VIRY.CZ

Prosím o kontrolu logu FRST.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-10-2014
Ran by Kofi (administrator) on KOFI-PC on 27-10-2014 12:46:35
Running from C:\Users\Kofi\Desktop
Loaded Profile: Kofi (Available profiles: Kofi)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
() C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe
() C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccsvchst.exe
(AVerMedia Technologies, Inc.) C:\Program Files (x86)\SnugTV\SnugTV Station\AMAServer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Valve Corporation) D:\Steam\Steam.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
() C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Valve Corporation) D:\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Valve Corporation) D:\Steam\bin\steamwebhelper.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
(Valve Corporation) D:\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Cm108Sound] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm108.dll,CMICtrlWnd
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2439072 2010-05-24] (VIA)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\RunOnce: [NIS] => C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\20.1.0.24\InstStub.exe [883160 2014-10-27] (Symantec Corporation)
HKU\S-1-5-21-1280492315-1666514276-2344633818-1000\...\Run: [Steam] => D:\Steam\steam.exe [1938624 2014-10-21] (Valve Corporation)
HKU\S-1-5-21-1280492315-1666514276-2344633818-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-03-09] (AMD)
HKU\S-1-5-21-1280492315-1666514276-2344633818-1000\...\Run: [LiveSupport] => "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
HKU\S-1-5-21-1280492315-1666514276-2344633818-1000\...\Run: [DAEMON Tools Lite] => D:\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1280492315-1666514276-2344633818-1000\...\Run: [**asova**<*>] => [X] <===== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-1280492315-1666514276-2344633818-1000\...\Run: [OscarEditor] => C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe [3340288 2012-03-20] ()
HKU\S-1-5-21-1280492315-1666514276-2344633818-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [437248 2014-09-12] (ZONER software)
HKU\S-1-5-21-1280492315-1666514276-2344633818-1000\...\MountPoints2: F - F:\Setup.exe
HKU\S-1-5-21-1280492315-1666514276-2344633818-1000\...\MountPoints2: {899477f8-3034-11e3-9f22-f46d046f97ca} - G:\SETUP.EXE
HKU\S-1-5-21-1280492315-1666514276-2344633818-1000\...\MountPoints2: {a4f3b18f-d878-11e3-8ffc-f46d046f97ca} - F:\setup\rsrc\Autorun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-07-04] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk
ShortcutTarget: AVerQuick.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SnugTV Quick Start.lnk
ShortcutTarget: SnugTV Quick Start.lnk -> C:\Windows\Installer\{198F93FD-9919-4010-8164-06BC2349959C}\NewShortcut1_46FEF19C05F1475DAA14D9007DC15270_2.exe (Macrovision Corporation)

==================== Internet (All) ===========================

HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.splashtop.com/asusexpress ... pe%3DWEB01
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
URLSearchHook: HKCU - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
URLSearchHook: HKCU - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKCU - DefaultScope {E607AFF2-E7DC-4b28-A4D7-EBCB1649EFD5} URL = http://www.bing.com/search?FORM=UP21DF& ... -SearchBox
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
SearchScopes: HKCU - {6D481E5A-E484-42AA-B004-E17661D9AFB0} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
SearchScopes: HKCU - {E607AFF2-E7DC-4b28-A4D7-EBCB1649EFD5} URL = http://www.bing.com/search?FORM=UP21DF& ... -SearchBox
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Symantec NCO BHO -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll (Symantec Corporation)
BHO-x32: Symantec Intrusion Prevention -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Rich Media Downloader -> {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} -> C:\Users\Kofi\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll No File
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll (Microsoft Corporation)
Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll (Microsoft Corporation)
Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - No File
Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll (Microsoft Corporation)
Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
Handler-x32: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
Handler-x32: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll (Microsoft Corporation)
Handler-x32: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
Handler-x32: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
Handler-x32: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
Handler-x32: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
Handler-x32: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
Handler-x32: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
Handler-x32: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
Handler-x32: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\msvidctl.dll (Microsoft Corporation)
Handler-x32: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Filter-x32: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation)
Winsock: Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Winsock: Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Winsock: Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Winsock: Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog5-x64 01 %SystemRoot%\system32\NLAapi.dll [70656] (Microsoft Corporation)
Winsock: Catalog5-x64 02 %SystemRoot%\system32\napinsp.dll [68096] (Microsoft Corporation)
Winsock: Catalog5-x64 03 %SystemRoot%\system32\pnrpnsp.dll [86016] (Microsoft Corporation)
Winsock: Catalog5-x64 04 %SystemRoot%\system32\pnrpnsp.dll [86016] (Microsoft Corporation)
Winsock: Catalog5-x64 05 %SystemRoot%\System32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog5-x64 06 %SystemRoot%\System32\winrnr.dll [28672] (Microsoft Corporation)
Winsock: Catalog9-x64 01 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 02 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 03 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 04 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 05 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 06 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 07 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 08 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 09 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 10 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppluginrichmediaplayer.dll ()
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\IPSFFPlgn
FF Extension: No Name - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\IPSFFPlgn [2013-07-02]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\coFFPlgn_2010_9_0_6
FF Extension: No Name - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\coFFPlgn_2010_9_0_6 [2013-08-27]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.msn.com/?pc=UP21&ocid=UP21DHP
CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=UP21&ocid=UP21DHP"
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSearchURL: Default -> https://www.bing.com/search?q={searchTerms}
CHR DefaultNewTabURL: Default -> https://www.bing.com/chrome/newtab
CHR DefaultSuggestURL: Default -> http://api.bing.com/osjson.aspx?query={ ... ={language}
CHR Profile: C:\Users\Kofi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Kofi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-07-02]
CHR Extension: (Disk Google) - C:\Users\Kofi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-02]
CHR Extension: (YouTube) - C:\Users\Kofi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-02]
CHR Extension: (Adblock Plus) - C:\Users\Kofi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-27]
CHR Extension: (Vyhledávání Google) - C:\Users\Kofi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-02]
CHR Extension: (save net) - C:\Users\Kofi\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjemckhafphjccclbhbgehfcecconbbm [2014-05-24]
CHR Extension: (Peněženka Google) - C:\Users\Kofi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (YoutubeAdblocker) - C:\Users\Kofi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohdiipinfagcpjjfmblnpeaokdjgmmhd [2014-05-24]
CHR Extension: (Palette for Chrome) - C:\Users\Kofi\AppData\Local\Google\Chrome\User Data\Default\Extensions\oolpphfmdmjbojolagcbgdemojhcnlod [2014-05-24]
CHR Extension: (Gmail) - C:\Users\Kofi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-02]
CHR StartMenuInternet: Google Chrome - "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-28] (Advanced Micro Devices, Inc.) [File not signed]
R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [348160 2010-04-27] (AVerMedia) [File not signed]
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [403456 2011-04-01] () [File not signed]
R2 AVerUpdateServer; C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe [168448 2011-01-06] (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe [126400 2011-08-04] (Symantec Corporation)
R2 SnugTV Service; C:\Program Files (x86)\SnugTV\SnugTV Station\AMAServer.exe [571904 2011-02-14] (AVerMedia Technologies, Inc.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AODDriver4.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
S3 AVerAF35; C:\Windows\System32\Drivers\AVerAF35.sys [677632 2010-03-16] (AVerMedia TECHNOLOGIES, Inc.)
S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [1393240 2013-06-20] (Symantec Corporation)
R1 ccHP; C:\Windows\system32\drivers\NISx64\1109000.00C\ccHPx64.sys [593544 2011-08-04] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-05-10] (Disc Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-07-02] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\IPSDefs\20130823.001\IDSvia64.sys [520280 2013-08-12] (Symantec Corporation)
S3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66800 2013-01-17] (Logitech Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1109000.00C\SRTSP64.SYS [505392 2010-04-22] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1109000.00C\SRTSPX64.SYS [32304 2010-04-22] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1109000.00C\SYMDS64.SYS [433200 2009-10-15] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1109000.00C\SYMEFA64.SYS [221304 2011-08-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [173104 2013-07-02] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\NISx64\1109000.00C\Ironx64.SYS [150064 2010-04-29] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\NISx64\1109000.00C\SYMTDIV.SYS [451704 2011-08-22] (Symantec Corporation)
S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\VirusDefs\20130823.019\ENG64.SYS [X]
S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\VirusDefs\20130823.019\EX64.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-27 12:46 - 2014-10-27 12:46 - 00028250 _____ () C:\Users\Kofi\Desktop\FRST.txt
2014-10-27 12:46 - 2014-10-27 12:45 - 02113024 _____ (Farbar) C:\Users\Kofi\Desktop\FRST64.exe
2014-10-27 12:45 - 2014-10-27 12:46 - 00000000 ____D () C:\FRST
2014-10-27 12:44 - 2014-10-27 12:45 - 02113024 _____ (Farbar) C:\Users\Kofi\Downloads\FRST64.exe
2014-10-27 12:29 - 2014-10-27 12:32 - 145587520 _____ (Symantec Corporation) C:\Users\Kofi\Downloads\NIS-TW-30-20-1-0-24-CZ.exe
2014-10-27 12:06 - 2014-10-27 12:06 - 00000000 ____D () C:\ProgramData\CanonIJ
2014-10-27 12:05 - 2014-10-27 12:05 - 00000000 ___HD () C:\ProgramData\CanonIJScan
2014-10-27 12:04 - 2014-10-27 12:04 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Kofi\Downloads\revosetup.exe
2014-10-27 12:04 - 2014-10-27 12:04 - 00001268 _____ () C:\Users\Kofi\Desktop\Revo Uninstaller.lnk
2014-10-27 12:04 - 2014-10-27 12:04 - 00000000 ___HD () C:\ProgramData\CanonIJSolutionMenuEX
2014-10-27 12:04 - 2014-10-27 12:04 - 00000000 ___HD () C:\ProgramData\CanonIJMyPrinter
2014-10-27 12:04 - 2014-10-27 12:04 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-10-27 12:03 - 2014-10-27 12:06 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-10-27 12:01 - 2011-03-31 10:07 - 00302080 _____ (CANON INC.) C:\Windows\system32\CNC_ATC.dll
2014-10-27 12:01 - 2011-03-31 10:07 - 00114688 _____ (CANON INC.) C:\Windows\SysWOW64\CNC_ATU.dll
2014-10-27 12:01 - 2011-03-31 10:06 - 00112128 _____ (CANON INC.) C:\Windows\system32\CNC_ATI.dll
2014-10-27 12:01 - 2011-03-30 12:55 - 00373248 _____ (CANON INC.) C:\Windows\system32\CNC_ATL.dll
2014-10-27 12:01 - 2011-03-30 12:54 - 00323584 _____ (CANON INC.) C:\Windows\SysWOW64\CNC_ATL.dll
2014-10-27 11:58 - 2014-10-27 11:58 - 00002079 _____ () C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
2014-10-27 11:56 - 2014-10-27 11:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2014-10-27 11:55 - 2014-10-27 11:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5300 series Manual
2014-10-27 11:55 - 2014-10-27 11:55 - 00000000 ____D () C:\Program Files\Canon
2014-10-27 11:54 - 2014-10-27 11:54 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information
2014-10-27 11:54 - 2014-10-27 11:54 - 00000000 ___HD () C:\Program Files\CanonBJ
2014-10-27 11:54 - 2014-10-27 11:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5300 series
2014-10-27 11:52 - 2014-10-27 11:59 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-10-27 11:48 - 2014-10-27 11:48 - 18624367 _____ () C:\Users\Kofi\Downloads\Uninstall Master X3 Setup.exe
2014-10-26 12:05 - 2014-10-27 11:15 - 00000112 _____ () C:\Windows\setupact.log
2014-10-26 12:05 - 2014-10-26 12:05 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-19 13:48 - 2014-10-19 13:56 - 730437632 _____ () C:\Users\Kofi\Downloads\AndÄ›lĂ© a dĂ©moni (2009) DVDRip CZ Dab.avi
2014-10-19 13:48 - 2014-10-19 13:56 - 730437632 _____ () C:\Users\Kofi\Downloads\AndÄ›lĂ© a dĂ©moni - 2009.avi
2014-10-19 09:40 - 2014-10-19 10:56 - 2742360064 _____ () C:\Users\Kofi\Downloads\Herkules - ZrozenĂ legendy (2014) cz dabing.avi
2014-10-18 15:01 - 2014-10-18 15:01 - 00000000 ___HD () C:\ProgramData\CanonIJQuickMenu
2014-10-18 14:58 - 2014-10-18 14:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registrace uživatele zařízení Canon MG5300 series
2014-10-18 14:57 - 2014-10-18 14:57 - 00000000 ____D () C:\Program Files\Common Files\CANON
2014-10-13 20:57 - 2014-10-13 21:04 - 947427118 _____ () C:\Users\Kofi\Downloads\Nez.si.pro.nas.prijde.2007.DVDrip.XviD.CZ.avi
2014-10-13 17:24 - 2014-10-13 17:24 - 00000110 ____H () C:\Users\Kofi\Desktop\kytky.jpg.uid-zps
2014-10-13 17:21 - 2014-10-13 17:21 - 00000110 ____H () C:\Users\Kofi\Desktop\linie2.jpg.uid-zps
2014-10-13 17:15 - 2014-10-13 17:15 - 00001884 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Zoner Photo Studio 17.lnk
2014-10-13 17:15 - 2014-10-13 17:15 - 00001878 _____ () C:\Users\Public\Desktop\Zoner Photo Studio 17.lnk
2014-10-13 17:15 - 2014-10-13 17:15 - 00000000 ____D () C:\Program Files\Zoner
2014-10-13 17:14 - 2014-10-13 17:14 - 80574752 _____ (ZONER software ) C:\Users\Kofi\Downloads\zps17_cz.exe
2014-10-13 17:02 - 2014-10-18 14:37 - 00000000 ____D () C:\Users\Kofi\AppData\Local\Zoner
2014-10-13 17:02 - 2014-10-13 17:02 - 00000000 ____D () C:\ProgramData\Zoner
2014-10-13 17:01 - 2014-10-13 17:01 - 55669400 _____ (ZONER software ) C:\Users\Kofi\Downloads\zps16_en_free.exe
2014-10-12 18:34 - 2014-10-12 18:35 - 184840188 _____ () C:\Users\Kofi\Desktop\Mamka foto.rar
2014-10-12 18:20 - 2014-10-12 18:20 - 00000000 ____D () C:\Users\Kofi\Desktop\Mamka foto
2014-10-11 19:53 - 2014-10-11 19:58 - 733947904 _____ () C:\Users\Kofi\Downloads\Doba ledova 2.avi
2014-10-05 16:30 - 2014-10-05 16:47 - 927653178 _____ () C:\Users\Kofi\Downloads\na hrane zitrka .CZ.avi
2014-10-05 12:55 - 2014-10-05 16:39 - 00000000 ____D () C:\Users\Kofi\Downloads\Need.For.Speed.Rivals.PC
2014-10-05 12:54 - 2014-10-05 12:54 - 00017471 _____ () C:\Users\Kofi\Downloads\Need.For.Speed.Rivals.PC.torrent
2014-10-04 14:27 - 2014-10-04 14:47 - 371026844 _____ () C:\Users\Kofi\Downloads\Kontrafakt---Navždy-(2013)-FLAC.rar
2014-10-04 13:42 - 2014-10-04 13:49 - 129012306 _____ () C:\Users\Kofi\Downloads\od-dudomila-Otecko_-_To_som_ja_(2011)_[320kbps]_-_carAnthony.rar
2014-10-03 05:32 - 2014-10-03 15:02 - 00000000 ____D () C:\Users\Kofi\Desktop\Filmy Laducha
2014-09-27 13:27 - 2014-10-25 22:34 - 00000000 ____D () C:\Windows\Minidump
2014-09-27 10:30 - 2012-11-18 09:23 - 00004628 _____ () C:\Users\Kofi\Documents\KOFROŇ_VLADIMÍR.p12

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-27 12:41 - 2013-09-01 18:19 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-10-27 12:41 - 2013-07-02 08:48 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-27 12:20 - 2014-02-28 15:19 - 00000000 ____D () C:\Users\Kofi\AppData\Local\Skype
2014-10-27 12:20 - 2013-08-01 01:43 - 00000000 ____D () C:\Users\Kofi\AppData\Roaming\Skype
2014-10-27 12:20 - 2013-08-01 01:43 - 00000000 ____D () C:\ProgramData\Skype
2014-10-27 12:17 - 2014-09-03 20:12 - 00000000 ____D () C:\Users\Kofi\AppData\Roaming\PopcornTime
2014-10-27 12:09 - 2013-07-02 00:36 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-27 12:05 - 2013-11-10 16:28 - 00000000 ____D () C:\Users\Kofi\AppData\Roaming\Canon
2014-10-27 12:05 - 2009-07-14 05:45 - 00015152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-27 12:05 - 2009-07-14 05:45 - 00015152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-27 12:03 - 2009-07-14 16:18 - 00668836 _____ () C:\Windows\system32\perfh005.dat
2014-10-27 12:03 - 2009-07-14 16:18 - 00141496 _____ () C:\Windows\system32\perfc005.dat
2014-10-27 12:03 - 2009-07-14 06:13 - 01584430 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-27 12:01 - 2013-07-01 23:50 - 01147210 _____ () C:\Windows\WindowsUpdate.log
2014-10-27 11:58 - 2013-11-10 16:27 - 00000000 ____D () C:\ProgramData\CanonIJWSpt
2014-10-27 11:56 - 2013-07-02 00:16 - 00000000 ____D () C:\Program Files (x86)\Norton Internet Security
2014-10-27 11:47 - 2013-07-01 23:56 - 00000000 ____D () C:\Users\Kofi
2014-10-27 11:44 - 2014-05-24 11:59 - 00000000 ____D () C:\Users\Guest
2014-10-27 11:44 - 2014-05-24 11:59 - 00000000 ____D () C:\Users\Administrator
2014-10-27 11:44 - 2013-07-02 00:14 - 00000000 ____D () C:\Users\Kofi\AppData\Roaming\DeviceVm
2014-10-27 11:15 - 2013-07-02 08:48 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-27 11:15 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-27 01:30 - 2013-07-02 09:53 - 00000000 ____D () C:\Users\Kofi\AppData\Roaming\TS3Client
2014-10-25 22:34 - 2014-05-17 15:40 - 00000000 ____D () C:\Users\Kofi\AppData\Roaming\uTorrent
2014-10-25 22:34 - 2013-10-08 18:29 - 00000000 ____D () C:\Users\Kofi\AppData\Roaming\DAEMON Tools Lite
2014-10-25 22:34 - 2013-07-31 23:40 - 00000000 ____D () C:\Users\Kofi\AppData\Local\CrashDumps
2014-10-19 17:22 - 2013-08-03 00:47 - 00000000 ____D () C:\Users\Kofi\AppData\Roaming\vlc
2014-10-19 09:24 - 2013-09-08 07:17 - 00000000 ____D () C:\Users\Kofi\Desktop\KB certifikát Vláďa
2014-10-18 15:07 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-10-18 14:36 - 2013-07-02 08:48 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-18 14:36 - 2013-07-02 08:48 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-18 10:38 - 2013-12-31 14:24 - 00000000 ____D () C:\Users\Kofi\Documents\TrackMania
2014-10-13 17:15 - 2014-01-22 19:47 - 00000000 ____D () C:\Users\Kofi\AppData\Roaming\Zoner
2014-10-10 19:50 - 2013-07-02 09:26 - 00000000 ____D () C:\Users\Kofi\Desktop\Songy
2014-10-03 15:22 - 2013-07-02 09:20 - 00000000 ____D () C:\Users\Kofi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

