VIRY.CZ

Dobrý den,
stává se mi na notebooku, že mi podivným způsobem vypadává připojení k internetu. Příkazy jako ping tracert atp. fungují, ale prohlížeč se na žádnou stránku nedostane dokud neprovedu restart, stáhl jsem MBAM a rád bych požádal o kontrolu logu. Děkuji mnohokrát.

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 10.10.2014
Čas skenování: 21:19:07
Protokol: MBAM_log.txt
Správce: Ano

Verze: 2.00.2.1012
Databáze malwaru: v2014.10.10.09
Databáze rootkitů: v2014.10.08.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Self-protection: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: petra

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 335988
Uplynulý čas: 13 min, 36 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristics: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 2
PUP.Optional.Surftastic.A, C:\Program Files (x86)\Surftastic\updateSurftastic.exe, 3840, , [bf52d043136980b61d16de890ef3c63a]
PUP.Optional.Surftastic.A, C:\Program Files (x86)\Surftastic\bin\utilSurftastic.exe, 4184, , [b75a8f84b3c9261058dba8bf6b9643bd]

Moduly: 0
(No malicious items detected)

Klíče registru: 34
PUP.Optional.Surftastic.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Surftastic, , [bf52d043136980b61d16de890ef3c63a],
PUP.Optional.Surftastic.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Util Surftastic, , [b75a8f84b3c9261058dba8bf6b9643bd],
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, , [9c7544cfb8c4cc6a180e30a3d82a4db3],
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, , [9c7544cfb8c4cc6a180e30a3d82a4db3],
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}, , [21f049ca9ae24aecccf1adf8eb176b95],
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\CLASSES\TYPELIB\{A0EE0278-2986-4E5A-884E-A3BF0357E476}, , [21f049ca9ae24aecccf1adf8eb176b95],
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\CLASSES\INTERFACE\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}, , [21f049ca9ae24aecccf1adf8eb176b95],
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}, , [21f049ca9ae24aecccf1adf8eb176b95],
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{A0EE0278-2986-4E5A-884E-A3BF0357E476}, , [21f049ca9ae24aecccf1adf8eb176b95],
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\CLASSES\Updater.AmiUpd.1, , [21f049ca9ae24aecccf1adf8eb176b95],
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\CLASSES\Updater.AmiUpd, , [21f049ca9ae24aecccf1adf8eb176b95],
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Updater.AmiUpd, , [21f049ca9ae24aecccf1adf8eb176b95],
PUP.Optional.SoftwareUpdater, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Updater.AmiUpd.1, , [21f049ca9ae24aecccf1adf8eb176b95],
PUP.Optional.SpeedTest.A, HKU\S-1-5-21-373534768-2932863131-2194214433-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}, , [32df7f94daa2d066218cf7a5ef13817f],
PUP.Optional.FreeGames.A, HKU\S-1-5-21-373534768-2932863131-2194214433-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{C45EC9F0-8333-465D-9728-074BD41985C9}, , [957c759e6f0db28493f1b4e835cd817f],
PUP.Optional.Surftastic.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.Surftastic.A, HKLM\SOFTWARE\CLASSES\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.Surftastic.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.Surftastic.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.Surftastic.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.Surftastic.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.Surftastic.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.Surftastic.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{01531192-f7ef-415f-a549-cfdb11836731}w64, , [d53cf122adcf62d4450da5dbce3609f7],
PUP.Optional.Surftastic.A, HKLM\SOFTWARE\WOW6432NODE\Surftastic, , [8c8556bdd8a4ca6cddc6f651b05351af],
PUP.Software.Updater, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}, , [67aa37dc68141d19d4f6173aba492ad6],
PUP.Optional.SystemSpeedup, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\ssd, , [62afcc47aad2ba7cd045d84de41f5da3],
PUP.Optional.Surftastic.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Surftastic, , [fb165bb8b4c8c670713194b3f01350b0],
PUP.Optional.AdvancedSystemProtector.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\Advanced System Protector, , [49c8fd16710bb77fe864f5258a7915eb],
PUP.Optional.RegCleanerPro.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\RegClean Pro, , [a36e38dbc7b51b1b3005b8aebc488e72],
PUP.Optional.SystemSpeedup, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\ssd, , [64ad49ca4c3075c11bf9071e09faf907],
PUP.Optional.Surftastic.A, HKU\S-1-5-21-373534768-2932863131-2194214433-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Surftastic, , [63ae80936b11999d930f82c5c93a0ff1],
PUP.Optional.VideoPerformer.A, HKU\S-1-5-21-373534768-2932863131-2194214433-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\PERFORMERSOFT LLC\Video Performer, , [d23f71a209732e0836b28e956c978a76],
PUP.Optional.SystemSpeedup, HKU\S-1-5-21-373534768-2932863131-2194214433-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\ssd, , [9c75ca49324a999dda3ae441e51ea45c],

Hodnoty registru: 6
PUP.Optional.MediaPlayerAlpha.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaPlayerV1alpha4426.net, C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha4426\ff, , [4ac7c053ceaef541e3b00443e22124dc]
PUP.Optional.MediaViewer.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaViewerV1alpha1072.net, C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1072\ff, , [d63bec27e79543f3bb4dbd86f80b9a66]
PUP.Optional.MediaView.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaViewV1alpha258.net, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha258\ff, , [29e84bc86d0fd56199c7e85a7a8910f0]
PUP.Optional.MediaView.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaViewV1alpha9138.net, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha9138\ff, , [9e73b65da8d444f2194798aab94adf21]
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaWatchV1home863.net, C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home863\ff, , [35dc26edbac2979f197b9ae09e66ac54]
PUP.Optional.MediaBuzz.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaBuzzV1mode4808.net, C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode4808\ff, , [e92852c154283303a3e8bd7963a00ff1]

