08-24 21:25:57 ----D---- C:\Windows\Prefetch
2014-08-21 23:03:03 ----RD---- C:\Program Files
2014-08-20 20:06:37 ----D---- C:\Users\spok\AppData\Roaming\vlc
2014-08-15 19:25:50 ----D---- C:\Windows\Microsoft.NET
2014-08-15 19:24:37 ----RSD---- C:\Windows\assembly
2014-08-15 17:35:57 ----D---- C:\Windows\rescache
2014-08-15 17:17:46 ----D---- C:\Windows\inf
2014-08-15 17:17:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-08-15 17:14:03 ----D---- C:\Users\spok\AppData\Roaming\ICQ
2014-08-15 17:06:03 ----D---- C:\Windows\system32\cs-CZ
2014-08-15 17:06:00 ----D---- C:\Windows\system32\migration
2014-08-15 17:06:00 ----D---- C:\Windows\system32\drivers
2014-08-15 17:06:00 ----D---- C:\Program Files\Internet Explorer
2014-08-15 16:48:16 ----D---- C:\Windows\system32\MRT
2014-08-15 16:43:38 ----A---- C:\Windows\system32\mrt.exe
2014-08-15 16:43:03 ----D---- C:\Windows\winsxs
2014-08-15 16:42:04 ----D---- C:\Windows\system32\catroot
2014-08-15 16:42:02 ----D---- C:\Windows\system32\catroot2
2014-08-06 22:12:30 ----D---- C:\Users\spok\AppData\Roaming\Skype
2014-08-06 21:37:49 ----SHD---- C:\Windows\Installer
2014-08-06 21:37:49 ----D---- C:\ProgramData\Skype
2014-08-06 21:37:42 ----D---- C:\Program Files\Common Files
2014-08-05 09:20:02 ----N---- C:\Windows\system32\MpSigStub.exe
2014-08-04 10:38:15 ----D---- C:\Users\spok\AppData\Roaming\Winamp
2014-08-03 13:23:13 ----D---- C:\Windows\en-US
2014-08-03 13:10:15 ----HD---- C:\ProgramData
2014-07-27 21:00:28 ----D---- C:\ProgramData\Package Cache
2014-07-27 20:59:30 ----D---- C:\ProgramData\Garmin
2014-07-27 20:59:12 ----D---- C:\Program Files\Garmin
2014-07-27 20:59:10 ----D---- C:\Windows\system32\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AswRdr;aswRdr; C:\Windows\system32\drivers\AswRdr.sys [2012-10-31 35928]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-10-31 738504]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-10-31 361032]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-10-31 54232]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-10-31 21256]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-10-31 58680]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2007-08-03 347648]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2007-06-05 179712]
R3 dc3d;MS Hardware Device Detection Driver (USB); C:\Windows\system32\DRIVERS\dc3d.sys [2011-08-10 45288]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-24 171520]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2012-11-06 10892648]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point32.sys [2011-08-01 40936]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
S3 AF9035HB;AF9035 Hybrid Device; C:\Windows\System32\Drivers\AF9035HB.sys [2014-01-08 863616]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2006-11-02 467456]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2014-08-17 110296]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-12-13 45056]
S3 usbser;DJI USB Virtual COM Driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 27648]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-01-07 43336]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-31 44808]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 Garmin Core Update Service;Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2014-07-23 438616]
R2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service; C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [2008-12-11 3575808]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-11-06 645992]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2008-12-31 247152]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-11-06 382824]
R3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-01-15 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08 262320]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-01-15 116648]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-02-06 553288]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Zoek lze pouzit, ovsem jestli je to potreba musite vedet na zaklade toho, co zoek vlastne dela

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

Antivir jsem musel na chvíli vypnout. Snad se povedlo Additional scan result of Farbar Recovery Scan Tool (x86) Version:26-08-2014
Ran by spok at 2014-08-26 13:09:43
Running from C:\Users\spok\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Antivirus (Disabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5 (HKLM\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
ANT Drivers Installer x86 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (HKLM\...\{21FC2093-6E43-460B-B9B0-5F5AA35BBB0F}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{10E3A6DD-84D8-4D8A-BB11-5E5314BCA7FD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 6 FREE v.6.82 (HKLM\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.2 - Ashampoo GmbH & Co. KG)
avast! Free Antivirus (HKLM\...\avast) (Version: 7.0.1474.0 - AVAST Software)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Ralink Technology Corp. (rt61x86) Net (07/17/2009 2.01.06.0000) (HKLM\...\920E7947575A76DDF81F6C77C705E52B69CC5704) (Version: 07/17/2009 2.01.06.0000 - Ralink Technology Corp.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Boris Graffiti (HKLM\...\{262BF2CD-601D-4F43-919C-4B00B1D1F338}) (Version: 5.20.200 - Boris FX, Inc.)
Broadcom Gigabit Integrated Controller (HKLM\...\{FC57FC53-104C-415C-98D7-B05E659461A9}) (Version: 10.50.03 - Broadcom Corporation)
Capture-A-ScreenShot (HKLM\...\Capture-A-ScreenShot_is1) (Version: - PopDrops.com)
CCleaner (HKLM\...\CCleaner) (Version: 3.28 - Piriform)
CyberLink PhotoNow (HKLM\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
CyberLink PhotoNow (Version: 1.1.6904 - CyberLink Corp.) Hidden
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.4020 - CyberLink Corp.)
CyberLink PowerDirector (Version: 7.0.4020 - CyberLink Corp.) Hidden
DJI driver version 1.0 (HKLM\...\{9A2C30EE-6E35-4479-B0E6-B1B47A54E8CD}_is1) (Version: 1.0 - DJI)
DJI driver version 2.02 (HKLM\...\{EDFDE5EE-84C7-4936-804C-6563943E5754}_is1) (Version: 2.02 - DJI)
DJI Phantom 2 Assistant version 3.0 (HKLM\...\{CB992CF8-12E8-49AA-9DA7-7637D81307EF}_is1) (Version: 3.0 - DJI)
Elevated Installer (Version: 3.2.16.0 - Garmin Ltd or its subsidiaries) Hidden
FastStone Image Viewer 4.6 (HKLM\...\FastStone Image Viewer) (Version: 4.6 - FastStone Soft)
Gadwin PrintScreen (HKLM\...\Gadwin PrintScreen) (Version: 4.7 - Gadwin Systems, Inc.)
Garmin Communicator Plugin (HKLM\...\{032A13FF-D26D-4844-9597-7EF698627985}) (Version: 4.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM\...\{817c6bb8-ea2d-4e12-abbc-e33c3de43f64}) (Version: 3.2.16.0 - Garmin Ltd or its subsidiaries)
Garmin Express (Version: 3.2.16.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (Version: 3.2.16.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
GoPro Studio 2.0.1 (HKLM\...\GoPro Studio) (Version: 2.0.1 - WoodmanLabs Inc. d.b.a. GoPro)
ICQ7.7 (HKLM\...\{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}) (Version: 7.7 - ICQ)
iTunes (HKLM\...\{C4780F70-8F21-4F0C-95FE-32FF3E2F9247}) (Version: 11.1.4.62 - Apple Inc.)
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Magic Bullet Looks Studio (HKLM\...\Magic Bullet Looks Studio) (Version: - )
Malwarebytes Anti-Malware verze 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - csy (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (CSY) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (Version: 1.00.0000 - Adobe) Hidden
Mihov Image Resizer (remove only) (HKLM\...\Mihov Image Resizer) (Version: - )
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Install Application (Version: 2.1002.85.551 - NVIDIA Corporation) Hidden
NVIDIA nView 136.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 136.53 - NVIDIA Corporation)
NVIDIA nView Desktop Manager (HKLM\...\nView Desktop Manager) (Version: - )
NVIDIA Ovladač 3D Vision 307.45 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 307.45 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 307.32 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 307.32 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 307.45 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.45 - NVIDIA Corporation)
NVIDIA Performance Drivers (HKLM\...\{4C0A8D65-4286-4B58-87FE-18AD24289285}) (Version: 1.0.0.2 - NVIDIA Corporation)
NVIDIA Performance Drivers (HKLM\...\{71807498-D8E2-41C6-84CD-8ED7A076B6EC}) (Version: 1.0.0.1 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.0745 - NVIDIA Corporation) Hidden
OpenOffice.org 3.4.1 (HKLM\...\{1E0AF527-0B8E-4F8A-BA27-CB3C359998C6}) (Version: 3.41.9593 - Apache Software Foundation)
Ovládací panel NVIDIA 307.45 (Version: 307.45 - NVIDIA Corporation) Hidden
Ovladače videa společnosti Pinnacle (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
Pinnacle Studio 12 Ultimate Plugins (HKLM\...\{D1860E6E-520E-4380-8433-E58E8F88B473}) (Version: 12.0.0.0 - Pinnacle Systems)
Pinnacle Studio 15 (HKLM\...\{1362E602-9625-42D3-B57F-CDA9D26F9DA8}) (Version: 15.0.0.7593 - Pinnacle Systems)
proDAD Vitascene 1.0 (HKLM\...\proDAD-Vitascene-1.0) (Version: - )
Psaní všemi deseti 1.5 (HKLM\...\Psaní všemi deseti_is1) (Version: - Richard Šusta, David Vejchoda)
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Seznam Software (HKCU\...\SeznamInstall) (Version: - Seznam.cz)
Skype™ 6.18 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 6.10.1.5491 - Analog Devices)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.01 - Ghisler Software GmbH)
Total Video Converter 3.71 100812 (HKLM\...\Total Video Converter 3.71_is1) (Version: - EffectMatrix Inc.)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Winamp (HKLM\...\Winamp) (Version: 5.6 - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012 - GoPro)
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-765508671-1587432005-1283013604-1000_Classes\CLSID\{5B004CDE-0211-469C-B9B5-0552E7E63917}\InprocServer32 -> C:\Program Files\Pinnacle\Shared Files\Filter\MarvinAVRenderer.ax (Pinnacle Systems GmbH)
CustomCLSID: HKU\S-1-5-21-765508671-1587432005-1283013604-1000_Classes\CLSID\{77D8C8C7-6B46-4429-B876-DBC006C96EB1}\InprocServer32 -> C:\Program Files\Pinnacle\Shared Files\Filter\MarvinAVRenderer.ax (Pinnacle Systems GmbH)
CustomCLSID: HKU\S-1-5-21-765508671-1587432005-1283013604-1000_Classes\CLSID\{CD37ED08-860C-4B86-AD25-5587D8386587}\InprocServer32 -> C:\Program Files\Pinnacle\Shared Files\Filter\MarvinAVRenderer.ax (Pinnacle Systems GmbH)