Files to move or delete:
====================
C:\Users\Kofi\convertmovtoavi_setup.exe

Some content of TEMP:
====================
C:\Users\Kofi\AppData\Local\Temp\Maint000.exe
C:\Users\Kofi\AppData\Local\Temp\Maint001.exe
C:\Users\Kofi\AppData\Local\Temp\Maint002.exe
C:\Users\Kofi\AppData\Local\Temp\Maint003.exe
C:\Users\Kofi\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Kofi\AppData\Local\Temp\uninst.exe
C:\Users\Kofi\AppData\Local\Temp\uninstall.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-10-26 17:30

==================== End Of Log ============================

Dobry den

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Stahnete a ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/,

ukoncete vsechny programy,
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem),
kliknete na Scan, pote na Clean,
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi.

Zde posílám a chci se zeptat, jestli je nutné udělat ještě RSIT a DDS?

# AdwCleaner v4.002 - Report created 27/10/2014 at 15:36:08
# DB v2014-10-26.6
# Updated 27/10/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Kofi - KOFI-PC
# Running from : C:\Users\Kofi\Downloads\adwcleaner_4.002.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Kofi\AppData\Local\Chromatic Browser
Folder Deleted : C:\ProgramData\DeviceVM
Folder Deleted : C:\Users\Kofi\AppData\Roaming\DeviceVM
Folder Deleted : C:\Users\Kofi\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Kofi\Documents\Optimizer Pro
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\Kofi\AppData\Local\torch
Folder Deleted : C:\ProgramData\save neet
Folder Deleted : C:\Program Files (x86)\save neet
Folder Deleted : C:\ProgramData\YoutubeAdblocker
Folder Deleted : C:\Program Files (x86)\YoutubeAdblocker
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjemckhafphjccclbhbgehfcecconbbm
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjemckhafphjccclbhbgehfcecconbbm
Folder Deleted : C:\Users\Kofi\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjemckhafphjccclbhbgehfcecconbbm
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohdiipinfagcpjjfmblnpeaokdjgmmhd
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohdiipinfagcpjjfmblnpeaokdjgmmhd
Folder Deleted : C:\Users\Kofi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohdiipinfagcpjjfmblnpeaokdjgmmhd
[!] Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjemckhafphjccclbhbgehfcecconbbm
[!] Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjemckhafphjccclbhbgehfcecconbbm
[!] Folder Deleted : C:\Users\Kofi\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjemckhafphjccclbhbgehfcecconbbm
[!] Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohdiipinfagcpjjfmblnpeaokdjgmmhd
[!] Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohdiipinfagcpjjfmblnpeaokdjgmmhd
[!] Folder Deleted : C:\Users\Kofi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohdiipinfagcpjjfmblnpeaokdjgmmhd
[!] Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjemckhafphjccclbhbgehfcecconbbm
[!] Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjemckhafphjccclbhbgehfcecconbbm
[!] Folder Deleted : C:\Users\Kofi\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjemckhafphjccclbhbgehfcecconbbm
[!] Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohdiipinfagcpjjfmblnpeaokdjgmmhd
[!] Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohdiipinfagcpjjfmblnpeaokdjgmmhd
[!] Folder Deleted : C:\Users\Kofi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohdiipinfagcpjjfmblnpeaokdjgmmhd
File Deleted : C:\Users\Kofi\AppData\Roaming\LiveSupport.exe_log.txt
File Deleted : C:\Users\Kofi\AppData\Roaming\regsvr32.exe_log.txt
File Deleted : C:\Users\Kofi\AppData\Local\Temp\Uninstall.exe

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [livesupport]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7DD5E91C-3864-77EC-7635-D14910C2A03E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17207

-\\ Google Chrome v38.0.2125.104

*************************

AdwCleaner[R0].txt - [5283 octets] - [27/10/2014 15:35:02]
AdwCleaner[S0].txt - [5309 octets] - [27/10/2014 15:36:08]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5369 octets] ##########

Urcite jej casem budu chtit, ale az si o nej pozadam

Ulozte na plochu zoek.exe http://hijackthis.nl/smeenk/zoek.htm

spustte jako spravce
do velkeho okna zkopirujte script uvedeny nize
kliknete na Run script
po restartu na Vas vyskoci log (pripadne jej najdete v C:\zoek-results.log) - vlozte mi jej do pristi odpovedi
Kód: Vybrat vše
```
autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;
```

Zde výpis z zoeku. :

Zoek.exe v5.0.0.0 Updated 26-10-2014
Tool run by Kofi on po 27.10.2014 at 16:44:28,78.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Kofi\Desktop\Ajtesty\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

27.10.2014 16:45:15 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1280492315-1666514276-2344633818-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} deleted successfully
HKEY_USERS\S-1-5-21-1280492315-1666514276-2344633818-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} deleted successfully
HKEY_USERS\S-1-5-21-1280492315-1666514276-2344633818-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9} deleted successfully
HKEY_USERS\S-1-5-21-1280492315-1666514276-2344633818-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9} deleted successfully
HKEY_USERS\S-1-5-21-1280492315-1666514276-2344633818-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{21347690-EC41-4F9A-8887-1F4AEE672439} deleted successfully
HKEY_USERS\S-1-5-21-1280492315-1666514276-2344633818-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{21347690-EC41-4F9A-8887-1F4AEE672439} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\PROGRA~3\InstallMate deleted
C:\Users\Kofi\Downloads\VideoPerformerSetup.exe deleted
C:\Users\Kofi\AppData\LocalLow\{3AF0C528-B185-B9AF-D186-1990A4737455} deleted
C:\Users\Kofi\AppData\LocalLow\{6777F2A4-DAD5-164B-46E7-6D5F0F0226B8} deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Users\Kofi\convertmovtoavi_setup.exe deleted
"C:\PROGRA~3\2dca8ee0fe3ae68a\{4820778D-AB0D-6D18-C316-52A6A0E1D507}" deleted
"C:\PROGRA~3\2dca8ee0fe3ae68a\{4820778D-AB0D-6D18-C316-52A6A0E1D507}.old" deleted
"C:\PROGRA~3\2dca8ee0fe3ae68a\{7DD5E91C-3864-77EC-7635-D14910C2A03E}" deleted
"C:\PROGRA~3\2dca8ee0fe3ae68a\{7DD5E91C-3864-77EC-7635-D14910C2A03E}.old" deleted
"C:\PROGRA~3\2dca8ee0fe3ae68a\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}" deleted
"C:\PROGRA~3\2dca8ee0fe3ae68a" deleted
"C:\PROGRA~2\Windows Portable Devices" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\coFFPlgn_2010_9_0_6" [01.09.2013 18:06]

==== Chromium Look ======================

save net - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jjemckhafphjccclbhbgehfcecconbbm
YoutubeAdblocker - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ohdiipinfagcpjjfmblnpeaokdjgmmhd
Palette for Chrome - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oolpphfmdmjbojolagcbgdemojhcnlod
Palette for Chrome - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oolpphfmdmjbojolagcbgdemojhcnlod
save net - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jjemckhafphjccclbhbgehfcecconbbm
YoutubeAdblocker - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ohdiipinfagcpjjfmblnpeaokdjgmmhd
Palette for Chrome - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oolpphfmdmjbojolagcbgdemojhcnlod
save net - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jjemckhafphjccclbhbgehfcecconbbm
YoutubeAdblocker - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ohdiipinfagcpjjfmblnpeaokdjgmmhd
Palette for Chrome - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oolpphfmdmjbojolagcbgdemojhcnlod
Palette for Chrome - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\oolpphfmdmjbojolagcbgdemojhcnlod
save net - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jjemckhafphjccclbhbgehfcecconbbm
YoutubeAdblocker - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ohdiipinfagcpjjfmblnpeaokdjgmmhd
Palette for Chrome - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oolpphfmdmjbojolagcbgdemojhcnlod
save net - Kofi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jjemckhafphjccclbhbgehfcecconbbm
YoutubeAdblocker - Kofi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ohdiipinfagcpjjfmblnpeaokdjgmmhd
Palette for Chrome - Kofi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oolpphfmdmjbojolagcbgdemojhcnlod
Palette for Chrome - Kofi\AppData\Local\Google\Chrome\User Data\Default\Extensions\oolpphfmdmjbojolagcbgdemojhcnlod
save net - Kofi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jjemckhafphjccclbhbgehfcecconbbm
YoutubeAdblocker - Kofi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ohdiipinfagcpjjfmblnpeaokdjgmmhd
Palette for Chrome - Kofi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oolpphfmdmjbojolagcbgdemojhcnlod