Data registru: 0
(No malicious items detected)

Složky: 10
PUP.Optional.SoftwareUpdater.A, C:\Users\petra\AppData\Local\SwvUpdater, , [8c8541d225576fc7237e6bb755aebc44],
PUP.Optional.Surftastic.A, C:\Program Files (x86)\Surftastic, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.Surftastic.A, C:\Program Files (x86)\Surftastic\bin, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.Surftastic.A, C:\Program Files (x86)\Surftastic\bin\TEMP, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.Surftastic.A, C:\Program Files (x86)\Surftastic\bin\plugins, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.OpenCandy, C:\Users\petra\AppData\Roaming\OpenCandy, , [d23fca49700cfd39680d598d55ad21df],
PUP.Optional.OpenCandy, C:\Users\petra\AppData\Roaming\OpenCandy\15267578ECF44ACBBB347A30861D544E, , [d23fca49700cfd39680d598d55ad21df],
PUP.Optional.OpenCandy, C:\Users\petra\AppData\Roaming\OpenCandy\D01789518D5B4620B441336300949D41, , [d23fca49700cfd39680d598d55ad21df],
PUP.Optional.SystemSpeedup, C:\Users\petra\AppData\Roaming\systweak\ssd, , [3cd58291cfad171ffd1d46b99171b54b],
Trojan.Agent.JSExt, C:\Program Files (x86)\facebook video player-v-id-86, , [6ea3a073abd1231378161df1e3206a96],

Soubory: 53
PUP.Optional.Surftastic.A, C:\Program Files (x86)\Surftastic\updateSurftastic.exe, , [bf52d043136980b61d16de890ef3c63a],
PUP.Optional.Surftastic.A, C:\Program Files (x86)\Surftastic\bin\utilSurftastic.exe, , [b75a8f84b3c9261058dba8bf6b9643bd],
PUP.Optional.PCPerformer.A, C:\Windows\System32\roboot64.exe, , [f81992810c7090a6f01838e915eb28d8],
PUP.Optional.PayByAds.A, C:\Users\petra\AppData\Local\Temp\res.dll, , [b45d9380394381b50d5b80c943c219e7],
PUP.Optional.PayByAds.A, C:\Users\petra\AppData\Local\Temp\dsrsetup.exe, , [63ae6ba8b1cb4beb70f8ae9b08fd57a9],
Trojan.JSExt.Gen, C:\Users\petra\Downloads\Video Player-v-86.exe, , [c24f29eac8b45fd708418c37926f9c64],
PUP.Optional.Amonetize, C:\Users\petra\Downloads\FlashPlayer__4369_i1281995403_il4.exe, , [8c8527ec453725119da0a119d9282cd4],
PUP.Optional.InstallMonetizer, C:\Users\petra\Downloads\FlashPlayer__4369_i278826059_il1.exe, , [6ba6bc57c9b3dd593f1c112bb24f768a],
Trojan.Agent.BAT, C:\Users\petra\Downloads\FRSTLauncher.exe, , [7998d83b3c400f27fd2960675ba9a957],
PUP.Optional.OpenCandy, C:\Users\petra\Downloads\GOMPLAYERENSETUP (1).EXE, , [937e977cc0bc1e18c6894000966f15eb],
PUP.Optional.OpenCandy, C:\Users\petra\Downloads\GOMPLAYERENSETUP.EXE, , [5cb5848faece46f038173e028b7a817f],
PUP.Optional.RegCleanPro, C:\Users\petra\Downloads\rcp_dcomnew_util_728 (1).exe, , [e13045ceceae7db9517245ef738d6e92],
PUP.Optional.RegCleanPro, C:\Users\petra\Downloads\rcp_dcomnew_util_728.exe, , [2ee342d17903d75f08bb280c659b649c],
PUP.Optional.OpenCandy, C:\Users\petra\Downloads\DTLite4461-0327.exe, , [5ab7977ce49866d0a7a88eb2040148b8],
PUP.Optional.BitcoinMiner, C:\Windows\explorer_2.exe, , [c051868de09cf3438b93dc297c898d73],
PUP.Optional.SoftwareUpdater.A, C:\Users\petra\AppData\Local\SwvUpdater\Updater.xml, , [8c8541d225576fc7237e6bb755aebc44],
PUP.Optional.SoftwareUpdater.A, C:\Users\petra\AppData\Local\SwvUpdater\status.cfg, , [8c8541d225576fc7237e6bb755aebc44],
PUP.Optional.Surftastic.A, C:\Program Files (x86)\Surftastic\Surftastic.ico, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.Surftastic.A, C:\Program Files (x86)\Surftastic\mkbhmdcccmdakmgaaejjjgllahmljpge.crx, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.Surftastic.A, C:\Program Files (x86)\Surftastic\sqlite3.exe, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.Surftastic.A, C:\Program Files (x86)\Surftastic\updateSurftastic.InstallState, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.Surftastic.A, C:\Program Files (x86)\Surftastic\bin\SurftasticBrowserFilter.exe, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.Surftastic.A, C:\Program Files (x86)\Surftastic\bin\utilSurftastic.InstallState, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.Surftastic.A, C:\Program Files (x86)\Surftastic\bin\{01531192-f7ef-415f-a549-cfdb11836731}.dll, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.Surftastic.A, C:\Program