==================== Restore Points =========================

26-08-2014 08:25:45 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 12:23 - 2014-08-24 21:27 - 00000781 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0CAB7B68-718C-40E0-B83B-89DDF7007DC8} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries
Task: {0D9FFE0C-91D8-4D48-AC48-44FE2473324B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2012-10-31] (AVAST Software)
Task: {155723BA-60E2-4354-93AF-84EAC8D3C2D8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2013-01-15] ()
Task: {2DE18FE4-6467-484F-8431-206702EC5546} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {2E5B7D97-F14C-4CFF-864E-620AABA892D1} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {3EDFD7E9-3C30-4B52-81E0-740C0F3B10DB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-01-15] (Google Inc.)
Task: {4D72741E-769C-45DB-8604-CB8EBDADAA29} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {52B029BD-1988-492E-AB7C-CBDD30441AED} - System32\Tasks\AdobeAAMUpdater-1.0-spok-PC-spok => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {6D87ED01-A202-450F-BF09-290C4AADF6E1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7A87C082-0248-4A94-8894-C80C5821D4FF} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {8A4AEB9C-4A3D-414C-B18A-47DC38104B57} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2008-01-19] (Společnost Microsoft)
Task: {93F6503F-A568-4C85-855F-1C12F23BF8AA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-01-15] (Google Inc.)
Task: {9769BCD8-D77E-4ADF-A43C-FA2BF0A0164A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\VistaSP1CEIP => C:\Windows\servicing\vsp1ceip.exe [2008-01-19] (Microsoft Corporation)
Task: {C17EFE3E-BC29-48AC-8B55-5C6B4F21C5A7} - System32\Tasks\GarminUpdaterTask => C:\Program Files\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-07-23] ()
Task: {DC2C050B-6421-4039-B743-63BC06295F35} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {E4DABC87-2F45-42DD-ADB1-271550B60DD5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)
Task: {E842F79E-A5A9-4F29-9413-A69786C4AA6A} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {ED17FE71-C656-4B85-962A-C533815D5215} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-02-25] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-08-25 22:39 - 2014-08-25 19:47 - 02826240 _____ () C:\Program Files\AVAST Software\Avast\defs\14082501\algo.dll
2014-08-26 13:04 - 2014-08-26 09:53 - 02826240 _____ () C:\Program Files\AVAST Software\Avast\defs\14082600\algo.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2008-12-11 08:08 - 2008-12-11 08:08 - 03575808 _____ () C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
2014-01-08 21:36 - 2008-12-31 06:31 - 00247152 ____R () C:\Program Files\CyberLink\Shared files\RichVideo.exe
2014-08-15 22:38 - 2014-08-07 05:20 - 08537928 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-15 22:38 - 2014-08-07 05:20 - 00353096 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-15 22:38 - 2014-08-07 05:20 - 01732936 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
2014-08-15 22:38 - 2014-08-07 05:20 - 14669128 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll
2014-04-26 12:24 - 2014-02-10 13:44 - 04592128 _____ () C:\Users\spok\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-04-26 12:24 - 2014-02-10 13:44 - 00112128 _____ () C:\Users\spok\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
2010-04-07 03:34 - 2010-04-07 03:34 - 00033280 _____ () C:\Program Files\Adobe\Adobe Photoshop CS5\QuickTimeGlue.dll
2010-02-22 05:50 - 2010-02-22 05:50 - 00060416 _____ () C:\Program Files\Common Files\Adobe\CS5ServiceManager\zlib1.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: Atheros AR5005GS Wireless Network Adapter
Description: Atheros AR5005GS Wireless Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/25/2014 11:46:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9266

Error: (08/25/2014 11:46:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9266

Error: (08/25/2014 11:46:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/25/2014 11:46:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8252

Error: (08/25/2014 11:46:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8252

Error: (08/25/2014 11:46:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/25/2014 11:46:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7238

Error: (08/25/2014 11:46:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7238

Error: (08/25/2014 11:46:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/25/2014 11:46:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6240


System errors:
=============
Error: (08/24/2014 09:31:05 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt

Error: (08/24/2014 09:28:48 PM) (Source: volsnap) (EventID: 25) (User: )
Description: Stínové kopie svazku C: byly smazány, protože úložiště stínové kopie nebylo možné včas zvětšit. Zvažte možnost snížení vstupně-výstupního zatížení systému nebo zvolte svazek úložiště stínové kopie, pro který není vytvářena stínová kopie.

Error: (08/24/2014 09:29:13 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (21:27:27, 24.8.2014) bylo neočekávané.

Error: (08/22/2014 07:18:21 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000ShellHWDetection

Error: (08/22/2014 06:23:15 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000ShellHWDetection

Error: (08/18/2014 07:32:29 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053gupdate/comsvc{4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (08/18/2014 07:32:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Google Update (gupdate)%%1053

Error: (08/18/2014 07:32:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Služba Google Update (gupdate)

Error: (08/15/2014 07:07:55 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000Netman

Error: (08/15/2014 05:11:53 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt


Microsoft Office Sessions:
=========================
Error: (08/25/2014 11:46:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9266

Error: (08/25/2014 11:46:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9266

Error: (08/25/2014 11:46:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/25/2014 11:46:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8252

Error: (08/25/2014 11:46:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8252

Error: (08/25/2014 11:46:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/25/2014 11:46:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7238

Error: (08/25/2014 11:46:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7238

Error: (08/25/2014 11:46:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/25/2014 11:46:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6240


CodeIntegrity Errors:
===================================
Date: 2014-08-26 13:09:38.351
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-08-26 13:09:38.176
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-08-26 13:09:37.982
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-08-26 13:09:37.809
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-08-26 13:09:37.378
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-08-26 13:09:37.203
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-08-26 13:09:37.017
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-08-26 13:09:36.827
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-08-17 14:37:53.665
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-08-17 14:37:53.460
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU E6550 @ 2.33GHz
Percentage of memory in use: 75%
Total physical RAM: 3324.71 MB
Available physical RAM: 828.04 MB
Total Pagefile: 6876.41 MB
Available Pagefile: 2671.1 MB
Total Virtual: 2047.88 MB
Available Virtual: 1894.68 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:74.5 GB) (Free:18.35 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:465.75 GB) (Free:290.52 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 74.5 GB) (Disk ID: FBC6784C)
Partition 1: (Active) - (Size=74.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 045D58BA)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=OF Extended)

==================== End Of Log ============================

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:26-08-2014
Ran by spok (administrator) on SPOK-PC on 26-08-2014 13:08:37
Running from C:\Users\spok\Downloads
Platform: Microsoft® Windows Vista™ Business Service Pack 2 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
() C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Akamai Technologies, Inc.) C:\Users\spok\AppData\Local\Akamai\netsession_win.exe
(ICQ, LLC.) C:\Program Files\ICQ7.7\ICQ.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Express Tray\ExpressTray.exe
(GoPro) C:\Program Files\CineForm\Tools\GoProCineFormStatusViewer.exe
(Akamai Technologies, Inc.) C:\Users\spok\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Adobe Systems, Incorporated) C:\Program Files\Adobe\Adobe Photoshop CS5\Photoshop.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4297136 2012-10-31] (AVAST Software)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-765508671-1587432005-1283013604-1000\...\Run: [Akamai NetSession Interface] => C:\Users\spok\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-765508671-1587432005-1283013604-1000\...\Run: [ICQ] => C:\Program Files\ICQ7.7\ICQ.exe [127040 2012-01-23] (ICQ, LLC.)
HKU\S-1-5-21-765508671-1587432005-1283013604-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [688984 2014-07-23] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-765508671-1587432005-1283013604-1000\...\Run: [AdobeBridge] => [X]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CineForm Status.lnk
ShortcutTarget: CineForm Status.lnk -> C:\Program Files\CineForm\Tools\GoProCineFormStatusViewer.exe (GoPro)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! WebRep -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-02-08]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxp://www.google.cz/"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\36.0.1985.143\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR CustomProfile: C:\Users\spok\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Disk Google) - C:\Users\spok\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-15]
CHR Extension: (YouTube) - C:\Users\spok\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-15]
CHR Extension: (Vyhledávání Google) - C:\Users\spok\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-15]
CHR Extension: (Peněženka Google) - C:\Users\spok\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-08]
CHR Extension: (Gmail) - C:\Users\spok\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-15]
CHR HKLM\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-01-18]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44808 2012-10-31] (AVAST Software)
R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-07-23] (Garmin Ltd or its subsidiaries)
R2 NVIDIA Performance Driver Service; C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [3575808 2008-12-11] () [File not signed]
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2008-12-31] ()
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AF9035HB; C:\Windows\System32\Drivers\AF9035HB.sys [863616 2014-01-08] (ITE Technologies )
R2 aswFsBlk; C:\Windows\system32\Drivers\aswFsBlk.sys [21256 2012-10-31] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [58680 2012-10-31] (AVAST Software)
R1 AswRdr; C:\Windows\system32\Drivers\AswRdr.sys [35928 2012-10-31] (AVAST Software)
R1 aswSnx; C:\Windows\system32\Drivers\aswSnx.sys [738504 2012-10-31] (AVAST Software)
R1 aswSP; C:\Windows\system32\Drivers\aswSP.sys [361032 2012-10-31] (AVAST Software)
R1 aswTdi; C:\Windows\system32\Drivers\aswTdi.sys [54232 2012-10-31] (AVAST Software)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
R3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus.sys [171520 2005-09-24] (Pinnacle Systems GmbH)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-08-17] (Malwarebytes Corporation)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-26 13:08 - 2014-08-26 13:09 - 00012384 _____ () C:\Users\spok\Downloads\FRST.txt
2014-08-26 13:08 - 2014-08-26 13:08 - 00000000 ____D () C:\FRST
2014-08-26 13:07 - 2014-08-26 13:08 - 01095168 _____ (Farbar) C:\Users\spok\Downloads\FRST.exe
2014-08-26 13:06 - 2014-08-26 13:06 - 00029696 _____ () C:\Users\spok\AppData\Local\MSGBOX.EXE
2014-08-26 13:06 - 2014-08-26 13:06 - 00015327 _____ () C:\Users\spok\Desktop\LM.bat
2014-08-26 13:05 - 2014-08-26 13:06 - 00112640 _____ (forum.viry.cz) C:\Users\spok\Downloads\FRSTLauncher.exe
2014-08-26 13:02 - 2014-08-26 13:02 - 00112640 _____ (forum.viry.cz) C:\Users\spok\Desktop\Documents\Nepotvrzeno 967758.crdownload
2014-08-26 13:01 - 2014-08-26 13:01 - 00112640 _____ (forum.viry.cz) C:\Users\spok\Desktop\Documents\Nepotvrzeno 800462.crdownload
2014-08-24 21:29 - 2014-08-24 21:29 - 00160832 _____ () C:\Windows\Minidump\Mini082414-01.dmp
2014-08-24 21:28 - 2014-08-24 21:28 - 280678585 _____ () C:\Windows\MEMORY.DMP
2014-08-24 21:27 - 2014-08-24 21:27 - 00001239 _____ () C:\zoek-results.log
2014-08-24 21:26 - 2014-08-24 21:27 - 00000518 _____ () C:\runcheck.txt
2014-08-24 21:25 - 2014-08-24 21:25 - 01288704 _____ () C:\Users\spok\Desktop\zoek.exe
2014-08-24 21:25 - 2014-08-24 21:25 - 00000000 ____D () C:\zoek_backup
2014-08-21 23:03 - 2014-08-25 18:48 - 00000000 ____D () C:\Program Files\trend micro
2014-08-21 23:03 - 2014-08-21 23:03 - 00000000 ____D () C:\rsit
2014-08-21 22:53 - 2014-08-21 23:02 - 01107968 _____ () C:\Users\spok\Desktop\Documents\RSIT.EXE
2014-08-15 16:36 - 2014-06-27 00:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-15 16:36 - 2014-06-27 00:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-15 16:36 - 2014-06-27 00:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-15 16:33 - 2014-06-06 06:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-14 18:56 - 2014-07-25 06:26 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-14 18:56 - 2014-07-25 04:53 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-14 18:56 - 2014-07-24 20:07 - 12356608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-14 18:56 - 2014-07-24 19:58 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-14 18:56 - 2014-07-24 19:57 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-14 18:56 - 2014-07-24 19:52 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-14 18:56 - 2014-07-24 19:51 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-14 18:56 - 2014-07-24 19:51 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-14 18:56 - 2014-07-24 19:50 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-14 18:56 - 2014-07-24 19:50 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-14 18:56 - 2014-07-24 19:49 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-14 18:56 - 2014-07-24 19:49 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-14 18:56 - 2014-07-24 19:49 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-14 18:56 - 2014-07-24 19:49 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-14 18:56 - 2014-07-24 19:49 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-14 18:56 - 2014-07-24 19:48 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-14 18:56 - 2014-07-24 19:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-14 18:56 - 2014-07-24 19:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-14 18:56 - 2014-07-24 19:48 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-14 18:56 - 2014-07-24 19:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-14 18:56 - 2014-07-24 19:48 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-14 18:56 - 2014-07-24 19:48 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-14 18:56 - 2014-07-24 19:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-14 18:56 - 2014-07-08 02:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-14 18:56 - 2014-06-14 02:44 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-14 18:56 - 2014-06-14 02:33 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-08-14 18:56 - 2014-06-02 12:31 - 02263552 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-14 18:56 - 2014-06-02 12:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-14 18:56 - 2014-06-02 12:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-14 18:56 - 2014-06-02 12:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-08-14 18:56 - 2014-06-02 10:56 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-06 21:39 - 2014-08-06 21:39 - 00000000 ____D () C:\Users\spok\AppData\Local\Skype
2014-08-06 21:37 - 2014-08-06 21:37 - 00000000 ___RD () C:\Program Files\Skype
2014-08-06 21:37 - 2014-08-06 21:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-06 21:37 - 2014-08-06 21:37 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-08-03 13:10 - 2014-08-17 14:30 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-03 13:10 - 2014-08-03 13:10 - 00000899 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-03 13:10 - 2014-08-03 13:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-03 13:10 - 2014-08-03 13:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-03 13:10 - 2014-08-03 13:10 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-08-03 13:10 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-03 13:10 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-03 13:10 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-03 11:05 - 2014-08-03 11:05 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\spok\Desktop\Documents\mbam-setup-2.0.2.1012 (1).exe
2014-07-30 11:59 - 2014-07-30 11:59 - 00000256 _____ () C:\Users\spok\gmapsupp.img.w6j
2014-07-27 20:59 - 2014-07-27 20:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-07-25 04:24 - 2013-02-03 23:17 - 00000000 ____D () C:\Users\spok\Downloads\Guru3D.com
2014-08-26 13:09 - 2014-08-26 13:08 - 00012384 _____ () C:\Users\spok\Downloads\FRST.txt
2014-08-26 13:08 - 2014-08-26 13:08 - 00000000 ____D () C:\FRST
2014-08-26 13:08 - 2014-08-26 13:07 - 01095168 _____ (Farbar) C:\Users\spok\Downloads\FRST.exe
2014-08-26 13:06 - 2014-08-26 13:06 - 00029696 _____ () C:\Users\spok\AppData\Local\MSGBOX.EXE
2014-08-26 13:06 - 2014-08-26 13:06 - 00015327 _____ () C:\Users\spok\Desktop\LM.bat
2014-08-26 13:06 - 2014-08-26 13:05 - 00112640 _____ (forum.viry.cz) C:\Users\spok\Downloads\FRSTLauncher.exe
2014-08-26 13:04 - 2013-01-18 09:52 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-26 13:02 - 2014-08-26 13:02 - 00112640 _____ (forum.viry.cz) C:\Users\spok\Desktop\Documents\Nepotvrzeno 967758.crdownload
2014-08-26 13:01 - 2014-08-26 13:01 - 00112640 _____ (forum.viry.cz) C:\Users\spok\Desktop\Documents\Nepotvrzeno 800462.crdownload
2014-08-26 12:32 - 2013-01-15 08:25 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-26 12:22 - 2006-11-02 14:47 - 00004032 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-26 12:22 - 2006-11-02 14:47 - 00004032 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-26 10:27 - 2006-11-02 14:52 - 01067859 _____ () C:\Windows\WindowsUpdate.log
2014-08-25 23:12 - 2013-01-15 08:25 - 00000932 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-25 18:48 - 2014-08-21 23:03 - 00000000 ____D () C:\Program Files\trend micro
2014-08-24 21:29 - 2014-08-24 21:29 - 00160832 _____ () C:\Windows\Minidump\Mini082414-01.dmp
2014-08-24 21:29 - 2014-02-01 14:10 - 00000000 ____D () C:\Windows\Minidump
2014-08-24 21:29 - 2013-01-15 09:51 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-24 21:29 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-24 21:28 - 2014-08-24 21:28 - 280678585 _____ () C:\Windows\MEMORY.DMP
2014-08-24 21:28 - 2014-07-11 05:46 - 00001830 _____ () C:\Windows\PFRO.log
2014-08-24 21:27 - 2014-08-24 21:27 - 00001239 _____ () C:\zoek-results.log
2014-08-24 21:27 - 2014-08-24 21:26 - 00000518 _____ () C:\runcheck.txt
2014-08-24 21:25 - 2014-08-24 21:25 - 01288704 _____ () C:\Users\spok\Desktop\zoek.exe
2014-08-24 21:25 - 2014-08-24 21:25 - 00000000 ____D () C:\zoek_backup
2014-08-21 23:03 - 2014-08-21 23:03 - 00000000 ____D () C:\rsit
2014-08-21 23:02 - 2014-08-21 22:53 - 01107968 _____ () C:\Users\spok\Desktop\Documents\RSIT.EXE
2014-08-20 20:06 - 2013-01-15 09:48 - 00000000 ____D () C:\Users\spok\AppData\Roaming\vlc
2014-08-20 16:14 - 2013-04-06 17:29 - 00000000 ____D () C:\Users\spok\Desktop\Screenshots
2014-08-18 20:55 - 2013-01-15 09:28 - 00159232 _____ () C:\Users\spok\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-17 14:30 - 2014-08-03 13:10 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-15 22:38 - 2013-01-15 08:36 - 00001971 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-15 19:25 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-08-15 17:35 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\rescache
2014-08-15 17:17 - 2006-11-02 12:33 - 01530458 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-15 17:14 - 2013-01-16 13:17 - 00000000 ____D () C:\Users\spok\AppData\Roaming\ICQ
2014-08-15 17:11 - 2006-11-02 14:47 - 03690968 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-15 17:06 - 2006-11-02 15:01 - 00032556 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-15 16:48 - 2013-08-15 03:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-15 16:43 - 2006-11-02 12:24 - 96303304 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-08-06 22:12 - 2013-04-16 20:09 - 00000000 ____D () C:\Users\spok\AppData\Roaming\Skype
2014-08-06 21:39 - 2014-08-06 21:39 - 00000000 ____D () C:\Users\spok\AppData\Local\Skype
2014-08-06 21:37 - 2014-08-06 21:37 - 00000000 ___RD () C:\Program Files\Skype
2014-08-06 21:37 - 2014-08-06 21:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-06 21:37 - 2014-08-06 21:37 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-08-06 21:37 - 2013-04-16 20:09 - 00001896 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-08-06 21:37 - 2013-04-16 20:09 - 00000000 ____D () C:\ProgramData\Skype
2014-08-05 09:20 - 2013-01-15 09:18 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-04 14:19 - 2013-11-01 19:08 - 00000000 ____D () C:\Users\spok\AppData\Local\Pinnacle
2014-08-04 10:38 - 2014-02-03 20:49 - 00000000 ____D () C:\Users\spok\AppData\Roaming\Winamp
2014-08-04 09:53 - 2014-06-30 21:19 - 00001592 _____ () C:\Windows\setupact.log
2014-08-03 13:10 - 2014-08-03 13:10 - 00000899 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-03 13:10 - 2014-08-03 13:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-03 13:10 - 2014-08-03 13:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-03 13:10 - 2014-08-03 13:10 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-08-03 11:05 - 2014-08-03 11:05 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\spok\Desktop\Documents\mbam-setup-2.0.2.1012 (1).exe
2014-08-03 11:04 - 2014-05-20 16:26 - 00000000 ____D () C:\Users\spok\Desktop\Documents\Crack-for-Photoshop-CS5
2014-08-01 18:43 - 2014-01-02 17:42 - 00000000 ____D () C:\Users\spok\Desktop\Documents\Garmin
2014-07-30 11:59 - 2014-07-30 11:59 - 00000256 _____ () C:\Users\spok\gmapsupp.img.w6j
2014-07-30 11:59 - 2013-01-15 08:07 - 00000000 ____D () C:\Users\spok
2014-07-27 21:00 - 2014-01-02 17:29 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-27 20:59 - 2014-07-27 20:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2014-07-27 20:59 - 2014-01-02 17:37 - 00001765 _____ () C:\Users\Public\Desktop\Garmin Express.lnk
2014-07-27 20:59 - 2014-01-02 17:37 - 00000000 ____D () C:\ProgramData\Garmin
2014-07-27 20:59 - 2014-01-02 16:48 - 00000000 ____D () C:\Program Files\Garmin

Some content of TEMP:
====================
C:\Users\spok\AppData\Local\Temp\7za.exe
C:\Users\spok\AppData\Local\Temp\hijackthis.exe
C:\Users\spok\AppData\Local\Temp\NirCmd.exe
C:\Users\spok\AppData\Local\Temp\PEVZ.EXE
C:\Users\spok\AppData\Local\Temp\remove.exe
C:\Users\spok\AppData\Local\Temp\sed.exe
C:\Users\spok\AppData\Local\Temp\shortcut.exe
C:\Users\spok\AppData\Local\Temp\swreg.exe
C:\Users\spok\AppData\Local\Temp\swxcacls.exe
C:\Users\spok\AppData\Local\Temp\wget.exe
C:\Users\spok\AppData\Local\Temp\zoek-delete.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-24 21:34

==================== End Of Log ============================

Omlouvam se, pracovni povinnosti

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKU\S-1-5-21-765508671-1587432005-1283013604-1000\...\Run: [Akamai NetSession Interface] => C:\Users\spok\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
  HKU\S-1-5-21-765508671-1587432005-1283013604-1000\...\Run: [ICQ] => C:\Program Files\ICQ7.7\ICQ.exe [127040 2012-01-23] (ICQ, LLC.)
  HKU\S-1-5-21-765508671-1587432005-1283013604-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [688984 2014-07-23] (Garmin Ltd or its subsidiaries)
  HKU\S-1-5-21-765508671-1587432005-1283013604-1000\...\Run: [AdobeBridge] => [X]
  
  S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
  S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
  S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
  
  2014-08-26 13:08 - 2014-08-26 13:09 - 00012384 _____ () C:\Users\spok\Downloads\FRST.txt
  2014-08-26 13:06 - 2014-08-26 13:06 - 00029696 _____ () C:\Users\spok\AppData\Local\MSGBOX.EXE
  2014-08-26 13:06 - 2014-08-26 13:06 - 00015327 _____ () C:\Users\spok\Desktop\LM.bat
  2014-08-26 13:05 - 2014-08-26 13:06 - 00112640 _____ (forum.viry.cz) C:\Users\spok\Downloads\FRSTLauncher.exe
  2014-08-26 13:02 - 2014-08-26 13:02 - 00112640 _____ (forum.viry.cz) C:\Users\spok\Desktop\Documents\Nepotvrzeno 967758.crdownload
  2014-08-26 13:01 - 2014-08-26 13:01 - 00112640 _____ (forum.viry.cz) C:\Users\spok\Desktop\Documents\Nepotvrzeno 800462.crdownload
  2014-08-24 21:29 - 2014-08-24 21:29 - 00160832 _____ () C:\Windows\Minidump\Mini082414-01.dmp
  2014-08-24 21:28 - 2014-08-24 21:28 - 280678585 _____ () C:\Windows\MEMORY.DMP
  2014-08-24 21:27 - 2014-08-24 21:27 - 00001239 _____ () C:\zoek-results.log
  2014-08-24 21:26 - 2014-08-24 21:27 - 00000518 _____ () C:\runcheck.txt
  2014-08-24 21:25 - 2014-08-24 21:25 - 01288704 _____ () C:\Users\spok\Desktop\zoek.exe
  2014-08-24 21:25 - 2014-08-24 21:25 - 00000000 ____D () C:\zoek_backup
  2014-08-21 23:03 - 2014-08-25 18:48 - 00000000 ____D () C:\Program Files\trend micro
  2014-08-21 23:03 - 2014-08-21 23:03 - 00000000 ____D () C:\rsit
  2014-08-21 22:53 - 2014-08-21 23:02 - 01107968 _____ () C:\Users\spok\Desktop\Documents\RSIT.EXE
  C:\Users\spok\AppData\Local\Temp\7za.exe
  C:\Users\spok\AppData\Local\Temp\hijackthis.exe
  C:\Users\spok\AppData\Local\Temp\NirCmd.exe
  C:\Users\spok\AppData\Local\Temp\PEVZ.EXE
  C:\Users\spok\AppData\Local\Temp\remove.exe
  C:\Users\spok\AppData\Local\Temp\sed.exe
  C:\Users\spok\AppData\Local\Temp\shortcut.exe
  C:\Users\spok\AppData\Local\Temp\swreg.exe
  C:\Users\spok\AppData\Local\Temp\swxcacls.exe
  C:\Users\spok\AppData\Local\Temp\wget.exe
  C:\Users\spok\AppData\Local\Temp\zoek-delete.exe
  
  Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  
  Hosts:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Snad se mi to povedlo...

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:31-08-2014 02
Ran by spok (administrator) on SPOK-PC on 02-09-2014 20:14:59
Running from C:\Users\spok\Desktop
Platform: Microsoft® Windows Vista™ Business Service Pack 2 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(GoPro) C:\Program Files\CineForm\Tools\GoProCineFormStatusViewer.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
() C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files\Google\Update\Install\{62E16783-CD96-4F89-A4F7-1260341C38A0}\37.0.2062.103_37.0.2062.102_chrome_updater.exe
(Google Inc.) C:\Windows\Temp\CR_F9550.tmp\setup.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\spok\Desktop\FRST (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4297136 2012-10-31] (AVAST Software)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CineForm Status.lnk
ShortcutTarget: CineForm Status.lnk -> C:\Program Files\CineForm\Tools\GoProCineFormStatusViewer.exe (GoPro)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! WebRep -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-02-08]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxp://www.google.cz/"
CHR DefaultSearchKeyword: Default -> 82A711CE64BA3D0C521F7719425DA61A58223E8BA7819231B8D8AA9F6C3A3AFF
CHR DefaultSearchURL: Default -> 0494DCAE5E637DF4705FEDB5F9D18A8A611162AAD02B5ED7B4530AF356265CD7
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\37.0.2062.102\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\37.0.2062.102\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\37.0.2062.102\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR CustomProfile: C:\Users\spok\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Disk Google) - C:\Users\spok\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-15]
CHR Extension: (YouTube) - C:\Users\spok\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-15]
CHR Extension: (Vyhledávání Google) - C:\Users\spok\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-15]
CHR Extension: (Peněženka Google) - C:\Users\spok\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-08]
CHR Extension: (Gmail) - C:\Users\spok\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-15]
CHR HKLM\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-01-18]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44808 2012-10-31] (AVAST Software)
R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-07-23] (Garmin Ltd or its subsidiaries)
R2 NVIDIA Performance Driver Service; C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [3575808 2008-12-11] () [File not signed]
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2008-12-31] ()
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AF9035HB; C:\Windows\System32\Drivers\AF9035HB.sys [863616 2014-01-08] (ITE Technologies )
R2 aswFsBlk; C:\Windows\system32\Drivers\aswFsBlk.sys [21256 2012-10-31] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [58680 2012-10-31] (AVAST Software)
R1 AswRdr; C:\Windows\system32\Drivers\AswRdr.sys [35928 2012-10-31] (AVAST Software)
R1 aswSnx; C:\Windows\system32\Drivers\aswSnx.sys [738504 2012-10-31] (AVAST Software)
R1 aswSP; C:\Windows\system32\Drivers\aswSP.sys [361032 2012-10-31] (AVAST Software)
R1 aswTdi; C:\Windows\system32\Drivers\aswTdi.sys [54232 2012-10-31] (AVAST Software)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
R3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus.sys [171520 2005-09-24] (Pinnacle Systems GmbH)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-08-17] (Malwarebytes Corporation)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-02 20:14 - 2014-09-02 20:15 - 00011358 _____ () C:\Users\spok\Desktop\FRST.txt
2014-09-02 20:12 - 2014-09-02 20:12 - 01096704 _____ (Farbar) C:\Users\spok\Desktop\FRST (1).exe
2014-09-02 19:28 - 2014-09-02 19:28 - 00000000 ____D () C:\Users\spok\Downloads\FRST-OlderVersion
2014-08-29 13:27 - 2014-08-23 03:03 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-29 13:27 - 2014-08-23 01:26 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-26 13:09 - 2014-08-26 13:12 - 00029094 _____ () C:\Users\spok\Downloads\Addition.txt
2014-08-26 13:08 - 2014-09-02 20:15 - 00000000 ____D () C:\FRST
2014-08-26 13:07 - 2014-09-02 19:28 - 01096704 _____ (Farbar) C:\Users\spok\Downloads\FRST.exe
2014-08-15 16:36 - 2014-06-27 00:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-15 16:36 - 2014-06-27 00:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-15 16:36 - 2014-06-27 00:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-15 16:33 - 2014-06-06 06:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-14 18:56 - 2014-07-24 20:07 - 12356608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-14 18:56 - 2014-07-24 19:58 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-14 18:56 - 2014-07-24 19:57 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-14 18:56 - 2014-07-24 19:52 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-14 18:56 - 2014-07-24 19:51 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-14 18:56 - 2014-07-24 19:51 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-14 18:56 - 2014-07-24 19:50 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-14 18:56 - 2014-07-24 19:50 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-14 18:56 - 2014-07-24 19:49 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-14 18:56 - 2014-07-24 19:49 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-14 18:56 - 2014-07-24 19:49 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-14 18:56 - 2014-07-24 19:49 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-14 18:56 - 2014-07-24 19:49 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-14 18:56 - 2014-07-24 19:48 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-14 18:56 - 2014-07-24 19:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-14 18:56 - 2014-07-24 19:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-14 18:56 - 2014-07-24 19:48 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-14 18:56 - 2014-07-24 19:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-14 18:56 - 2014-07-24 19:48 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-14 18:56 - 2014-07-24 19:48 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-14 18:56 - 2014-07-24 19:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-14 18:56 - 2014-07-08 02:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-14 18:56 - 2014-06-14 02:44 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-14 18:56 - 2014-06-14 02:33 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-08-14 18:56 - 2014-06-02 12:31 - 02263552 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-14 18:56 - 2014-06-02 12:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-14 18:56 - 2014-06-02 12:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-14 18:56 - 2014-06-02 12:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-08-14 18:56 - 2014-06-02 10:56 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-06 21:39 - 2014-08-06 21:39 - 00000000 ____D () C:\Users\spok\AppData\Local\Skype
2014-08-06 21:37 - 2014-08-06 21:37 - 00000000 ___RD () C:\Program Files\Skype
2014-08-06 21:37 - 2014-08-06 21:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-06 21:37 - 2014-08-06 21:37 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-08-03 13:10 - 2014-08-17 14:30 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-03 13:10 - 2014-08-03 13:10 - 00000899 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-03 13:10 - 2014-08-03 13:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-03 13:10 - 2014-08-03 13:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-03 13:10 - 2014-08-03 13:10 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-08-03 13:10 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-03 13:10 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-03 13:10 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-03 11:05 - 2014-08-03 11:05 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\spok\Desktop\Documents\mbam-setup-2.0.2.1012 (1).exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-07-25 04:24 - 2013-02-03 23:17 - 00000000 ____D () C:\Users\spok\Downloads\Guru3D.com
2014-09-02 20:15 - 2014-09-02 20:14 - 00011358 _____ () C:\Users\spok\Desktop\FRST.txt
2014-09-02 20:15 - 2014-08-26 13:08 - 00000000 ____D () C:\FRST
2014-09-02 20:12 - 2014-09-02 20:12 - 01096704 _____ (Farbar) C:\Users\spok\Desktop\FRST (1).exe
2014-09-02 20:11 - 2006-11-02 14:52 - 01222007 _____ () C:\Windows\WindowsUpdate.log
2014-09-02 20:07 - 2013-01-15 09:51 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-02 20:07 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-02 20:07 - 2006-11-02 14:47 - 00004032 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-02 20:07 - 2006-11-02 14:47 - 00004032 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-02 20:06 - 2006-11-02 15:01 - 00032556 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-02 20:05 - 2014-02-01 14:10 - 00000000 ____D () C:\Windows\Minidump
2014-09-02 20:05 - 2013-01-16 13:17 - 00000000 ____D () C:\Users\spok\AppData\Roaming\ICQ
2014-09-02 19:28 - 2014-09-02 19:28 - 00000000 ____D () C:\Users\spok\Downloads\FRST-OlderVersion
2014-09-02 19:28 - 2014-08-26 13:07 - 01096704 _____ (Farbar) C:\Users\spok\Downloads\FRST.exe
2014-08-30 20:21 - 2013-01-15 08:36 - 00001971 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-29 13:49 - 2006-11-02 14:47 - 03692904 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-28 16:09 - 2013-04-06 17:29 - 00000000 ____D () C:\Users\spok\Desktop\Screenshots
2014-08-26 13:12 - 2014-08-26 13:09 - 00029094 _____ () C:\Users\spok\Downloads\Addition.txt
2014-08-24 21:28 - 2014-07-11 05:46 - 00001830 _____ () C:\Windows\PFRO.log
2014-08-23 03:03 - 2014-08-29 13:27 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 01:26 - 2014-08-29 13:27 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-20 20:06 - 2013-01-15 09:48 - 00000000 ____D () C:\Users\spok\AppData\Roaming\vlc
2014-08-18 20:55 - 2013-01-15 09:28 - 00159232 _____ () C:\Users\spok\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-17 14:30 - 2014-08-03 13:10 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-15 19:25 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-08-15 17:35 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\rescache
2014-08-15 17:17 - 2006-11-02 12:33 - 01530458 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-15 16:48 - 2013-08-15 03:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-15 16:43 - 2006-11-02 12:24 - 96303304 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-08-06 22:12 - 2013-04-16 20:09 - 00000000 ____D () C:\Users\spok\AppData\Roaming\Skype
2014-08-06 21:39 - 2014-08-06 21:39 - 00000000 ____D () C:\Users\spok\AppData\Local\Skype
2014-08-06 21:37 - 2014-08-06 21:37 - 00000000 ___RD () C:\Program Files\Skype
2014-08-06 21:37 - 2014-08-06 21:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-06 21:37 - 2014-08-06 21:37 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-08-06 21:37 - 2013-04-16 20:09 - 00001896 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-08-06 21:37 - 2013-04-16 20:09 - 00000000 ____D () C:\ProgramData\Skype
2014-08-05 09:20 - 2013-01-15 09:18 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-04 14:19 - 2013-11-01 19:08 - 00000000 ____D () C:\Users\spok\AppData\Local\Pinnacle
2014-08-04 10:38 - 2014-02-03 20:49 - 00000000 ____D () C:\Users\spok\AppData\Roaming\Winamp
2014-08-04 09:53 - 2014-06-30 21:19 - 00001592 _____ () C:\Windows\setupact.log
2014-08-03 13:10 - 2014-08-03 13:10 - 00000899 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-03 13:10 - 2014-08-03 13:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-03 13:10 - 2014-08-03 13:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-03 13:10 - 2014-08-03 13:10 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-08-03 11:05 - 2014-08-03 11:05 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\spok\Desktop\Documents\mbam-setup-2.0.2.1012 (1).exe
2014-08-03 11:04 - 2014-05-20 16:26 - 00000000 ____D () C:\Users\spok\Desktop\Documents\Crack-for-Photoshop-CS5

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-02 20:13

==================== End Of Log ============================

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

Díky za pomoc!
Ještě bych měl dotaz k CC cleanru. Už jsem ho používal dřív a občas mi to sežralo automatické doplňování adresy. Napíšete vi.. a hodí to viry.cz
To mi párkrát přestalo fingovat.
Jak se tato funkce jmenuje.. Abych si to příště omylem nezatrhl a nesmazal...

Toto netusim, je to nejake doplnovani, ale presne Vam tu funkci nereknu