==== Chromium Fix ======================

C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ohdiipinfagcpjjfmblnpeaokdjgmmhd deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ohdiipinfagcpjjfmblnpeaokdjgmmhd deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ohdiipinfagcpjjfmblnpeaokdjgmmhd deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ohdiipinfagcpjjfmblnpeaokdjgmmhd deleted successfully
C:\Users\Kofi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ohdiipinfagcpjjfmblnpeaokdjgmmhd deleted successfully
C:\Users\Kofi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ohdiipinfagcpjjfmblnpeaokdjgmmhd deleted successfully
C:\Users\Kofi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ohdiipinfagcpjjfmblnpeaokdjgmmhd_0.localstorage deleted successfully
C:\Users\Kofi\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ohdiipinfagcpjjfmblnpeaokdjgmmhd deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jjemckhafphjccclbhbgehfcecconbbm deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jjemckhafphjccclbhbgehfcecconbbm deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jjemckhafphjccclbhbgehfcecconbbm deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jjemckhafphjccclbhbgehfcecconbbm deleted successfully
C:\Users\Kofi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jjemckhafphjccclbhbgehfcecconbbm deleted successfully
C:\Users\Kofi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jjemckhafphjccclbhbgehfcecconbbm deleted successfully
C:\Users\Kofi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jjemckhafphjccclbhbgehfcecconbbm_0.localstorage deleted successfully
C:\Users\Kofi\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jjemckhafphjccclbhbgehfcecconbbm deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oolpphfmdmjbojolagcbgdemojhcnlod deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oolpphfmdmjbojolagcbgdemojhcnlod deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oolpphfmdmjbojolagcbgdemojhcnlod deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oolpphfmdmjbojolagcbgdemojhcnlod deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\oolpphfmdmjbojolagcbgdemojhcnlod deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oolpphfmdmjbojolagcbgdemojhcnlod deleted successfully
C:\Users\Kofi\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oolpphfmdmjbojolagcbgdemojhcnlod deleted successfully
C:\Users\Kofi\AppData\Local\Google\Chrome\User Data\Default\Extensions\oolpphfmdmjbojolagcbgdemojhcnlod deleted successfully
C:\Users\Kofi\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oolpphfmdmjbojolagcbgdemojhcnlod deleted successfully
C:\Users\Kofi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_oolpphfmdmjbojolagcbgdemojhcnlod_0.localstorage deleted successfully
C:\Users\Kofi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_oolpphfmdmjbojolagcbgdemojhcnlod_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://search.splashtop.com/asusexpress ... pe%3DWEB01"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{6D481E5A-E484-42AA-B004-E17661D9AFB0} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_13415"
{E607AFF2-E7DC-4b28-A4D7-EBCB1649EFD5} Bing Url="http://www.bing.com/search?FORM=UP21DF& ... -SearchBox"

==== Reset Google Chrome ======================

C:\Users\Kofi\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Kofi\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Kofi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Kofi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Kofi\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=157 folders=52 6087527 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Kofi\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Kofi\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on po 27.10.2014 at 16:59:24,22 ======================

Dejte novy log FRST, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

Zde FRST

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-10-2014
Ran by Kofi (administrator) on KOFI-PC on 27-10-2014 17:15:42
Running from C:\Users\Kofi\Desktop
Loaded Profile: Kofi (Available profiles: Kofi)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
() C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe
() C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(AVerMedia Technologies, Inc.) C:\Program Files (x86)\SnugTV\SnugTV Station\AMAServer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Valve Corporation) D:\Steam\Steam.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
() C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Valve Corporation) D:\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) D:\Steam\bin\steamwebhelper.exe
(TeamSpeak Systems GmbH) D:\Teamspeak\ts3client_win32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Cm108Sound] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm108.dll,CMICtrlWnd
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2439072 2010-05-24] (VIA)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKU\S-1-5-21-1280492315-1666514276-2344633818-1000\...\Run: [Steam] => D:\Steam\steam.exe [1938624 2014-10-21] (Valve Corporation)
HKU\S-1-5-21-1280492315-1666514276-2344633818-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-03-09] (AMD)
HKU\S-1-5-21-1280492315-1666514276-2344633818-1000\...\Run: [DAEMON Tools Lite] => D:\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1280492315-1666514276-2344633818-1000\...\Run: [**asova**<*>] => [X] <===== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-1280492315-1666514276-2344633818-1000\...\Run: [OscarEditor] => C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe [3340288 2012-03-20] ()
HKU\S-1-5-21-1280492315-1666514276-2344633818-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [437248 2014-09-12] (ZONER software)
HKU\S-1-5-21-1280492315-1666514276-2344633818-1000\...\MountPoints2: F - F:\Setup.exe
HKU\S-1-5-21-1280492315-1666514276-2344633818-1000\...\MountPoints2: {899477f8-3034-11e3-9f22-f46d046f97ca} - G:\SETUP.EXE
HKU\S-1-5-21-1280492315-1666514276-2344633818-1000\...\MountPoints2: {a4f3b18f-d878-11e3-8ffc-f46d046f97ca} - F:\setup\rsrc\Autorun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-07-04] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk
ShortcutTarget: AVerQuick.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SnugTV Quick Start.lnk
ShortcutTarget: SnugTV Quick Start.lnk -> C:\Windows\Installer\{198F93FD-9919-4010-8164-06BC2349959C}\NewShortcut1_46FEF19C05F1475DAA14D9007DC15270_2.exe (Macrovision Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {6D481E5A-E484-42AA-B004-E17661D9AFB0} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Symantec NCO BHO -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll (Symantec Corporation)
BHO-x32: Symantec Intrusion Prevention -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppluginrichmediaplayer.dll ()
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\IPSFFPlgn
FF Extension: No Name - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\IPSFFPlgn [2013-07-02]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\coFFPlgn_2010_9_0_6
FF Extension: No Name - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\coFFPlgn_2010_9_0_6 [2013-08-27]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.msn.com/?pc=UP21&ocid=UP21DHP
CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=UP21&ocid=UP21DHP"
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSearchURL: Default -> https://www.bing.com/search?q={searchTerms}
CHR DefaultNewTabURL: Default -> https://www.bing.com/chrome/newtab
CHR DefaultSuggestURL: Default -> http://api.bing.com/osjson.aspx?query={ ... ={language}
CHR Profile: C:\Users\Kofi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Kofi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-27]
CHR Extension: (Dokumenty Google) - C:\Users\Kofi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-07-02]
CHR Extension: (Disk Google) - C:\Users\Kofi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-02]
CHR Extension: (YouTube) - C:\Users\Kofi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-02]
CHR Extension: (Adblock Plus) - C:\Users\Kofi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-27]
CHR Extension: (Vyhledávání Google) - C:\Users\Kofi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-02]
CHR Extension: (Tabulky Google) - C:\Users\Kofi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-27]
CHR Extension: (Peněženka Google) - C:\Users\Kofi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (Gmail) - C:\Users\Kofi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-02]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-28] (Advanced Micro Devices, Inc.) [File not signed]
R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [348160 2010-04-27] (AVerMedia) [File not signed]
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [403456 2011-04-01] () [File not signed]
R2 AVerUpdateServer; C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe [168448 2011-01-06] (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
S2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe [126400 2011-08-04] (Symantec Corporation)
R2 SnugTV Service; C:\Program Files (x86)\SnugTV\SnugTV Station\AMAServer.exe [571904 2011-02-14] (AVerMedia Technologies, Inc.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AODDriver4.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
S3 AVerAF35; C:\Windows\System32\Drivers\AVerAF35.sys [677632 2010-03-16] (AVerMedia TECHNOLOGIES, Inc.)
S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [1393240 2013-06-20] (Symantec Corporation)
R1 ccHP; C:\Windows\system32\drivers\NISx64\1109000.00C\ccHPx64.sys [593544 2011-08-04] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-05-10] (Disc Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-07-02] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\IPSDefs\20130823.001\IDSvia64.sys [520280 2013-08-12] (Symantec Corporation)
S3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66800 2013-01-17] (Logitech Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1109000.00C\SRTSP64.SYS [505392 2010-04-22] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1109000.00C\SRTSPX64.SYS [32304 2010-04-22] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1109000.00C\SYMDS64.SYS [433200 2009-10-15] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1109000.00C\SYMEFA64.SYS [221304 2011-08-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [173104 2013-07-02] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\NISx64\1109000.00C\Ironx64.SYS [150064 2010-04-29] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\NISx64\1109000.00C\SYMTDIV.SYS [451704 2011-08-22] (Symantec Corporation)
S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\VirusDefs\20130823.019\ENG64.SYS [X]
S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\VirusDefs\20130823.019\EX64.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-27 16:57 - 2014-10-27 16:44 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-10-27 16:44 - 2014-10-27 16:59 - 00013673 _____ () C:\zoek-results.log
2014-10-27 16:44 - 2014-10-27 16:56 - 00000000 ____D () C:\zoek_backup
2014-10-27 16:44 - 2014-10-27 16:44 - 04114148 _____ () C:\Users\Kofi\Desktop\zoek.zip
2014-10-27 16:43 - 2014-10-27 16:44 - 04114148 _____ () C:\Users\Kofi\Downloads\zoek.zip
2014-10-27 15:36 - 2014-10-27 16:58 - 00067544 _____ () C:\Windows\PFRO.log
2014-10-27 14:51 - 2014-10-27 15:36 - 00000000 ____D () C:\AdwCleaner
2014-10-27 14:51 - 2014-10-27 14:51 - 01998336 _____ () C:\Users\Kofi\Downloads\adwcleaner_4.002.exe
2014-10-27 12:47 - 2014-10-27 12:47 - 00029060 _____ () C:\Users\Kofi\Desktop\Addition.txt
2014-10-27 12:46 - 2014-10-27 17:15 - 00016020 _____ () C:\Users\Kofi\Desktop\FRST.txt
2014-10-27 12:46 - 2014-10-27 12:45 - 02113024 _____ (Farbar) C:\Users\Kofi\Desktop\FRST64.exe
2014-10-27 12:45 - 2014-10-27 17:15 - 00000000 ____D () C:\FRST
2014-10-27 12:44 - 2014-10-27 12:45 - 02113024 _____ (Farbar) C:\Users\Kofi\Downloads\FRST64.exe
2014-10-27 12:06 - 2014-10-27 12:06 - 00000000 ____D () C:\ProgramData\CanonIJ
2014-10-27 12:05 - 2014-10-27 12:05 - 00000000 ___HD () C:\ProgramData\CanonIJScan
2014-10-27 12:04 - 2014-10-27 12:04 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Kofi\Downloads\revosetup.exe
2014-10-27 12:04 - 2014-10-27 12:04 - 00001268 _____ () C:\Users\Kofi\Desktop\Revo Uninstaller.lnk
2014-10-27 12:04 - 2014-10-27 12:04 - 00000000 ___HD () C:\ProgramData\CanonIJSolutionMenuEX
2014-10-27 12:04 - 2014-10-27 12:04 - 00000000 ___HD () C:\ProgramData\CanonIJMyPrinter
2014-10-27 12:04 - 2014-10-27 12:04 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-10-27 12:03 - 2014-10-27 16:58 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-10-27 12:01 - 2011-03-31 10:07 - 00302080 _____ (CANON INC.) C:\Windows\system32\CNC_ATC.dll
2014-10-27 12:01 - 2011-03-31 10:07 - 00114688 _____ (CANON INC.) C:\Windows\SysWOW64\CNC_ATU.dll
2014-10-27 12:01 - 2011-03-31 10:06 - 00112128 _____ (CANON INC.) C:\Windows\system32\CNC_ATI.dll
2014-10-27 12:01 - 2011-03-30 12:55 - 00373248 _____ (CANON INC.) C:\Windows\system32\CNC_ATL.dll
2014-10-27 12:01 - 2011-03-30 12:54 - 00323584 _____ (CANON INC.) C:\Windows\SysWOW64\CNC_ATL.dll
2014-10-27 11:58 - 2014-10-27 11:58 - 00002079 _____ () C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
2014-10-27 11:56 - 2014-10-27 11:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2014-10-27 11:55 - 2014-10-27 11:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5300 series Manual
2014-10-27 11:55 - 2014-10-27 11:55 - 00000000 ____D () C:\Program Files\Canon
2014-10-27 11:54 - 2014-10-27 11:54 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information
2014-10-27 11:54 - 2014-10-27 11:54 - 00000000 ___HD () C:\Program Files\CanonBJ
2014-10-27 11:54 - 2014-10-27 11:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5300 series
2014-10-27 11:52 - 2014-10-27 11:59 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-10-26 12:05 - 2014-10-27 16:59 - 00000224 _____ () C:\Windows\setupact.log
2014-10-26 12:05 - 2014-10-26 12:05 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-19 13:48 - 2014-10-19 13:56 - 730437632 _____ () C:\Users\Kofi\Downloads\AndÄ›lĂ© a dĂ©moni (2009) DVDRip CZ Dab.avi
2014-10-19 13:48 - 2014-10-19 13:56 - 730437632 _____ () C:\Users\Kofi\Downloads\AndÄ›lĂ© a dĂ©moni - 2009.avi
2014-10-19 09:40 - 2014-10-19 10:56 - 2742360064 _____ () C:\Users\Kofi\Downloads\Herkules - ZrozenĂ legendy (2014) cz dabing.avi
2014-10-18 15:01 - 2014-10-18 15:01 - 00000000 ___HD () C:\ProgramData\CanonIJQuickMenu
2014-10-18 14:58 - 2014-10-18 14:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registrace uživatele zařízení Canon MG5300 series
2014-10-18 14:57 - 2014-10-18 14:57 - 00000000 ____D () C:\Program Files\Common Files\CANON
2014-10-13 20:57 - 2014-10-13 21:04 - 947427118 _____ () C:\Users\Kofi\Downloads\Nez.si.pro.nas.prijde.2007.DVDrip.XviD.CZ.avi
2014-10-13 17:24 - 2014-10-13 17:24 - 00000110 ____H () C:\Users\Kofi\Desktop\kytky.jpg.uid-zps
2014-10-13 17:21 - 2014-10-13 17:21 - 00000110 ____H () C:\Users\Kofi\Desktop\linie2.jpg.uid-zps
2014-10-13 17:15 - 2014-10-13 17:15 - 00001884 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Zoner Photo Studio 17.lnk
2014-10-13 17:15 - 2014-10-13 17:15 - 00001878 _____ () C:\Users\Public\Desktop\Zoner Photo Studio 17.lnk
2014-10-13 17:15 - 2014-10-13 17:15 - 00000000 ____D () C:\Program Files\Zoner
2014-10-13 17:14 - 2014-10-13 17:14 - 80574752 _____ (ZONER software ) C:\Users\Kofi\Downloads\zps17_cz.exe
2014-10-13 17:02 - 2014-10-18 14:37 - 00000000 ____D () C:\Users\Kofi\AppData\Local\Zoner
2014-10-13 17:02 - 2014-10-13 17:02 - 00000000 ____D () C:\ProgramData\Zoner
2014-10-13 17:01 - 2014-10-13 17:01 - 55669400 _____ (ZONER software ) C:\Users\Kofi\Downloads\zps16_en_free.exe
2014-10-12 18:34 - 2014-10-12 18:35 - 184840188 _____ () C:\Users\Kofi\Desktop\Mamka foto.rar
2014-10-12 18:20 - 2014-10-12 18:20 - 00000000 ____D () C:\Users\Kofi\Desktop\Mamka foto
2014-10-11 19:53 - 2014-10-11 19:58 - 733947904 _____ () C:\Users\Kofi\Downloads\Doba ledova 2.avi
2014-10-05 16:30 - 2014-10-05 16:47 - 927653178 _____ () C:\Users\Kofi\Downloads\na hrane zitrka .CZ.avi
2014-10-05 12:54 - 2014-10-05 12:54 - 00017471 _____ () C:\Users\Kofi\Downloads\Need.For.Speed.Rivals.PC.torrent
2014-10-04 14:27 - 2014-10-04 14:47 - 371026844 _____ () C:\Users\Kofi\Downloads\Kontrafakt---Navždy-(2013)-FLAC.rar
2014-10-04 13:42 - 2014-10-04 13:49 - 129012306 _____ () C:\Users\Kofi\Downloads\od-dudomila-Otecko_-_To_som_ja_(2011)_[320kbps]_-_carAnthony.rar
2014-10-03 05:32 - 2014-10-03 15:02 - 00000000 ____D () C:\Users\Kofi\Desktop\Filmy Laducha
2014-09-27 13:27 - 2014-10-25 22:34 - 00000000 ____D () C:\Windows\Minidump
2014-09-27 10:30 - 2012-11-18 09:23 - 00004628 _____ () C:\Users\Kofi\Documents\KOFROŇ_VLADIMÍR.p12

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-27 17:09 - 2013-07-02 00:36 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-27 17:06 - 2009-07-14 05:45 - 00015152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-27 17:06 - 2009-07-14 05:45 - 00015152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-27 17:05 - 2009-07-14 16:18 - 00668836 _____ () C:\Windows\system32\perfh005.dat
2014-10-27 17:05 - 2009-07-14 16:18 - 00141496 _____ () C:\Windows\system32\perfc005.dat
2014-10-27 17:05 - 2009-07-14 06:13 - 01584430 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-27 17:03 - 2013-07-02 09:53 - 00000000 ____D () C:\Users\Kofi\AppData\Roaming\TS3Client
2014-10-27 16:59 - 2013-07-02 08:48 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-27 16:59 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-27 16:58 - 2013-07-01 23:50 - 01173803 _____ () C:\Windows\WindowsUpdate.log
2014-10-27 16:54 - 2013-07-01 23:56 - 00000000 ____D () C:\Users\Kofi
2014-10-27 16:44 - 2013-07-02 09:26 - 00000000 ____D () C:\Users\Kofi\Desktop\Ajtesty
2014-10-27 16:42 - 2013-07-02 08:48 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-27 15:38 - 2013-07-02 00:28 - 00111960 _____ () C:\Users\Kofi\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-27 15:37 - 2009-07-14 05:45 - 00439696 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-27 12:41 - 2013-09-01 18:19 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-10-27 12:20 - 2014-02-28 15:19 - 00000000 ____D () C:\Users\Kofi\AppData\Local\Skype
2014-10-27 12:20 - 2013-08-01 01:43 - 00000000 ____D () C:\Users\Kofi\AppData\Roaming\Skype
2014-10-27 12:20 - 2013-08-01 01:43 - 00000000 ____D () C:\ProgramData\Skype
2014-10-27 12:17 - 2014-09-03 20:12 - 00000000 ____D () C:\Users\Kofi\AppData\Roaming\PopcornTime
2014-10-27 12:05 - 2013-11-10 16:28 - 00000000 ____D () C:\Users\Kofi\AppData\Roaming\Canon
2014-10-27 11:58 - 2013-11-10 16:27 - 00000000 ____D () C:\ProgramData\CanonIJWSpt
2014-10-27 11:56 - 2013-07-02 00:16 - 00000000 ____D () C:\Program Files (x86)\Norton Internet Security
2014-10-27 11:44 - 2014-05-24 11:59 - 00000000 ____D () C:\Users\Guest
2014-10-27 11:44 - 2014-05-24 11:59 - 00000000 ____D () C:\Users\Administrator
2014-10-25 22:34 - 2014-05-17 15:40 - 00000000 ____D () C:\Users\Kofi\AppData\Roaming\uTorrent
2014-10-25 22:34 - 2013-10-08 18:29 - 00000000 ____D () C:\Users\Kofi\AppData\Roaming\DAEMON Tools Lite
2014-10-25 22:34 - 2013-07-31 23:40 - 00000000 ____D () C:\Users\Kofi\AppData\Local\CrashDumps
2014-10-19 17:22 - 2013-08-03 00:47 - 00000000 ____D () C:\Users\Kofi\AppData\Roaming\vlc
2014-10-19 09:24 - 2013-09-08 07:17 - 00000000 ____D () C:\Users\Kofi\Desktop\KB certifikát Vláďa
2014-10-18 15:07 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-10-18 14:36 - 2013-07-02 08:48 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-18 14:36 - 2013-07-02 08:48 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-18 10:38 - 2013-12-31 14:24 - 00000000 ____D () C:\Users\Kofi\Documents\TrackMania
2014-10-13 17:15 - 2014-01-22 19:47 - 00000000 ____D () C:\Users\Kofi\AppData\Roaming\Zoner
2014-10-10 19:50 - 2013-07-02 09:26 - 00000000 ____D () C:\Users\Kofi\Desktop\Songy
2014-10-03 15:22 - 2013-07-02 09:20 - 00000000 ____D () C:\Users\Kofi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-10-02 15:53 - 2013-09-01 18:20 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-10-26 17:30

==================== End Of Log ============================

A addition mam uz z minuleho scanu, mam ho prilozit, protoze po druhem scanu se mi nevytvoril.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-10-2014
Ran by Kofi at 2014-10-27 12:47:09
Running from C:\Users\Kofi\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Internet Security (Disabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34024 - BitTorrent Inc.)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.5.146 - Adobe Systems, Inc.)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 2.4.595.1 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{C8807716-1F6F-5C43-3C32-7295A45CF060}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80328.2204 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2013.0328.2218.38225 - Název společnosti:) Hidden
ATI AVIVO64 Codecs (Version: 11.6.0.10309 - ATI Technologies Inc.) Hidden
AVerMedia A835 USB TV Tuner 8.0.64.57 (HKLM-x32\...\AVerMedia A835 USB TV Tuner) (Version: 8.0.64.57 - AVerMedia TECHNOLOGIES, Inc.)
AVerMedia Applications (HKLM-x32\...\InstallShield_{92C41B26-EBC5-41C5-8B6F-E3EF7E57FF16}) (Version: 1.0.4 - AVerMedia Technologies, Inc.)
AVerMedia Applications (x32 Version: 1.0.4 - AVerMedia Technologies, Inc.) Hidden
AVerTV 3D (HKLM-x32\...\InstallShield_{5016185F-05AF-455F-AA70-6B6E5D6D4E70}) (Version: 6.5 - AVerMedia Technologies, Inc.)
AVerTV 3D (x32 Version: 6.5 - AVerMedia Technologies, Inc.) Hidden
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
Bioshock Infinite 1.1.21.26939 (HKLM-x32\...\Bioshock Infinite_is1) (Version: - )
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - )
Canon MG5300 series On-screen Manual (HKLM-x32\...\Canon MG5300 series On-screen Manual) (Version: - )
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Convert MOV to AVI 1.0 (HKLM-x32\...\{A39EA3C8-7BF3-4FA7-9A67-3D3611BAE59E}_is1) (Version: - convertmovtoavi.com)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Časovač 3.00RC2 (HKLM-x32\...\Časovač 3.00RC2_is1) (Version: - Mastery.sk)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
GX GAMING CAVIMANUS HEADSET (HKLM\...\C-Media CM108 Like Sound Driver) (Version: - )
HydraVision (x32 Version: 4.2.188.0 - ATI Technologies Inc.) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
NHL® 09 (HKLM-x32\...\{F2B5A2A7-2DF9-4361-8BD5-362714528B51}) (Version: 2.0.1.0 - Electronic Arts)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
OSCAR Editor (x32 Version: 12.03.0004 - A4TECH) Hidden
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
Prometheus Sbírka úloh z fyziky pro SŠ 1.0 (HKLM-x32\...\Sbírka úloh z fyziky pro SŠ_is1) (Version: 1.0.11.0 - )
Registrace uživatele zařízení Canon MG5300 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG5300 series) (Version: - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SnugTV Station (HKLM-x32\...\{198F93FD-9919-4010-8164-06BC2349959C}) (Version: 3.6.17 - AVerMedia Technologies, Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.10 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)
Tom Clancy's Ghost Recon Phantoms - EU (HKLM-x32\...\Steam App 272350) (Version: - Ubisoft Singapore)
TP-LINK Wireless Client Utility (HKLM-x32\...\{7A2A107B-9695-423F-9462-8F17C178BD35}) (Version: 7.0 - TP-LINK)
TrackMania United (HKLM-x32\...\Steam App 7200) (Version: - Nadeo)
VIA Platforma Ovladače zařízení (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
X7 Oscar Editor (HKLM-x32\...\InstallShield_{3C2379D2-337A-4FFA-9017-BDFB80EC0931}) (Version: 12.03.0004 - A4TECH)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.1 - ZONER software)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

15-10-2014 17:19:56 Windows Update
19-10-2014 08:31:47 Windows Update
22-10-2014 18:12:49 Windows Update
26-10-2014 11:17:48 Windows Update
27-10-2014 10:43:53 Removed Browser Configuration Utility.
27-10-2014 11:05:45 Revo Uninstaller's restore point - PunkBuster Services
27-10-2014 11:06:52 Revo Uninstaller's restore point - Uninstall Master X3
27-10-2014 11:08:53 Revo Uninstaller's restore point - Ashampoo Burning Studio 6 FREE v.6.84
27-10-2014 11:16:16 Revo Uninstaller's restore point - Popcorn Time
27-10-2014 11:17:38 Revo Uninstaller's restore point - Skype Click to Call
27-10-2014 11:17:47 Removed Skype Click to Call
27-10-2014 11:19:13 Revo Uninstaller's restore point - Skype™ 6.14
27-10-2014 11:19:22 Removed Skype™ 6.14
27-10-2014 11:20:13 Revo Uninstaller's restore point - Zoner Callisto 5
27-10-2014 11:20:22 Removed Zoner Callisto 5
27-10-2014 11:21:58 Revo Uninstaller's restore point - Sniper Elite V2

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2013-10-26 18:10 - 00001297 ____A C:\Windows\system32\Drivers\etc\hosts
255.255.255.255 easyanticheat.se # misleading site
255.255.255.255 www.easyanticheat.se # misleading site
255.255.255.255 easyanticheat.com # misleading site
255.255.255.255 www.easyanticheat.com # misleading site
255.255.255.255 easyanticheat.info # misleading site
255.255.255.255 www.easyanticheat.info # misleading site
255.255.255.255 easyanticheat.org # misleading site
255.255.255.255 www.easyanticheat.org # misleading site

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0C97ED3C-1C65-46A3-AAEB-FEFC4F10C0DE} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
Task: {28E885BF-ACCE-48A2-B9DC-92EFD007E5D4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {3E68EA9B-7362-4A00-9806-9359EAAF18B5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-02] (Google Inc.)
Task: {DFCEF986-A5C0-4308-86FD-11B8B22E00CF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-02] (Google Inc.)
Task: {F91FA4AB-B771-46B2-8AFB-2551921C707A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-03-28 21:31 - 2013-03-28 21:31 - 00210944 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-09-23 12:53 - 2012-09-23 12:53 - 00748544 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-09-23 12:53 - 2012-09-23 12:53 - 03645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2013-09-01 20:55 - 2011-04-01 07:52 - 00403456 ____R () C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
2013-09-01 20:55 - 2010-01-05 12:43 - 00155648 ____R () C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2012-03-20 10:59 - 2012-03-20 10:59 - 03340288 _____ () C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe
2013-07-02 00:00 - 2010-05-24 10:10 - 00076192 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2013-07-02 00:00 - 2010-05-24 10:10 - 00383904 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2013-07-02 00:00 - 2010-05-24 10:10 - 00103328 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\VMicApi.dll
2013-07-02 00:00 - 2010-05-24 10:10 - 64641440 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll
2013-03-28 21:30 - 2013-03-28 21:30 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-10-27 12:03 - 2011-02-07 08:56 - 00138192 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2010-02-01 16:38 - 2010-02-01 16:38 - 00073728 _____ () C:\Program Files (x86)\SnugTV\SnugTV Station\CryptoRc4.dll
2010-12-23 08:11 - 2010-12-23 08:11 - 00019456 _____ () C:\Program Files (x86)\SnugTV\SnugTV Station\AVNetPass.dll
2014-08-29 16:21 - 2014-08-21 19:15 - 01171456 _____ () D:\Steam\libavcodec-56.dll
2014-08-29 16:21 - 2014-08-21 19:15 - 00442368 _____ () D:\Steam\libavutil-54.dll
2014-08-29 16:21 - 2014-08-21 19:15 - 00332800 _____ () D:\Steam\libavresample-2.dll
2013-05-06 16:05 - 2014-10-02 00:16 - 00774656 _____ () D:\Steam\SDL2.dll
2014-05-22 12:13 - 2014-10-21 20:22 - 02226880 _____ () D:\Steam\video.dll
2014-08-29 16:21 - 2014-08-21 19:15 - 00403968 _____ () D:\Steam\libavformat-56.dll
2014-08-29 16:21 - 2014-08-21 19:15 - 00485888 _____ () D:\Steam\libswscale-3.dll
2013-06-06 13:06 - 2014-10-21 20:22 - 00682176 _____ () D:\Steam\bin\chromehtml.DLL
2011-03-09 21:35 - 2011-03-09 21:35 - 00090112 _____ () C:\Program Files (x86)\ATI Technologies\HydraVision\HydraCsy.dll
2010-12-02 16:56 - 2010-12-02 16:56 - 00815104 _____ () C:\Program Files (x86)\OSCAR Editor X7\Data\X7\Forms\OSD_Text\OSD_Text.dll
2011-01-09 19:45 - 2011-01-09 19:45 - 00088064 _____ () C:\Program Files (x86)\OSCAR Editor X7\DLL\DLL_MouseDeviceManager.dll
2012-02-07 10:20 - 2012-02-07 10:20 - 02413568 _____ () C:\Program Files (x86)\OSCAR Editor X7\Data\X7\Forms\ScreenCapture\ScreenCapture.dll
2011-03-21 18:33 - 2011-03-21 18:33 - 00999424 _____ () C:\Program Files (x86)\OSCAR Editor X7\Data\X7\Forms\TrayIconWebAdvertisement\TrayIconWebAdvertisement.dll
2010-09-20 13:18 - 2010-09-20 13:18 - 00085504 _____ () C:\Program Files (x86)\OSCAR Editor X7\DLL\DLL_ZoomControl.dll
2010-09-20 13:18 - 2010-09-20 13:18 - 00054272 _____ () C:\Program Files (x86)\OSCAR Editor X7\DLL\DLL_ScrollbarControl.dll
2011-04-12 14:14 - 2011-04-12 14:14 - 00063488 _____ () C:\Program Files (x86)\OSCAR Editor X7\DLL\DLL_AnalyzeGesturesInRight.dll
2010-11-01 19:16 - 2010-11-01 19:16 - 00062976 _____ () C:\Program Files (x86)\OSCAR Editor X7\DLL\DLL_AnalyzeGesturesInOne.dll
2011-08-10 12:43 - 2011-08-10 12:43 - 00118272 _____ () C:\Program Files (x86)\OSCAR Editor X7\DLL\DLL_Wheel4D.dll
2013-03-26 15:16 - 2014-09-05 00:29 - 34589376 _____ () D:\Steam\bin\libcef.dll
2014-08-15 12:51 - 2014-09-05 00:29 - 00837824 _____ () D:\Steam\bin\ffmpegsumo.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-10-19 09:24 - 2014-10-10 03:03 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libglesv2.dll
2014-10-19 09:24 - 2014-10-10 03:03 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libegl.dll
2014-10-19 09:24 - 2014-10-10 03:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\pdf.dll
2014-10-19 09:24 - 2014-10-10 03:03 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\ffmpegsumo.dll
2014-10-19 09:24 - 2014-10-10 03:04 - 14902600 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-1280492315-1666514276-2344633818-500 - Administrator - Disabled)
Guest (S-1-5-21-1280492315-1666514276-2344633818-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1280492315-1666514276-2344633818-1004 - Limited - Enabled)
Kofi (S-1-5-21-1280492315-1666514276-2344633818-1000 - Administrator - Enabled) => C:\Users\Kofi

==================== Faulty Device Manager Devices =============

Name: BHDrvx64
Description: BHDrvx64
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: BHDrvx64
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Symantec Iron Driver
Description: Symantec Iron Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SymIRON
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: =========================

Application errors:
==================
Error: (10/27/2014 00:37:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program NIS-TW-30-20-1-0-24-CZ.exe verze 20.1.0.24 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: eb4

Čas spuštění: 01cff1d9bbde4100

Čas ukončení: 0

Cesta k aplikaci: C:\Users\Kofi\Downloads\NIS-TW-30-20-1-0-24-CZ.exe

ID hlášení:

Error: (10/27/2014 00:36:13 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: Kofi-PC)
Description: HRESULT:0x8004FF0A
Description:Security Essentials is still installed on your computer.. Security Essentials was not removed from your computer. It will continue to monitor your computer and help protect it from potential threats. Error code:0x8004FF0A.

Error: (10/08/2014 09:47:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: chrome.exe, verze: 37.0.2062.124, časové razítko: 0x5420d868
Název chybujícího modulu: chrome.dll, verze: 37.0.2062.124, časové razítko: 0x5420d5a6
Kód výjimky: 0x80000003
Posun chyby: 0x004f49a4
ID chybujícího procesu: 0x1504
Čas spuštění chybující aplikace: 0xchrome.exe0
Cesta k chybující aplikaci: chrome.exe1
Cesta k chybujícímu modulu: chrome.exe2
ID zprávy: chrome.exe3

Error: (09/21/2014 08:26:45 AM) (Source: MsiInstaller) (EventID: 1024) (User: Kofi-PC)
Description: Aktualizaci {AC76BA86-7AD7-0000-2550-7A8C40011009} produktu Adobe Reader XI (11.0.08) - Czech nebylo možné nainstalovat. Kód chyby: 1625. Instalační služba systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error: (09/21/2014 08:26:21 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/21/2014 08:26:21 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.

Kontext: aplikace Windows

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/21/2014 08:26:21 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt indexování nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/21/2014 08:26:21 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.TripoliIndexer> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Prvek nebyl nalezen. (HRESULT : 0x80070490) (0x80070490)

Error: (09/21/2014 08:26:18 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.JetPropStore> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/21/2014 08:26:18 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Služba Windows Search nenačetla informace o úložišti vlastností.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Databáze indexu obsahu je poškozená. (HRESULT : 0xc0041800) (0xc0041800)

System errors:
=============
Error: (10/27/2014 11:49:57 AM) (Source: cdrom) (EventID: 7) (User: )
Description: Zařízení \Device\CdRom0 má chybný blok.

Error: (10/27/2014 11:15:14 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
BHDrvx64
SymIRON

Error: (10/27/2014 11:15:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Update service neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (10/27/2014 11:15:04 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Update service bylo dosaženo časového limitu (30000 ms).

Error: (10/26/2014 00:05:44 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
BHDrvx64
SymIRON

Error: (10/26/2014 00:05:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Update service neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (10/26/2014 00:05:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Update service bylo dosaženo časového limitu (30000 ms).

Error: (10/25/2014 10:49:33 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
BHDrvx64
SymIRON

Error: (10/25/2014 10:49:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Update service neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (10/25/2014 10:49:26 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Update service bylo dosaženo časového limitu (30000 ms).

Microsoft Office Sessions:
=========================
Error: (10/27/2014 00:37:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: NIS-TW-30-20-1-0-24-CZ.exe20.1.0.24eb401cff1d9bbde41000C:\Users\Kofi\Downloads\NIS-TW-30-20-1-0-24-CZ.exe

Error: (10/27/2014 00:36:13 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: Kofi-PC)
Description: HRESULT:0x8004FF0A
Description:Security Essentials is still installed on your computer.. Security Essentials was not removed from your computer. It will continue to monitor your computer and help protect it from potential threats. Error code:0x8004FF0A.

Error: (10/08/2014 09:47:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe37.0.2062.1245420d868chrome.dll37.0.2062.1245420d5a680000003004f49a4150401cfe338ffa1029cC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\chrome.dll6224ba58-4f2c-11e4-863f-f46d046f97ca

Error: (09/21/2014 08:26:45 AM) (Source: MsiInstaller) (EventID: 1024) (User: Kofi-PC)
Description: Adobe Reader XI (11.0.08) - Czech{AC76BA86-7AD7-0000-2550-7A8C40011009}1625(NULL)(NULL)(NULL)

Error: (09/21/2014 08:26:21 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/21/2014 08:26:21 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontext: aplikace Windows

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/21/2014 08:26:21 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/21/2014 08:26:21 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Prvek nebyl nalezen. (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (09/21/2014 08:26:18 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (09/21/2014 08:26:18 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Databáze indexu obsahu je poškozená. (HRESULT : 0xc0041800) (0xc0041800)

==================== Memory info ===========================

Processor: AMD Phenom(tm) II X4 965 Processor
Percentage of memory in use: 35%
Total physical RAM: 8191.23 MB
Available physical RAM: 5262.09 MB
Total Pagefile: 16380.63 MB
Available Pagefile: 13289.47 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:195.31 GB) (Free:44.78 GB) NTFS
Drive d: () (Fixed) (Total:1667.6 GB) (Free:1574.26 GB) NTFS
Drive f: (COD4MW) (CDROM) (Total:6.32 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 60F2A56F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1667.6 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Netreba... na tvorbu fixlistu mi postacil puvodni.

Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho bole
ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
znovu spustte FRST a kliknete na Fix

po restartu na Vas vyskoci fixlog, jehoz obsah mi vlozte do pristi odpovedi

Kód: Vybrat vše

Start
CloseProcesses:
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-21-1280492315-1666514276-2344633818-1000\...\Run: [DAEMON Tools Lite] => D:\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1280492315-1666514276-2344633818-1000\...\Run: [**asova**<*>] => [X] <===== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-1280492315-1666514276-2344633818-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [437248 2014-09-12] (ZONER software)
HKU\S-1-5-21-1280492315-1666514276-2344633818-1000\...\MountPoints2: F - F:\Setup.exe
HKU\S-1-5-21-1280492315-1666514276-2344633818-1000\...\MountPoints2: {899477f8-3034-11e3-9f22-f46d046f97ca} - G:\SETUP.EXE
HKU\S-1-5-21-1280492315-1666514276-2344633818-1000\...\MountPoints2: {a4f3b18f-d878-11e3-8ffc-f46d046f97ca} - F:\setup\rsrc\Autorun.exe

Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
CHR HomePage: Default -> hxxp://www.msn.com/?pc=UP21&ocid=UP21DHP
CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=UP21&ocid=UP21DHP"
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSearchURL: Default -> https://www.bing.com/search?q={searchTerms}
CHR DefaultNewTabURL: Default -> https://www.bing.com/chrome/newtab
CHR DefaultSuggestURL: Default -> http://api.bing.com/osjson.aspx?query={searchTerms}&language={language}

2014-10-27 16:57 - 2014-10-27 16:44 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-10-27 16:44 - 2014-10-27 16:59 - 00013673 _____ () C:\zoek-results.log
2014-10-27 16:44 - 2014-10-27 16:56 - 00000000 ____D () C:\zoek_backup
2014-10-27 16:44 - 2014-10-27 16:44 - 04114148 _____ () C:\Users\Kofi\Desktop\zoek.zip
2014-10-27 16:43 - 2014-10-27 16:44 - 04114148 _____ () C:\Users\Kofi\Downloads\zoek.zip
Hosts:
EmptyTemp:
End

Fixlog zde

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 27-10-2014
Ran by Kofi at 2014-10-27 18:29:40 Run:1
Running from C:\Users\Kofi\Desktop
Loaded Profile: Kofi (Available profiles: Kofi)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-21-1280492315-1666514276-2344633818-1000\...\Run: [DAEMON Tools Lite] => D:\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1280492315-1666514276-2344633818-1000\...\Run: [**asova**<*>] => [X] <===== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-1280492315-1666514276-2344633818-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [437248 2014-09-12] (ZONER software)
HKU\S-1-5-21-1280492315-1666514276-2344633818-1000\...\MountPoints2: F - F:\Setup.exe
HKU\S-1-5-21-1280492315-1666514276-2344633818-1000\...\MountPoints2: {899477f8-3034-11e3-9f22-f46d046f97ca} - G:\SETUP.EXE
HKU\S-1-5-21-1280492315-1666514276-2344633818-1000\...\MountPoints2: {a4f3b18f-d878-11e3-8ffc-f46d046f97ca} - F:\setup\rsrc\Autorun.exe

Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
CHR HomePage: Default -> hxxp://www.msn.com/?pc=UP21&ocid=UP21DHP
CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=UP21&ocid=UP21DHP"
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSearchURL: Default -> https://www.bing.com/search?q={searchTerms}
CHR DefaultNewTabURL: Default -> https://www.bing.com/chrome/newtab
CHR DefaultSuggestURL: Default -> http://api.bing.com/osjson.aspx?query={ ... ={language}

2014-10-27 16:57 - 2014-10-27 16:44 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-10-27 16:44 - 2014-10-27 16:59 - 00013673 _____ () C:\zoek-results.log
2014-10-27 16:44 - 2014-10-27 16:56 - 00000000 ____D () C:\zoek_backup
2014-10-27 16:44 - 2014-10-27 16:44 - 04114148 _____ () C:\Users\Kofi\Desktop\zoek.zip
2014-10-27 16:43 - 2014-10-27 16:44 - 04114148 _____ () C:\Users\Kofi\Downloads\zoek.zip
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\BCSSync => value deleted successfully.
HKU\S-1-5-21-1280492315-1666514276-2344633818-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-1280492315-1666514276-2344633818-1000\Software\Microsoft\Windows\CurrentVersion\Run\\**asova**<*> => Value Deleted Successfully.
HKU\S-1-5-21-1280492315-1666514276-2344633818-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Autoupdate => value deleted successfully.
"HKU\S-1-5-21-1280492315-1666514276-2344633818-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-1280492315-1666514276-2344633818-1000" => Key not found.
"HKU\S-1-5-21-1280492315-1666514276-2344633818-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{899477f8-3034-11e3-9f22-f46d046f97ca}" => Key deleted successfully.
"HKCR\CLSID\{899477f8-3034-11e3-9f22-f46d046f97ca}" => Key not found.
"HKU\S-1-5-21-1280492315-1666514276-2344633818-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a4f3b18f-d878-11e3-8ffc-f46d046f97ca}" => Key deleted successfully.
"HKCR\CLSID\{a4f3b18f-d878-11e3-8ffc-f46d046f97ca}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully.
"HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => Key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.3.2" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
Chrome HomePage deleted successfully.
Chrome StartupUrls deleted successfully.
Chrome DefaultSearchKeyword deleted successfully.
Chrome DefaultSearchURL deleted successfully.
CHR DefaultNewTabURL: Default -> https://www.bing.com/chrome/newtab => Error: No automatic fix found for this entry.
Chrome DefaultSuggestURL deleted successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Kofi\Desktop\zoek.zip => Moved successfully.
C:\Users\Kofi\Downloads\zoek.zip => Moved successfully.
"C:\Windows\System32\Drivers\etc\hosts" => Could not move.
Could not reset Hosts.
EmptyTemp: => Removed 40.2 MB temporary data.

The system needed a reboot.

==== End of Fixlog ====

hosts soubor mate upraveny schvalne?
C:\Windows\system32\Drivers\etc\hosts

Kód: Vybrat vše

255.255.255.255 easyanticheat.se # misleading site
255.255.255.255 www.easyanticheat.se # misleading site
255.255.255.255 easyanticheat.com # misleading site
255.255.255.255 www.easyanticheat.com # misleading site
255.255.255.255 easyanticheat.info # misleading site
255.255.255.255 www.easyanticheat.info # misleading site
255.255.255.255 easyanticheat.org # misleading site
255.255.255.255 www.easyanticheat.org # misleading site

Co to znamena?

Tento soubor byva vyuzivan haveti k presmerovani na infikovane weby. Nebo i naopak byva vyuzivan k blokovani pristupu k urcitym webum.

Jdete do slozky C:\Windows\system32\Drivers\etc a otevrete soubor hosts v Poznamkovem bloku.
Obsah celeho souboru zkopirujte do dalsi odpovedi (pripadne dejte Ulozit jako... uprava.txt, zabalte jej do .rar a prilozte ke svemu postu).

Byl mi odepřen přístup.

Zkuste to v nouzovem rezimu se siti.

VIRY.CZ

Prosím o kontrolu FRST

Prosím o kontrolu FRST

Re: Prosím o kontrolu FRST

Re: Prosím o kontrolu FRST

Re: Prosím o kontrolu FRST

Re: Prosím o kontrolu FRST

Re: Prosím o kontrolu FRST

Re: Prosím o kontrolu FRST

Re: Prosím o kontrolu FRST

Re: Prosím o kontrolu FRST

Re: Prosím o kontrolu FRST

Re: Prosím o kontrolu FRST

Re: Prosím o kontrolu FRST

Re: Prosím o kontrolu FRST

Re: Prosím o kontrolu FRST

Re: Prosím o kontrolu FRST