Files (x86)\Surftastic\bin\{01531192-f7ef-415f-a549-cfdb11836731}64.dll, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.Surftastic.A, C:\Program Files (x86)\Surftastic\bin\01531192f7ef415fa549.dll, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.Surftastic.A, C:\Program Files (x86)\Surftastic\bin\01531192f7ef415fa54964.dll, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.Surftastic.A, C:\Program Files (x86)\Surftastic\bin\7za.exe, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.Surftastic.A, C:\Program Files (x86)\Surftastic\bin\BrowserAdapter.7z, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.Surftastic.A, C:\Program Files (x86)\Surftastic\bin\sqlite3.dll, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.Surftastic.A, C:\Program Files (x86)\Surftastic\bin\Surftastic.BrowserAdapter.exe, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.Surftastic.A, C:\Program Files (x86)\Surftastic\bin\Surftastic.BrowserAdapter64.exe, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.Surftastic.A, C:\Program Files (x86)\Surftastic\bin\Surftastic.BrowserFilter.Helper.dll, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.Surftastic.A, C:\Program Files (x86)\Surftastic\bin\Surftastic.BrowserFilter.Helper.dll.old.547e4a9a-e2f1-41fc-9895-59c229212c5f, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.Surftastic.A, C:\Program Files (x86)\Surftastic\bin\Surftastic.PurBrowse.zip, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.Surftastic.A, C:\Program Files (x86)\Surftastic\bin\Surftastic.PurBrowse64.exe, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.Surftastic.A, C:\Program Files (x86)\Surftastic\bin\plugins\Surftastic.BOAS.dll, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.Surftastic.A, C:\Program Files (x86)\Surftastic\bin\plugins\Surftastic.Bromon.dll, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.Surftastic.A, C:\Program Files (x86)\Surftastic\bin\plugins\Surftastic.BroStats.dll, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.Surftastic.A, C:\Program Files (x86)\Surftastic\bin\plugins\Surftastic.BrowserAdapter.dll, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.Surftastic.A, C:\Program Files (x86)\Surftastic\bin\plugins\Surftastic.BrowserAdapterS.dll, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.Surftastic.A, C:\Program Files (x86)\Surftastic\bin\plugins\Surftastic.BrowserFilter.dll, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.Surftastic.A, C:\Program Files (x86)\Surftastic\bin\plugins\Surftastic.CompatibilityChecker.dll, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.Surftastic.A, C:\Program Files (x86)\Surftastic\bin\plugins\Surftastic.FFUpdate.dll, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.Surftastic.A, C:\Program Files (x86)\Surftastic\bin\plugins\Surftastic.GCUpdate.dll, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.Surftastic.A, C:\Program Files (x86)\Surftastic\bin\plugins\Surftastic.IEUpdate.dll, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.Surftastic.A, C:\Program Files (x86)\Surftastic\bin\plugins\Surftastic.OfSvc.dll, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.Surftastic.A, C:\Program Files (x86)\Surftastic\bin\plugins\Surftastic.PurBrowse.dll, , [9e7337dcf28a95a1148d9cabe81b6898],
PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{01531192-f7ef-415f-a549-cfdb11836731}w64.sys, , [d53cf122adcf62d4450da5dbce3609f7],
PUP.Optional.OpenCandy, C:\Users\petra\AppData\Roaming\OpenCandy\15267578ECF44ACBBB347A30861D544E\AVG-PC-TuneUp2014-cz-CZ-p4v1.exe, , [d23fca49700cfd39680d598d55ad21df],
PUP.Optional.OpenCandy, C:\Users\petra\AppData\Roaming\OpenCandy\D01789518D5B4620B441336300949D41\avg_tuht_stf_cs_2014_206_CZ.exe, , [d23fca49700cfd39680d598d55ad21df],
PUP.Optional.SystemSpeedup, C:\Users\petra\AppData\Roaming\systweak\ssd\SSDPTstub.exe, , [3cd58291cfad171ffd1d46b99171b54b],
Trojan.Agent.JSExt, C:\Program Files (x86)\facebook video player-v-id-86\GoIm.crx, , [6ea3a073abd1231378161df1e3206a96],

Fyzické sektory: 0
(No malicious items detected)


(end)

Zdravím,
vše smažte.
Jedná se o stejný pc?
http://forum.viry.cz/viewtopic.php?f=30&t=140691

Děkuji mnohokrát, ano jedná se o stejný pc, důvod založení dvou témat byla moje zbrklost, vysvětlím, dostal se mi totiž do rukou až dnes, tak jsem chtěl preventivní kontrolu logu, po založení téma jsem ovšem začal pozorovat problémy a dočetl jsem se zde, že by mohl pomoci právě MBAM a proto jsem založil toto nové téma.

OK.
Ještě použijte:


Stáhněte AdwCleaner http://www.bleepingcomputer.com/download/adwcleaner/
-Uložte program na plochu a ukončete všechny spuštěné programy .
-spusťte AdwCleaner, klikněte na Scan a po dokončení skenu na Clean
- provede se oprava, restartuje se pc - (případně restartujte) a objeví se log C:\AdwCleaner\AdwCleaner.txt , obsah logu zkopírujte zde.

Log vypadá takto:

# AdwCleaner v3.311 - Report created 10/10/2014 at 22:47:01
# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : petra - PETRA-PC
# Running from : C:\Users\petra\Downloads\adwcleaner_3.311.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Program Files (x86)\driver-soft
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Users\petra\AppData\Roaming\PerformerSoft
Folder Deleted : C:\Users\petra\AppData\Roaming\Systweak
Folder Deleted : C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\ukxcjomk.default\ICQToolbarData
File Deleted : C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\ukxcjomk.default\searchplugins\Askcom.xml
File Deleted : C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\ukxcjomk.default\searchplugins\icqplugin.gif
File Deleted : C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\ukxcjomk.default\searchplugins\icqplugin.src
File Deleted : C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\ukxcjomk.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\ukxcjomk.default\searchplugins\icqplugin-1.xml
File Deleted : C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\ukxcjomk.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\ukxcjomk.default\searchplugins\icqplugin-3.xml
File Deleted : C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\ukxcjomk.default\searchplugins\icqplugin-4.xml
File Deleted : C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\ukxcjomk.default\searchplugins\icqplugin-5.xml
File Deleted : C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\ukxcjomk.default\searchplugins\icqplugin-6.xml
File Deleted : C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\ukxcjomk.default\searchplugins\icqplugin-7.xml
File Deleted : C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\ukxcjomk.default\searchplugins\icqplugin-8.xml

***** [ Scheduled Tasks ] *****

Task Deleted : LaunchApp

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\nctaudiocdwriter2.audiocdwriter2
Key Deleted : HKLM\SOFTWARE\Classes\nctaudiocdwriter2.audiocdwriter2.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{869E753F-BD0D-4832-8131-94FEEE058AE3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2D77AC8A-0A4C-40D0-9557-51907A575E45}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B69509B5-4A90-4433-A2DE-BE439F6581F2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FD58258C-84A6-4DEF-9793-019BE7F491A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{869E753F-BD0D-4832-8131-94FEEE058AE3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKCU\Software\performersoft llc
Key Deleted : HKCU\Software\systweak
Key Deleted : HKLM\SOFTWARE\systweak

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17280


-\\ Mozilla Firefox v28.0 (cs)

[ File : C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\ukxcjomk.default\prefs.js ]

Line Deleted : user_pref("icqtoolbar.allowSendURL", false);
Line Deleted : user_pref("icqtoolbar.engineVerified", true);
Line Deleted : user_pref("icqtoolbar.firstTbRun", false);
Line Deleted : user_pref("icqtoolbar.geolastmodified", 1410197975);
Line Deleted : user_pref("icqtoolbar.hiddenElements", "itb_options itb_people itb_zoom_in itb_zoom_out itb_zoom_default itb_games itb_highlight");
Line Deleted : user_pref("icqtoolbar.history", "vzhled%20mozilla%20zdarma||vzhled%20mozilla||brouk%20v%20l%C3%A9t%C4%9B||paraziti%20brouk||surikata||vimperk%20bowling||ossz%20p%C3%ADsek||bowling%20vimperk||kb");
Line Deleted : user_pref("icqtoolbar.icqgeo", 42);
Line Deleted : user_pref("icqtoolbar.installTime", "1353074451");
Line Deleted : user_pref("icqtoolbar.newtab_most_visited_state", "1");
Line Deleted : user_pref("icqtoolbar.newtab_recently_closed_state", "1");
Line Deleted : user_pref("icqtoolbar.numberOfSearches", 0);
Line Deleted : user_pref("icqtoolbar.previousFFVersion", "28.0");
Line Deleted : user_pref("icqtoolbar.skip_default_search", "no");
Line Deleted : user_pref("icqtoolbar.suggestions", false);
Line Deleted : user_pref("icqtoolbar.uniqueID", "135033189413503317741351350463620");
Line Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1410197977);
Line Deleted : user_pref("icqtoolbar.version", "1.5.3");
Line Deleted : user_pref("icqtoolbar.voucherHideClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherWasShown", 0);
Line Deleted : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Line Deleted : user_pref("icqtoolbar.xmlLanguage", "cs");

-\\ Google Chrome v37.0.2062.124

[ File : C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [10444 octets] - [10/10/2014 20:28:14]
AdwCleaner[R1].txt - [7393 octets] - [10/10/2014 22:44:50]
AdwCleaner[S0].txt - [7361 octets] - [10/10/2014 22:47:01]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7421 octets] ##########

Co počítač?

Za celý den jsem nezaznamenal žádný problém, nyní jsem ještě spustil kontrolu AVPTool, ta zatím nedoběhla. Mohl bych provést ještě nějaký test pro sichr?

Nechte proběhnout ten Avptool a napište

Kontrola doběhla a tady je výsledek:

Status: Disinfected (events: 6)
11.10.2014 22:19:40 Disinfected Trojan program Trojan-Downloader.JS.Agent.haz D:\PETRA-PC\Backup Set 2014-09-19 001905\Backup Files 2014-09-19 001905\Backup files 3.zip High
11.10.2014 22:19:40 Disinfected adware not-a-virus:AdWare.Win32.Amonetize.cye D:\PETRA-PC\Backup Set 2014-09-19 001905\Backup Files 2014-09-19 001905\Backup files 3.zip/C\Users\petra\Downloads\FlashPlayer__4369_i1281995403_il4.exe Medium
11.10.2014 22:19:40 Disinfected adware not-a-virus:HEUR:AdWare.Win32.Amonetize.heur D:\PETRA-PC\Backup Set 2014-09-19 001905\Backup Files 2014-09-19 001905\Backup files 3.zip/C\Users\petra\Downloads\FlashPlayer__4369_i278826059_il1.exe Medium
11.10.2014 22:19:40 Disinfected Trojan program Trojan-Downloader.JS.Agent.haz D:\PETRA-PC\Backup Set 2014-09-19 001905\Backup Files 2014-09-19 001905\Backup files 3.zip/C\Users\petra\Downloads\Video Player-v-86.exe High
11.10.2014 22:19:40 Disinfected Trojan program Trojan-Downloader.JS.Agent.haz D:\PETRA-PC\Backup Set 2014-09-19 001905\Backup Files 2014-09-19 001905\Backup files 3.zip/C\Users\petra\Downloads\Video Player-v-86.exe//GoIm.crx High
11.10.2014 22:19:40 Disinfected Trojan program Trojan-Downloader.JS.Agent.haz D:\PETRA-PC\Backup Set 2014-09-19 001905\Backup Files 2014-09-19 001905\Backup files 3.zip/C\Users\petra\Downloads\Video Player-v-86.exe//GoIm.crx/js/contentScript.js High

Poprosím o nový log ze Rsitu nebo Frstu

Nový log zde:

Logfile of random's system information tool 1.10 (written by random/random)
Run by petra at 2014-10-11 23:08:36
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 65 GB (27%) free of 244 GB
Total RAM: 4007 MB (26% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:08:42, on 11.10.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)
Boot mode: Normal

Running processes:
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\petra\Downloads\setup_11.0.3.7.x01_2014_10_11_00_26.exe
C:\Users\petra\AppData\Local\Temp\RarSFX0\0711804.exe
C:\Users\petra\AppData\Local\Temp\5320319\0711804.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\petra.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [tvncontrol] "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
O4 - HKLM\..\RunOnce: [GrpConv] grpconv -o
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\petra\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: _uninst_33776721.lnk = petra\AppData\Local\Temp\_uninst_33776721.bat
O4 - Global Startup: Start GeekBuddy.lnk = C:\Program Files\COMODO\GeekBuddy\launcher.exe
O8 - Extra context menu item: Odeslat do Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe
O9 - Extra button: Odeslat do Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O9 - Extra 'Tools' menuitem: Odeslat do Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{554331F3-BDCB-49DE-B8B9-F80536349A52}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{57A466B6-EE26-47E1-960D-3C573A5D4DF4}: NameServer = 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\..\{D9B5FB4D-A322-43FC-BB66-EC3911EBAC95}: NameServer = 156.154.70.25,156.154.71.25
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Bluetooth 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: COMODO LPS Launcher (CLPSLauncher) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Unknown owner - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GeekBuddyRSP Server (GeekBuddyRSP) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Intel(R) Turbo Boost Technology Monitor (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13333 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
"C:\Windows\system32\FBAgent.exe"
C:\Windows\system32\WLANExt.exe 44382576
C:\Windows\Explorer.EXE
\??\C:\Windows\system32\conhost.exe "304384032956986318-10263809001840816444-16487700041658579428-1307375214-840309773
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Windows\AsScrPro.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
taskeng.exe {D9882151-F4A7-450E-AEE7-084CB43C8916}
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe"
taskeng.exe {C6890C53-80DA-480A-B904-938F4A48C779}
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe"
"C:\Program Files (x86)\syncables\syncables desktop\syncables.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe" -Xms56m -Xmx112m -classpath .;syncables.jar migoDesktop.migoDesktopMain sid=S-1-5-21-373534768-2932863131-2194214433-1001
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Intel\TurboBoost\TurboBoost.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss fc72d4ae-4271-43bf-a09b-edc501692c00 1
\??\C:\Windows\system32\conhost.exe "-16839694962563605321160939476-2938058111149418514-1697995960898559096162440194
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "452656978-37196826314553409787048555182116918004-461296699381670937-347691432
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 4376
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
"C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe"
"C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -service
"C:\Program Files\COMODO\GeekBuddy\unit_manager.exe"
"C:\Program Files\COMODO\GeekBuddy\unit" "\"C:/Program Files/COMODO/GeekBuddy/lps-cspm\""
"C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1880.0.1179758675\1516242602" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,17 --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.3347 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/EmbeddedSearch/Group17 pct:1h stable:r1 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_14/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="1880.3.1763974264\1189906511" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/EmbeddedSearch/Group17 pct:1h stable:r1 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_14/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="1880.7.163324625\594225687" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="1880.8.1675981097\1445599938" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/EmbeddedSearch/Group17 pct:1h stable:r1 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_14/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="1880.11.883023986\970028849" /prefetch:673131151
"C:\totalcmd\TOTALCMD64.EXE"
"C:\Users\petra\Downloads\setup_11.0.3.7.x01_2014_10_11_00_26.exe"
"C:\Users\petra\AppData\Local\Temp\RarSFX0\0711804.exe"
C:\Users\petra\AppData\Local\Temp\5320319\0711804.exe
"taskhost.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/EmbeddedSearch/Group17 pct:1h stable:r1 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_14/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="1880.30.585198711\257750151" /prefetch:673131151
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\petra\Desktop\Log z AVPTool.txt

"C:\Windows\system32\NOTEPAD.EXE" C:\rsit\log.txt
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe13_ Global\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 832 836 844 65536 840
"C:\Users\petra\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-373534768-2932863131-2194214433-1001Core.job - C:\Users\petra\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-373534768-2932863131-2194214433-1001UA.job - C:\Users\petra\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\ukxcjomk.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/?clid=22668"
prefs.js - "keyword.URL" - ""

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\ZEON/PDF,version=2.0]
"Description"=
"Path"=C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

D:\Programy\Mozilla Firefox\extensions\
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

D:\Programy\Mozilla Firefox\plugins\
np-mswmp.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\ukxcjomk.default\searchplugins\
firmycz.xml
mapycz.xml
seznam-avast.xml
zbocz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-08-12 612248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-08-12 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IntelTBRunOnce"=wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs []
"IntelPAN"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2011-05-03 1935120]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2012-06-18 11586944]
"SynAsusAcpi"=C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [2012-06-18 117560]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-06-18 2886968]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-09-17 2460488]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-09-17 2799784]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-01-29 171992]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-01-29 399832]
"Persistence"=C:\Windows\system32\igfxpers.exe [2014-01-29 442328]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2014-03-25 1275608]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"=C:\Users\petra\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-06-21 138096]
"Syncables"=C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe [2010-07-19 370480]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-09-26 6482200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2011-11-08 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSWebStorage]
C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA]
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-08 170624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKOSD2]
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-18 5732992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BLEServicesCtrl]
C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [2012-06-01 184112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BTMTrayAgent]
C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2012-06-18 11586944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [2009-01-30 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\petra\AppData\Roaming\Seznam.cz\szninstall.exe -c []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\petra\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe -q []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-11-06 3673728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\petra\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-06-21 138096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControlUser]
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nuance PDF Reader-reminder]
C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [2008-11-03 328992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-09-17 2460488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg]
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-08-06 1215632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-08-07 13191312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Setwallpaper]
c:\programdata\SetWallpaper.cmd []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay]
C:\Windows\system32\nvspcap64.dll [2014-09-17 2799784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SonicMasterTray]
C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Syncables]
C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe [2010-07-19 370480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut]
C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\LabelPrint UpdateWithCreateOnce Software\CyberLink\LabelPrint\2.5 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut]
C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\Power2Go UpdateWithCreateOnce SOFTWARE\CyberLink\Power2Go\6.0 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
D:\Programy\Winamp\winampa.exe [2011-12-09 74752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Search]
C:\Users\petra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.12.4\dsrlte.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AsusVibeLauncher.lnk]
C:\PROGRA~2\ASUS\AsusVibe\ASUSVI~2.EXE [2012-09-27 1957040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk]
C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2011-11-08 12862]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
C:\PROGRA~1\MCAFEE~1\386EB9~1.130\SSSCHE~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^petra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk]
C:\Users\petra\AppData\Local\Facebook\MESSEN~1\214814~1.0\FACEBO~1.EXE [2013-03-07 248240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^petra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk]
C:\PROGRA~2\MYPCBA~1\MYPCBA~1.EXE []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"=C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2011-04-01 2018032]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-08-14 4085896]
"tvncontrol"=C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2014-09-24 2327248]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"=grpconv -o []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Start GeekBuddy.lnk - C:\Program Files\COMODO\GeekBuddy\launcher.exe

C:\Users\petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
_uninst_33776721.lnk - C:\Users\petra\AppData\Local\Temp\_uninst_33776721.bat

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2014-01-29 442880]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-10-11 23:02:40 ----D---- C:\Program Files\trend micro
2014-10-11 18:42:53 ----D---- C:\ProgramData\Kaspersky Lab
2014-10-11 18:41:55 ----A---- C:\Windows\system32\drivers\33776721.sys
2014-10-11 14:55:10 ----A---- C:\Windows\SYSWOW64\mfc71.dll
2014-10-11 14:55:09 ----A---- C:\Windows\SYSWOW64\msvcr71.dll
2014-10-11 14:55:09 ----A---- C:\Windows\SYSWOW64\gdiplus.dll
2014-10-10 21:59:46 ----D---- C:\Users\petra\AppData\Roaming\GHISLER
2014-10-10 21:59:46 ----D---- C:\totalcmd
2014-10-10 21:54:43 ----D---- C:\backup
2014-10-10 21:36:05 ----A---- C:\MBAM_log.txt
2014-10-10 21:18:22 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-10-10 21:17:59 ----D---- C:\ProgramData\Malwarebytes
2014-10-10 21:17:59 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-10 21:17:59 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-10-10 21:17:59 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-10-10 21:17:59 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-10-10 20:58:31 ----SD---- C:\ProgramData\Shared Space
2014-10-10 20:57:30 ----D---- C:\Program Files\COMODO
2014-10-10 20:57:03 ----A---- C:\Windows\SYSWOW64\certsentry.dll
2014-10-10 20:57:03 ----A---- C:\Windows\system32\certsentry.dll
2014-10-10 20:56:50 ----D---- C:\Program Files (x86)\Comodo
2014-10-10 20:56:41 ----D---- C:\ProgramData\Comodo Downloader
2014-10-10 20:55:47 ----D---- C:\ProgramData\Comodo
2014-10-10 20:30:57 ----A---- C:\Windows\SYSWOW64\sqlite3.dll
2014-10-10 20:27:52 ----D---- C:\AdwCleaner
2014-10-10 19:43:34 ----D---- C:\Program Files (x86)\trend micro
2014-10-10 19:43:32 ----D---- C:\rsit
2014-10-03 19:42:07 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2014-10-03 19:42:07 ----A---- C:\Windows\system32\qdvd.dll
2014-09-27 22:29:52 ----HD---- C:\ProgramData\.Syncables
2014-09-27 22:07:03 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2014-09-27 22:07:03 ----A---- C:\Windows\system32\nvspbridge64.dll
2014-09-27 22:06:06 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2014-09-27 22:06:06 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2014-09-26 13:55:08 ----A---- C:\Windows\system32\tzres.dll
2014-09-26 13:55:07 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-09-13 21:43:16 ----D---- C:\ProgramData\GRETECH

======List of files/folders modified in the last 1 month======

2014-10-11 23:08:43 ----D---- C:\Windows\Temp
2014-10-11 23:08:43 ----D---- C:\Windows\Prefetch
2014-10-11 23:02:40 ----D---- C:\Program Files
2014-10-11 18:42:53 ----HD---- C:\ProgramData
2014-10-11 18:42:51 ----SHD---- C:\System Volume Information
2014-10-11 18:42:03 ----D---- C:\Windows\system32\drivers
2014-10-11 14:55:23 ----D---- C:\Windows\SysWOW64
2014-10-11 14:55:23 ----D---- C:\Windows\System32
2014-10-11 14:34:49 ----D---- C:\Windows\system32\config
2014-10-11 13:03:17 ----SHD---- C:\Windows\Installer
2014-10-11 13:03:02 ----D---- C:\Program Files (x86)\Common Files
2014-10-11 11:09:12 ----D---- C:\Windows\rescache
2014-10-11 08:59:23 ----D---- C:\Windows\inf
2014-10-11 08:59:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-10-11 08:54:51 ----A---- C:\Windows\SYSWOW64\log.txt
2014-10-10 22:56:19 ----D---- C:\Windows\system32\Tasks
2014-10-10 22:47:03 ----RD---- C:\Program Files (x86)
2014-10-10 22:47:03 ----D---- C:\ProgramData\ICQ
2014-10-10 22:24:52 ----D---- C:\Windows
2014-10-10 22:23:07 ----D---- C:\Windows\en-US
2014-10-10 21:53:13 ----D---- C:\Windows\Logs
2014-10-10 21:48:13 ----D---- C:\Program Files\CCleaner
2014-10-10 21:06:52 ----A---- C:\Windows\system32\acovcnt.exe
2014-10-10 21:06:42 ----A---- C:\Windows\system32\AutoRunFilter.ini
2014-10-10 21:06:38 ----A---- C:\Windows\system32\ServiceFilter.ini
2014-10-10 21:00:13 ----D---- C:\Windows\system32\catroot
2014-10-10 20:59:34 ----D---- C:\Windows\system32\DriverStore
2014-10-10 20:52:45 ----A---- C:\Windows\win.ini
2014-10-10 20:43:22 ----SD---- C:\Users\petra\AppData\Roaming\Microsoft
2014-10-10 20:41:47 ----D---- C:\Windows\system32\NDF
2014-10-06 23:59:58 ----D---- C:\Windows\winsxs
2014-09-27 22:07:19 ----D---- C:\Program Files\NVIDIA Corporation
2014-09-27 21:56:22 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-09-27 21:56:22 ----D---- C:\Windows\system32\cs-CZ
2014-09-27 21:51:23 ----D---- C:\Windows\system32\catroot2
2014-09-18 23:35:32 ----D---- C:\ProgramData\AVG
2014-09-17 20:31:49 ----D---- C:\Windows\Tasks
2014-09-17 20:31:49 ----D---- C:\Windows\system32\wfp
2014-09-17 20:31:45 ----D---- C:\Windows\system32\wbem
2014-09-17 20:31:03 ----D---- C:\Windows\system32\CodeIntegrity
2014-09-17 20:31:00 ----D---- C:\ProgramData\P4G
2014-09-17 20:30:56 ----D---- C:\Windows\registration
2014-09-17 19:07:55 ----D---- C:\Windows\debug
2014-09-17 04:13:36 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2014-09-17 04:12:40 ----A---- C:\Windows\system32\nvspcap64.dll
2014-09-15 09:06:02 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 33776721;33776721; C:\Windows\system32\DRIVERS\33776721.sys [2014-10-11 458336]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-08-12 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-08-12 224896]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-09-13 437272]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-11-14 32544]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 rtcrfilt64;Realtek Turbo Mode Filter Driver; C:\Windows\system32\DRIVERS\rtcrfilt64.sys [2012-09-04 19600]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-12-18 564824]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-08-12 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-08-12 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-08-14 427360]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-05-26 17536]
R1 CFRMD;CFRMD; C:\Windows\system32\DRIVERS\CFRMD.sys [2014-06-26 37976]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2014-04-16 23168]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2014-04-16 738472]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2014-04-16 48360]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-11-25 283200]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-02-17 31400]
R1 HMD;COMODO livePCsupport Hardware Monitor Driver; C:\Windows\system32\DRIVERS\hmd.sys [2014-06-26 14888]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2014-04-16 105552]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-08-12 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-08-12 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-08-12 92008]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2010-04-17 13832]
R3 AMPPAL;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Virtual Adapter; C:\Windows\system32\DRIVERS\AMPPAL.sys [2011-04-21 294912]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2012-08-20 138568]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2012-08-20 416072]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btmaudio;Intel Bluetooth Audio Service; C:\Windows\system32\drivers\btmaud.sys [2012-05-21 80896]
R3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2012-05-21 111104]
R3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [2012-06-09 849408]
R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 40648]
R3 iBtFltCoex;iBtFltCoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys [2012-07-09 60928]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-01-29 5363200]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-08-08 4102928]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-25 62784]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys [2012-09-30 11523072]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-09-17 19272]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-09-04 38048]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RTSUVSTOR.sys [2012-09-04 317584]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-10-29 769168]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2012-06-18 26936]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2012-06-18 437048]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AMPPALP;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Protocol; C:\Windows\system32\DRIVERS\amppal.sys [2011-04-21 294912]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
S3 athur;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2010-02-23 1847296]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2011-03-04 379520]
R2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-04-21 1136640]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-08-12 50344]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-06-18 1095616]
R2 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2012-06-18 1333184]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-06-18 1124288]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-04-21 134928]
R2 CLPSLauncher;COMODO LPS Launcher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [2014-09-25 70864]
R2 CmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2014-04-16 6817544]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2014-05-21 2135232]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-05-03 1517328]
R2 GeekBuddyRSP;GeekBuddyRSP Server; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2014-09-24 2327248]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-09-17 1148744]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2012-09-07 2464400]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-06-19 634632]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-25 277824]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-09-17 1795912]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-09-17 19439944]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-11-11 922912]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-05-03 844560]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 TurboBoost;Intel(R) Turbo Boost Technology Monitor; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-04-17 134928]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-25 365376]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-08 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2014-03-25 2264280]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-01-29 279000]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-08 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-08-19 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-04-29 119408]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-05-03 340240]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-04-04 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Ten log jste dělal s ještě spuštěným AVPtoolem? A instaloval jste nějaký program?

AVPTool byl spuštěn, ale žádná jiná instalace neprobíhala.

:arrow:Stáhněte OTM http://oldtimer.geekstogo.com/OTM.exe
Stáhněte na plochu Otm, 2krát klikněte na Otm,spustí se program,
Do levého okna "Paste Instructions for Items to be Moved" pod žlutou čáru zkopírujete skript
-klikněte na červené tlačítko Moveit!
-sem vložte obsah zeleného okénka
-Pokud se bude chtít restartovat pc, dejte YES,log pak najdete C:\_OTM\MovedFiles. Log vložte sem

Log vypadá takto:

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5537.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7C42.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA257.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA2C9.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPCC99.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPFDAF.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPFFC7.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPFFD7.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP1077.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP1CD8.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP3699.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP52F0.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP897F.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA6F2.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPC5AF.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD401.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD57D.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD671.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPF78D.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI8BCA.tmp moved successfully.
C:\WINDOWS\Installer\MSIB6D0.tmp moved successfully.
C:\WINDOWS\Installer\MSIB970.tmp moved successfully.
C:\WINDOWS\Installer\MSID035.tmp moved successfully.
C:\WINDOWS\Installer\MSID43B.tmp moved successfully.
C:\WINDOWS\Installer\MSID610.tmp moved successfully.
C:\WINDOWS\Installer\MSID824.tmp moved successfully.
C:\WINDOWS\Installer\MSIF346.tmp moved successfully.
C:\WINDOWS\Installer\MSIF440.tmp moved successfully.
C:\WINDOWS\Installer\MSIF579.tmp moved successfully.
C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\sho6F9B.tmp moved successfully.
C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\ico7E6B.tmp moved successfully.
C:\WINDOWS\Temp\GeoInfo.tmp moved successfully.
C:\WINDOWS\Temp\tmp7DF0.tmp moved successfully.
C:\WINDOWS\Temp\tmp7DF1.tmp moved successfully.
C:\Users\petra\Downloads\setup_11.0.3.7.x01_2014_10_11_00_26.exe moved successfully.
File/Folder C:\Users\petra\AppData\Local\Temp\RarSFX0\0711804.exe not found.
File/Folder C:\Users\petra\AppData\Local\Temp\5320319\0711804.exe not found.
c:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-373534768-2932863131-2194214433-1001UA.job moved successfully.
C:\Users\petra\AppData\Local\Facebook\Video\Skype folder moved successfully.
C:\Users\petra\AppData\Local\Facebook\Video\Common folder moved successfully.
C:\Users\petra\AppData\Local\Facebook\Video folder moved successfully.
C:\Users\petra\AppData\Local\Facebook\Update\Manifest\Initial folder moved successfully.
C:\Users\petra\AppData\Local\Facebook\Update\Manifest folder moved successfully.
C:\Users\petra\AppData\Local\Facebook\Update\Download folder moved successfully.
C:\Users\petra\AppData\Local\Facebook\Update\1.2.205.0 folder moved successfully.
C:\Users\petra\AppData\Local\Facebook\Update folder moved successfully.
C:\Users\petra\AppData\Local\Facebook\Messenger\fbmessenger.cache\Local Storage folder moved successfully.
C:\Users\petra\AppData\Local\Facebook\Messenger\fbmessenger.cache\AppCache folder moved successfully.
C:\Users\petra\AppData\Local\Facebook\Messenger\fbmessenger.cache folder moved successfully.
C:\Users\petra\AppData\Local\Facebook\Messenger\2.1.4814.0\locales folder moved successfully.
C:\Users\petra\AppData\Local\Facebook\Messenger\2.1.4814.0 folder moved successfully.
C:\Users\petra\AppData\Local\Facebook\Messenger\2.1.4801.0\locales folder moved successfully.
C:\Users\petra\AppData\Local\Facebook\Messenger\2.1.4801.0 folder moved successfully.
C:\Users\petra\AppData\Local\Facebook\Messenger\2.1.4651.0\locales folder moved successfully.
C:\Users\petra\AppData\Local\Facebook\Messenger\2.1.4651.0 folder moved successfully.
C:\Users\petra\AppData\Local\Facebook\Messenger\2.1.4623.0\locales folder moved successfully.
C:\Users\petra\AppData\Local\Facebook\Messenger\2.1.4623.0 folder moved successfully.
C:\Users\petra\AppData\Local\Facebook\Messenger\2.1.4590.0\locales folder moved successfully.
C:\Users\petra\AppData\Local\Facebook\Messenger\2.1.4590.0 folder moved successfully.
C:\Users\petra\AppData\Local\Facebook\Messenger\2.1.4570.0\locales folder moved successfully.
C:\Users\petra\AppData\Local\Facebook\Messenger\2.1.4570.0 folder moved successfully.
C:\Users\petra\AppData\Local\Facebook\Messenger\2.1.4520.0\locales folder moved successfully.
C:\Users\petra\AppData\Local\Facebook\Messenger\2.1.4520.0 folder moved successfully.
C:\Users\petra\AppData\Local\Facebook\Messenger folder moved successfully.
C:\Users\petra\AppData\Local\Facebook\CrashReports folder moved successfully.
C:\Users\petra\AppData\Local\Facebook folder moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Setwallpaper\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SonicMasterTray\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Search\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^petra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce\ deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: hedev
->Temp folder emptied: 43164427 bytes

User: petra
->Temp folder emptied: 917915 bytes
->Temporary Internet Files folder emptied: 309 bytes
->Java cache emptied: 2077281 bytes
->FireFox cache emptied: 89176089 bytes
->Google Chrome cache emptied: 65628402 bytes
->Flash cache emptied: 524 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 51662611 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 4818944 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42321591 bytes
RecycleBin emptied: 10288024 bytes

Total Files Cleaned = 296,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: hedev

User: petra
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 10122014_115429