VIRY.CZ

Dobrý den,
Instaloval jsem jeden program na stříhání videí a nainstalovalo mi to nějaký bordel.
Snažil jsem se řídit podle již vyřešených témat ale nepomohlo mi to celý problém vyřešit (jen částečně)

Logfile of random's system information tool 1.10 (written by random/random)
Run by Lukas at 2014-09-21 22:02:31
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 9 GB (9%) free of 100 GB
Total RAM: 3324 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:02:33, on 21.9.2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16575)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\vsnpstd2.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Lukas\Documents\RSIT.exe
C:\Program Files\trend micro\Lukas.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [snpstd2] C:\Windows\vsnpstd2.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "D:\hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Steam] "D:\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CS1\Services\Tcpip\..\{B59D9D98-5EB6-40D1-B1CB-EFAAB7B96FDD}: NameServer = 8.8.4.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{B59D9D98-5EB6-40D1-B1CB-EFAAB7B96FDD}: NameServer = 8.8.8.8
O17 - HKLM\System\CS6\Services\Tcpip\..\{B59D9D98-5EB6-40D1-B1CB-EFAAB7B96FDD}: NameServer = 8.8.8.8
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: FreemakeVideoCapture - Unknown owner - C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: wampapache - Apache Software Foundation - E:\wamp\bin\apache\apache2.4.4\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - E:\wamp\bin\mysql\mysql5.6.12\bin\mysqld.exe

--
End of file - 7304 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1003Core.job - C:\Users\lol\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1003UA.job - C:\Users\lol\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1004Core.job - C:\Users\hgh\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1004UA.job - C:\Users\hgh\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1005Core.job - C:\Users\bjhgu\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1005UA.job - C:\Users\bjhgu\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1007Core.job - C:\Users\afs\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1007UA.job - C:\Users\afs\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1008Core.job - C:\Users\fsfsdf\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1008UA.job - C:\Users\fsfsdf\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\p71cu5ei.default

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-01-19 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-07-11 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-01-19 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-08-09 10807912]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"snpstd2"=C:\Windows\vsnpstd2.exe [2007-04-13 307200]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-07-04 641704]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-07-31 4085896]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"Wondershare Helper Compact.exe"=C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2013-07-25 1985824]
"LogMeIn Hamachi Ui"=D:\hamachi\hamachi-2-ui.exe [2014-09-04 3802448]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"PlayNC Launcher"= []
"Clownfish"= []
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2012-04-11 3672384]
"Steam"=D:\Steam\steam.exe [2014-08-28 1939136]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2014-05-08 21444224]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=L3codeca.acm
"vidc.cvid"=iccvid.dll
"VIDC.X264"=x264vfw.dll
"VIDC.HFYU"=huffyuv.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.YV12"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"MSVideo8"=VfWWDM32.dll
"VIDC.FPS1"=frapsvid.dll
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-09-21 21:59:13 ----D---- C:\Program Files\trend micro
2014-09-21 21:59:12 ----D---- C:\rsit
2014-09-21 20:46:05 ----D---- C:\Program Files\SavePass 1.1
2014-09-10 16:24:53 ----A---- C:\Windows\system32\vbscript.dll
2014-09-10 16:24:53 ----A---- C:\Windows\system32\mshtmled.dll
2014-09-10 16:24:52 ----A---- C:\Windows\system32\msfeedsbs.dll
2014-09-10 16:24:52 ----A---- C:\Windows\system32\msfeeds.dll
2014-09-10 16:24:52 ----A---- C:\Windows\system32\jsproxy.dll
2014-09-10 16:24:51 ----A---- C:\Windows\system32\dxtmsft.dll
2014-09-10 16:24:50 ----A---- C:\Windows\system32\msfeedssync.exe
2014-09-10 16:24:50 ----A---- C:\Windows\system32\ieui.dll
2014-09-10 16:24:50 ----A---- C:\Windows\system32\iertutil.dll
2014-09-10 16:24:50 ----A---- C:\Windows\system32\dxtrans.dll
2014-09-10 16:24:49 ----A---- C:\Windows\system32\wininet.dll
2014-09-10 16:24:48 ----A---- C:\Windows\system32\jscript9.dll
2014-09-10 16:24:48 ----A---- C:\Windows\system32\jscript.dll
2014-09-10 16:24:48 ----A---- C:\Windows\system32\ieUnatt.exe
2014-09-10 16:24:47 ----A---- C:\Windows\system32\url.dll
2014-09-10 16:24:47 ----A---- C:\Windows\system32\mshta.exe
2014-09-10 16:24:45 ----A---- C:\Windows\system32\urlmon.dll
2014-09-10 16:24:44 ----A---- C:\Windows\system32\ieframe.dll
2014-09-10 16:24:42 ----A---- C:\Windows\system32\mshtml.dll
2014-09-04 20:12:50 ----D---- C:\Users\Lukas\AppData\Roaming\Wireshark
2014-09-04 19:59:20 ----A---- C:\TDSSKiller.3.0.0.40_04.09.2014_19.59.20_log.txt
2014-09-04 19:58:15 ----A---- C:\TDSSKiller.3.0.0.16_04.09.2014_19.58.15_log.txt
2014-09-04 19:38:44 ----D---- C:\ProgramData\Malwarebytes
2014-09-03 22:00:00 ----D---- C:\ProgramData\Package Cache
2014-08-29 03:00:43 ----A---- C:\Windows\system32\win32k.sys
2014-08-29 03:00:42 ----A---- C:\Windows\system32\gdi32.dll
2014-08-23 15:54:14 ----D---- C:\Users\Lukas\AppData\Roaming\Activision

======List of files/folders modified in the last 1 month======

2014-09-21 22:02:32 ----D---- C:\Windows\Temp
2014-09-21 21:59:13 ----D---- C:\Program Files
2014-09-21 21:44:14 ----D---- C:\Users\Lukas\AppData\Roaming\Skype
2014-09-21 21:35:09 ----D---- C:\Windows
2014-09-21 21:00:27 ----HD---- C:\ProgramData
2014-09-21 20:49:47 ----D---- C:\Windows\system32\Tasks
2014-09-21 20:49:30 ----D---- C:\Program Files\Common Files\System
2014-09-21 20:47:46 ----D---- C:\Windows\Tasks
2014-09-21 20:46:32 ----SHD---- C:\Windows\Installer
2014-09-21 20:42:10 ----D---- C:\Users\Lukas\AppData\Roaming\vlc
2014-09-21 20:16:25 ----D---- C:\Windows\Prefetch
2014-09-20 18:29:12 ----D---- C:\Windows\System32
2014-09-19 16:43:11 ----SHD---- C:\System Volume Information
2014-09-17 22:02:18 ----RSD---- C:\Windows\Fonts
2014-09-15 14:59:38 ----D---- C:\Windows\system32\LogFiles
2014-09-13 23:48:43 ----D---- C:\Windows\Debug
2014-09-13 19:31:14 ----D---- C:\Windows\Microsoft.NET
2014-09-13 19:29:09 ----RSD---- C:\Windows\assembly
2014-09-11 17:22:05 ----D---- C:\ProgramData\Origin
2014-09-11 17:21:46 ----D---- C:\Program Files\Origin
2014-09-10 23:49:29 ----D---- C:\Windows\system32\migration
2014-09-10 23:49:26 ----D---- C:\Program Files\Internet Explorer
2014-09-10 17:00:23 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-09-10 16:25:44 ----D---- C:\Windows\winsxs
2014-09-10 16:25:38 ----D---- C:\Windows\system32\catroot
2014-09-10 16:25:37 ----D---- C:\Windows\system32\catroot2
2014-09-10 16:23:43 ----D---- C:\Windows\system32\MRT
2014-09-10 16:16:18 ----A---- C:\Windows\system32\mrt.exe
2014-09-10 16:12:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-09-10 16:12:41 ----D---- C:\Windows\inf
2014-09-09 22:56:42 ----D---- C:\Users\Lukas\AppData\Roaming\uTorrent
2014-09-09 22:19:18 ----D---- C:\Users\Lukas\AppData\Roaming\.minecraft
2014-09-04 20:04:31 ----D---- C:\Windows\system32\drivers
2014-09-04 19:53:57 ----SD---- C:\Windows\Downloaded Program Files
2014-09-04 19:25:21 ----D---- C:\Program Files\BitKinex
2014-09-03 21:49:01 ----D---- C:\Users\Lukas\AppData\Roaming\Origin
2014-09-03 21:39:15 ----D---- C:\ProgramData\Electronic Arts
2014-08-31 21:23:48 ----D---- C:\Program Files\Common Files\Steam
2014-08-25 06:53:44 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdis;avast! Firewall NDIS Filter Service; C:\Windows\system32\DRIVERS\aswNdis.sys [2013-12-15 12112]
R0 aswNdis2;avast! Firewall NDIS Driver; C:\Windows\system32\drivers\aswNdis2.sys [2014-07-11 252872]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-07-11 49944]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-07-11 192352]
R0 NBVol;Nero Backup Volume Filter Driver; C:\Windows\system32\DRIVERS\NBVol.sys [2011-12-01 56496]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver; C:\Windows\system32\DRIVERS\NBVolUp.sys [2011-12-01 12464]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-07-31 477240]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2011-01-10 18544]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2014-07-11 26136]
R1 AswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2014-07-11 55112]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-07-11 779536]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-07-11 414520]
R1 aswTdi;aswTdi; C:\Windows\system32\drivers\aswTdi.sys [2014-07-11 57800]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-07 242240]
R2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2012-03-05 45184]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-07-11 24184]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-07-11 67824]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2011-02-11 35088]
R3 amdiox86;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-07-04 10070016]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-07-04 290304]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-08-12 3645160]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2011-07-06 328552]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2011-02-22 319592]
R3 tap0901;TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2012-07-20 31360]
R3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 73344]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2010-12-15 37504]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S3 amem1gef;amem1gef; C:\Windows\system32\drivers\amem1gef.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 FairplayKD;FairplayKD; \??\C:\ProgramData\MTA San Andreas All\1.3\temp\FairplayKD.sys []
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
S3 libusb0;LibUsb-Win32 - Kernel Driver 11/20/2005, 20051120; C:\Windows\system32\DRIVERS\libusb0.sys [2006-05-31 29184]
S3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 snpstd2;VideoCAM Look; C:\Windows\system32\DRIVERS\snpstd2.sys [2007-03-29 343680]
S3 taphss6;Anchorfree HSS VPN Adapter; C:\Windows\system32\DRIVERS\taphss6.sys []
S3 tapoas;TAP-Win32 Adapter OAS; C:\Windows\system32\DRIVERS\tapoas.sys [2012-07-15 26112]
S3 usbser;USB Serial Emulation Driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 27648]
S3 WinUSB;Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2009-07-14 34944]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2009-04-11 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-07-04 217088]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-07-04 291840]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-07-11 50344]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-07-11 106488]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; D:\hamachi\hamachi-2.exe [2014-09-04 1890128]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2012-07-13 769432]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 FreemakeVideoCapture;FreemakeVideoCapture; C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-02-23 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10 267440]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 EasyAntiCheat;EasyAntiCheat; C:\Windows\system32\EasyAntiCheat.exe [2014-06-22 107552]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-02-23 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-08-02 119408]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2014-08-28 833728]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 wampapache;wampapache; E:\wamp\bin\apache\apache2.4.4\bin\httpd.exe [2013-06-23 22016]
S3 wampmysqld;wampmysqld; E:\wamp\bin\mysql\mysql5.6.12\bin\mysqld.exe [2013-06-23 10923520]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Jak jsem už psal, tak jsem pár věcí udělal.
Projel jsem to Junkware Removal Toolem a tím adwCleanerem, i tak mi to hlásilo Dropper-gen.

Po Vaší výzvě jsem znovu projel a zde přikládám logy:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.9 (09.20.2014:1)
OS: Windows Vista (TM) Home Premium x86
Ran by Lukas on ne 21.09.2014 at 22:16:08,28
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 21.09.2014 at 22:23:38,43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~






# AdwCleaner v3.310 - Report created 21/09/2014 at 22:26:09
# Updated 12/09/2014 by Xplode
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Username : Lukas - LUKAS-PC
# Running from : D:\dwnld\adwcleaner_3.310 (1).exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16575


-\\ Mozilla Firefox v31.0 (x86 cs)

[ File : C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\p71cu5ei.default\prefs.js ]


[ File : C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\5x16eigj.default\prefs.js ]


-\\ Google Chrome v37.0.2062.120

[ File : C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1122 octets] - [21/09/2014 22:24:27]
AdwCleaner[S0].txt - [1044 octets] - [21/09/2014 22:26:09]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1104 octets] ##########

A kde je ten Dropper hlasen a cim?? Pripadne dejte screen

Při psaní odpovědi mi znova vyskočilo varování.

U procesu je cesta: C:\Users\Lukas\AppData\Local\Installer\Installshopperpro_22117\DC1_Offer_3.exe

Ještě dodám, že se mi nepodařilo vypozorovat příčinu spouštění.

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Zoek.exe v5.0.0.0 Updated 21-09-2014
Tool run by Lukas on ne 21.09.2014 at 23:12:38,85.
Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Lukas\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

21.9.2014 23:14:21 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2774091277-2945853270-1337784581-1000\Software\Microsoft\Internet Explorer\SearchScopes\{7B2779EE-8F26-4474-AA4B-6B7C75F0B164} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\p71cu5ei.default\prefs.js:

Added to C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\p71cu5ei.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\5x16eigj.default\prefs.js:

Added to C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\5x16eigj.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

==== Deleting Files \ Folders ======================

C:\PROGRA~2\eSellerate deleted
C:\Users\Lukas\.android deleted
C:\Program Files\Mozilla Firefox\defaults\preferences\pref.js deleted
C:\Program Files\Common Files\Wondershare deleted
C:\found.000 deleted
C:\found.001 deleted
C:\found.002 deleted
C:\found.003 deleted
C:\Users\Lukas\AppData\Roaming\Wondershare deleted
C:\Users\Lukas\AppData\Roaming\die.bat deleted
C:\Users\Tom\AppData\Roaming\die.bat deleted
C:\PROGRA~2\Package Cache deleted
C:\Users\Lukas\AppData\Local\Wondershare deleted
C:\Users\Lukas\AppData\Local\cache deleted
C:\Users\Lukas\AppData\Local\Installer deleted
C:\Users\Lukas\AppData\Local\CrashRpt deleted
C:\Users\Tom\AppData\Local\Wondershare deleted
C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\Windows\system32\tasks\YTDownloaderUpd deleted
C:\Windows\system32\tasks\Microsoft\Windows\Maintenance\SMupdate2 deleted
C:\Windows\system32\tasks\Microsoft\Windows\Multimedia\SMupdate3 deleted
C:\Windows\system32\tasks\Installer_shopperpro deleted
C:\Windows\system32\config\systemprofile\Searches deleted
C:\Windows\System32\is-P161M.tmp deleted
"C:\Program Files\Common Files\System\SysMenu.dll" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [11.07.2014 22:33]

==== Firefox Extensions ======================

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\p71cu5ei.default
DFC9460CC37E5C414DC4680B10C19E7A - C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll - Shockwave Flash
FB5621842FDABF9F8359775573498FBC - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll - Google Update
A9191AE22A8F1287B5E2DF33E3A57253 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U51
9B10927CFD0F7AD39E40C0E34005B1AD - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.510.13
ECD2A181CCFD1DD27596570EBA28F3EA - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
A5C14075B571AF1C9592595BE724D9D2 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll - Silverlight Plug-In
36FBE76F4F51396B0F70FC95CD7481D2 - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll - Pando Web Plugin
60A2D488097BBF6A298F2E524D20226B - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.7.2
BA2638E94FDBADA0A9377CAF82D9118B - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.7.2
29F9D1A7D3D63FD2D10CE06901475888 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.2
CF758AC229C1F082F179B3F7D14EF78B - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.2
629F9B5B99B80679520623655E31B5D1 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.2
65CE2E25E04D7C750BF8B30B2D34DCD7 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.2
2F7480A40151EB2E483CF6524EDBA3F7 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.2
6F120933F87E7DEC972476170288A267 - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat
0BD343C45B4ECCF8D6AF94D6C3ADC310 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation
2AA3703D87E1327A2290C9D416D89A28 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrlui.dll - Microsoft® Silverlight


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[11.07.2014 22:33]
panpiecllaicaafneoofcmdgmbcihhnd - C:\ProgramData\AskPartnerNetwork\Toolbar\BTR-V7\CRX\ToolbarCR.crx[]

Dark atmosphere - Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfpikgkkfdoabncoileilaglepbpdhek
V\u00EDtejte v aplikaci Google Chrome - Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\jodhldmnfmkoimemmdeklplnebjegbkc

==== Chromium Fix ======================

C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.metrolyrics.com_0.localstorage deleted successfully
C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.metrolyrics.com_0.localstorage-journal deleted successfully
C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully
C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\panpiecllaicaafneoofcmdgmbcihhnd deleted successfully

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Tom\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Tom\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Tom\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Lukas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2X7X9TDV will be deleted at reboot
C:\Users\Lukas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\66GQPLMP will be deleted at reboot
C:\Users\Lukas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\84EW4J9R will be deleted at reboot
C:\Users\Lukas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J1X7B1WM will be deleted at reboot
C:\Users\Lukas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Lukas\AppData\Local\Mozilla\Firefox\Profiles\p71cu5ei.default\Cache emptied successfully
C:\Users\Tom\AppData\Local\Mozilla\Firefox\Profiles\5x16eigj.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=305 folders=56 861779577 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Lukas\AppData\Local\Temp will be emptied at reboot
C:\Users\Tom\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Lukas\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Lukas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Users\Lukas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2X7X9TDV" not found
"C:\Users\Lukas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\66GQPLMP" not found
"C:\Users\Lukas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\84EW4J9R" not found
"C:\Users\Lukas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J1X7B1WM" not found

==== EOF on ne 21.09.2014 at 23:33:23,97 ======================

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-09-2014 01
Ran by Lukas (administrator) on LUKAS-PC on 21-09-2014 23:50:02
Running from C:\Users\Lukas\Desktop
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(LogMeIn Inc.) D:\hamachi\hamachi-2.exe
(LogMeIn, Inc.) D:\hamachi\LMIGuardianSvc.exe
(LogMeIn Inc.) D:\hamachi\hamachi-2-ui.exe
(LogMeIn, Inc.) D:\hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
() C:\Windows\vsnpstd2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10807912 2011-08-09] (Realtek Semiconductor)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [snpstd2] => C:\Windows\vsnpstd2.exe [307200 2007-04-13] ()
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-07-04] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\Run: [LogMeIn Hamachi Ui] => D:\hamachi\hamachi-2-ui.exe [3802448 2014-09-04] (LogMeIn Inc.)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-2774091277-2945853270-1337784581-1000\...\Run: [PlayNC Launcher] => [X]
HKU\S-1-5-21-2774091277-2945853270-1337784581-1000\...\Run: [Clownfish] => (the data entry has 824 more characters).
HKU\S-1-5-21-2774091277-2945853270-1337784581-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKU\S-1-5-21-2774091277-2945853270-1337784581-1000\...\Run: [Steam] => D:\Steam\steam.exe [1939136 2014-08-28] (Valve Corporation)
HKU\S-1-5-21-2774091277-2945853270-1337784581-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2774091277-2945853270-1337784581-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-2774091277-2945853270-1337784581-1000\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess?
HKU\S-1-5-21-2774091277-2945853270-1337784581-1000\...A8F59079A8D5}\localserver32: <==== ATTENTION!
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)

FireFox:
========
FF ProfilePath: C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\p71cu5ei.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @Nero.com/KM -> C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-06-09]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-06-09]

Chrome:
=======
CHR CustomProfile: C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-21]
CHR Extension: (Google Drive) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-21]
CHR Extension: (YouTube) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-06-09]
CHR Extension: (Google Search) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-06-09]
CHR Extension: (Google Sheets) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-21]
CHR Extension: (Google Wallet) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]
CHR Extension: (Gmail) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-06-09]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-11]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2012-07-04] (Advanced Micro Devices, Inc.) [File not signed]
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-11] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-07-11] (AVAST Software)
S3 EasyAntiCheat; C:\Windows\system32\EasyAntiCheat.exe [107552 2014-06-22] (EasyAntiCheat Ltd)
R2 Hamachi2Svc; D:\hamachi\hamachi-2.exe [1890128 2014-09-04] (LogMeIn Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [769432 2012-07-13] (Nero AG)
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 wampapache; E:\wamp\bin\apache\apache2.4.4\bin\httpd.exe [22016 2013-06-23] (Apache Software Foundation) [File not signed]
S3 wampmysqld; E:\wamp\bin\mysql\mysql5.6.12\bin\mysqld.exe [10923520 2013-06-23] () [File not signed]
S2 FreemakeVideoCapture; "C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdide; C:\Windows\System32\DRIVERS\amdide.sys [11832 2010-06-29] (Advanced Micro Devices Inc.)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [45184 2012-03-05] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [18544 2011-01-10] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-07-11] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [26136 2014-07-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-07-11] (AVAST Software)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12112 2013-12-15] (ALWIL Software)
R0 aswNdis2; C:\Windows\system32\Drivers\aswNdis2.sys [252872 2014-07-11] (AVAST Software)
R1 AswRdr; C:\Windows\system32\drivers\aswRdr.sys [55112 2014-07-11] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-07-11] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-07-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-07-11] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57800 2014-07-11] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-07-11] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-07-07] (DT Soft Ltd)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [29184 2006-05-31] (http://libusb-win32.sourceforge.net) [File not signed]
S3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus.sys [171520 2005-09-23] (Pinnacle Systems GmbH) [File not signed]
R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [328552 2011-07-06] (Realtek Semiconductor Corp.)
S3 snpstd2; C:\Windows\System32\DRIVERS\snpstd2.sys [343680 2007-03-29] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [477240 2012-07-31] (Duplex Secure Ltd.)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [31360 2012-07-20] (The OpenVPN Project)
U3 asivhwto; C:\Windows\system32\Drivers\asivhwto.sys [0 ] (Microsoft Corporation)
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\1.3\temp\FairplayKD.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-21 23:50 - 2014-09-21 23:50 - 00015311 _____ () C:\Users\Lukas\Desktop\FRST.txt
2014-09-21 23:49 - 2014-09-21 23:49 - 00000073 _____ () C:\Users\Lukas\Desktop\FRSTLauncher.exe.url
2014-09-21 23:48 - 2014-09-21 23:50 - 00000000 ____D () C:\FRST
2014-09-21 23:48 - 2014-09-21 23:48 - 01097728 _____ (Farbar) C:\Users\Lukas\Downloads\FRST (1).exe
2014-09-21 23:47 - 2014-09-21 23:47 - 01097728 _____ (Farbar) C:\Users\Lukas\Downloads\FRST.exe
2014-09-21 23:47 - 2014-09-21 23:47 - 01097728 _____ (Farbar) C:\Users\Lukas\Desktop\FRST.exe
2014-09-21 23:26 - 2014-09-21 23:12 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-09-21 23:13 - 2014-09-21 23:33 - 00013529 _____ () C:\zoek-results.log
2014-09-21 23:12 - 2014-09-21 23:25 - 00000000 ____D () C:\zoek_backup
2014-09-21 23:11 - 2014-09-21 23:11 - 01290752 _____ () C:\Users\Lukas\Desktop\zoek.exe
2014-09-21 22:24 - 2014-09-21 22:26 - 00000000 ____D () C:\AdwCleaner
2014-09-21 22:23 - 2014-09-21 22:23 - 00000640 _____ () C:\Users\Lukas\Desktop\JRT.txt
2014-09-21 22:15 - 2014-09-21 20:58 - 01027006 _____ (Thisisu) C:\Users\Lukas\Desktop\JRT.exe
2014-09-21 21:59 - 2014-09-21 22:02 - 00000000 ____D () C:\Program Files\trend micro
2014-09-21 21:59 - 2014-09-21 21:59 - 00000000 ____D () C:\rsit
2014-09-21 21:58 - 2014-09-21 21:58 - 01107968 _____ () C:\Users\Lukas\Documents\RSIT.exe
2014-09-21 21:35 - 2014-09-21 23:32 - 00001060 _____ () C:\Windows\PFRO.log
2014-09-21 20:57 - 2014-09-21 20:58 - 01027006 _____ (Thisisu) C:\Users\Lukas\Documents\JRT.exe
2014-09-21 20:46 - 2014-09-21 20:51 - 00000000 ____D () C:\Program Files\SavePass 1.1
2014-09-21 20:43 - 2014-09-21 20:43 - 00570136 _____ () C:\Users\Lukas\Documents\mp4toavifree_setup.exe
2014-09-21 20:40 - 2014-09-21 20:40 - 00000257 _____ () C:\Users\Lukas\Documents\cutted.mp4
2014-09-21 20:29 - 2014-09-21 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Video Cutter
2014-09-21 20:28 - 2014-09-21 20:28 - 06420430 _____ (FreeVideoCutter.com ) C:\Users\Lukas\Documents\freevideocutter_setup.exe
2014-09-21 19:41 - 2014-09-21 19:51 - 71946193 _____ () C:\Users\Lukas\Documents\TRR 2013 720p (Video Only).mp4
2014-09-19 21:35 - 2014-09-19 21:35 - 00226672 _____ () C:\Users\Lukas\Desktop\outline.psd
2014-09-19 21:16 - 2014-09-19 21:16 - 00000069 _____ () C:\Users\Lukas\Desktop\Nový textový dokument (2).TXT
2014-09-17 22:19 - 2009-02-23 21:47 - 02648794 _____ () C:\Users\Lukas\Desktop\NaldzGraphics_SplatterPaintBrushes.abr
2014-09-17 22:18 - 2014-09-17 22:18 - 01504849 _____ () C:\Users\Lukas\Documents\NaldzGraphics_SplatterPaintBrushes.rar
2014-09-17 22:01 - 2039-08-30 22:39 - 00115748 _____ () C:\Users\Lukas\Desktop\Duplexide.ttf
2014-09-17 22:01 - 2014-09-17 22:01 - 00065062 _____ () C:\Users\Lukas\Desktop\Origicide.zip
2014-09-17 22:01 - 1620-09-03 21:32 - 00120724 _____ () C:\Users\Lukas\Desktop\Origicide.ttf
2014-09-16 21:11 - 1997-09-29 00:08 - 00043648 _____ () C:\Users\Lukas\Desktop\BECKETT_.TTF
2014-09-16 21:09 - 2014-09-16 21:09 - 00029894 _____ () C:\Users\Lukas\Documents\beckett.zip
2014-09-16 00:03 - 2014-09-16 00:03 - 00735909 _____ () C:\Users\Lukas\Desktop\outlogo.psd
2014-09-15 20:05 - 2014-09-15 20:05 - 09265024 _____ () C:\Users\Lukas\Desktop\jamamoto.psd
2014-09-15 19:01 - 2014-09-15 19:01 - 03973948 _____ () C:\Users\Lukas\Documents\C4D_Effect_Pack_1_by_Narutobigit.rar
2014-09-15 18:55 - 2014-09-15 19:57 - 05370462 _____ () C:\Users\Lukas\Desktop\Untitled-1.psd
2014-09-14 23:53 - 2014-09-14 23:53 - 00022149 _____ () C:\Users\Lukas\Desktop\čína.odt
2014-09-14 23:39 - 2014-09-14 23:39 - 00026795 _____ () C:\Users\Lukas\Desktop\jizniasie.odt
2014-09-14 23:21 - 2014-09-14 23:21 - 00029087 _____ () C:\Users\Lukas\Desktop\japonsko.odt
2014-09-14 01:00 - 2011-06-08 14:54 - 00000000 ____D () C:\Users\Lukas\Documents\Monsterpack3
2014-09-14 00:56 - 2014-09-14 00:59 - 83961641 _____ () C:\Users\Lukas\Documents\Monsterpack3.rar
2014-09-13 22:04 - 2014-09-13 22:05 - 06188485 _____ () C:\Users\Lukas\Documents\Star_Textures__Pack_04_by_dastardly_icons.zip
2014-09-13 21:08 - 2014-08-06 03:37 - 00060292 _____ () C:\Users\Lukas\Desktop\MARSNEVENEKSK.otf
2014-09-13 21:07 - 2014-09-13 21:07 - 01635257 _____ () C:\Users\Lukas\Documents\marsneveneksk.zip
2014-09-10 16:24 - 2014-08-15 16:51 - 12363264 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-10 16:24 - 2014-08-15 16:42 - 09739776 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-10 16:24 - 2014-08-15 16:42 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-10 16:24 - 2014-08-15 16:37 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-10 16:24 - 2014-08-15 16:37 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-10 16:24 - 2014-08-15 16:36 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-10 16:24 - 2014-08-15 16:35 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-10 16:24 - 2014-08-15 16:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-10 16:24 - 2014-08-15 16:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-10 16:24 - 2014-08-15 16:35 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-10 16:24 - 2014-08-15 16:35 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-10 16:24 - 2014-08-15 16:35 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-09-10 16:24 - 2014-08-15 16:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-10 16:24 - 2014-08-15 16:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-10 16:24 - 2014-08-15 16:35 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-10 16:24 - 2014-08-15 16:35 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-09-10 16:24 - 2014-08-15 16:34 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-10 16:24 - 2014-08-15 16:34 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-10 16:24 - 2014-08-15 16:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-10 16:24 - 2014-08-15 16:34 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-09-10 16:24 - 2014-08-15 16:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-09-09 22:50 - 2014-09-09 22:50 - 00000000 ____D () C:\Users\Lukas\Documents\Kytlice-2014
2014-09-09 21:09 - 2014-09-09 21:09 - 00006132 _____ () C:\Users\Lukas\Documents\updater.php
2014-09-09 20:17 - 2014-09-09 20:49 - 550991765 _____ () C:\Users\Lukas\Documents\Kytlice-2014.rar
2014-09-09 20:14 - 2014-09-09 20:16 - 10718571 _____ () C:\Users\Lukas\Documents\Pod-vodou---by-Nakashi_v1.1.rar
2014-09-04 20:12 - 2014-09-04 20:12 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Wireshark
2014-09-04 19:58 - 2014-09-04 19:58 - 04161313 _____ () C:\Users\Lukas\Documents\tdsskiller.zip
2014-09-04 19:38 - 2014-09-04 19:38 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-04 19:33 - 2014-09-04 19:34 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Lukas\Documents\mbam-setup-2.0.2.1012.exe
2014-09-04 18:42 - 2014-09-04 18:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-09-04 01:42 - 2014-09-04 01:42 - 07778786 _____ () C:\Users\Lukas\Documents\2DWaterTest.rar
2014-09-03 22:46 - 2014-08-14 20:13 - 00984081 _____ () C:\Users\Lukas\Desktop\Strings_ENG_US.package
2014-09-03 22:45 - 2014-08-14 20:13 - 00280920 _____ (Electronic Arts) C:\Users\Lukas\Desktop\GDFBinary_en_US.dll
2014-09-03 22:30 - 2014-08-14 20:13 - 00984081 _____ () C:\Users\Lukas\Desktop\Strings_CHT_CN.package
2014-09-03 22:04 - 2014-09-03 22:04 - 00000000 ____D () C:\Users\Lukas\Documents\Electronic Arts
2014-09-03 21:59 - 2014-09-03 21:59 - 06498200 _____ (Microsoft Corporation) C:\Users\Lukas\Documents\vcredist_x86.exe
2014-09-03 21:53 - 2014-09-03 21:54 - 20434932 _____ () C:\Users\Lukas\Documents\SC-T-4174-LLL-458.rar
2014-09-03 21:52 - 2014-09-03 21:52 - 01210873 _____ () C:\Users\Lukas\Documents\SC-TS-748741-C.rar
2014-09-03 21:41 - 2014-09-03 21:41 - 17088592 _____ (Electronic Arts, Inc.) C:\Users\Lukas\Documents\OriginThinSetup.exe
2014-09-02 22:08 - 2014-09-02 22:08 - 00030539 _____ () C:\Users\Lukas\Documents\[kickass.to]the.sims.4.deluxe.edition.skidrowcrack.torrent
2014-09-01 16:14 - 2014-06-25 20:08 - 01592398 _____ (TeamExtreme) C:\Users\Tom\Desktop\TE_Minecraft.jar
2014-08-30 23:47 - 2014-08-30 23:47 - 00002133 _____ () C:\Users\Lukas\Desktop\shoot.p
2014-08-30 23:35 - 2014-08-30 23:35 - 00002018 _____ () C:\Users\Lukas\Desktop\fire
2014-08-30 01:09 - 2014-08-30 01:09 - 00821379 _____ () C:\Users\Lukas\Documents\YamamotoGen - obchází ban.zip
2014-08-29 03:00 - 2014-08-23 03:03 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-29 03:00 - 2014-08-23 01:26 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 03:09 - 2014-08-27 23:42 - 21297104 _____ () C:\Users\Lukas\Desktop\asdasd.psd
2014-08-27 02:50 - 2014-08-27 02:50 - 00006157 _____ () C:\Users\Lukas\Desktop\kresba-1.svg
2014-08-27 02:50 - 2014-08-27 02:50 - 00001215 _____ () C:\Users\Lukas\AppData\Local\recently-used.xbel
2014-08-23 22:02 - 2014-08-23 22:03 - 00000000 ____D () C:\Users\Lukas\Documents\NFS Most Wanted
2014-08-23 20:53 - 2014-08-23 20:53 - 01678803 _____ () C:\Users\Lukas\Documents\15seconds.zip
2014-08-23 15:54 - 2014-08-23 15:54 - 00000000 ____D () C:\Users\Lukas\Documents\Activision
2014-08-23 15:54 - 2014-08-23 15:54 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Activision
2014-08-23 15:34 - 2014-08-23 15:34 - 00000000 ____D () C:\Users\Lukas\Documents\Disney Interactive Studios
2014-08-22 23:51 - 2014-08-22 23:52 - 00662878 _____ () C:\Users\Lukas\Documents\82674e22.zip
2014-08-22 00:40 - 2014-08-22 00:40 - 03515893 _____ () C:\Users\Lukas\Desktop\podpis3.psd
2014-08-22 00:37 - 2014-08-22 00:37 - 03511609 _____ () C:\Users\Lukas\Desktop\podpis2.psd

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2039-08-30 22:39 - 2014-09-17 22:01 - 00115748 _____ () C:\Users\Lukas\Desktop\Duplexide.ttf
2014-09-21 23:50 - 2014-09-21 23:50 - 00015311 _____ () C:\Users\Lukas\Desktop\FRST.txt
2014-09-21 23:50 - 2014-09-21 23:48 - 00000000 ____D () C:\FRST
2014-09-21 23:49 - 2014-09-21 23:49 - 00000073 _____ () C:\Users\Lukas\Desktop\FRSTLauncher.exe.url
2014-09-21 23:48 - 2014-09-21 23:48 - 01097728 _____ (Farbar) C:\Users\Lukas\Downloads\FRST (1).exe
2014-09-21 23:47 - 2014-09-21 23:47 - 01097728 _____ (Farbar) C:\Users\Lukas\Downloads\FRST.exe
2014-09-21 23:47 - 2014-09-21 23:47 - 01097728 _____ (Farbar) C:\Users\Lukas\Desktop\FRST.exe
2014-09-21 23:45 - 2013-02-23 15:38 - 00000938 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-21 23:40 - 2012-06-16 12:35 - 00000954 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1003UA.job
2014-09-21 23:38 - 2012-07-10 16:33 - 00000954 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1007UA.job
2014-09-21 23:38 - 2009-04-11 14:37 - 01837800 _____ () C:\Windows\WindowsUpdate.log
2014-09-21 23:36 - 2012-06-09 16:45 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Skype
2014-09-21 23:35 - 2012-06-28 20:34 - 00000000 ____D () C:\Users\Lukas\AppData\Local\LogMeIn Hamachi
2014-09-21 23:33 - 2014-09-21 23:13 - 00013529 _____ () C:\zoek-results.log
2014-09-21 23:32 - 2014-09-21 21:35 - 00001060 _____ () C:\Windows\PFRO.log
2014-09-21 23:32 - 2013-02-23 15:38 - 00000934 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-21 23:32 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-21 23:32 - 2006-11-02 14:47 - 00003760 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-21 23:32 - 2006-11-02 14:47 - 00003760 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-21 23:27 - 2006-11-02 15:01 - 00032556 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-21 23:25 - 2014-09-21 23:12 - 00000000 ____D () C:\zoek_backup
2014-09-21 23:24 - 2012-06-09 16:15 - 00000000 ____D () C:\Users\Lukas
2014-09-21 23:24 - 2006-11-02 13:18 - 00000000 ____D () C:\Program Files\Common Files\System
2014-09-21 23:23 - 2012-06-23 13:19 - 00000954 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1004UA.job
2014-09-21 23:13 - 2012-07-05 18:09 - 00000962 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1005UA.job
2014-09-21 23:12 - 2014-09-21 23:26 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-09-21 23:11 - 2014-09-21 23:11 - 01290752 _____ () C:\Users\Lukas\Desktop\zoek.exe
2014-09-21 23:01 - 2012-07-12 15:56 - 00000966 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1008UA.job
2014-09-21 23:00 - 2012-07-10 16:46 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-21 22:26 - 2014-09-21 22:24 - 00000000 ____D () C:\AdwCleaner
2014-09-21 22:23 - 2014-09-21 22:23 - 00000640 _____ () C:\Users\Lukas\Desktop\JRT.txt
2014-09-21 22:02 - 2014-09-21 21:59 - 00000000 ____D () C:\Program Files\trend micro
2014-09-21 21:59 - 2014-09-21 21:59 - 00000000 ____D () C:\rsit
2014-09-21 21:58 - 2014-09-21 21:58 - 01107968 _____ () C:\Users\Lukas\Documents\RSIT.exe
2014-09-21 21:23 - 2013-02-23 21:03 - 00001965 _____ () C:\Users\Lukas\Desktop\Google Chrome.lnk
2014-09-21 20:58 - 2014-09-21 22:15 - 01027006 _____ (Thisisu) C:\Users\Lukas\Desktop\JRT.exe
2014-09-21 20:58 - 2014-09-21 20:57 - 01027006 _____ (Thisisu) C:\Users\Lukas\Documents\JRT.exe
2014-09-21 20:51 - 2014-09-21 20:46 - 00000000 ____D () C:\Program Files\SavePass 1.1
2014-09-21 20:43 - 2014-09-21 20:43 - 00570136 _____ () C:\Users\Lukas\Documents\mp4toavifree_setup.exe
2014-09-21 20:42 - 2013-03-10 19:55 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\vlc
2014-09-21 20:40 - 2014-09-21 20:40 - 00000257 _____ () C:\Users\Lukas\Documents\cutted.mp4
2014-09-21 20:29 - 2014-09-21 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Video Cutter
2014-09-21 20:28 - 2014-09-21 20:28 - 06420430 _____ (FreeVideoCutter.com ) C:\Users\Lukas\Documents\freevideocutter_setup.exe
2014-09-21 19:51 - 2014-09-21 19:41 - 71946193 _____ () C:\Users\Lukas\Documents\TRR 2013 720p (Video Only).mp4
2014-09-21 19:30 - 2012-06-10 19:34 - 00000132 _____ () C:\Users\Lukas\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-09-21 18:13 - 2012-07-05 18:09 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1005Core.job
2014-09-20 18:07 - 2012-07-02 16:30 - 00000000 ____D () C:\Users\Tom\AppData\Local\LogMeIn Hamachi
2014-09-20 18:05 - 2006-11-02 14:47 - 03755000 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-19 21:35 - 2014-09-19 21:35 - 00226672 _____ () C:\Users\Lukas\Desktop\outline.psd
2014-09-19 21:16 - 2014-09-19 21:16 - 00000069 _____ () C:\Users\Lukas\Desktop\Nový textový dokument (2).TXT
2014-09-19 16:37 - 2013-12-14 12:47 - 00001157 _____ () C:\Users\Tom\Desktop\ROBLOX Player.lnk
2014-09-19 16:37 - 2013-12-14 12:46 - 00000964 _____ () C:\Users\Tom\Desktop\ROBLOX Studio 2013.lnk
2014-09-19 16:37 - 2013-12-14 12:46 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2014-09-19 16:37 - 2012-07-10 16:33 - 00000902 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1007Core.job
2014-09-19 16:01 - 2012-07-12 15:56 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1008Core.job
2014-09-19 15:12 - 2012-06-11 22:09 - 00102024 _____ () C:\Users\Tom\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-17 23:14 - 2012-06-09 16:15 - 00102024 _____ () C:\Users\Lukas\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-17 22:18 - 2014-09-17 22:18 - 01504849 _____ () C:\Users\Lukas\Documents\NaldzGraphics_SplatterPaintBrushes.rar
2014-09-17 22:01 - 2014-09-17 22:01 - 00065062 _____ () C:\Users\Lukas\Desktop\Origicide.zip
2014-09-17 16:29 - 2013-11-20 14:49 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\.minecraft
2014-09-16 21:09 - 2014-09-16 21:09 - 00029894 _____ () C:\Users\Lukas\Documents\beckett.zip
2014-09-16 00:03 - 2014-09-16 00:03 - 00735909 _____ () C:\Users\Lukas\Desktop\outlogo.psd
2014-09-15 20:05 - 2014-09-15 20:05 - 09265024 _____ () C:\Users\Lukas\Desktop\jamamoto.psd
2014-09-15 19:57 - 2014-09-15 18:55 - 05370462 _____ () C:\Users\Lukas\Desktop\Untitled-1.psd
2014-09-15 19:01 - 2014-09-15 19:01 - 03973948 _____ () C:\Users\Lukas\Documents\C4D_Effect_Pack_1_by_Narutobigit.rar
2014-09-15 17:40 - 2014-07-14 09:37 - 00000000 ____D () C:\Users\Tom\AppData\Local\Battle.net
2014-09-15 14:59 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-09-15 14:46 - 2012-06-23 13:19 - 00000902 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1004Core.job
2014-09-15 14:46 - 2012-06-16 12:35 - 00000902 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1003Core.job
2014-09-14 23:53 - 2014-09-14 23:53 - 00022149 _____ () C:\Users\Lukas\Desktop\čína.odt
2014-09-14 23:39 - 2014-09-14 23:39 - 00026795 _____ () C:\Users\Lukas\Desktop\jizniasie.odt
2014-09-14 23:21 - 2014-09-14 23:21 - 00029087 _____ () C:\Users\Lukas\Desktop\japonsko.odt
2014-09-14 00:59 - 2014-09-14 00:56 - 83961641 _____ () C:\Users\Lukas\Documents\Monsterpack3.rar
2014-09-13 22:05 - 2014-09-13 22:04 - 06188485 _____ () C:\Users\Lukas\Documents\Star_Textures__Pack_04_by_dastardly_icons.zip
2014-09-13 21:07 - 2014-09-13 21:07 - 01635257 _____ () C:\Users\Lukas\Documents\marsneveneksk.zip
2014-09-13 19:31 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-09-13 18:05 - 2013-04-01 13:44 - 00000680 _____ () C:\Users\Tom\AppData\Local\d3d9caps.dat
2014-09-11 17:22 - 2013-04-27 12:14 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\Origin
2014-09-11 17:22 - 2013-04-27 12:14 - 00000000 ____D () C:\Users\Tom\AppData\Local\Origin
2014-09-11 17:22 - 2013-04-25 20:29 - 00000000 ____D () C:\ProgramData\Origin
2014-09-11 17:21 - 2013-04-25 20:29 - 00000000 ____D () C:\Program Files\Origin
2014-09-10 18:52 - 2012-06-09 16:15 - 00007944 _____ () C:\Users\Lukas\AppData\Local\d3d9caps.dat
2014-09-10 17:00 - 2012-07-10 16:46 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-10 17:00 - 2012-07-10 16:46 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-10 16:23 - 2013-08-16 10:14 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-10 16:16 - 2006-11-02 12:24 - 98758480 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-09-10 16:12 - 2009-04-13 11:32 - 01509514 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-09 22:56 - 2013-02-16 16:05 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\uTorrent
2014-09-09 22:50 - 2014-09-09 22:50 - 00000000 ____D () C:\Users\Lukas\Documents\Kytlice-2014
2014-09-09 22:19 - 2013-06-22 19:15 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\.minecraft
2014-09-09 21:09 - 2014-09-09 21:09 - 00006132 _____ () C:\Users\Lukas\Documents\updater.php
2014-09-09 20:49 - 2014-09-09 20:17 - 550991765 _____ () C:\Users\Lukas\Documents\Kytlice-2014.rar
2014-09-09 20:16 - 2014-09-09 20:14 - 10718571 _____ () C:\Users\Lukas\Documents\Pod-vodou---by-Nakashi_v1.1.rar
2014-09-04 20:12 - 2014-09-04 20:12 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Wireshark
2014-09-04 19:58 - 2014-09-04 19:58 - 04161313 _____ () C:\Users\Lukas\Documents\tdsskiller.zip
2014-09-04 19:38 - 2014-09-04 19:38 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-04 19:34 - 2014-09-04 19:33 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Lukas\Documents\mbam-setup-2.0.2.1012.exe
2014-09-04 19:25 - 2014-08-17 20:10 - 00000000 ____D () C:\Program Files\BitKinex
2014-09-04 18:42 - 2014-09-04 18:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-09-04 01:42 - 2014-09-04 01:42 - 07778786 _____ () C:\Users\Lukas\Documents\2DWaterTest.rar
2014-09-03 22:04 - 2014-09-03 22:04 - 00000000 ____D () C:\Users\Lukas\Documents\Electronic Arts
2014-09-03 21:59 - 2014-09-03 21:59 - 06498200 _____ (Microsoft Corporation) C:\Users\Lukas\Documents\vcredist_x86.exe
2014-09-03 21:54 - 2014-09-03 21:53 - 20434932 _____ () C:\Users\Lukas\Documents\SC-T-4174-LLL-458.rar
2014-09-03 21:52 - 2014-09-03 21:52 - 01210873 _____ () C:\Users\Lukas\Documents\SC-TS-748741-C.rar
2014-09-03 21:49 - 2013-04-25 20:30 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Origin
2014-09-03 21:41 - 2014-09-03 21:41 - 17088592 _____ (Electronic Arts, Inc.) C:\Users\Lukas\Documents\OriginThinSetup.exe
2014-09-03 21:39 - 2013-04-25 20:29 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-09-02 22:08 - 2014-09-02 22:08 - 00030539 _____ () C:\Users\Lukas\Documents\[kickass.to]the.sims.4.deluxe.edition.skidrowcrack.torrent
2014-08-31 21:23 - 2012-07-03 17:39 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-08-30 23:47 - 2014-08-30 23:47 - 00002133 _____ () C:\Users\Lukas\Desktop\shoot.p
2014-08-30 23:35 - 2014-08-30 23:35 - 00002018 _____ () C:\Users\Lukas\Desktop\fire
2014-08-30 22:27 - 2014-07-11 23:39 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Battle.net
2014-08-30 01:09 - 2014-08-30 01:09 - 00821379 _____ () C:\Users\Lukas\Documents\YamamotoGen - obchází ban.zip
2014-08-28 09:43 - 2012-08-03 11:39 - 00008704 _____ () C:\Users\Tom\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-27 23:42 - 2014-08-27 03:09 - 21297104 _____ () C:\Users\Lukas\Desktop\asdasd.psd
2014-08-27 02:50 - 2014-08-27 02:50 - 00006157 _____ () C:\Users\Lukas\Desktop\kresba-1.svg
2014-08-27 02:50 - 2014-08-27 02:50 - 00001215 _____ () C:\Users\Lukas\AppData\Local\recently-used.xbel
2014-08-25 06:53 - 2012-06-10 02:18 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-23 22:03 - 2014-08-23 22:02 - 00000000 ____D () C:\Users\Lukas\Documents\NFS Most Wanted
2014-08-23 20:53 - 2014-08-23 20:53 - 01678803 _____ () C:\Users\Lukas\Documents\15seconds.zip
2014-08-23 15:54 - 2014-08-23 15:54 - 00000000 ____D () C:\Users\Lukas\Documents\Activision
2014-08-23 15:54 - 2014-08-23 15:54 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Activision
2014-08-23 15:34 - 2014-08-23 15:34 - 00000000 ____D () C:\Users\Lukas\Documents\Disney Interactive Studios
2014-08-23 03:03 - 2014-08-29 03:00 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 01:26 - 2014-08-29 03:00 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 23:52 - 2014-08-22 23:51 - 00662878 _____ () C:\Users\Lukas\Documents\82674e22.zip
2014-08-22 00:40 - 2014-08-22 00:40 - 03515893 _____ () C:\Users\Lukas\Desktop\podpis3.psd
2014-08-22 00:37 - 2014-08-22 00:37 - 03511609 _____ () C:\Users\Lukas\Desktop\podpis2.psd

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-21 23:39

==================== End Of Log ============================

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  CloseProcesses:
  
  HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
  HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
  HKLM\...\Run: [LogMeIn Hamachi Ui] => D:\hamachi\hamachi-2-ui.exe [3802448 2014-09-04] (LogMeIn Inc.)
  HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
  HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
  HKU\S-1-5-21-2774091277-2945853270-1337784581-1000\...\Run: [PlayNC Launcher] => [X]
  HKU\S-1-5-21-2774091277-2945853270-1337784581-1000\...\Run: [Clownfish] => (the data entry has 824 more characters).
  HKU\S-1-5-21-2774091277-2945853270-1337784581-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
  HKU\S-1-5-21-2774091277-2945853270-1337784581-1000\...\Run: [Steam] => D:\Steam\steam.exe [1939136 2014-08-28] (Valve Corporation)
  HKU\S-1-5-21-2774091277-2945853270-1337784581-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
  HKU\S-1-5-21-2774091277-2945853270-1337784581-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
  HKU\S-1-5-21-2774091277-2945853270-1337784581-1000\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess?
  HKU\S-1-5-21-2774091277-2945853270-1337784581-1000\...A8F59079A8D5}\localserver32: <==== ATTENTION!
  
  S3 gdrv; \??\C:\Windows\gdrv.sys [X]
  S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
  S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
  S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
  S3 taphss6; system32\DRIVERS\taphss6.sys [X]
  U3 asivhwto; C:\Windows\system32\Drivers\asivhwto.sys [0 ] (Microsoft Corporation)
  
  2014-09-21 23:50 - 2014-09-21 23:50 - 00015311 _____ () C:\Users\Lukas\Desktop\FRST.txt
  2014-09-21 23:49 - 2014-09-21 23:49 - 00000073 _____ () C:\Users\Lukas\Desktop\FRSTLauncher.exe.url
  2014-09-21 23:48 - 2014-09-21 23:48 - 01097728 _____ (Farbar) C:\Users\Lukas\Downloads\FRST (1).exe
  2014-09-21 23:47 - 2014-09-21 23:47 - 01097728 _____ (Farbar) C:\Users\Lukas\Downloads\FRST.exe
  2014-09-21 23:26 - 2014-09-21 23:12 - 00024064 _____ () C:\Windows\zoek-delete.exe
  2014-09-21 23:13 - 2014-09-21 23:33 - 00013529 _____ () C:\zoek-results.log
  2014-09-21 23:12 - 2014-09-21 23:25 - 00000000 ____D () C:\zoek_backup
  2014-09-21 23:11 - 2014-09-21 23:11 - 01290752 _____ () C:\Users\Lukas\Desktop\zoek.exe
  2014-09-21 22:24 - 2014-09-21 22:26 - 00000000 ____D () C:\AdwCleaner
  2014-09-21 22:23 - 2014-09-21 22:23 - 00000640 _____ () C:\Users\Lukas\Desktop\JRT.txt
  2014-09-21 22:15 - 2014-09-21 20:58 - 01027006 _____ (Thisisu) C:\Users\Lukas\Desktop\JRT.exe
  2014-09-21 21:59 - 2014-09-21 22:02 - 00000000 ____D () C:\Program Files\trend micro
  2014-09-21 21:59 - 2014-09-21 21:59 - 00000000 ____D () C:\rsit
  2014-09-21 21:58 - 2014-09-21 21:58 - 01107968 _____ () C:\Users\Lukas\Documents\RSIT.exe
  2014-09-21 21:35 - 2014-09-21 23:32 - 00001060 _____ () C:\Windows\PFRO.log
  2014-09-21 20:57 - 2014-09-21 20:58 - 01027006 _____ (Thisisu) C:\Users\Lukas\Documents\JRT.exe
  2014-09-21 20:46 - 2014-09-21 20:51 - 00000000 ____D () C:\Program Files\SavePass 1.1
  2014-09-04 19:33 - 2014-09-04 19:34 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Lukas\Documents\mbam-setup-2.0.2.1012.exe
  
  C:\Windows\tasks\Adobe Flash Player Updater.job
  C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
  C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
  C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1003Core.job
  C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1003UA.job
  C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1004Core.job
  C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1004UA.job
  C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1005Core.job
  C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1005UA.job 
  C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1007Core.job
  C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1007UA.job
  C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1008Core.job
  C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1008UA.job
  
  Hosts:
  EmptyTemp:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 21-09-2014 01
Ran by Lukas at 2014-09-22 16:58:30 Run:1
Running from C:\Users\Lukas\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
CloseProcesses:

HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [LogMeIn Hamachi Ui] => D:\hamachi\hamachi-2-ui.exe [3802448 2014-09-04] (LogMeIn Inc.)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-2774091277-2945853270-1337784581-1000\...\Run: [PlayNC Launcher] => [X]
HKU\S-1-5-21-2774091277-2945853270-1337784581-1000\...\Run: [Clownfish] => (the data entry has 824 more characters).
HKU\S-1-5-21-2774091277-2945853270-1337784581-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKU\S-1-5-21-2774091277-2945853270-1337784581-1000\...\Run: [Steam] => D:\Steam\steam.exe [1939136 2014-08-28] (Valve Corporation)
HKU\S-1-5-21-2774091277-2945853270-1337784581-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2774091277-2945853270-1337784581-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-2774091277-2945853270-1337784581-1000\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess?
HKU\S-1-5-21-2774091277-2945853270-1337784581-1000\...A8F59079A8D5}\localserver32: <==== ATTENTION!

S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
U3 asivhwto; C:\Windows\system32\Drivers\asivhwto.sys [0 ] (Microsoft Corporation)

2014-09-21 23:50 - 2014-09-21 23:50 - 00015311 _____ () C:\Users\Lukas\Desktop\FRST.txt
2014-09-21 23:49 - 2014-09-21 23:49 - 00000073 _____ () C:\Users\Lukas\Desktop\FRSTLauncher.exe.url
2014-09-21 23:48 - 2014-09-21 23:48 - 01097728 _____ (Farbar) C:\Users\Lukas\Downloads\FRST (1).exe
2014-09-21 23:47 - 2014-09-21 23:47 - 01097728 _____ (Farbar) C:\Users\Lukas\Downloads\FRST.exe
2014-09-21 23:26 - 2014-09-21 23:12 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-09-21 23:13 - 2014-09-21 23:33 - 00013529 _____ () C:\zoek-results.log
2014-09-21 23:12 - 2014-09-21 23:25 - 00000000 ____D () C:\zoek_backup
2014-09-21 23:11 - 2014-09-21 23:11 - 01290752 _____ () C:\Users\Lukas\Desktop\zoek.exe
2014-09-21 22:24 - 2014-09-21 22:26 - 00000000 ____D () C:\AdwCleaner
2014-09-21 22:23 - 2014-09-21 22:23 - 00000640 _____ () C:\Users\Lukas\Desktop\JRT.txt
2014-09-21 22:15 - 2014-09-21 20:58 - 01027006 _____ (Thisisu) C:\Users\Lukas\Desktop\JRT.exe
2014-09-21 21:59 - 2014-09-21 22:02 - 00000000 ____D () C:\Program Files\trend micro
2014-09-21 21:59 - 2014-09-21 21:59 - 00000000 ____D () C:\rsit
2014-09-21 21:58 - 2014-09-21 21:58 - 01107968 _____ () C:\Users\Lukas\Documents\RSIT.exe
2014-09-21 21:35 - 2014-09-21 23:32 - 00001060 _____ () C:\Windows\PFRO.log
2014-09-21 20:57 - 2014-09-21 20:58 - 01027006 _____ (Thisisu) C:\Users\Lukas\Documents\JRT.exe
2014-09-21 20:46 - 2014-09-21 20:51 - 00000000 ____D () C:\Program Files\SavePass 1.1
2014-09-04 19:33 - 2014-09-04 19:34 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Lukas\Documents\mbam-setup-2.0.2.1012.exe

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1003Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1003UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1004Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1004UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1005Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1005UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1007Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1007UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1008Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1008UA.job

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\LogMeIn Hamachi Ui => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run\\WindowsWelcomeCenter => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run\\WindowsWelcomeCenter => value deleted successfully.
HKU\S-1-5-21-2774091277-2945853270-1337784581-1000\Software\Microsoft\Windows\CurrentVersion\Run\\PlayNC Launcher => value deleted successfully.
HKU\S-1-5-21-2774091277-2945853270-1337784581-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Clownfish => value deleted successfully.
HKU\S-1-5-21-2774091277-2945853270-1337784581-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-2774091277-2945853270-1337784581-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Steam => value deleted successfully.
HKU\S-1-5-21-2774091277-2945853270-1337784581-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value deleted successfully.
HKU\S-1-5-21-2774091277-2945853270-1337784581-1000\Software\Microsoft\Windows\CurrentVersion\Run\\WMPNSCFG => value deleted successfully.
"HKU\S-1-5-21-2774091277-2945853270-1337784581-1000\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}" => Key deleted successfully.
"HKU\S-1-5-21-2774091277-2945853270-1337784581-1000\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32" => Key not found.
"HKU\S-1-5-21-2774091277-2945853270-1337784581-1000\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}" => Key deleted successfully.
gdrv => Service deleted successfully.
IpInIp => Service deleted successfully.
NwlnkFlt => Service deleted successfully.
NwlnkFwd => Service deleted successfully.
taphss6 => Service deleted successfully.
asivhwto => Service not found.
C:\Users\Lukas\Desktop\FRST.txt => Moved successfully.
C:\Users\Lukas\Desktop\FRSTLauncher.exe.url => Moved successfully.
C:\Users\Lukas\Downloads\FRST (1).exe => Moved successfully.
C:\Users\Lukas\Downloads\FRST.exe => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Lukas\Desktop\zoek.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Lukas\Desktop\JRT.txt => Moved successfully.
C:\Users\Lukas\Desktop\JRT.exe => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\rsit => Moved successfully.
C:\Users\Lukas\Documents\RSIT.exe => Moved successfully.
C:\Windows\PFRO.log => Moved successfully.
C:\Users\Lukas\Documents\JRT.exe => Moved successfully.
C:\Program Files\SavePass 1.1 => Moved successfully.
C:\Users\Lukas\Documents\mbam-setup-2.0.2.1012.exe => Moved successfully.
C:\Windows\tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1003Core.job => Moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1003UA.job => Moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1004Core.job => Moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1004UA.job => Moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1005Core.job => Moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1005UA.job => Moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1007Core.job => Moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1007UA.job => Moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1008Core.job => Moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2774091277-2945853270-1337784581-1008UA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 88.9 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====

Jak se chova PC?

Jako normálně. Nic mi to tu nehlásí.

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse