VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu - vyskakovaci reklamni okno

https://forum.viry.cz:443/viewtopic.php?t=140339

Stránka 1 z 1

Prosím o kontrolu - vyskakovaci reklamni okno

Napsal: 19 zář 2014 18:54
od noproblemo
Dobry den,
uz jsem vyzkousel CCleaner, ADWcleaner, ComboFix a porad se reklamnich oken, ktere se spusti pres celou obrazovku zbavit.

Tady je log z FRSTu.

Dekuji

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Mara (administrator) on MAROUSKOVNIK on 19-09-2014 19:50:04
Running from C:\Users\Mara\Desktop
Platform: Windows 8 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS VivoBook\VivoBook.exe
(ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
() C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Adobe\Adobe Photoshop CS5\Photoshop.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\Mara\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [msgbdnaSrv] => C:\Windows\inf\msgbdna.vbe [1558 2013-08-27] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [msphyeSrv] => C:\Windows\inf\msphye.vbe [1558 2013-08-27] ()
HKLM-x32\...\Run: [msljggxfSrv] => C:\Windows\inf\msljggxf.vbe [1558 2013-08-27] ()
HKLM-x32\...\Run: [MSStp] => C:\Windows\inf\msstp.vbe [1584 2014-03-05] ()
HKLM-x32\...\Run: [mnctiqthhSrv] => C:\Windows\SysWOW64\mnctiqthh.vbe [7670 2014-03-05] ()
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mskeetgSrv] => C:\Windows\SysWOW64\mskeetg.vbe [649 2014-06-23] ()
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1437255118-3724227524-3503180372-1001\...\Run: [AdobeBridge] => C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe [11989960 2010-03-09] (Adobe Systems, Inc.)
HKU\S-1-5-21-1437255118-3724227524-3503180372-1001\...\Run: [uTorrent] => C:\Users\Mara\AppData\Roaming\uTorrent\uTorrent.exe [1329744 2014-08-26] (BitTorrent Inc.)
ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_U -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\xnivlz3b.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\xnivlz3b.default\Extensions\2020Player_IKEA@2020Technologies.com [2014-05-07]
FF Extension: Apps Hat - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\xnivlz3b.default\Extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com [2014-09-16]
FF Extension: Flash and Video Download - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\xnivlz3b.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2014-09-19]
FF Extension: Firebug - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\xnivlz3b.default\Extensions\firebug@software.joehewitt.com.xpi [2014-08-04]
FF Extension: WinToFlash Suggestor - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\xnivlz3b.default\Extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi [2012-04-09]

Chrome:
=======
CHR HomePage: Default ->
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/", "hxxp://www.google.cz/", "hxxp://www.idnes.cz/"
CHR NewTab: Default -> "chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR DefaultSearchKeyword: Default -> A8458D7A91BFD45AC1418A24BA23B3592582F283479ACE85664C029CC62C2F05
CHR DefaultSearchURL: Default -> 46547644521F67599EC57EB4DBE401A642E6E301E9DF3A054AD6623D41259A23
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Google Talk Plugin) - C:\Users\Blb\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll No File
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Blb\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Profile: C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2014-09-16]
CHR Extension: (YouTube) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-17]
CHR Extension: (Vyhledávání Google) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-17]
CHR Extension: (Peněženka Google) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-17]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2014-09-16]
CHR Extension: (Gmail) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R3 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [226944 2012-12-28] (Qualcomm Atheros Commnucations)
R3 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R3 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [43520 2012-07-26] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [634368 2012-07-26] (Microsoft Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18432 2012-07-26] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R3 WakeupService; C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe [45488 2012-12-20] (ASUSTek Computer Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R3 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-12-28] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 adusbser; C:\Windows\system32\DRIVERS\adusbser.sys [154112 2009-11-06] (AnyDATA.NET INC.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-11-23] (Microsoft Corporation)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-01-16] (ASUS Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-28] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
U3 catchme; \??\C:\ComboFix\catchme.sys [X]
U0 msahci; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-19 19:50 - 2014-09-19 19:50 - 00018167 _____ () C:\Users\Mara\Desktop\FRST.txt
2014-09-19 19:49 - 2014-09-19 19:50 - 00000000 ____D () C:\FRST
2014-09-19 19:48 - 2014-09-19 19:49 - 00112640 _____ (forum.viry.cz) C:\Users\Mara\Desktop\FRSTLauncher.exe
2014-09-19 19:48 - 2014-09-19 19:48 - 02105856 _____ (Farbar) C:\Users\Mara\Desktop\FRST64.exe
2014-09-19 19:36 - 2014-09-19 19:36 - 00018486 _____ () C:\ComboFix.txt
2014-09-19 19:21 - 2014-09-19 19:36 - 00000000 ____D () C:\Qoobox
2014-09-19 19:21 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-09-19 19:21 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-09-19 19:21 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-09-19 19:21 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-09-19 19:21 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-09-19 19:21 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2014-09-19 19:21 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-09-19 19:21 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-09-19 19:21 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-09-19 19:20 - 2014-09-19 19:33 - 00000000 ____D () C:\Windows\erdnt
2014-09-19 19:19 - 2014-09-19 19:19 - 05578824 ____R (Swearware) C:\Users\Mara\Desktop\ComboFix.exe
2014-09-19 14:53 - 2014-09-19 14:53 - 00001397 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-09-19 14:53 - 2014-09-19 14:53 - 00001385 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-09-19 14:53 - 2014-09-19 14:53 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-09-19 14:53 - 2014-09-19 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-09-19 14:52 - 2014-09-19 16:53 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-19 14:52 - 2014-09-19 14:58 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-09-19 14:52 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-09-19 14:51 - 2014-09-19 14:51 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Mara\Desktop\spybot-2.4.exe
2014-09-19 14:51 - 2014-09-19 14:51 - 00384529 _____ () C:\Users\Mara\Desktop\Lista_centrum.exe
2014-09-19 14:47 - 2014-09-19 14:48 - 00733368 _____ () C:\Users\Mara\Desktop\spybot-search-and-destroy-lista-centrumcz.exe
2014-09-16 22:51 - 2014-09-16 22:51 - 01373475 _____ () C:\Users\Mara\Desktop\adwcleaner_3.310.exe
2014-09-16 22:18 - 2014-09-16 22:18 - 00000000 ____D () C:\Users\Mara\Desktop\Queen - The Ultimate Best Of Queen (2011) [mp3][www.lokotorrents.com]
2014-09-16 22:17 - 2014-09-16 22:18 - 00000000 ____D () C:\Users\Mara\Desktop\Justin TImberlake - The 20-20 Experience (Deluxe Edition) 2013 Pop 320kbps CBR MP3 [VX]
2014-09-16 22:04 - 2014-09-16 22:05 - 00000000 ____D () C:\Users\Mara\Desktop\XSCAPE (Deluxe)
2014-09-16 22:02 - 2014-09-16 22:02 - 00000000 ____D () C:\Users\Mara\Desktop\Coldplay - Ghost Stories [2014] [Deluxe Edition] [Mp3-320]-V3nom [GLT]
2014-09-16 22:00 - 2014-09-16 22:01 - 00000000 ____D () C:\Users\Mara\Desktop\Chris Brown - X [Deluxe@320] 2014
2014-09-16 21:54 - 2014-09-16 21:54 - 00000000 ____D () C:\Users\Mara\Desktop\Filmy
2014-09-16 19:41 - 2014-09-19 19:20 - 00325337 _____ () C:\Windows\WindowsUpdate.log
2014-09-16 19:36 - 2014-09-16 19:37 - 00000000 ____D () C:\Users\Mara\Documents\wintoflash_0.7.0026beta
2014-09-16 19:31 - 2014-09-19 19:31 - 00001356 _____ () C:\Windows\Tasks\AXYC.job
2014-09-16 19:31 - 2014-09-16 19:31 - 01513832 _____ (Object Browser) C:\Users\Mara\AppData\Roaming\AXYC.exe
2014-09-16 19:31 - 2014-09-16 19:31 - 00004370 _____ () C:\Windows\System32\Tasks\AXYC
2014-09-16 19:30 - 2014-09-19 19:30 - 00001706 _____ () C:\Windows\Tasks\QBTNOXC.job
2014-09-16 19:30 - 2014-09-16 19:30 - 01969000 _____ (Object Browser) C:\Users\Mara\AppData\Roaming\QBTNOXC.exe
2014-09-16 19:30 - 2014-09-16 19:30 - 00004718 _____ () C:\Windows\System32\Tasks\QBTNOXC
2014-09-16 19:21 - 2014-09-16 19:25 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-16 19:17 - 2014-09-16 19:24 - 00000000 ____D () C:\Users\Mara\AppData\Roaming\Seznam.cz
2014-09-16 19:17 - 2014-09-16 19:24 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2014-09-16 19:17 - 2014-09-16 19:17 - 00000000 ____D () C:\Users\Mara\AppData\Local\CrashRpt
2014-09-16 18:03 - 2014-09-16 18:42 - 693682871 _____ () C:\Users\Mara\Desktop\Microsoft-Windows-XP-Professional-SP3-CZ-x86-Integrovane-Januar-2010.zip
2014-09-16 18:02 - 2014-09-16 18:36 - 602720256 _____ () C:\Users\Mara\Desktop\Windows.XP.Home.SP3.v5.1.2600.Czech-mXx.iso
2014-09-12 17:06 - 2014-09-12 17:06 - 00000000 ____D () C:\Users\Mara\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-09-12 17:06 - 2014-09-12 17:06 - 00000000 ____D () C:\Users\Mara\AppData\Roaming\Adobe Mini Bridge CS5
2014-09-11 08:56 - 2014-08-16 11:34 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-11 08:56 - 2014-08-16 11:34 - 01407488 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-11 08:56 - 2014-08-16 11:34 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-09-11 08:56 - 2014-08-16 11:34 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-11 08:56 - 2014-08-16 11:33 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-11 08:56 - 2014-08-16 11:33 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-11 08:56 - 2014-08-16 11:32 - 15399424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-11 08:56 - 2014-08-16 11:32 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-11 08:56 - 2014-08-16 11:32 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-11 08:56 - 2014-08-16 11:32 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-11 08:56 - 2014-08-16 11:32 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-11 08:56 - 2014-08-16 11:32 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-11 08:56 - 2014-08-16 11:32 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-11 08:56 - 2014-08-16 11:32 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-11 08:56 - 2014-08-16 09:37 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-11 08:56 - 2014-08-16 09:37 - 01180672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-11 08:56 - 2014-08-16 09:36 - 13757440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-11 08:56 - 2014-08-16 09:36 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-11 08:56 - 2014-08-16 09:36 - 02055168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-11 08:56 - 2014-08-16 09:36 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-09-11 08:56 - 2014-08-16 09:36 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-11 08:56 - 2014-08-16 09:36 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-11 08:56 - 2014-08-16 09:36 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-11 08:56 - 2014-08-16 09:36 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-11 08:56 - 2014-08-16 09:36 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-11 08:56 - 2014-08-16 09:35 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-11 08:56 - 2014-03-07 02:47 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-11 08:56 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-09-11 08:56 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-09-11 08:56 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-11 08:56 - 2013-05-14 11:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-11 08:56 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-09-11 08:56 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-11 08:56 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-11 08:56 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-11 08:56 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-09-11 08:56 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-11 08:56 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-09-11 08:56 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-11 08:56 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-11 08:56 - 2012-07-26 05:06 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-11 08:55 - 2014-08-16 11:33 - 19280384 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-11 08:55 - 2014-08-16 09:36 - 14369280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-11 08:31 - 2014-07-24 05:33 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2014-09-11 08:31 - 2014-07-24 05:33 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2014-09-11 08:29 - 2014-06-05 03:12 - 00678600 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2014-09-11 08:29 - 2014-06-04 01:12 - 00536776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2014-09-11 08:27 - 2014-08-28 13:34 - 00059400 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-11 08:27 - 2014-08-28 08:05 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-09-11 08:27 - 2014-08-28 08:05 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-09-11 08:27 - 2014-08-28 08:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-09-11 08:27 - 2014-08-28 08:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-09-11 08:27 - 2014-08-28 08:02 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-09-11 08:27 - 2014-08-28 08:01 - 03285504 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-11 08:27 - 2014-08-28 08:01 - 01623552 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-11 08:27 - 2014-08-28 08:01 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-09-11 08:27 - 2014-08-28 08:01 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-09-11 08:27 - 2014-08-28 08:01 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-09-11 08:27 - 2014-08-28 08:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-09-11 08:27 - 2014-08-28 08:01 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-09-11 08:27 - 2014-08-28 08:01 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2014-09-11 08:27 - 2014-08-01 01:40 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-09-11 08:26 - 2014-08-09 10:30 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-09-11 08:26 - 2014-08-09 10:29 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2014-09-10 16:12 - 2014-09-10 16:12 - 03813555 _____ () C:\Users\Mara\Desktop\NEVDAMA promoteaser.psd
2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\Mara\AppData\Roaming\AXYC
2014-09-01 10:18 - 2014-09-01 10:18 - 00001248 _____ () C:\Users\Mara\AppData\Roaming\QBTNOXC
2014-08-28 08:13 - 2014-08-23 08:47 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-26 18:31 - 2014-08-26 18:31 - 00000794 _____ () C:\Users\Mara\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-08-21 11:58 - 2014-09-02 21:32 - 00705480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-21 11:58 - 2014-09-02 21:32 - 00104904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-21 11:25 - 2014-08-21 11:25 - 01819937 _____ () C:\Users\Mara\Desktop\lyze rozdelany.psd
2014-08-21 11:25 - 2014-08-21 11:25 - 00452080 _____ () C:\Users\Mara\Desktop\lyze rozdelany 2.psd
2014-08-20 09:12 - 2014-08-20 09:12 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-08-20 09:12 - 2014-08-20 09:12 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-20 09:12 - 2014-08-20 09:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-20 09:12 - 2014-08-20 09:12 - 00000000 ____D () C:\Program Files\CCleaner

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-19 19:50 - 2014-09-19 19:50 - 00018167 _____ () C:\Users\Mara\Desktop\FRST.txt
2014-09-19 19:50 - 2014-09-19 19:49 - 00000000 ____D () C:\FRST
2014-09-19 19:49 - 2014-09-19 19:48 - 00112640 _____ (forum.viry.cz) C:\Users\Mara\Desktop\FRSTLauncher.exe
2014-09-19 19:48 - 2014-09-19 19:48 - 02105856 _____ (Farbar) C:\Users\Mara\Desktop\FRST64.exe
2014-09-19 19:40 - 2014-01-17 22:03 - 00000974 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-19 19:36 - 2014-09-19 19:36 - 00018486 _____ () C:\ComboFix.txt
2014-09-19 19:36 - 2014-09-19 19:21 - 00000000 ____D () C:\Qoobox
2014-09-19 19:36 - 2012-07-26 07:37 - 00000000 __RHD () C:\Users\Default
2014-09-19 19:33 - 2014-09-19 19:20 - 00000000 ____D () C:\Windows\erdnt
2014-09-19 19:32 - 2012-07-26 07:26 - 00000215 _____ () C:\Windows\system.ini
2014-09-19 19:31 - 2014-09-16 19:31 - 00001356 _____ () C:\Windows\Tasks\AXYC.job
2014-09-19 19:30 - 2014-09-16 19:30 - 00001706 _____ () C:\Windows\Tasks\QBTNOXC.job
2014-09-19 19:20 - 2014-09-16 19:41 - 00325337 _____ () C:\Windows\WindowsUpdate.log
2014-09-19 19:19 - 2014-09-19 19:19 - 05578824 ____R (Swearware) C:\Users\Mara\Desktop\ComboFix.exe
2014-09-19 19:13 - 2014-07-08 16:34 - 00000000 ____D () C:\AdwCleaner
2014-09-19 19:09 - 2014-01-18 12:38 - 00000000 ____D () C:\Users\Mara\AppData\Roaming\uTorrent
2014-09-19 19:08 - 2014-01-17 23:15 - 00000000 ____D () C:\Users\Mara\AppData\Local\CrashDumps
2014-09-19 19:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-09-19 16:53 - 2014-09-19 14:52 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-19 15:38 - 2014-02-28 11:45 - 00001456 _____ () C:\Users\Mara\AppData\Local\Adobe Save for Web 12.0 Prefs
2014-09-19 14:58 - 2014-09-19 14:52 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-09-19 14:53 - 2014-09-19 14:53 - 00001397 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-09-19 14:53 - 2014-09-19 14:53 - 00001385 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-09-19 14:53 - 2014-09-19 14:53 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-09-19 14:53 - 2014-09-19 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-09-19 14:51 - 2014-09-19 14:51 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Mara\Desktop\spybot-2.4.exe
2014-09-19 14:51 - 2014-09-19 14:51 - 00384529 _____ () C:\Users\Mara\Desktop\Lista_centrum.exe
2014-09-19 14:48 - 2014-09-19 14:47 - 00733368 _____ () C:\Users\Mara\Desktop\spybot-search-and-destroy-lista-centrumcz.exe
2014-09-19 14:37 - 2014-01-17 21:15 - 00000062 _____ () C:\Users\Mara\AppData\Roaming\sp_data.sys
2014-09-19 14:36 - 2013-03-18 20:09 - 00003260 _____ () C:\Windows\System32\Tasks\ASUS Patch for Touch Panel
2014-09-19 14:36 - 2013-03-18 20:00 - 00003542 _____ () C:\Windows\System32\Tasks\ASUS Touchpad Launcher (x64)
2014-09-19 14:36 - 2013-03-18 19:59 - 00003056 _____ () C:\Windows\System32\Tasks\ASUS P4G
2014-09-19 14:36 - 2013-03-18 19:59 - 00003004 _____ () C:\Windows\System32\Tasks\ASUS Splendid ColorU
2014-09-19 14:36 - 2013-03-18 19:59 - 00002988 _____ () C:\Windows\System32\Tasks\ASUS Splendid ACMON
2014-09-19 14:36 - 2013-03-18 19:57 - 00003028 _____ () C:\Windows\System32\Tasks\ASUS USB Charger Plus
2014-09-19 14:36 - 2013-03-18 19:56 - 00003114 _____ () C:\Windows\System32\Tasks\ASUS Live Update
2014-09-19 14:35 - 2014-01-17 22:03 - 00000970 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-19 14:34 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-18 15:31 - 2014-04-04 10:41 - 00000132 _____ () C:\Users\Mara\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-09-18 08:12 - 2014-07-07 18:45 - 00000027 _____ () C:\Users\Mara\AppData\Roaming\mshlxdyx.dat
2014-09-17 16:00 - 2012-08-02 20:06 - 00727488 _____ () C:\Windows\system32\perfh005.dat
2014-09-17 16:00 - 2012-08-02 20:06 - 00148006 _____ () C:\Windows\system32\perfc005.dat
2014-09-17 16:00 - 2012-07-26 09:28 - 01714430 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-16 22:58 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-09-16 22:51 - 2014-09-16 22:51 - 01373475 _____ () C:\Users\Mara\Desktop\adwcleaner_3.310.exe
2014-09-16 22:18 - 2014-09-16 22:18 - 00000000 ____D () C:\Users\Mara\Desktop\Queen - The Ultimate Best Of Queen (2011) [mp3][www.lokotorrents.com]
2014-09-16 22:18 - 2014-09-16 22:17 - 00000000 ____D () C:\Users\Mara\Desktop\Justin TImberlake - The 20-20 Experience (Deluxe Edition) 2013 Pop 320kbps CBR MP3 [VX]
2014-09-16 22:05 - 2014-09-16 22:04 - 00000000 ____D () C:\Users\Mara\Desktop\XSCAPE (Deluxe)
2014-09-16 22:02 - 2014-09-16 22:02 - 00000000 ____D () C:\Users\Mara\Desktop\Coldplay - Ghost Stories [2014] [Deluxe Edition] [Mp3-320]-V3nom [GLT]
2014-09-16 22:01 - 2014-09-16 22:00 - 00000000 ____D () C:\Users\Mara\Desktop\Chris Brown - X [Deluxe@320] 2014
2014-09-16 21:54 - 2014-09-16 21:54 - 00000000 ____D () C:\Users\Mara\Desktop\Filmy
2014-09-16 21:51 - 2014-01-26 10:48 - 00000000 ____D () C:\Users\Mara\Desktop\we
2014-09-16 19:37 - 2014-09-16 19:36 - 00000000 ____D () C:\Users\Mara\Documents\wintoflash_0.7.0026beta
2014-09-16 19:31 - 2014-09-16 19:31 - 01513832 _____ (Object Browser) C:\Users\Mara\AppData\Roaming\AXYC.exe
2014-09-16 19:31 - 2014-09-16 19:31 - 00004370 _____ () C:\Windows\System32\Tasks\AXYC
2014-09-16 19:30 - 2014-09-16 19:30 - 01969000 _____ (Object Browser) C:\Users\Mara\AppData\Roaming\QBTNOXC.exe
2014-09-16 19:30 - 2014-09-16 19:30 - 00004718 _____ () C:\Windows\System32\Tasks\QBTNOXC
2014-09-16 19:25 - 2014-09-16 19:21 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-16 19:24 - 2014-09-16 19:17 - 00000000 ____D () C:\Users\Mara\AppData\Roaming\Seznam.cz
2014-09-16 19:24 - 2014-09-16 19:17 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2014-09-16 19:24 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-09-16 19:24 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-09-16 19:17 - 2014-09-16 19:17 - 00000000 ____D () C:\Users\Mara\AppData\Local\CrashRpt
2014-09-16 18:42 - 2014-09-16 18:03 - 693682871 _____ () C:\Users\Mara\Desktop\Microsoft-Windows-XP-Professional-SP3-CZ-x86-Integrovane-Januar-2010.zip
2014-09-16 18:36 - 2014-09-16 18:02 - 602720256 _____ () C:\Users\Mara\Desktop\Windows.XP.Home.SP3.v5.1.2600.Czech-mXx.iso
2014-09-16 12:01 - 2014-01-17 22:51 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1437255118-3724227524-3503180372-1001
2014-09-16 10:57 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-09-15 09:38 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-09-15 08:26 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-09-14 09:30 - 2014-01-19 00:58 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-14 09:25 - 2014-01-19 00:58 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-13 07:11 - 2014-01-18 23:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-12 17:06 - 2014-09-12 17:06 - 00000000 ____D () C:\Users\Mara\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-09-12 17:06 - 2014-09-12 17:06 - 00000000 ____D () C:\Users\Mara\AppData\Roaming\Adobe Mini Bridge CS5
2014-09-12 16:57 - 2014-01-17 21:13 - 00000000 ____D () C:\Users\Mara\AppData\Roaming\Adobe
2014-09-10 16:12 - 2014-09-10 16:12 - 03813555 _____ () C:\Users\Mara\Desktop\NEVDAMA promoteaser.psd
2014-09-07 02:00 - 2014-06-25 09:14 - 00000378 _____ () C:\Windows\Tasks\AdobeAAMUpdater-1.0-Marouskovnik-Mara.job
2014-09-02 21:32 - 2014-08-21 11:58 - 00705480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-02 21:32 - 2014-08-21 11:58 - 00104904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\Mara\AppData\Roaming\AXYC
2014-09-01 10:18 - 2014-09-01 10:18 - 00001248 _____ () C:\Users\Mara\AppData\Roaming\QBTNOXC
2014-08-31 12:44 - 2014-07-22 10:33 - 05329560 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-28 13:34 - 2014-09-11 08:27 - 00059400 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-28 11:47 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-28 08:05 - 2014-09-11 08:27 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-28 08:05 - 2014-09-11 08:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-28 08:05 - 2014-09-11 08:27 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-28 08:05 - 2014-09-11 08:27 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-28 08:02 - 2014-09-11 08:27 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-28 08:01 - 2014-09-11 08:27 - 03285504 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-28 08:01 - 2014-09-11 08:27 - 01623552 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-28 08:01 - 2014-09-11 08:27 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-28 08:01 - 2014-09-11 08:27 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-08-28 08:01 - 2014-09-11 08:27 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-08-28 08:01 - 2014-09-11 08:27 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-28 08:01 - 2014-09-11 08:27 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-28 08:01 - 2014-09-11 08:27 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2014-08-26 18:31 - 2014-08-26 18:31 - 00000794 _____ () C:\Users\Mara\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-08-23 08:47 - 2014-08-28 08:13 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-21 11:53 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData
2014-08-21 11:25 - 2014-08-21 11:25 - 01819937 _____ () C:\Users\Mara\Desktop\lyze rozdelany.psd
2014-08-21 11:25 - 2014-08-21 11:25 - 00452080 _____ () C:\Users\Mara\Desktop\lyze rozdelany 2.psd
2014-08-20 09:12 - 2014-08-20 09:12 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-08-20 09:12 - 2014-08-20 09:12 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-20 09:12 - 2014-08-20 09:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-20 09:12 - 2014-08-20 09:12 - 00000000 ____D () C:\Program Files\CCleaner

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\AdobeAAMUpdater-1.0-Marouskovnik-Mara.job => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
Task: C:\Windows\Tasks\AXYC.job => C:\Users\Mara\AppData\Roaming\AXYC.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\QBTNOXC.job => C:\Users\Mara\AppData\Roaming\QBTNOXC.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Mara\Desktop" je 13887 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
"C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSPRP
"C:\Program Files (x86)\ASUS\APRP\APRP.EXE"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSWebStorage
C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe /S [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DisableS3S4
c:\windows\temp\DisableS3S464\sethigh.cmd [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds
C:\Windows\system32\hkcmd.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray
C:\Windows\system32\igfxtray.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcui_exe
"C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3 [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDFSSvc.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdate.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: Prosím o kontrolu - vyskakovaci reklamni okno

Napsal: 19 zář 2014 19:28
od Rudy
Zdravím!
Spusťte nejprve tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Prosím o kontrolu - vyskakovaci reklamni okno

Napsal: 19 zář 2014 19:54
od noproblemo
zdravim, nevim, jestli jsem to udelal spravne
je toho nejak malo

kliknu na SCAN a po deseti vcerinach vyskoci hlaska pending, please uncheck elements you dont want to remove
dole se ale zadne soubory nezobrazi

dam scan, pak se pc restartuje a po spusteni se zobrazi toto:



# AdwCleaner v3.310 - Report created 19/09/2014 at 20:44:10
# Updated 12/09/2014 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : Mara - MAROUSKOVNIK
# Running from : C:\Users\Mara\Desktop\adwcleaner_3.310.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16537


-\\ Mozilla Firefox v31.0 (x86 cs)

[ File : C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\xnivlz3b.default\prefs.js ]

Line Deleted : user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]

-\\ Google Chrome v37.0.2062.120

[ File : C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2640 octets] - [08/07/2014 16:34:22]
AdwCleaner[R1].txt - [1113 octets] - [07/08/2014 10:46:13]
AdwCleaner[R2].txt - [2484 octets] - [26/08/2014 19:26:39]
AdwCleaner[R3].txt - [13148 octets] - [16/09/2014 22:51:31]
AdwCleaner[R4].txt - [1557 octets] - [19/09/2014 13:58:14]
AdwCleaner[R5].txt - [1457 octets] - [19/09/2014 14:36:07]
AdwCleaner[R6].txt - [1737 octets] - [19/09/2014 19:11:38]
AdwCleaner[R7].txt - [1797 octets] - [19/09/2014 20:41:03]
AdwCleaner[S0].txt - [2708 octets] - [09/07/2014 08:08:18]
AdwCleaner[S1].txt - [1882 octets] - [26/08/2014 19:33:06]
AdwCleaner[S2].txt - [12955 octets] - [16/09/2014 22:57:27]
AdwCleaner[S3].txt - [1620 octets] - [19/09/2014 14:33:22]
AdwCleaner[S4].txt - [1720 octets] - [19/09/2014 20:44:10]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1780 octets] ##########

Re: Prosím o kontrolu - vyskakovaci reklamni okno

Napsal: 19 zář 2014 21:14
od Rudy
Dejte nový log FRST.

Re: Prosím o kontrolu - vyskakovaci reklamni okno

Napsal: 19 zář 2014 21:26
od noproblemo
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Mara (administrator) on MAROUSKOVNIK on 19-09-2014 22:22:45
Running from C:\Users\Mara\Desktop
Platform: Windows 8 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS VivoBook\VivoBook.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
() C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\CredentialUIBroker.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [msgbdnaSrv] => C:\Windows\inf\msgbdna.vbe [1558 2013-08-27] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [msphyeSrv] => C:\Windows\inf\msphye.vbe [1558 2013-08-27] ()
HKLM-x32\...\Run: [msljggxfSrv] => C:\Windows\inf\msljggxf.vbe [1558 2013-08-27] ()
HKLM-x32\...\Run: [MSStp] => C:\Windows\inf\msstp.vbe [1584 2014-03-05] ()
HKLM-x32\...\Run: [mnctiqthhSrv] => C:\Windows\SysWOW64\mnctiqthh.vbe [7670 2014-03-05] ()
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mskeetgSrv] => C:\Windows\SysWOW64\mskeetg.vbe [649 2014-06-23] ()
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1437255118-3724227524-3503180372-1001\...\Run: [AdobeBridge] => C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe [11989960 2010-03-09] (Adobe Systems, Inc.)
HKU\S-1-5-21-1437255118-3724227524-3503180372-1001\...\Run: [uTorrent] => C:\Users\Mara\AppData\Roaming\uTorrent\uTorrent.exe [1416016 2014-09-19] (BitTorrent Inc.)
ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_U -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\xnivlz3b.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\xnivlz3b.default\Extensions\2020Player_IKEA@2020Technologies.com [2014-05-07]
FF Extension: Apps Hat - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\xnivlz3b.default\Extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com [2014-09-16]
FF Extension: Flash and Video Download - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\xnivlz3b.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2014-09-19]
FF Extension: Firebug - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\xnivlz3b.default\Extensions\firebug@software.joehewitt.com.xpi [2014-08-04]
FF Extension: WinToFlash Suggestor - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\xnivlz3b.default\Extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi [2012-04-09]

Chrome:
=======
CHR HomePage: Default ->
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/",
"hxxp://www.google.cz/",
"hxxp://www.idnes.cz/"
CHR NewTab: Default -> "chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR DefaultSearchKeyword: Default -> A8458D7A91BFD45AC1418A24BA23B3592582F283479ACE85664C029CC62C2F05
CHR DefaultSearchURL: Default -> 46547644521F67599EC57EB4DBE401A642E6E301E9DF3A054AD6623D41259A23
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Google Talk Plugin) - C:\Users\Blb\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll No File
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Blb\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Profile: C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2014-09-16]
CHR Extension: (YouTube) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-17]
CHR Extension: (Vyhledávání Google) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-17]
CHR Extension: (Peněženka Google) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-17]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2014-09-16]
CHR Extension: (Gmail) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R3 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [226944 2012-12-28] (Qualcomm Atheros Commnucations)
R3 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R3 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [43520 2012-07-26] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [634368 2012-07-26] (Microsoft Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18432 2012-07-26] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R3 WakeupService; C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe [45488 2012-12-20] (ASUSTek Computer Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R3 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-12-28] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 adusbser; C:\Windows\system32\DRIVERS\adusbser.sys [154112 2009-11-06] (AnyDATA.NET INC.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-11-23] (Microsoft Corporation)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-01-16] (ASUS Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-28] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U0 msahci; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-19 20:45 - 2014-09-19 20:45 - 00000760 _____ () C:\Windows\PFRO.log
2014-09-19 20:05 - 2014-09-19 20:05 - 00000000 ___SD () C:\ComboFix
2014-09-19 19:51 - 2014-09-19 19:51 - 00020648 _____ () C:\Users\Mara\Desktop\Addition.txt
2014-09-19 19:50 - 2014-09-19 22:23 - 00017759 _____ () C:\Users\Mara\Desktop\FRST.txt
2014-09-19 19:49 - 2014-09-19 22:22 - 00000000 ____D () C:\FRST
2014-09-19 19:49 - 2014-09-19 19:49 - 00015327 _____ () C:\Users\Mara\Desktop\LM.bat
2014-09-19 19:48 - 2014-09-19 19:49 - 00112640 _____ (forum.viry.cz) C:\Users\Mara\Desktop\FRSTLauncher.exe
2014-09-19 19:48 - 2014-09-19 19:48 - 02105856 _____ (Farbar) C:\Users\Mara\Desktop\FRST64.exe
2014-09-19 19:36 - 2014-09-19 19:36 - 00018486 _____ () C:\ComboFix.txt
2014-09-19 19:21 - 2014-09-19 20:05 - 00000000 ____D () C:\Qoobox
2014-09-19 19:21 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-09-19 19:21 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-09-19 19:21 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-09-19 19:21 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-09-19 19:21 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-09-19 19:21 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2014-09-19 19:21 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-09-19 19:21 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-09-19 19:21 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-09-19 19:20 - 2014-09-19 19:33 - 00000000 ____D () C:\Windows\erdnt
2014-09-19 14:53 - 2014-09-19 14:53 - 00001397 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-09-19 14:53 - 2014-09-19 14:53 - 00001385 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-09-19 14:53 - 2014-09-19 14:53 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-09-19 14:53 - 2014-09-19 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-09-19 14:52 - 2014-09-19 16:53 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-19 14:52 - 2014-09-19 14:58 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-09-19 14:52 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-09-19 14:51 - 2014-09-19 14:51 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Mara\Desktop\spybot-2.4.exe
2014-09-19 14:47 - 2014-09-19 14:48 - 00733368 _____ () C:\Users\Mara\Desktop\spybot-search-and-destroy-lista-centrumcz.exe
2014-09-16 22:51 - 2014-09-16 22:51 - 01373475 _____ () C:\Users\Mara\Desktop\adwcleaner_3.310.exe
2014-09-16 22:18 - 2014-09-16 22:18 - 00000000 ____D () C:\Users\Mara\Desktop\Queen - The Ultimate Best Of Queen (2011) [mp3][www.lokotorrents.com]
2014-09-16 22:17 - 2014-09-16 22:18 - 00000000 ____D () C:\Users\Mara\Desktop\Justin TImberlake - The 20-20 Experience (Deluxe Edition) 2013 Pop 320kbps CBR MP3 [VX]
2014-09-16 22:04 - 2014-09-16 22:05 - 00000000 ____D () C:\Users\Mara\Desktop\XSCAPE (Deluxe)
2014-09-16 22:02 - 2014-09-16 22:02 - 00000000 ____D () C:\Users\Mara\Desktop\Coldplay - Ghost Stories [2014] [Deluxe Edition] [Mp3-320]-V3nom [GLT]
2014-09-16 22:00 - 2014-09-16 22:01 - 00000000 ____D () C:\Users\Mara\Desktop\Chris Brown - X [Deluxe@320] 2014
2014-09-16 21:54 - 2014-09-16 21:54 - 00000000 ____D () C:\Users\Mara\Desktop\Filmy
2014-09-16 19:41 - 2014-09-19 20:44 - 00330257 _____ () C:\Windows\WindowsUpdate.log
2014-09-16 19:36 - 2014-09-16 19:37 - 00000000 ____D () C:\Users\Mara\Documents\wintoflash_0.7.0026beta
2014-09-16 19:31 - 2014-09-19 21:31 - 00001356 _____ () C:\Windows\Tasks\AXYC.job
2014-09-16 19:31 - 2014-09-16 19:31 - 01513832 _____ (Object Browser) C:\Users\Mara\AppData\Roaming\AXYC.exe
2014-09-16 19:31 - 2014-09-16 19:31 - 00004370 _____ () C:\Windows\System32\Tasks\AXYC
2014-09-16 19:30 - 2014-09-19 21:31 - 00001706 _____ () C:\Windows\Tasks\QBTNOXC.job
2014-09-16 19:30 - 2014-09-16 19:30 - 01969000 _____ (Object Browser) C:\Users\Mara\AppData\Roaming\QBTNOXC.exe
2014-09-16 19:30 - 2014-09-16 19:30 - 00004718 _____ () C:\Windows\System32\Tasks\QBTNOXC
2014-09-16 19:21 - 2014-09-16 19:25 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-16 19:17 - 2014-09-16 19:24 - 00000000 ____D () C:\Users\Mara\AppData\Roaming\Seznam.cz
2014-09-16 19:17 - 2014-09-16 19:24 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2014-09-16 19:17 - 2014-09-16 19:17 - 00000000 ____D () C:\Users\Mara\AppData\Local\CrashRpt
2014-09-16 18:03 - 2014-09-16 18:42 - 693682871 _____ () C:\Users\Mara\Desktop\Microsoft-Windows-XP-Professional-SP3-CZ-x86-Integrovane-Januar-2010.zip
2014-09-16 18:02 - 2014-09-16 18:36 - 602720256 _____ () C:\Users\Mara\Desktop\Windows.XP.Home.SP3.v5.1.2600.Czech-mXx.iso
2014-09-12 17:06 - 2014-09-12 17:06 - 00000000 ____D () C:\Users\Mara\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-09-12 17:06 - 2014-09-12 17:06 - 00000000 ____D () C:\Users\Mara\AppData\Roaming\Adobe Mini Bridge CS5
2014-09-11 08:56 - 2014-08-16 11:34 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-11 08:56 - 2014-08-16 11:34 - 01407488 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-11 08:56 - 2014-08-16 11:34 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-09-11 08:56 - 2014-08-16 11:34 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-11 08:56 - 2014-08-16 11:33 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-11 08:56 - 2014-08-16 11:33 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-11 08:56 - 2014-08-16 11:32 - 15399424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-11 08:56 - 2014-08-16 11:32 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-11 08:56 - 2014-08-16 11:32 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-11 08:56 - 2014-08-16 11:32 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-11 08:56 - 2014-08-16 11:32 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-11 08:56 - 2014-08-16 11:32 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-11 08:56 - 2014-08-16 11:32 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-11 08:56 - 2014-08-16 11:32 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-11 08:56 - 2014-08-16 09:37 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-11 08:56 - 2014-08-16 09:37 - 01180672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-11 08:56 - 2014-08-16 09:36 - 13757440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-11 08:56 - 2014-08-16 09:36 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-11 08:56 - 2014-08-16 09:36 - 02055168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-11 08:56 - 2014-08-16 09:36 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-09-11 08:56 - 2014-08-16 09:36 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-11 08:56 - 2014-08-16 09:36 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-11 08:56 - 2014-08-16 09:36 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-11 08:56 - 2014-08-16 09:36 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-11 08:56 - 2014-08-16 09:36 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-11 08:56 - 2014-08-16 09:35 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-11 08:56 - 2014-03-07 02:47 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-11 08:56 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-09-11 08:56 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-09-11 08:56 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-11 08:56 - 2013-05-14 11:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-11 08:56 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-09-11 08:56 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-11 08:56 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-11 08:56 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-11 08:56 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-09-11 08:56 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-11 08:56 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-09-11 08:56 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-11 08:56 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-11 08:56 - 2012-07-26 05:06 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-11 08:55 - 2014-08-16 11:33 - 19280384 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-11 08:55 - 2014-08-16 09:36 - 14369280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-11 08:31 - 2014-07-24 05:33 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2014-09-11 08:31 - 2014-07-24 05:33 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2014-09-11 08:29 - 2014-06-05 03:12 - 00678600 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2014-09-11 08:29 - 2014-06-04 01:12 - 00536776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2014-09-11 08:27 - 2014-08-28 13:34 - 00059400 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-11 08:27 - 2014-08-28 08:05 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-09-11 08:27 - 2014-08-28 08:05 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-09-11 08:27 - 2014-08-28 08:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-09-11 08:27 - 2014-08-28 08:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-09-11 08:27 - 2014-08-28 08:02 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-09-11 08:27 - 2014-08-28 08:01 - 03285504 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-11 08:27 - 2014-08-28 08:01 - 01623552 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-11 08:27 - 2014-08-28 08:01 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-09-11 08:27 - 2014-08-28 08:01 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-09-11 08:27 - 2014-08-28 08:01 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-09-11 08:27 - 2014-08-28 08:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-09-11 08:27 - 2014-08-28 08:01 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-09-11 08:27 - 2014-08-28 08:01 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2014-09-11 08:27 - 2014-08-01 01:40 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-09-11 08:26 - 2014-08-09 10:30 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-09-11 08:26 - 2014-08-09 10:29 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2014-09-10 16:12 - 2014-09-10 16:12 - 03813555 _____ () C:\Users\Mara\Desktop\NEVDAMA promoteaser.psd
2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\Mara\AppData\Roaming\AXYC
2014-09-01 10:18 - 2014-09-01 10:18 - 00001248 _____ () C:\Users\Mara\AppData\Roaming\QBTNOXC
2014-08-28 08:13 - 2014-08-23 08:47 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-26 18:31 - 2014-08-26 18:31 - 00000794 _____ () C:\Users\Mara\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-08-21 11:58 - 2014-09-02 21:32 - 00705480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-21 11:58 - 2014-09-02 21:32 - 00104904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-21 11:25 - 2014-08-21 11:25 - 01819937 _____ () C:\Users\Mara\Desktop\lyze rozdelany.psd
2014-08-21 11:25 - 2014-08-21 11:25 - 00452080 _____ () C:\Users\Mara\Desktop\lyze rozdelany 2.psd
2014-08-20 09:12 - 2014-08-20 09:12 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-08-20 09:12 - 2014-08-20 09:12 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-20 09:12 - 2014-08-20 09:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-20 09:12 - 2014-08-20 09:12 - 00000000 ____D () C:\Program Files\CCleaner

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-19 22:23 - 2014-09-19 19:50 - 00017759 _____ () C:\Users\Mara\Desktop\FRST.txt
2014-09-19 22:22 - 2014-09-19 19:49 - 00000000 ____D () C:\FRST
2014-09-19 22:21 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-09-19 21:40 - 2014-01-17 22:03 - 00000974 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-19 21:33 - 2014-01-17 21:15 - 00000062 _____ () C:\Users\Mara\AppData\Roaming\sp_data.sys
2014-09-19 21:33 - 2013-03-18 20:00 - 00003542 _____ () C:\Windows\System32\Tasks\ASUS Touchpad Launcher (x64)
2014-09-19 21:33 - 2013-03-18 19:59 - 00003004 _____ () C:\Windows\System32\Tasks\ASUS Splendid ColorU
2014-09-19 21:33 - 2013-03-18 19:59 - 00002988 _____ () C:\Windows\System32\Tasks\ASUS Splendid ACMON
2014-09-19 21:33 - 2013-03-18 19:57 - 00003028 _____ () C:\Windows\System32\Tasks\ASUS USB Charger Plus
2014-09-19 21:32 - 2013-03-18 20:09 - 00003260 _____ () C:\Windows\System32\Tasks\ASUS Patch for Touch Panel
2014-09-19 21:32 - 2013-03-18 19:59 - 00003056 _____ () C:\Windows\System32\Tasks\ASUS P4G
2014-09-19 21:32 - 2013-03-18 19:56 - 00003114 _____ () C:\Windows\System32\Tasks\ASUS Live Update
2014-09-19 21:31 - 2014-09-16 19:31 - 00001356 _____ () C:\Windows\Tasks\AXYC.job
2014-09-19 21:31 - 2014-09-16 19:30 - 00001706 _____ () C:\Windows\Tasks\QBTNOXC.job
2014-09-19 21:31 - 2014-01-17 22:03 - 00000970 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-19 21:31 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-19 21:21 - 2014-01-18 12:38 - 00000000 ____D () C:\Users\Mara\AppData\Roaming\uTorrent
2014-09-19 20:50 - 2014-07-08 16:34 - 00000000 ____D () C:\AdwCleaner
2014-09-19 20:47 - 2014-07-07 18:45 - 00000027 _____ () C:\Users\Mara\AppData\Roaming\mshlxdyx.dat
2014-09-19 20:45 - 2014-09-19 20:45 - 00000760 _____ () C:\Windows\PFRO.log
2014-09-19 20:44 - 2014-09-16 19:41 - 00330257 _____ () C:\Windows\WindowsUpdate.log
2014-09-19 20:05 - 2014-09-19 20:05 - 00000000 ___SD () C:\ComboFix
2014-09-19 20:05 - 2014-09-19 19:21 - 00000000 ____D () C:\Qoobox
2014-09-19 19:51 - 2014-09-19 19:51 - 00020648 _____ () C:\Users\Mara\Desktop\Addition.txt
2014-09-19 19:49 - 2014-09-19 19:49 - 00015327 _____ () C:\Users\Mara\Desktop\LM.bat
2014-09-19 19:49 - 2014-09-19 19:48 - 00112640 _____ (forum.viry.cz) C:\Users\Mara\Desktop\FRSTLauncher.exe
2014-09-19 19:48 - 2014-09-19 19:48 - 02105856 _____ (Farbar) C:\Users\Mara\Desktop\FRST64.exe
2014-09-19 19:36 - 2014-09-19 19:36 - 00018486 _____ () C:\ComboFix.txt
2014-09-19 19:36 - 2012-07-26 07:37 - 00000000 __RHD () C:\Users\Default
2014-09-19 19:33 - 2014-09-19 19:20 - 00000000 ____D () C:\Windows\erdnt
2014-09-19 19:32 - 2012-07-26 07:26 - 00000215 _____ () C:\Windows\system.ini
2014-09-19 19:08 - 2014-01-17 23:15 - 00000000 ____D () C:\Users\Mara\AppData\Local\CrashDumps
2014-09-19 16:53 - 2014-09-19 14:52 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-19 15:38 - 2014-02-28 11:45 - 00001456 _____ () C:\Users\Mara\AppData\Local\Adobe Save for Web 12.0 Prefs
2014-09-19 14:58 - 2014-09-19 14:52 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-09-19 14:53 - 2014-09-19 14:53 - 00001397 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-09-19 14:53 - 2014-09-19 14:53 - 00001385 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-09-19 14:53 - 2014-09-19 14:53 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-09-19 14:53 - 2014-09-19 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-09-19 14:51 - 2014-09-19 14:51 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Mara\Desktop\spybot-2.4.exe
2014-09-19 14:48 - 2014-09-19 14:47 - 00733368 _____ () C:\Users\Mara\Desktop\spybot-search-and-destroy-lista-centrumcz.exe
2014-09-18 15:31 - 2014-04-04 10:41 - 00000132 _____ () C:\Users\Mara\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-09-17 16:00 - 2012-08-02 20:06 - 00727488 _____ () C:\Windows\system32\perfh005.dat
2014-09-17 16:00 - 2012-08-02 20:06 - 00148006 _____ () C:\Windows\system32\perfc005.dat
2014-09-17 16:00 - 2012-07-26 09:28 - 01714430 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-16 22:58 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-09-16 22:51 - 2014-09-16 22:51 - 01373475 _____ () C:\Users\Mara\Desktop\adwcleaner_3.310.exe
2014-09-16 22:18 - 2014-09-16 22:18 - 00000000 ____D () C:\Users\Mara\Desktop\Queen - The Ultimate Best Of Queen (2011) [mp3][www.lokotorrents.com]
2014-09-16 22:18 - 2014-09-16 22:17 - 00000000 ____D () C:\Users\Mara\Desktop\Justin TImberlake - The 20-20 Experience (Deluxe Edition) 2013 Pop 320kbps CBR MP3 [VX]
2014-09-16 22:05 - 2014-09-16 22:04 - 00000000 ____D () C:\Users\Mara\Desktop\XSCAPE (Deluxe)
2014-09-16 22:02 - 2014-09-16 22:02 - 00000000 ____D () C:\Users\Mara\Desktop\Coldplay - Ghost Stories [2014] [Deluxe Edition] [Mp3-320]-V3nom [GLT]
2014-09-16 22:01 - 2014-09-16 22:00 - 00000000 ____D () C:\Users\Mara\Desktop\Chris Brown - X [Deluxe@320] 2014
2014-09-16 21:54 - 2014-09-16 21:54 - 00000000 ____D () C:\Users\Mara\Desktop\Filmy
2014-09-16 21:51 - 2014-01-26 10:48 - 00000000 ____D () C:\Users\Mara\Desktop\we
2014-09-16 19:37 - 2014-09-16 19:36 - 00000000 ____D () C:\Users\Mara\Documents\wintoflash_0.7.0026beta
2014-09-16 19:31 - 2014-09-16 19:31 - 01513832 _____ (Object Browser) C:\Users\Mara\AppData\Roaming\AXYC.exe
2014-09-16 19:31 - 2014-09-16 19:31 - 00004370 _____ () C:\Windows\System32\Tasks\AXYC
2014-09-16 19:30 - 2014-09-16 19:30 - 01969000 _____ (Object Browser) C:\Users\Mara\AppData\Roaming\QBTNOXC.exe
2014-09-16 19:30 - 2014-09-16 19:30 - 00004718 _____ () C:\Windows\System32\Tasks\QBTNOXC
2014-09-16 19:25 - 2014-09-16 19:21 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-16 19:24 - 2014-09-16 19:17 - 00000000 ____D () C:\Users\Mara\AppData\Roaming\Seznam.cz
2014-09-16 19:24 - 2014-09-16 19:17 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2014-09-16 19:24 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-09-16 19:24 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-09-16 19:17 - 2014-09-16 19:17 - 00000000 ____D () C:\Users\Mara\AppData\Local\CrashRpt
2014-09-16 18:42 - 2014-09-16 18:03 - 693682871 _____ () C:\Users\Mara\Desktop\Microsoft-Windows-XP-Professional-SP3-CZ-x86-Integrovane-Januar-2010.zip
2014-09-16 18:36 - 2014-09-16 18:02 - 602720256 _____ () C:\Users\Mara\Desktop\Windows.XP.Home.SP3.v5.1.2600.Czech-mXx.iso
2014-09-16 12:01 - 2014-01-17 22:51 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1437255118-3724227524-3503180372-1001
2014-09-16 10:57 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-09-15 09:38 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-09-15 08:26 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-09-14 09:30 - 2014-01-19 00:58 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-14 09:25 - 2014-01-19 00:58 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-13 07:11 - 2014-01-18 23:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-12 17:06 - 2014-09-12 17:06 - 00000000 ____D () C:\Users\Mara\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-09-12 17:06 - 2014-09-12 17:06 - 00000000 ____D () C:\Users\Mara\AppData\Roaming\Adobe Mini Bridge CS5
2014-09-12 16:57 - 2014-01-17 21:13 - 00000000 ____D () C:\Users\Mara\AppData\Roaming\Adobe
2014-09-10 16:12 - 2014-09-10 16:12 - 03813555 _____ () C:\Users\Mara\Desktop\NEVDAMA promoteaser.psd
2014-09-07 02:00 - 2014-06-25 09:14 - 00000378 _____ () C:\Windows\Tasks\AdobeAAMUpdater-1.0-Marouskovnik-Mara.job
2014-09-02 21:32 - 2014-08-21 11:58 - 00705480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-02 21:32 - 2014-08-21 11:58 - 00104904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\Mara\AppData\Roaming\AXYC
2014-09-01 10:18 - 2014-09-01 10:18 - 00001248 _____ () C:\Users\Mara\AppData\Roaming\QBTNOXC
2014-08-31 12:44 - 2014-07-22 10:33 - 05329560 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-28 13:34 - 2014-09-11 08:27 - 00059400 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-28 11:47 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-28 08:05 - 2014-09-11 08:27 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-28 08:05 - 2014-09-11 08:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-28 08:05 - 2014-09-11 08:27 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-28 08:05 - 2014-09-11 08:27 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-28 08:02 - 2014-09-11 08:27 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-28 08:01 - 2014-09-11 08:27 - 03285504 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-28 08:01 - 2014-09-11 08:27 - 01623552 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-28 08:01 - 2014-09-11 08:27 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-28 08:01 - 2014-09-11 08:27 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-08-28 08:01 - 2014-09-11 08:27 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-08-28 08:01 - 2014-09-11 08:27 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-28 08:01 - 2014-09-11 08:27 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-28 08:01 - 2014-09-11 08:27 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2014-08-26 18:31 - 2014-08-26 18:31 - 00000794 _____ () C:\Users\Mara\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-08-23 08:47 - 2014-08-28 08:13 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-21 11:53 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData
2014-08-21 11:25 - 2014-08-21 11:25 - 01819937 _____ () C:\Users\Mara\Desktop\lyze rozdelany.psd
2014-08-21 11:25 - 2014-08-21 11:25 - 00452080 _____ () C:\Users\Mara\Desktop\lyze rozdelany 2.psd
2014-08-20 09:12 - 2014-08-20 09:12 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-08-20 09:12 - 2014-08-20 09:12 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-20 09:12 - 2014-08-20 09:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-20 09:12 - 2014-08-20 09:12 - 00000000 ____D () C:\Program Files\CCleaner

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-16 11:08

==================== End Of Log ============================

Re: Prosím o kontrolu - vyskakovaci reklamni okno

Napsal: 19 zář 2014 21:28
od noproblemo
addition


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by Mara at 2014-09-19 22:24:19
Running from C:\Users\Mara\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ASUS VivoBook (HKLM\...\{04FDBE69-F9FD-42A2-9008-E5CE7F60C6BE}) (Version: 1.0.26 - ASUS)
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34024 - BitTorrent Inc.)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.4.117.01527 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.4.117.01527 - Alcor Micro Corp.) Hidden
Anydata ADU-770WH (HKLM-x32\...\Anydata ADU-770WH) (Version: 1.6.5.21 - AnyDATA.NET, Inc)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.5 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.13 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.8 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.7 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.1.3 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0002 - ASUS)
ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.8 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.10.123 - ASUS Cloud Corporation)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0027 - ASUS)
Balíček ovladače systému Windows - AnyDATA.NET (adusbser) Modem (07/08/2009 2.0.6.7) (HKLM\...\83D39BE44B3A8ED033DBBBC4F867EBAFB1FAC98F) (Version: 07/08/2009 2.0.6.7 - AnyDATA.NET)
Balíček ovladače systému Windows - AnyDATA.NET (adusbser) Ports (07/08/2009 2.0.6.7) (HKLM\...\67167A3F28325130D0AD538001458884E89C08E5) (Version: 07/08/2009 2.0.6.7 - AnyDATA.NET)
Bioshock Infinite - CRACK version for Windows (HKLM-x32\...\{47B8ED12-4F9A-1822-7686-3595C92AC971}_is1) (Version: for Windows - )
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.66.1075 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
FormatFactory 3.3.4.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.4.0 - Format Factory)
Fotogaléria (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2875 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
K-Lite Mega Codec Pack 10.4.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.4.5 - )
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (Czech) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Czech) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Czech) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Czech) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2007 (x32 Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (Czech) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 31.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 cs)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.218 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6798 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{A030537D-0034-46AD-A730-B1119786F607}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2889914) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{F3F83933-75FC-4B60-84F2-3F8FA63D042E}) (Version: - Microsoft)
Windows Driver Package - ASUS (ATP) Mouse (01/10/2013 1.0.0.170) (HKLM\...\4A9DE1E9EBC800B7F01739D4DE7363EF6751BDF5) (Version: 01/10/2013 1.0.0.170 - ASUS)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

06-09-2014 20:25:06 Naplánovaný kontrolní bod
11-09-2014 06:54:37 Windows Update
14-09-2014 07:24:11 Windows Update
19-09-2014 17:21:58 ComboFix created restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 07:26 - 2014-09-19 19:32 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0B6390C0-0A35-4C12-A0E1-7E4CBBE7F5D4} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {12F52E45-6CF7-48F7-AA08-E6AA5A2BB43D} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-07-25] (ASUSTeK Computer Inc.)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2850DF46-84BA-4769-8A73-9AE1AA9B17C7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-17] (Google Inc.)
Task: {32A45E96-F4CF-49C8-ACCB-F17070B7B125} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)
Task: {3738E1DF-8C32-45E8-9E9E-698E0E2EBEC0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-17] (Google Inc.)
Task: {451E93C3-D176-44B9-BA3D-7D552365D539} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-09-14] (Microsoft Corporation)
Task: {60420624-960D-4EDD-8E8E-77557BE2ED6C} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-01-16] (AsusTek)
Task: {759A9969-B061-49D8-9E56-7E22ACBE3213} - System32\Tasks\AXYC => C:\Users\Mara\AppData\Roaming\AXYC.exe [2014-09-16] (Object Browser)
Task: {785A6765-9625-4633-82A3-20088D486AA2} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [2013-01-09] (ASUSTek Computer INC.)
Task: {7B1AD8E7-7065-40DE-A0BC-42E6A40EF23C} - System32\Tasks\ASUS VivoBook => C:\Program Files\ASUS\ASUS VivoBook\VivoBook.exe [2012-12-25] (ASUSTeK Computer Inc.)
Task: {7F11C5EB-E9AD-49FF-8022-9AD2F3A7822A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {83355B5B-3F1C-4966-9ED7-60FB6CB91683} - System32\Tasks\QBTNOXC => C:\Users\Mara\AppData\Roaming\QBTNOXC.exe [2014-09-16] (Object Browser)
Task: {86F20368-1796-46D9-85CF-2884D7BE9DE8} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {965A21EE-5757-4445-B695-54DF7E0F591B} - System32\Tasks\AdobeAAMUpdater-1.0-Marouskovnik-Mara => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {970B4DB0-D1F6-421B-8F13-352EB551867F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {9B5D4764-5E51-4660-B676-0A2C1E7C6002} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-11-29] (ASUS)
Task: {A311991D-2D41-4B41-BACB-0FF148D85BE1} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {C2155533-8B8E-43B9-9163-FE2D91A522CA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {EA4710D6-9049-4DCB-A94C-0BA491B466C6} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2012-11-29] ()
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: C:\Windows\Tasks\AdobeAAMUpdater-1.0-Marouskovnik-Mara.job => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
Task: C:\Windows\Tasks\AXYC.job => C:\Users\Mara\AppData\Roaming\AXYC.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\QBTNOXC.job => C:\Users\Mara\AppData\Roaming\QBTNOXC.exe

==================== Loaded Modules (whitelisted) =============

2012-12-28 14:07 - 2012-12-28 14:07 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2012-12-28 14:04 - 2012-12-28 14:04 - 00084480 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2012-12-28 14:09 - 2012-12-28 14:09 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2012-08-24 19:26 - 2012-08-24 19:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2012-07-25 22:44 - 2012-07-25 22:35 - 00046592 _____ () C:\Windows\system32\WinMetadata\Windows.Graphics.winmd
2012-11-29 19:15 - 2012-11-29 19:15 - 00171224 _____ () C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
2013-01-25 09:30 - 2012-11-02 09:19 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll
2013-03-18 19:49 - 2012-06-25 12:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2010-02-22 04:50 - 2010-02-22 04:50 - 00060416 _____ () C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\zlib1.dll
2010-04-07 02:34 - 2010-04-07 02:34 - 00033280 _____ () C:\Program Files (x86)\Adobe\Adobe Photoshop CS5\QuickTimeGlue.dll
2014-09-19 14:52 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-09-19 14:52 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-09-19 14:52 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-09-19 14:52 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-09-19 14:52 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-07-07 18:44 - 2014-08-07 08:21 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:56E2E879

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ASUSPRP => "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
MSCONFIG\startupreg: ASUSWebStorage => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe /S
MSCONFIG\startupreg: DisableS3S4 => c:\windows\temp\DisableS3S464\sethigh.cmd
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: mcui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeCS5ServiceManager"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "msgbdnaSrv"
HKLM\...\StartupApproved\Run32: => "msphyeSrv"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "mnctiqthhSrv"
HKLM\...\StartupApproved\Run32: => "msljggxfSrv"
HKLM\...\StartupApproved\Run32: => "MSStp"
HKCU\...\StartupApproved\Run: => "AdobeBridge"
HKCU\...\StartupApproved\Run: => "uTorrent"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/19/2014 08:44:17 PM) (Source: ESENT) (EventID: 455) (User: )
Description: DllHost (6040) WebCacheLocal: Při otevírání souboru protokolu C:\Users\Mara\AppData\Local\Microsoft\Windows\WebCache\V0100001.log došlo k chybě -1811 (0xfffff8ed).

Error: (09/19/2014 07:08:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: plugin-container.exe, verze: 31.0.0.5310, časové razítko: 0x53c75e91
Název chybujícího modulu: mozalloc.dll, verze: 31.0.0.5310, časové razítko: 0x53c72e91
Kód výjimky: 0x80000003
Posun chyby: 0x0000141b
ID chybujícího procesu: 0x15ac
Čas spuštění chybující aplikace: 0xplugin-container.exe0
Cesta k chybující aplikaci: plugin-container.exe1
Cesta k chybujícímu modulu: plugin-container.exe2
ID zprávy: plugin-container.exe3
Úplný název chybujícího balíčku: plugin-container.exe4
ID aplikace související s chybujícím balíčkem: plugin-container.exe5

Error: (09/19/2014 01:51:37 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={A14CBA34-9DC6-463D-8BE6-34FFA6467F46}: The user Marouskovnik\Mara dialed a connection named WCDMA which has failed. The error code returned on failure is 633.

Error: (09/19/2014 01:51:37 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={5DBECD24-E11D-4DCF-B146-075F03CBEB9F}: The user Marouskovnik\Mara dialed a connection named WCDMA which has failed. The error code returned on failure is 633.

Error: (09/19/2014 01:51:37 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={B62CA8EB-4BAA-4CD8-944E-EC20022718D7}: The user Marouskovnik\Mara dialed a connection named WCDMA which has failed. The error code returned on failure is 633.

Error: (09/19/2014 01:51:37 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={CFD72613-8E02-4ADA-9CD0-62D9E48834F0}: The user Marouskovnik\Mara dialed a connection named WCDMA which has failed. The error code returned on failure is 633.

Error: (09/19/2014 01:51:36 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={89EACBEE-2488-44E7-9126-17ECEC6F6777}: The user Marouskovnik\Mara dialed a connection named WCDMA which has failed. The error code returned on failure is 633.

Error: (09/19/2014 01:51:36 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={E4BCF8B5-1BE8-4565-B945-31221D972C18}: The user Marouskovnik\Mara dialed a connection named WCDMA which has failed. The error code returned on failure is 633.

Error: (09/19/2014 01:51:33 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={7E54E24A-25C9-4816-B5B8-4E10ED70509F}: The user Marouskovnik\Mara dialed a connection named WCDMA which has failed. The error code returned on failure is 633.

Error: (09/19/2014 01:51:31 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={3CD024E3-4DE5-4390-B7D4-F01733DCA88B}: The user Marouskovnik\Mara dialed a connection named WCDMA which has failed. The error code returned on failure is 633.


System errors:
=============
Error: (09/19/2014 09:53:23 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (09/19/2014 08:54:48 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (09/19/2014 08:44:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Search neuspěla při spuštění v důsledku následující chyby:
%%1069

Error: (09/19/2014 08:44:38 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba WSearch se nemohla přihlásit jako NT AUTHORITY\SYSTEM s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%50

Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (09/19/2014 08:44:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Intel(R) Management and Security Application Local Management Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (09/19/2014 08:44:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Intel(R) Capability Licensing Service Interface byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (09/19/2014 08:44:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Intel(R) Capability Licensing Service Interface byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (09/19/2014 08:44:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Spybot-S&D 2 Scanner Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (09/19/2014 08:44:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Spybot-S&D 2 Updating Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (09/19/2014 08:44:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Spybot-S&D 2 Security Center Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2014-09-19 19:31:46.443
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU 847 @ 1.10GHz
Percentage of memory in use: 43%
Total physical RAM: 3979.61 MB
Available physical RAM: 2268.32 MB
Total Pagefile: 5387.61 MB
Available Pagefile: 3406.93 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:119.24 GB) (Free:62.16 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:157.55 GB) (Free:69.69 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 1FEB4A9B)

Partition: GPT Partition Type.

==================== End Of Log ============================

Re: Prosím o kontrolu - vyskakovaci reklamni okno

Napsal: 20 zář 2014 09:17
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
Task: {2850DF46-84BA-4769-8A73-9AE1AA9B17C7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-17] (Google Inc.)
Task: {3738E1DF-8C32-45E8-9E9E-698E0E2EBEC0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-17] (Google Inc.)
Task: C:\Windows\Tasks\AXYC.job => C:\Users\Mara\AppData\Roaming\AXYC.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
HKLM\...\StartupApproved\Run32: => "msgbdnaSrv"
HKLM\...\StartupApproved\Run32: => "msphyeSrv"
HKLM\...\StartupApproved\Run32: => "mnctiqthhSrv"
HKLM\...\StartupApproved\Run32: => "msljggxfSrv"
HKLM\...\StartupApproved\Run32: => "MSStp"
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [msphyeSrv] => C:\Windows\inf\msphye.vbe [1558 2013-08-27] ()
HKLM-x32\...\Run: [msljggxfSrv] => C:\Windows\inf\msljggxf.vbe [1558 2013-08-27] ()
HKLM-x32\...\Run: [MSStp] => C:\Windows\inf\msstp.vbe [1584 2014-03-05] ()
HKLM-x32\...\Run: [mnctiqthhSrv] => C:\Windows\SysWOW64\mnctiqthh.vbe [7670 2014-03-05] ()
HKLM-x32\...\Run: [mskeetgSrv] => C:\Windows\SysWOW64\mskeetg.vbe [649 2014-06-23] ()
ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
U0 msahci; No ImagePath
C:\Windows\Tasks\AXYC.job
C:\Windows\System32\Tasks\AXYC
C:\Windows\Tasks\QBTNOXC.job
C:\Users\Mara\AppData\Roaming\QBTNOXC.exe
C:\Windows\System32\Tasks\QBTNOXC
C:\Users\Mara\AppData\Roaming\AXYC
C:\Users\Mara\AppData\Roaming\QBTNOXC
End
Uložte na plochu jako fixlist.txt. Pak znovu spusťte FRST a klikněte na >Fix<. Zkopírujte sem pak log, který se na závěr vytvoří.

Re: Prosím o kontrolu - vyskakovaci reklamni okno

Napsal: 20 zář 2014 14:33
od noproblemo
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-09-2014
Ran by Mara at 2014-09-20 15:19:14 Run:1
Running from C:\Users\Mara\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
Task: {2850DF46-84BA-4769-8A73-9AE1AA9B17C7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-17] (Google Inc.)
Task: {3738E1DF-8C32-45E8-9E9E-698E0E2EBEC0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-17] (Google Inc.)
Task: C:\Windows\Tasks\AXYC.job => C:\Users\Mara\AppData\Roaming\AXYC.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
HKLM\...\StartupApproved\Run32: => "msgbdnaSrv"
HKLM\...\StartupApproved\Run32: => "msphyeSrv"
HKLM\...\StartupApproved\Run32: => "mnctiqthhSrv"
HKLM\...\StartupApproved\Run32: => "msljggxfSrv"
HKLM\...\StartupApproved\Run32: => "MSStp"
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [msphyeSrv] => C:\Windows\inf\msphye.vbe [1558 2013-08-27] ()
HKLM-x32\...\Run: [msljggxfSrv] => C:\Windows\inf\msljggxf.vbe [1558 2013-08-27] ()
HKLM-x32\...\Run: [MSStp] => C:\Windows\inf\msstp.vbe [1584 2014-03-05] ()
HKLM-x32\...\Run: [mnctiqthhSrv] => C:\Windows\SysWOW64\mnctiqthh.vbe [7670 2014-03-05] ()
HKLM-x32\...\Run: [mskeetgSrv] => C:\Windows\SysWOW64\mskeetg.vbe [649 2014-06-23] ()
ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
U0 msahci; No ImagePath
C:\Windows\Tasks\AXYC.job
C:\Windows\System32\Tasks\AXYC
C:\Windows\Tasks\QBTNOXC.job
C:\Users\Mara\AppData\Roaming\QBTNOXC.exe
C:\Windows\System32\Tasks\QBTNOXC
C:\Users\Mara\AppData\Roaming\AXYC
C:\Users\Mara\AppData\Roaming\QBTNOXC
End
*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2850DF46-84BA-4769-8A73-9AE1AA9B17C7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2850DF46-84BA-4769-8A73-9AE1AA9B17C7}" => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3738E1DF-8C32-45E8-9E9E-698E0E2EBEC0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3738E1DF-8C32-45E8-9E9E-698E0E2EBEC0}" => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => Key deleted successfully.
C:\Windows\Tasks\AXYC.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\ProgramData\TEMP => ":56E2E879" ADS removed successfully.
HKLM\...\StartupApproved\Run32: => "msgbdnaSrv" => Error: No automatic fix found for this entry.
HKLM\...\StartupApproved\Run32: => "msphyeSrv" => Error: No automatic fix found for this entry.
HKLM\...\StartupApproved\Run32: => "mnctiqthhSrv" => Error: No automatic fix found for this entry.
HKLM\...\StartupApproved\Run32: => "msljggxfSrv" => Error: No automatic fix found for this entry.
HKLM\...\StartupApproved\Run32: => "MSStp" => Error: No automatic fix found for this entry.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\msphyeSrv => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\msljggxfSrv => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\MSStp => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mnctiqthhSrv => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mskeetgSrv => value deleted successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SkyDrive1" => Key not found.
"HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SkyDrive2" => Key not found.
"HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SkyDrive3" => Key not found.
"HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}" => Key not found.
msahci => Service deleted successfully.
"C:\Windows\Tasks\AXYC.job" => File/Directory not found.
"C:\Windows\System32\Tasks\AXYC" => File/Directory not found.
"C:\Windows\Tasks\QBTNOXC.job" => File/Directory not found.
"C:\Users\Mara\AppData\Roaming\QBTNOXC.exe" => File/Directory not found.
"C:\Windows\System32\Tasks\QBTNOXC" => File/Directory not found.
C:\Users\Mara\AppData\Roaming\AXYC => Moved successfully.
C:\Users\Mara\AppData\Roaming\QBTNOXC => Moved successfully.

==== End of Fixlog ====

Re: Prosím o kontrolu - vyskakovaci reklamni okno

Napsal: 20 zář 2014 14:43
od Rudy
Mělo by být smazáno. Nastala nějaká změna?

Re: Prosím o kontrolu - vyskakovaci reklamni okno

Napsal: 22 zář 2014 07:55
od noproblemo
vypada to, ze reklama je konecne pryc

diky moc

Re: Prosím o kontrolu - vyskakovaci reklamni okno

Napsal: 22 zář 2014 17:56
od Rudy
Rádo se stalo! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz