VIRY.CZ

Dobrý den,

Moc prosím o kontrolu logu, počitač najíždí asi 10 min.

Logfile of random's system information tool 1.10 (written by random/random)
Run by HP at 2014-09-22 12:02:14
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 16 GB (16%) free of 102 GB
Total RAM: 3999 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:03:19, on 22.9.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
C:\Users\HP\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe
C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Users\HP\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Users\HP\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\HP.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?p2=%5EB36%5E ... 07-29&psv=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\9.7\iobitappsToolbarIE.dll
R3 - URLSearchHook: SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll" (file missing)
R3 - URLSearchHook: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\9.7\iobitappsToolbarIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: DigitalPersona Personal Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll
O2 - BHO: KMP Media Toolbar BHO - {4B4D5056-3700-A76A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\KMPV7\Passport.dll" (file missing)
O2 - BHO: uTorrentControl_v2 - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll
O2 - BHO: Ads Removal - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O3 - Toolbar: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll
O3 - Toolbar: KMP Media Toolbar - {4B4D5056-3700-A76A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\KMPV7\Passport.dll" (file missing)
O3 - Toolbar: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\9.7\iobitappsToolbarIE.dll
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [Guard.Mail.ru.gui] "C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe" /gui
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Yahoo! Search] C:\Users\HP\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto (User 'Default user')
O4 - Global Startup: Photags AutoDetect.lnk = C:\Program Files (x86)\PhoTags Express\Photags AutoDetect.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
O23 - Service: @C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Unknown owner - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: SafetyNut Manager (SafetyNutManager) - SafetyNut Inc - C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\SafetyNutManager.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update AtuZi - Unknown owner - C:\Program Files (x86)\AtuZi\updateAtuZi.exe
O23 - Service: Util AtuZi - Unknown owner - C:\Program Files (x86)\AtuZi\bin\utilAtuZi.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater18.1.9 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12709 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job - C:\Windows\TEMP\{5DB5A5E5-07AD-4FE3-B8EE-2838DFA2E6B6}.exe --uninstall=1

=========Mozilla firefox=========

ProfilePath - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pn3y3w0e.default-1411033565785

prefs.js - "browser.startup.homepage" - "www.seznam.cz"

"otis@digitalpersona.com"=C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\
"avg@toolbar"=C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.9.799\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
IObit Apps Toolbar - C:\Program Files (x86)\IObit Apps Toolbar\IE\9.7\iobitappsToolbarIE.dll [2014-08-22 1574208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}]
DigitalPersona Personal Extension - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll [2009-07-17 1256512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4B4D5056-3700-A76A-76A7-7A786E7484D7}]
KMP Media Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\KMPV7\Passport.dll [2014-08-22 12184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473b6bd-4691-4744-a82b-7854eb3d70b6}]
uTorrentControl_v2 Toolbar - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll [2014-08-26 3627032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F}]
Ads Removal - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll [2014-06-11 464720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2014-02-20 669504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7473b6bd-4691-4744-a82b-7854eb3d70b6} - uTorrentControl_v2 Toolbar - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll [2011-05-09 176936]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll [2014-08-26 3627032]
{4B4D5056-3700-A76A-76A7-7A786E7484D7} - KMP Media Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\KMPV7\Passport.dll [2014-08-22 12184]
{03EB0E9C-7A91-4381-A220-9B52B641CDB1} - IObit Apps Toolbar - C:\Program Files (x86)\IObit Apps Toolbar\IE\9.7\iobitappsToolbarIE.dll [2014-08-22 1574208]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-11-02 32768]
"UCam_Menu"=C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [2008-12-03 218408]
"vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2014-08-26 2640408]
"Guard.Mail.ru.gui"=C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2012-09-29 1564368]
"IObit Malware Fighter"=C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2014-04-17 1596224]
"ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2014-08-22 1942424]
"SearchSettings"=C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe [2014-08-22 1608000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe [2014-09-19 1416016]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-08-27 22041192]
"Yahoo! Search"=C:\Users\HP\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe [2014-09-12 535472]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Photags AutoDetect.lnk - C:\Program Files (x86)\PhoTags Express\Photags AutoDetect.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
DPPWDFLT

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codecp.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.vorbis"=vorbis.acm
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-09-22 12:02:15 ----D---- C:\Program Files (x86)\trend micro
2014-09-22 12:02:14 ----D---- C:\rsit
2014-09-11 21:09:51 ----RD---- C:\Program Files (x86)\Skype
2014-09-11 21:09:51 ----D---- C:\Program Files (x86)\Common Files\Skype
2014-08-27 13:35:41 ----D---- C:\Program Files (x86)\IObit Apps Toolbar
2014-08-27 13:35:41 ----D---- C:\Program Files (x86)\Application Updater
2014-08-27 08:04:11 ----D---- C:\Program Files (x86)\AVG Security Toolbar
2014-08-27 08:04:01 ----D---- C:\ProgramData\Avg_Update_0814tb

======List of files/folders modified in the last 1 month======

2014-09-22 12:03:20 ----D---- C:\Windows\Prefetch
2014-09-22 12:02:15 ----RD---- C:\Program Files (x86)
2014-09-22 12:01:42 ----D---- C:\Windows
2014-09-22 12:01:33 ----D---- C:\Windows\inf
2014-09-22 12:00:28 ----D---- C:\Users\HP\AppData\Roaming\uTorrent
2014-09-22 11:56:43 ----D---- C:\Users\HP\AppData\Roaming\Skype
2014-09-22 11:55:23 ----D---- C:\Users\HP\AppData\Roaming\Media Player Classic
2014-09-22 11:55:21 ----D---- C:\Windows\Temp
2014-09-22 11:05:45 ----A---- C:\Windows\win.ini
2014-09-22 10:58:55 ----D---- C:\Windows\SoftwareDistribution
2014-09-22 10:56:57 ----D---- C:\ProgramData\ProductData
2014-09-22 10:54:43 ----D---- C:\Windows\debug
2014-09-21 13:57:03 ----SHD---- C:\System Volume Information
2014-09-21 13:57:02 ----D---- C:\Windows\Logs
2014-09-20 19:07:30 ----D---- C:\Windows\System32
2014-09-20 15:32:46 ----D---- C:\Program Files (x86)\Full Tilt Poker
2014-09-11 21:10:37 ----SHD---- C:\Windows\Installer
2014-09-11 21:10:37 ----HD---- C:\Config.Msi
2014-09-11 21:09:51 ----D---- C:\Program Files (x86)\Common Files
2014-09-11 21:09:48 ----D---- C:\ProgramData\Skype
2014-09-11 15:23:30 ----D---- C:\Program Files (x86)\PokerStars
2014-09-10 14:46:48 ----D---- C:\Windows\SysWOW64
2014-09-10 14:46:46 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-27 13:35:41 ----D---- C:\Program Files (x86)\Common Files\Spigot
2014-08-27 08:13:08 ----D---- C:\Windows\Tasks
2014-08-27 08:04:01 ----HD---- C:\ProgramData
2014-08-26 00:15:38 ----D---- C:\Program Files (x86)\AVG Secure Search

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys []
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys []
R1 {a398d4bf-ac93-41b8-983d-d3185c8c4cc1}w64;{a398d4bf-ac93-41b8-983d-d3185c8c4cc1}w64; C:\Windows\system32\drivers\{a398d4bf-ac93-41b8-983d-d3185c8c4cc1}w64.sys []
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys []
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys []
R1 F06DEFF2-5B9C-490D-910F-35D3A9119622;F06DEFF2-5B9C-490D-910F-35D3A9119622; \??\C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\x64\configmgrc1.cfg [2014-05-28 36432]
R1 SCDEmu;SCDEmu; C:\Windows\SysWOW64\drivers\SCDEmu.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys []
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys []
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys []
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys []
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys []
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys []
R3 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-03-23 23048]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys []
R3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2013-11-19 34848]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys []
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys []
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
R3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2013-11-19 23016]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys []
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys []
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys []
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys []
S3 EagleX64;EagleX64; C:\Windows\SysWOW64\drivers\EagleX64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys []
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys []
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys []
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys []
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2014-01-14 881952]
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\AESTSr64.exe [2009-03-01 89600]
R2 APNMCP;Ask Update Service; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2014-08-22 166296]
R2 Application Updater;Application Updater; C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2014-08-22 990072]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DpHost;@C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe,-128; C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe [2009-07-17 322624]
R2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2012-12-24 1868432]
R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2012-09-29 1564368]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe []
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2014-01-24 342336]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [2013-07-08 1922600]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\STacSV64.exe [2009-08-12 240640]
R2 vToolbarUpdater18.1.9;vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [2014-08-11 1820184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-12-03 2151200]
S2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-03-26 12600]
S2 SafetyNutManager;SafetyNut Manager; C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\SafetyNutManager.exe [2014-05-28 3544272]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S2 Update AtuZi;Update AtuZi; C:\Program Files (x86)\AtuZi\updateAtuZi.exe [2014-09-22 325400]
S2 Util AtuZi;Util AtuZi; C:\Program Files (x86)\AtuZi\bin\utilAtuZi.exe [2014-09-22 325400]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-18 119408]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []

-----------------EOF-----------------

Zdravim

Odinstalujte Advanced SystemCare a IObit Malware Fighter a nasledne i vse od IOBit - jsou to cinske smejdy a spise jen skodi nez jsou uzitkem. Hledaji nesmyslne a neexistujici problemy, databazi haveti ukradli jine renomovane spolecnosti

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Log z 1. programu zde:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.9 (09.20.2014:1)
OS: Windows 7 Ultimate x64
Ran by HP on po 22.09.2014 at 13:05:36,81
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apntbmon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-3430852545-1810248877-1481859449-1000\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\scripthelper.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\viprotocol.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\search settings
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\util atuzi
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\protocols\handler\viprotocol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3220468
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\APNSetup_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\APNSetup_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\KMPAskPIPCount_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\KMPAskPIPCount_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APNSetup_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APNSetup_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\KMPAskPIPCount_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\KMPAskPIPCount_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EF5BD3D9-638F-41A1-8D19-0BFCDCDB8AB7}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
Successfully deleted: [Registry Key] "hkey_current_user\software\askpartnernetwork"
Successfully deleted: [Registry Key] "hkey_local_machine\software\askpartnernetwork"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\clsid\{44cbc005-6243-4502-8a02-3a096a282664}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\clsid\{80703783-e415-4ee3-ab60-d36981c5a6f1}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\clsid\{d8278076-bc68-4484-9233-6e7f1628b56c}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\clsid\{f297534d-7b06-459d-bc19-2dd8ef69297b}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\typelib\{9945959c-aad8-4312-8b57-2de11927e770}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\internet explorer\low rights\elevationpolicy\{6978f29a-3493-40b2-8cdc-9c13a02f85a4}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\internet explorer\low rights\elevationpolicy\{d7949a66-d936-4028-9552-14f7dc50f38d}"



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\Users\HP\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\HP\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\HP\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\HP\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\HP\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Users\HP\appdata\locallow\utorrentcontrol_v2"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\utorrentcontrol_v2"
Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\spigot"
Successfully deleted: [Folder] "C:\ProgramData\AskPartnerNetwork"
Successfully deleted: [Folder] "C:\Program Files (x86)\askpartnernetwork"



~~~ FireFox

Successfully deleted: [File] C:\Users\HP\AppData\Roaming\mozilla\firefox\profiles\pn3y3w0e.default-1411033565785\invalidprefs.js



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 22.09.2014 at 13:20:18,85
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Log z 2. programu zde:
# AdwCleaner v3.310 - Report created 22/09/2014 at 13:29:11
# Updated 12/09/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : HP - HP-PC
# Running from : C:\Users\HP\Desktop\adwcleaner_3.310.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : APNMCP
[#] Service Deleted : F06DEFF2-5B9C-490D-910F-35D3A9119622
[#] Service Deleted : SafetyNutManager
[#] Service Deleted : Update AtuZi
[#] Service Deleted : Util AtuZi
Service Deleted : {a398d4bf-ac93-41b8-983d-d3185c8c4cc1}w64

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\SafetyNut
Folder Deleted : C:\Program Files (x86)\AtuZi
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\AVG Security Toolbar
Folder Deleted : C:\Program Files (x86)\Browser Tab Search by Ask
Folder Deleted : C:\Program Files (x86)\NCH Software
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\HP\AppData\Local\AskPartnerNetwork
Folder Deleted : C:\Users\HP\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\HP\AppData\Local\pay-by-ads
Folder Deleted : C:\Users\HP\AppData\Local\Temp\apn
Folder Deleted : C:\Users\HP\AppData\Local\Temp\AtuZi
Folder Deleted : C:\Users\HP\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\HP\AppData\Roaming\NCH Software
Folder Deleted : C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Folder Deleted : C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen
Folder Deleted : C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod
File Deleted : C:\Windows\System32\drivers\{a398d4bf-ac93-41b8-983d-d3185c8c4cc1}w64.sys
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\Ask.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
File Deleted : C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\etjpccgx.default-1367222440575\user.js
File Deleted : C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\qq31sgjn.default-1383227635924\user.js

***** [ Scheduled Tasks ] *****

Task Deleted : Yahoo! Search

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AtuZi_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AtuZi_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateAtuZi_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateAtuZi_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\utilAtuZi_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\utilAtuZi_RASMANCS
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update AtuZi
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9F5253B0-D113-4B64-B2D4-B765C749A3B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0EF6989F-E21A-49A9-A1C2-200C41FC429A}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D8278076-BC68-4484-9233-6E7F1628B56C}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\SafetyNut
Key Deleted : HKCU\Software\AtuZi
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl_v2
Key Deleted : HKLM\SOFTWARE\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\SafetyNut
Key Deleted : HKLM\SOFTWARE\uTorrentControl_v2
Key Deleted : HKLM\SOFTWARE\AtuZi
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v2 Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\AskPartnerNetwork
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AtuZi
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16448

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]

-\\ Mozilla Firefox v30.0 (cs)

[ File : C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\etjpccgx.default-1367222440575\prefs.js ]


[ File : C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pn3y3w0e.default-1411033565785\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [12512 octets] - [22/09/2014 13:26:35]
AdwCleaner[S0].txt - [11010 octets] - [22/09/2014 13:29:11]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11071 octets] ##########

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Zoek.exe v5.0.0.0 Updated 21-09-2014
Tool run by HP on po 22.09.2014 at 13:51:15,95.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: F:\složka\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

22.9.2014 13:52:24 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3430852545-1810248877-1481859449-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2} deleted successfully
HKEY_USERS\S-1-5-21-3430852545-1810248877-1481859449-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EBACADB7-8581-42A5-940B-80C5893ABF9F} deleted successfully
HKEY_USERS\S-1-5-21-3430852545-1810248877-1481859449-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B4D5056-3700-A76A-76A7-7A786E7484D7} deleted successfully
HKEY_USERS\S-1-5-21-3430852545-1810248877-1481859449-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B4D5056-3700-A76A-76A7-7A786E7484D7} deleted successfully
HKEY_USERS\S-1-5-21-3430852545-1810248877-1481859449-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{4B4D5056-3700-A76A-76A7-7A786E7484D7} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{4B4D5056-3700-A76A-76A7-7A786E7484D7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4B4D5056-3700-A76A-76A7-7A786E7484D7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4B4D5056-3700-A76A-76A7-7A786E7484D7} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully
HKEY_USERS\S-1-5-21-3430852545-1810248877-1481859449-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully
HKEY_USERS\S-1-5-21-3430852545-1810248877-1481859449-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} deleted successfully
HKEY_USERS\S-1-5-21-3430852545-1810248877-1481859449-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} deleted successfully
HKEY_USERS\S-1-5-21-3430852545-1810248877-1481859449-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{4B4D5056-3700-A76A-76A7-7A786E7484D7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{4B4D5056-3700-A76A-76A7-7A786E7484D7} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater18.1.9 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater18.1.9 deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\etjpccgx.default-1367222440575\prefs.js:
user_pref("browser.startup.homepage", "seznam.cz");

Added to C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\etjpccgx.default-1367222440575\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pn3y3w0e.default-1411033565785\prefs.js:
user_pref("browser.startup.homepage", "www.seznam.cz");

Added to C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pn3y3w0e.default-1411033565785\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\qq31sgjn.default-1383227635924\prefs.js:

Added to C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\qq31sgjn.default-1383227635924\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\etjpccgx.default-1367222440575

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_22.09.2014_1403_.backup

ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pn3y3w0e.default-1411033565785

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_22.09.2014_1403_.backup

ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\qq31sgjn.default-1383227635924

user.js not found
---- FireFox user.js and prefs.js backups ----


==== Deleting Files \ Folders ======================

C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted
C:\PROGRA~3\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} deleted
C:\PROGRA~3\Avg_Update_0814tb deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\InstallMate deleted
C:\Users\HP\AppData\Local\cache deleted
C:\Users\HP\AppData\LocalLow\ADSRemoval deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Search Settings deleted
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job deleted
C:\windows\SysNative\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv deleted
C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\etjpccgx.default-1367222440575\extensions\adremoveext@adremoveext.net deleted
C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\qq31sgjn.default-1383227635924\extensions\adremoveext@adremoveext.net deleted
"C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\etjpccgx.default-1367222440575\extensions\{9e891144-6b11-4b15-831d-1fc05f439ef4}.xpi" deleted
"C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\etjpccgx.default-1367222440575\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\qq31sgjn.default-1383227635924\extensions\{9e891144-6b11-4b15-831d-1fc05f439ef4}.xpi" deleted
"C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\qq31sgjn.default-1383227635924\extensions\iobitapps@mybrowserbar.com" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"otis@digitalpersona.com"="C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt" [17.08.2012 16:19]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pn3y3w0e.default-1411033565785
DFC9460CC37E5C414DC4680B10C19E7A - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll - Shockwave Flash
65C1D9F74004E775F9A8598476ABE5EE - C:\Users\HP\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player


==== Chromium Look ======================

Comodo Web Inspector - HP\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdngekjahnmlkinegnhdmmbcfnmbclnn
Advanced SystemCare Surfing Protection - HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd
Advanced SystemCare Surfing Protection - HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd

==== Chromium Startpages ======================

C:\Users\HP\AppData\Local\Comodo\Dragon\User Data\Default\Preferences
"homepage": "http://seznam.cz/",
"homepage": "http://seznam.cz/",
"urls_to_restore_on_startup": [ "http://www.search.ask.com/?o=APN10257&gct=hp" ]
"urls_to_restore_on_startup": [ "http://www.search.ask.com/?o=APN10257&gct=hp" ]


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Secondary Start Pages"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Secondary Start Pages"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\HP\AppData\Local\Comodo\Dragon\User Data\Default\Preferences was reset successfully
C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\HP\AppData\Local\Comodo\Dragon\User Data\Default\Web Data was reset successfully
C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\HP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\HP\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\HP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Users\HP\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\HP\AppData\Local\Mozilla\Firefox\Profiles\pn3y3w0e.default-1411033565785\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\HP\AppData\Local\Comodo\Dragon\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=256 folders=75 11871763 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\HP\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\HP\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\HP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Users\HP\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on po 22.09.2014 at 14:08:52,34 ======================

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-09-2014 01
Ran by HP (administrator) on HP-PC on 22-09-2014 16:40:34
Running from C:\Users\HP\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\AESTSr64.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
() C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Pandora.TV) C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(BitTorrent Inc.) C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe
() C:\Program Files (x86)\PhoTags Express\Photags AutoDetect.exe
(Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
() C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
(PandoraTV) C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
(forum.viry.cz) C:\Users\HP\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1814312 2009-08-14] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [456192 2009-08-12] (IDT, Inc.)
HKLM-x32\...\Run: [RemoteControl] => C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [32768 2004-11-02] (Cyberlink Corp.)
HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM-x32\...\Run: [Guard.Mail.ru.gui] => C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [1564368 2012-09-29] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\Run: [Advanced SystemCare 7] => "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\...\Run: [uTorrent] => C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe [1416016 2014-09-19] (BitTorrent Inc.)
HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\...\Run: [Yahoo! Search] => C:\Users\HP\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe
HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\...\MountPoints2: G - G:\Autorun.exe
HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\...\MountPoints2: H - H:\RunGame.exe
Lsa: [Notification Packages] scecli DPPWDFLT
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Photags AutoDetect.lnk
ShortcutTarget: Photags AutoDetect.lnk -> C:\Program Files (x86)\PhoTags Express\Photags AutoDetect.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll No File
BHO: DigitalPersona Personal Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DigitalPersona Personal Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
BHO-x32: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Tcpip\Parameters: [DhcpNameServer] 109.231.191.1 109.231.191.3

FireFox:
========
FF ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pn3y3w0e.default-1411033565785
FF NewTab: hxxp://www.google.com/
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\HP\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt [2012-08-17]
FF Extension: No Name - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pn3y3w0e.default-1411033565785\extensions\ascsurfingprotection@iobit.com [Not Found]

Chrome:
=======
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2014-04-17]
CHR Extension: (No Name) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen [2014-02-25]
CHR Extension: (No Name) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod [2013-12-05]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2014-01-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\AESTSr64.exe [89600 2009-03-01] (Andrea Electronics Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 DpHost; C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe [322624 2009-07-17] (DigitalPersona, Inc.) [File not signed]
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [1868432 2012-12-24] ()
R2 Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [1564368 2012-09-29] ()
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
S2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [12600 2012-03-26] (Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [1922600 2013-07-08] (Pandora.TV)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\STacSV64.exe [240640 2009-08-12] (IDT, Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-11] (AVG Technologies)
S3 EagleX64; No ImagePath
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [203888 2012-03-20] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [32496 2014-01-12] (Synaptics Incorporated)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-22 16:40 - 2014-09-22 16:41 - 00012747 _____ () C:\Users\HP\Desktop\FRST.txt
2014-09-22 16:40 - 2014-09-22 16:40 - 00000000 ____D () C:\FRST
2014-09-22 16:39 - 2014-09-22 16:38 - 00112640 _____ (forum.viry.cz) C:\Users\HP\Desktop\FRSTLauncher.exe
2014-09-22 16:39 - 2014-09-22 16:35 - 02105856 _____ (Farbar) C:\Users\HP\Desktop\FRST64.exe
2014-09-22 14:07 - 2014-09-22 13:51 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-09-22 13:52 - 2014-09-22 14:08 - 00016047 _____ () C:\zoek-results.log
2014-09-22 13:51 - 2014-09-22 14:07 - 00000000 ____D () C:\zoek_backup
2014-09-22 13:51 - 2014-09-22 13:49 - 01290752 _____ () C:\Users\HP\Desktop\zoek.exe
2014-09-22 13:30 - 2014-09-22 14:07 - 00001326 _____ () C:\Windows\PFRO.log
2014-09-22 13:28 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-22 13:25 - 2014-09-22 13:29 - 00000000 ____D () C:\AdwCleaner
2014-09-22 13:20 - 2014-09-22 13:20 - 00013833 _____ () C:\Users\HP\Desktop\JRT.txt
2014-09-22 13:05 - 2014-09-22 13:05 - 00000000 ____D () C:\Windows\ERUNT
2014-09-22 13:02 - 2014-09-22 12:59 - 01373475 _____ () C:\Users\HP\Desktop\adwcleaner_3.310.exe
2014-09-22 13:02 - 2014-09-22 12:59 - 01027006 _____ (Thisisu) C:\Users\HP\Desktop\JRT.exe
2014-09-22 12:57 - 2014-09-22 12:57 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-09-22 12:02 - 2014-09-22 12:03 - 00000000 ____D () C:\rsit
2014-09-22 12:02 - 2014-09-22 12:03 - 00000000 ____D () C:\Program Files (x86)\trend micro
2014-09-22 12:01 - 2014-09-22 14:08 - 00000900 _____ () C:\Windows\setupact.log
2014-09-22 12:01 - 2014-09-22 12:01 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-22 12:01 - 2014-09-22 12:00 - 01107968 _____ () C:\Users\HP\Desktop\RSIT.exe
2014-09-20 19:07 - 2014-09-20 19:11 - 00006929 _____ () C:\Windows\system32\Errors.log
2014-09-18 11:46 - 2014-09-18 11:46 - 00000000 ____D () C:\Users\HP\Desktop\Původní data aplikace Firefox
2014-09-18 04:56 - 2014-09-18 11:58 - 3895081898 ____R () C:\Users\HP\Desktop\Transformers Age of Extinction 2014 720p WEB-DL x264 AC3-JYK.mkv
2014-09-18 04:56 - 2014-09-18 04:56 - 00110236 _____ () C:\Users\HP\Desktop\Transformers-Age-of-Extinction(0000242290).srt
2014-09-16 18:12 - 2014-09-16 18:54 - 733364224 _____ () C:\Users\HP\Desktop\Ucho.avi
2014-09-15 21:35 - 2014-09-15 21:49 - 1700440064 ____R () C:\Users\HP\Desktop\Up In Smoke.avi
2014-09-15 19:51 - 2014-09-15 19:57 - 732669952 ____R () C:\Users\HP\Desktop\Tesis [DVDRIP][Spanish][www.pctorrent.com].avi
2014-09-15 19:51 - 2014-09-15 19:51 - 00076694 _____ () C:\Users\HP\Desktop\Tesis(0000074319).srt
2014-09-11 21:10 - 2014-09-11 21:10 - 00000000 ____D () C:\Users\HP\AppData\Local\Skype
2014-09-11 21:09 - 2014-09-11 21:10 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-11 21:09 - 2014-09-11 21:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-11 10:34 - 2014-09-11 11:15 - 741101364 _____ () C:\Users\HP\Desktop\Halloween 2.avi
2014-09-10 19:58 - 2014-09-10 20:56 - 1001390080 _____ () C:\Users\HP\Desktop\Vyvrženci z pekla.avi
2014-09-10 11:12 - 2014-09-10 11:12 - 00089975 _____ () C:\Users\HP\Desktop\Millerova křižovatka - titulky cz.srt
2014-09-10 11:11 - 2014-09-10 11:19 - 787722036 ____R () C:\Users\HP\Desktop\Millerova křižovatka.mp4
2014-09-08 19:43 - 2014-09-08 20:24 - 733292544 _____ () C:\Users\HP\Desktop\Temnota.avi
2014-09-06 19:01 - 2014-09-06 19:08 - 768616001 _____ () C:\Users\HP\Desktop\Lučenec 2014.rar
2014-09-04 01:16 - 2014-09-04 01:16 - 00425654 _____ () C:\Users\HP\Desktop\PSLogZip.zip
2014-09-03 20:40 - 2014-09-03 21:01 - 380600320 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino---05x04.avi
2014-08-27 13:48 - 2014-08-27 14:10 - 390504448 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x24.avi
2014-08-27 12:53 - 2014-08-27 13:15 - 380028928 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x23.avi
2014-08-27 12:13 - 2014-08-27 12:34 - 379277312 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x22.avi
2014-08-26 22:56 - 2014-08-26 23:17 - 364863488 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x21.avi
2014-08-26 22:09 - 2014-08-26 22:28 - 343517184 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x20.avi
2014-08-26 21:23 - 2014-08-26 21:43 - 367022080 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x19.avi
2014-08-26 20:56 - 2014-08-26 21:16 - 367032320 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x18.avi
2014-08-26 20:13 - 2014-08-26 20:21 - 362803200 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x17.avi
2014-08-26 18:19 - 2014-08-26 18:39 - 346804224 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x16.avi
2014-08-26 17:35 - 2014-08-26 17:54 - 350283776 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x15.avi
2014-08-26 14:46 - 2014-08-26 15:07 - 365613056 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x14.avi
2014-08-26 14:00 - 2014-08-26 14:20 - 351023104 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x13.avi
2014-08-26 13:31 - 2014-08-26 13:50 - 352923648 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x12.avi
2014-08-26 12:48 - 2014-08-26 13:07 - 348592128 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x11.avi
2014-08-25 23:41 - 2014-08-26 00:02 - 367026176 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x10.avi
2014-08-25 23:06 - 2014-08-25 23:27 - 367024128 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x09.avi
2014-08-25 22:12 - 2014-08-25 22:34 - 387928064 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x08.avi
2014-08-25 21:41 - 2014-08-25 22:02 - 387278848 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x07.avi
2014-08-25 21:04 - 2014-08-25 21:25 - 368130048 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x06.avi
2014-08-23 12:20 - 2014-08-23 12:42 - 387997696 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x05.avi
2014-08-23 11:00 - 2014-08-23 11:22 - 399902720 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-Cz---02x04---Super.avi
2014-08-23 10:30 - 2014-08-23 10:51 - 379582464 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-Cz---02x03---Super.avi

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-22 16:41 - 2014-09-22 16:40 - 00012747 _____ () C:\Users\HP\Desktop\FRST.txt
2014-09-22 16:40 - 2014-09-22 16:40 - 00000000 ____D () C:\FRST
2014-09-22 16:38 - 2014-09-22 16:39 - 00112640 _____ (forum.viry.cz) C:\Users\HP\Desktop\FRSTLauncher.exe
2014-09-22 16:37 - 2012-08-17 18:05 - 00000000 ____D () C:\Users\HP\AppData\Roaming\uTorrent
2014-09-22 16:35 - 2014-09-22 16:39 - 02105856 _____ (Farbar) C:\Users\HP\Desktop\FRST64.exe
2014-09-22 16:34 - 2013-02-16 19:03 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-22 14:16 - 2009-07-14 06:45 - 00021472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-22 14:16 - 2009-07-14 06:45 - 00021472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-22 14:13 - 2010-11-21 11:27 - 00634546 _____ () C:\Windows\system32\perfh005.dat
2014-09-22 14:13 - 2010-11-21 11:27 - 00123104 _____ () C:\Windows\system32\perfc005.dat
2014-09-22 14:13 - 2009-07-14 07:13 - 01478586 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-22 14:12 - 2012-08-17 16:33 - 00000000 ____D () C:\Users\HP\AppData\Roaming\Skype
2014-09-22 14:08 - 2014-09-22 13:52 - 00016047 _____ () C:\zoek-results.log
2014-09-22 14:08 - 2014-09-22 12:01 - 00000900 _____ () C:\Windows\setupact.log
2014-09-22 14:08 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-22 14:07 - 2014-09-22 13:51 - 00000000 ____D () C:\zoek_backup
2014-09-22 14:07 - 2014-09-22 13:30 - 00001326 _____ () C:\Windows\PFRO.log
2014-09-22 13:51 - 2014-09-22 14:07 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-09-22 13:49 - 2014-09-22 13:51 - 01290752 _____ () C:\Users\HP\Desktop\zoek.exe
2014-09-22 13:30 - 2012-08-17 16:26 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-09-22 13:29 - 2014-09-22 13:25 - 00000000 ____D () C:\AdwCleaner
2014-09-22 13:29 - 2012-08-17 16:07 - 01402073 _____ () C:\Windows\WindowsUpdate.log
2014-09-22 13:20 - 2014-09-22 13:20 - 00013833 _____ () C:\Users\HP\Desktop\JRT.txt
2014-09-22 13:05 - 2014-09-22 13:05 - 00000000 ____D () C:\Windows\ERUNT
2014-09-22 12:59 - 2014-09-22 13:02 - 01373475 _____ () C:\Users\HP\Desktop\adwcleaner_3.310.exe
2014-09-22 12:59 - 2014-09-22 13:02 - 01027006 _____ (Thisisu) C:\Users\HP\Desktop\JRT.exe
2014-09-22 12:57 - 2014-09-22 12:57 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-09-22 12:03 - 2014-09-22 12:02 - 00000000 ____D () C:\rsit
2014-09-22 12:03 - 2014-09-22 12:02 - 00000000 ____D () C:\Program Files (x86)\trend micro
2014-09-22 12:01 - 2014-09-22 12:01 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-22 12:00 - 2014-09-22 12:01 - 01107968 _____ () C:\Users\HP\Desktop\RSIT.exe
2014-09-22 11:55 - 2012-08-18 16:06 - 00000000 ____D () C:\Users\HP\AppData\Roaming\Media Player Classic
2014-09-22 11:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-22 11:05 - 2009-07-14 04:34 - 00000710 _____ () C:\Windows\win.ini
2014-09-20 20:35 - 2012-11-17 14:29 - 00000000 ____D () C:\Users\HP\AppData\Local\PokerStars
2014-09-20 19:11 - 2014-09-20 19:07 - 00006929 _____ () C:\Windows\system32\Errors.log
2014-09-20 15:32 - 2014-07-05 02:22 - 00000000 ____D () C:\Program Files (x86)\Full Tilt Poker
2014-09-20 04:09 - 2014-07-05 02:23 - 00000000 ____D () C:\Users\HP\AppData\Local\AuxClient
2014-09-19 23:57 - 2013-03-13 17:58 - 00000000 ____D () C:\Users\HP\AppData\Local\FullTiltPoker
2014-09-18 11:58 - 2014-09-18 04:56 - 3895081898 ____R () C:\Users\HP\Desktop\Transformers Age of Extinction 2014 720p WEB-DL x264 AC3-JYK.mkv
2014-09-18 11:46 - 2014-09-18 11:46 - 00000000 ____D () C:\Users\HP\Desktop\Původní data aplikace Firefox
2014-09-18 05:02 - 2014-07-07 12:15 - 00000000 ____D () C:\Users\HP\Desktop\Filmyy
2014-09-18 04:56 - 2014-09-18 04:56 - 00110236 _____ () C:\Users\HP\Desktop\Transformers-Age-of-Extinction(0000242290).srt
2014-09-16 18:54 - 2014-09-16 18:12 - 733364224 _____ () C:\Users\HP\Desktop\Ucho.avi
2014-09-15 21:49 - 2014-09-15 21:35 - 1700440064 ____R () C:\Users\HP\Desktop\Up In Smoke.avi
2014-09-15 19:57 - 2014-09-15 19:51 - 732669952 ____R () C:\Users\HP\Desktop\Tesis [DVDRIP][Spanish][www.pctorrent.com].avi
2014-09-15 19:51 - 2014-09-15 19:51 - 00076694 _____ () C:\Users\HP\Desktop\Tesis(0000074319).srt
2014-09-11 21:10 - 2014-09-11 21:10 - 00000000 ____D () C:\Users\HP\AppData\Local\Skype
2014-09-11 21:10 - 2014-09-11 21:09 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-11 21:09 - 2014-09-11 21:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-11 21:09 - 2012-08-17 16:33 - 00000000 ____D () C:\ProgramData\Skype
2014-09-11 15:23 - 2012-11-17 14:29 - 00000000 ____D () C:\Program Files (x86)\PokerStars
2014-09-11 11:15 - 2014-09-11 10:34 - 741101364 _____ () C:\Users\HP\Desktop\Halloween 2.avi
2014-09-10 20:56 - 2014-09-10 19:58 - 1001390080 _____ () C:\Users\HP\Desktop\Vyvrženci z pekla.avi
2014-09-10 14:46 - 2013-02-16 19:03 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-10 14:46 - 2012-08-17 22:35 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-10 14:46 - 2012-08-17 22:35 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-10 11:19 - 2014-09-10 11:11 - 787722036 ____R () C:\Users\HP\Desktop\Millerova křižovatka.mp4
2014-09-10 11:12 - 2014-09-10 11:12 - 00089975 _____ () C:\Users\HP\Desktop\Millerova křižovatka - titulky cz.srt
2014-09-08 20:24 - 2014-09-08 19:43 - 733292544 _____ () C:\Users\HP\Desktop\Temnota.avi
2014-09-06 19:08 - 2014-09-06 19:01 - 768616001 _____ () C:\Users\HP\Desktop\Lučenec 2014.rar
2014-09-04 01:16 - 2014-09-04 01:16 - 00425654 _____ () C:\Users\HP\Desktop\PSLogZip.zip
2014-09-03 21:01 - 2014-09-03 20:40 - 380600320 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino---05x04.avi
2014-09-03 16:21 - 2012-08-17 16:07 - 00000000 ____D () C:\Users\HP
2014-09-01 18:31 - 2009-07-14 07:08 - 00032532 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-27 14:10 - 2014-08-27 13:48 - 390504448 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x24.avi
2014-08-27 13:15 - 2014-08-27 12:53 - 380028928 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x23.avi
2014-08-27 12:34 - 2014-08-27 12:13 - 379277312 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x22.avi
2014-08-26 23:17 - 2014-08-26 22:56 - 364863488 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x21.avi
2014-08-26 22:28 - 2014-08-26 22:09 - 343517184 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x20.avi
2014-08-26 21:43 - 2014-08-26 21:23 - 367022080 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x19.avi
2014-08-26 21:16 - 2014-08-26 20:56 - 367032320 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x18.avi
2014-08-26 20:21 - 2014-08-26 20:13 - 362803200 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x17.avi
2014-08-26 18:39 - 2014-08-26 18:19 - 346804224 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x16.avi
2014-08-26 17:54 - 2014-08-26 17:35 - 350283776 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x15.avi
2014-08-26 15:07 - 2014-08-26 14:46 - 365613056 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x14.avi
2014-08-26 14:20 - 2014-08-26 14:00 - 351023104 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x13.avi
2014-08-26 13:50 - 2014-08-26 13:31 - 352923648 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x12.avi
2014-08-26 13:07 - 2014-08-26 12:48 - 348592128 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x11.avi
2014-08-26 00:02 - 2014-08-25 23:41 - 367026176 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x10.avi
2014-08-25 23:27 - 2014-08-25 23:06 - 367024128 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x09.avi
2014-08-25 22:34 - 2014-08-25 22:12 - 387928064 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x08.avi
2014-08-25 22:02 - 2014-08-25 21:41 - 387278848 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x07.avi
2014-08-25 21:25 - 2014-08-25 21:04 - 368130048 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x06.avi
2014-08-23 12:42 - 2014-08-23 12:20 - 387997696 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x05.avi
2014-08-23 11:22 - 2014-08-23 11:00 - 399902720 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-Cz---02x04---Super.avi
2014-08-23 10:51 - 2014-08-23 10:30 - 379582464 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-Cz---02x03---Super.avi

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-22 14:42




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:100.01 GB) (Free:16.45 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:198.08 GB) (Free:27.79 GB) NTFS
Drive f: () (Removable) (Total:7.67 GB) (Free:4.76 GB) FAT32

Available physical RAM: 2871.63 MB
Total physical RAM: 3999.19 MB
Percentage of memory in use: 28%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 4CF524D4)
Partition 1: (Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=198.1 GB) - (Type=05)
Disk: 1 (Size: 7.7 GB) (Disk ID: BE72CFD7)
Partition 1: (Active) - (Size=7.7 GB) - (Type=0B)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\HP\Desktop" je 26305 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DpAgent
C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstallShieldSetup
C:\PROGRA~2\INSTAL~1\{E3A5A~1\setup.exe -rebootC:\PROGRA~2\INSTAL~1\{E3A5A~1\reboot.ini -l0x0005 [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Odinstalujte vse od IOBit

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  CloseProcesses:
  
  HKLM-x32\...\Run: [Guard.Mail.ru.gui] => C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [1564368 2012-09-29] ()
  HKU\.DEFAULT\...\Run: [Advanced SystemCare 7] => "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
  HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\...\Run: [uTorrent] => C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe [1416016 2014-09-19] (BitTorrent Inc.)
  HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
  HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\...\Run: [Yahoo! Search] => C:\Users\HP\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe
  HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\...\MountPoints2: F - F:\setup.exe
  HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\...\MountPoints2: G - G:\Autorun.exe
  HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\...\MountPoints2: H - H:\RunGame.exe
  Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Photags AutoDetect.lnk
  
  SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.ask.com/sr?src=ieb&gc ... nrs=AG1&q={searchTerms}
  SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
  BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll No File
  BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
  BHO-x32: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
  Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
  
  FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
  FF Extension: No Name - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pn3y3w0e.default-1411033565785\extensions\ascsurfingprotection@iobit.com [Not Found]
  
  CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2014-01-12]
  CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2014-04-17]
  
  R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
  R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
  R2 Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [1564368 2012-09-29] ()
  S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
  R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [1922600 2013-07-08] (Pandora.TV)
  S3 EagleX64; No ImagePath
  S3 VGPU; System32\drivers\rdvgkmd.sys [X]
  
  C:\Program Files (x86)\PANDORA.TV
  C:\Program Files (x86)\Guard-ICQ
  C:\Program Files (x86)\Skype\Toolbars
  C:\Program Files (x86)\IObit
  C:\Users\HP\AppData\Local\Pay-By-Ads
  2014-09-22 16:40 - 2014-09-22 16:41 - 00012747 _____ () C:\Users\HP\Desktop\FRST.txt
  2014-09-22 16:39 - 2014-09-22 16:38 - 00112640 _____ (forum.viry.cz) C:\Users\HP\Desktop\FRSTLauncher.exe
  2014-09-22 14:07 - 2014-09-22 13:51 - 00024064 _____ () C:\Windows\zoek-delete.exe
  2014-09-22 13:52 - 2014-09-22 14:08 - 00016047 _____ () C:\zoek-results.log
  2014-09-22 13:51 - 2014-09-22 14:07 - 00000000 ____D () C:\zoek_backup
  2014-09-22 13:51 - 2014-09-22 13:49 - 01290752 _____ () C:\Users\HP\Desktop\zoek.exe
  2014-09-22 13:30 - 2014-09-22 14:07 - 00001326 _____ () C:\Windows\PFRO.log
  2014-09-22 13:28 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
  2014-09-22 13:25 - 2014-09-22 13:29 - 00000000 ____D () C:\AdwCleaner
  2014-09-22 13:20 - 2014-09-22 13:20 - 00013833 _____ () C:\Users\HP\Desktop\JRT.txt
  2014-09-22 13:05 - 2014-09-22 13:05 - 00000000 ____D () C:\Windows\ERUNT
  2014-09-22 13:02 - 2014-09-22 12:59 - 01373475 _____ () C:\Users\HP\Desktop\adwcleaner_3.310.exe
  2014-09-22 13:02 - 2014-09-22 12:59 - 01027006 _____ (Thisisu) C:\Users\HP\Desktop\JRT.exe
  2014-09-22 12:57 - 2014-09-22 12:57 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
  2014-09-22 12:02 - 2014-09-22 12:03 - 00000000 ____D () C:\rsit
  2014-09-22 12:02 - 2014-09-22 12:03 - 00000000 ____D () C:\Program Files (x86)\trend micro
  2014-09-22 12:01 - 2014-09-22 14:08 - 00000900 _____ () C:\Windows\setupact.log
  2014-09-22 12:01 - 2014-09-22 12:01 - 00000000 _____ () C:\Windows\setuperr.log
  2014-09-22 12:01 - 2014-09-22 12:00 - 01107968 _____ () C:\Users\HP\Desktop\RSIT.exe
  2014-09-20 19:07 - 2014-09-20 19:11 - 00006929 _____ () C:\Windows\system32\Errors.log
  
  Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
  
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstallShieldSetup" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype" /f
  
  Task: {A408479E-82C5-48C3-9323-6700FC50FBF3} - System32\Tasks\Driver Booster SkipUAC (HP) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
  Task: {BACA05B7-94DC-45C2-B598-353FCA87ED49} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
  
  Hosts:
  EmptyTemp:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Já už vše od l0Bit odinstaloval..tedy pokud tam nemám náhodou ještě něco skrytého. to pak nevím, jak to najít.

Ted jdu na ten fixlist.

OK, fixlist to pomaze

Fixlog zde
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 21-09-2014 01
Ran by HP at 2014-09-22 17:12:58 Run:1
Running from C:\Users\HP\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:

HKLM-x32\...\Run: [Guard.Mail.ru.gui] => C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [1564368 2012-09-29] ()
HKU\.DEFAULT\...\Run: [Advanced SystemCare 7] => "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\...\Run: [uTorrent] => C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe [1416016 2014-09-19] (BitTorrent Inc.)
HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\...\Run: [Yahoo! Search] => C:\Users\HP\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe
HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\...\MountPoints2: G - G:\Autorun.exe
HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\...\MountPoints2: H - H:\RunGame.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Photags AutoDetect.lnk

SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.ask.com/sr?src=ieb&gc ... nrs=AG1&q={searchTerms}
SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll No File
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File

FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF Extension: No Name - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pn3y3w0e.default-1411033565785\extensions\ascsurfingprotection@iobit.com [Not Found]

CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2014-01-12]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2014-04-17]

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [1564368 2012-09-29] ()
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [1922600 2013-07-08] (Pandora.TV)
S3 EagleX64; No ImagePath
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

C:\Program Files (x86)\PANDORA.TV
C:\Program Files (x86)\Guard-ICQ
C:\Program Files (x86)\Skype\Toolbars
C:\Program Files (x86)\IObit
C:\Users\HP\AppData\Local\Pay-By-Ads
2014-09-22 16:40 - 2014-09-22 16:41 - 00012747 _____ () C:\Users\HP\Desktop\FRST.txt
2014-09-22 16:39 - 2014-09-22 16:38 - 00112640 _____ (forum.viry.cz) C:\Users\HP\Desktop\FRSTLauncher.exe
2014-09-22 14:07 - 2014-09-22 13:51 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-09-22 13:52 - 2014-09-22 14:08 - 00016047 _____ () C:\zoek-results.log
2014-09-22 13:51 - 2014-09-22 14:07 - 00000000 ____D () C:\zoek_backup
2014-09-22 13:51 - 2014-09-22 13:49 - 01290752 _____ () C:\Users\HP\Desktop\zoek.exe
2014-09-22 13:30 - 2014-09-22 14:07 - 00001326 _____ () C:\Windows\PFRO.log
2014-09-22 13:28 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-22 13:25 - 2014-09-22 13:29 - 00000000 ____D () C:\AdwCleaner
2014-09-22 13:20 - 2014-09-22 13:20 - 00013833 _____ () C:\Users\HP\Desktop\JRT.txt
2014-09-22 13:05 - 2014-09-22 13:05 - 00000000 ____D () C:\Windows\ERUNT
2014-09-22 13:02 - 2014-09-22 12:59 - 01373475 _____ () C:\Users\HP\Desktop\adwcleaner_3.310.exe
2014-09-22 13:02 - 2014-09-22 12:59 - 01027006 _____ (Thisisu) C:\Users\HP\Desktop\JRT.exe
2014-09-22 12:57 - 2014-09-22 12:57 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-09-22 12:02 - 2014-09-22 12:03 - 00000000 ____D () C:\rsit
2014-09-22 12:02 - 2014-09-22 12:03 - 00000000 ____D () C:\Program Files (x86)\trend micro
2014-09-22 12:01 - 2014-09-22 14:08 - 00000900 _____ () C:\Windows\setupact.log
2014-09-22 12:01 - 2014-09-22 12:01 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-22 12:01 - 2014-09-22 12:00 - 01107968 _____ () C:\Users\HP\Desktop\RSIT.exe
2014-09-20 19:07 - 2014-09-20 19:11 - 00006929 _____ () C:\Windows\system32\Errors.log

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstallShieldSetup" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype" /f

Task: {A408479E-82C5-48C3-9323-6700FC50FBF3} - System32\Tasks\Driver Booster SkipUAC (HP) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {BACA05B7-94DC-45C2-B598-353FCA87ED49} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Guard.Mail.ru.gui => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\Advanced SystemCare 7 => value deleted successfully.
HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => value deleted successfully.
HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value deleted successfully.
HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Yahoo! Search => value deleted successfully.
"HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-3430852545-1810248877-1481859449-1000" => Key not found.
"HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-3430852545-1810248877-1481859449-1000" => Key not found.
"HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-3430852545-1810248877-1481859449-1000" => Key not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Photags AutoDetect.lnk => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}" => Key deleted successfully.
"HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}" => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}" => Key deleted successfully.
"HKCR\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F}" => Key deleted successfully.
"HKCR\PROTOCOLS\Filter\text/xml" => Key deleted successfully.
"HKCR\CLSID\{807553E5-5146-11D5-A672-00B0D022E945}" => Key not found.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi => Moved successfully.
C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pn3y3w0e.default-1411033565785\extensions\ascsurfingprotection@iobit.com not found.
C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd => Moved successfully.
C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd => Moved successfully.
c2cautoupdatesvc => Service deleted successfully.
c2cpnrsvc => Service deleted successfully.
Guard.Mail.ru => Service deleted successfully.
LiveUpdateSvc => Service deleted successfully.
PanService => Service deleted successfully.
EagleX64 => Service deleted successfully.
VGPU => Service deleted successfully.
C:\Program Files (x86)\PANDORA.TV => Moved successfully.
C:\Program Files (x86)\Guard-ICQ => Moved successfully.
C:\Program Files (x86)\Skype\Toolbars => Moved successfully.
"C:\Program Files (x86)\IObit" => File/Directory not found.
"C:\Users\HP\AppData\Local\Pay-By-Ads" => File/Directory not found.
C:\Users\HP\Desktop\FRST.txt => Moved successfully.
C:\Users\HP\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\HP\Desktop\zoek.exe => Moved successfully.
C:\Windows\PFRO.log => Moved successfully.
C:\Windows\SysWOW64\sqlite3.dll => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\HP\Desktop\JRT.txt => Moved successfully.
C:\Windows\ERUNT => Moved successfully.
C:\Users\HP\Desktop\adwcleaner_3.310.exe => Moved successfully.
C:\Users\HP\Desktop\JRT.exe => Moved successfully.
C:\Windows\Tasks\ImCleanDisabled => Moved successfully.
C:\rsit => Moved successfully.
C:\Program Files (x86)\trend micro => Moved successfully.
C:\Windows\setupact.log => Moved successfully.
C:\Windows\setuperr.log => Moved successfully.
C:\Users\HP\Desktop\RSIT.exe => Moved successfully.
C:\Windows\system32\Errors.log => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstallShieldSetup" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A408479E-82C5-48C3-9323-6700FC50FBF3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A408479E-82C5-48C3-9323-6700FC50FBF3}" => Key deleted successfully.
C:\Windows\System32\Tasks\Driver Booster SkipUAC (HP) => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (HP)" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BACA05B7-94DC-45C2-B598-353FCA87ED49}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BACA05B7-94DC-45C2-B598-353FCA87ED49}" => Key deleted successfully.
C:\Windows\System32\Tasks\Driver Booster SkipUAC (SYSTEM) => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (SYSTEM)" => Key deleted successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 43.9 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Napiste jak se chova PC

Tak super, PC už najíždí tak, jak by měl

Snad jen, jestli tam nejsou náhodou nějaké viry apod. ?

Ale nejspíš je už vše v pořádku, PC se chová dobře

Pokud je to od Vás vše, nestačí mi nic jiného, než Vám moc poděkovat


Oprava : Snad jen jsem si všiml ještě jedné nejasnosti, chtěl jsem Vám udělat screen obrazovky ale nějak mi to nefuguje tak Vám to zkusím vysvětlit.
Když dám správce úloh tak v záložce Procesy mám vypsány různe procesy ale za některýmy je *32
Prostě například MDM.exe*32 nebo DpHost.exe*32 atd. Je toto normální ?

Na viry by melo byt cisto, to bylo cilem naseho snazeni

Ohledne tech *32, tak to je v poradku. Mate 64bit system a ta *32 znaci, ze proces bezi jako 32bitovy