bitcoin miner

[johnyyy]

Zdravim prosim o radu. Zjistil jsem, ze mam v pc bitcoin miner virus,ale vubec nevim jak ho odstranit na googlu jsem nasel plno navodu ale kazdy je jinaci a tezko se v tom vyznavam. Byl by nekdo ochotny mi to nejak jednoduse vysvetlit jak ho co nejrychleji a nejefektivneji odstranit? Dekuji. Ve screenu prikladam jak vypada v aktivnich ikonach v liste kde jde pouze vypnout je to ta oranzova kulata ikona.

[altrok]

Zdravim

vesteni na takove urovni jeste neovladam, takze na uvod vlozte log FRST - http://forum.viry.cz/viewtopic.php?f=13&t=133100

[johnyyy]

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-11-2014
Ran by Honza (administrator) on HONZA-PC on 07-11-2014 13:52:14
Running from K:\stahovani chrome
Loaded Profiles: Honza & UpdatusUser (Available profiles: Honza & UpdatusUser)
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(DeviceVM) C:\ASUS.SYS\config\DVMExportService.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Allstar Group, s.r.o.) C:\Program Files\GamePark2\gpcl.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-27] (NVIDIA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7637536 2013-07-12] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2013-07-12] (Realtek Semiconductor Corp.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5581888 2014-02-24] (ESET)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707472 2013-12-12] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2741616 2011-03-04] (Hewlett-Packard Company)
HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\...\Run: [System-boot] => C:\Windows\inf\SYSTEM-x32.exe [454144 2014-11-06] ()
HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\...\MountPoints2: {8805148b-2041-11e3-a8cc-00248c5b18e3} - L:\iStudio.exe
HKU\S-1-5-21-1823901968-3445124325-2316364854-1001\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-18\...\Run: [Google Update] => "C:\Windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe" /c
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamePark klient 2.lnk
ShortcutTarget: GamePark klient 2.lnk -> C:\Program Files\GamePark2\gpcl.exe (Allstar Group, s.r.o.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe ()
Startup: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FacKb00k.&￮k.lnk
ShortcutTarget: FacKb00k.&￮k.lnk -> (No File)
Startup: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Officejet 6500 E710n-z.lnk
ShortcutTarget: Sledovat výstrahy inkoustu - HP Officejet 6500 E710n-z.lnk -> C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

URLSearchHook: HKLM-x32 - BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No File
URLSearchHook: HKCU - BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... 49927&UM=1
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... 49927&UM=1
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: BS Player ControlBar Toolbar -> {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} -> No File
Toolbar: HKLM-x32 - BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No File
Toolbar: HKCU - No Name - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Společnost Microsoft)
Winsock: Catalog5-x64 02 %SystemRoot%\system32\napinsp.dll [62976] (Společnost Microsoft)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\zio14vp1.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> K:\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-09-23]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-07-15]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-07-12]
CHR Extension: (Disk Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-12]
CHR Extension: (YouTube) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-12]
CHR Extension: (Vyhledávání Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-12]
CHR Extension: (FromDocToPDF) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhhjmlmdpcpiojiffodbldlkgcnaeogp [2014-07-21]
CHR Extension: (Peněženka Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Gmail) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 DvmMDES; C:\ASUS.SYS\config\DVMExportService.exe [323584 2008-11-26] (DeviceVM) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1343408 2014-02-24] (ESET)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2014-01-28] (Futuremark)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 acsint; C:\Windows\System32\DRIVERS\acsint64.sys [49520 2013-12-12] (Cisco Systems, Inc.)
S3 acsmux; C:\Windows\System32\DRIVERS\acsmux64.sys [73584 2013-12-12] (Cisco Systems, Inc.)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-12-27] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [220232 2013-09-17] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-09-17] (ESET)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [275432 2009-04-11] (Společnost Microsoft)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15680 2006-11-01] ()
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1513320 2013-03-03] (Společnost Microsoft)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 npkcusb; \??\C:\Program Files (x86)\Lineage II\System\npkcusb.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-07 13:51 - 2014-11-07 13:52 - 00000000 ____D () C:\FRST
2014-11-06 20:12 - 2014-11-06 20:12 - 00003416 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Honza-PC-Honza
2014-11-06 20:04 - 2014-11-06 20:04 - 00001019 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2014-11-06 20:03 - 2014-11-06 20:04 - 00000000 ____D () C:\Program Files\Adobe
2014-11-06 20:03 - 2014-11-06 20:03 - 00001042 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk
2014-11-06 20:03 - 2014-11-06 20:03 - 00000981 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2014-11-06 20:02 - 2014-11-06 20:02 - 00001350 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2014-11-06 20:02 - 2014-11-06 20:02 - 00001188 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2014-11-06 20:02 - 2014-11-06 20:02 - 00001004 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
2014-11-06 20:01 - 2014-11-06 20:04 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-11-06 20:01 - 2014-11-06 20:01 - 00361836 _____ () C:\Users\Honza\AppData\Local\dd_vcredistMSI3426.txt
2014-11-06 20:01 - 2014-11-06 20:01 - 00350768 _____ () C:\Users\Honza\AppData\Local\dd_vcredistMSI3437.txt
2014-11-06 20:01 - 2014-11-06 20:01 - 00011580 _____ () C:\Users\Honza\AppData\Local\dd_vcredistUI3437.txt
2014-11-06 20:01 - 2014-11-06 20:01 - 00011564 _____ () C:\Users\Honza\AppData\Local\dd_vcredistUI3426.txt
2014-11-06 18:49 - 2014-11-06 18:49 - 00350766 _____ () C:\Users\Honza\AppData\Local\dd_vcredistMSI7CAF.txt
2014-11-06 18:49 - 2014-11-06 18:49 - 00011580 _____ () C:\Users\Honza\AppData\Local\dd_vcredistUI7CAF.txt
2014-11-06 18:48 - 2014-11-06 18:48 - 00361836 _____ () C:\Users\Honza\AppData\Local\dd_vcredistMSI7C9C.txt
2014-11-06 18:48 - 2014-11-06 18:48 - 00011564 _____ () C:\Users\Honza\AppData\Local\dd_vcredistUI7C9C.txt
2014-11-06 01:15 - 2014-11-06 01:15 - 00360736 _____ () C:\Users\Honza\AppData\Local\dd_vcredistMSI568F.txt
2014-11-06 01:15 - 2014-11-06 01:15 - 00348980 _____ () C:\Users\Honza\AppData\Local\dd_vcredistMSI5696.txt
2014-11-06 01:15 - 2014-11-06 01:15 - 00011532 _____ () C:\Users\Honza\AppData\Local\dd_vcredistUI568F.txt
2014-11-06 01:15 - 2014-11-06 01:15 - 00011516 _____ () C:\Users\Honza\AppData\Local\dd_vcredistUI5696.txt
2014-11-06 00:54 - 2014-11-06 20:12 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-11-06 00:51 - 2014-11-06 00:51 - 00439472 _____ () C:\Users\Honza\AppData\Local\dd_vcredistMSI440A.txt
2014-11-06 00:51 - 2014-11-06 00:51 - 00435460 _____ () C:\Users\Honza\AppData\Local\dd_vcredistMSI4424.txt
2014-11-06 00:51 - 2014-11-06 00:51 - 00011788 _____ () C:\Users\Honza\AppData\Local\dd_vcredistUI440A.txt
2014-11-06 00:51 - 2014-11-06 00:51 - 00011772 _____ () C:\Users\Honza\AppData\Local\dd_vcredistUI4424.txt
2014-10-24 21:24 - 2014-10-24 21:24 - 00000944 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2014-10-24 21:24 - 2014-10-24 21:24 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Canneverbe Limited
2014-10-24 21:24 - 2014-10-24 21:24 - 00000000 ____D () C:\ProgramData\Canneverbe Limited
2014-10-24 21:24 - 2014-10-24 21:24 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-10-17 08:59 - 2014-09-28 00:41 - 02782208 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-17 08:59 - 2014-09-17 07:57 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-17 08:59 - 2014-09-16 17:56 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-17 08:57 - 2014-06-15 23:18 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-17 08:57 - 2014-06-15 23:18 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-17 08:57 - 2014-06-13 19:22 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-17 08:57 - 2014-06-13 19:22 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-17 08:57 - 2014-06-13 18:36 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-17 08:57 - 2014-06-13 18:36 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-17 08:56 - 2014-09-05 00:38 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2014-10-16 19:24 - 2014-10-16 19:24 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-16 19:24 - 2014-10-16 19:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-10-16 13:21 - 2014-09-20 01:09 - 17867776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 13:21 - 2014-09-20 00:55 - 02339328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 13:21 - 2014-09-20 00:54 - 10920960 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 13:21 - 2014-09-20 00:50 - 01385472 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 13:21 - 2014-09-20 00:49 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 13:21 - 2014-09-20 00:48 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 13:21 - 2014-09-20 00:48 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-10-16 13:21 - 2014-09-20 00:48 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-16 13:21 - 2014-09-20 00:47 - 02157056 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 13:21 - 2014-09-20 00:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-10-16 13:21 - 2014-09-20 00:47 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 13:21 - 2014-09-20 00:47 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 13:21 - 2014-09-20 00:47 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-16 13:21 - 2014-09-20 00:46 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-16 13:21 - 2014-09-20 00:46 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-16 13:21 - 2014-09-20 00:46 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 13:21 - 2014-09-20 00:46 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 13:21 - 2014-09-20 00:46 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-10-16 13:21 - 2014-09-20 00:46 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-10-16 13:21 - 2014-09-20 00:45 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-16 13:21 - 2014-09-20 00:45 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-10-16 13:21 - 2014-09-19 23:53 - 12364288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-16 13:21 - 2014-09-19 23:44 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-16 13:21 - 2014-09-19 23:41 - 09739776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-16 13:21 - 2014-09-19 23:39 - 01138688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-16 13:21 - 2014-09-19 23:38 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-16 13:21 - 2014-09-19 23:37 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-16 13:21 - 2014-09-19 23:36 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-10-16 13:21 - 2014-09-19 23:36 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-16 13:21 - 2014-09-19 23:36 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-16 13:21 - 2014-09-19 23:35 - 01802752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-16 13:21 - 2014-09-19 23:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-10-16 13:21 - 2014-09-19 23:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-16 13:21 - 2014-09-19 23:35 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-16 13:21 - 2014-09-19 23:35 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-10-16 13:21 - 2014-09-19 23:34 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-16 13:21 - 2014-09-19 23:34 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-16 13:21 - 2014-09-19 23:34 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-16 13:21 - 2014-09-19 23:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-16 13:21 - 2014-09-19 23:34 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-10-16 13:21 - 2014-09-19 23:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-10-16 13:21 - 2014-09-19 23:33 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-09 15:22 - 2014-10-09 15:22 - 00000000 ____D () C:\ProgramData\LightScribe
2014-10-09 14:47 - 2014-10-09 14:47 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-07 13:32 - 2013-08-27 16:57 - 00000000 ____D () C:\Users\Honza\AppData\Local\Adobe
2014-11-07 13:28 - 2014-02-09 10:23 - 00001016 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job
2014-11-07 12:54 - 2008-01-21 02:53 - 01866407 _____ () C:\Windows\WindowsUpdate.log
2014-11-07 12:53 - 2013-07-12 00:01 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-07 12:28 - 2014-06-08 20:08 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-07 12:28 - 2014-01-21 11:16 - 00000000 ____D () C:\Windows\Minidump
2014-11-07 12:28 - 2013-10-21 12:20 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\uTorrent
2014-11-07 12:28 - 2013-07-12 14:39 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\TS3Client
2014-11-07 12:07 - 2013-08-27 16:58 - 00000000 ____D () C:\ProgramData\Adobe
2014-11-07 12:03 - 2013-10-14 16:38 - 00000000 ____D () C:\Users\Honza\AppData\Local\Paint.NET
2014-11-07 12:02 - 2008-01-21 10:32 - 01621384 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-07 12:02 - 2008-01-21 10:31 - 00673934 _____ () C:\Windows\system32\perfh005.dat
2014-11-07 12:02 - 2008-01-21 10:31 - 00153016 _____ () C:\Windows\system32\perfc005.dat
2014-11-07 11:58 - 2013-07-12 00:01 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-07 11:57 - 2006-11-02 16:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-07 11:57 - 2006-11-02 16:22 - 00003840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-07 11:57 - 2006-11-02 16:22 - 00003840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-07 11:56 - 2013-11-05 17:25 - 00000000 ____D () C:\Program Files (x86)\HP
2014-11-07 11:56 - 2006-11-02 16:42 - 00032540 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-07 10:28 - 2014-02-09 10:23 - 00000964 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job
2014-11-06 20:55 - 2006-11-02 16:21 - 04893520 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-06 20:12 - 2013-12-27 18:58 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\NVIDIA
2014-11-06 20:12 - 2013-07-12 15:43 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Adobe
2014-11-06 20:12 - 2013-07-11 16:55 - 00059864 _____ () C:\Users\Honza\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-06 20:03 - 2013-08-27 16:59 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-11-06 18:58 - 2013-11-13 21:33 - 00000000 ____D () C:\ProgramData\Nero
2014-11-06 18:49 - 2013-10-21 14:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCsoft
2014-11-06 18:49 - 2013-07-11 23:58 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-28 06:34 - 2013-07-12 20:38 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-22 20:49 - 2013-07-12 00:01 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-22 20:49 - 2013-07-12 00:01 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-17 08:58 - 2013-09-28 11:02 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-17 00:07 - 2013-12-26 20:46 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Skype
2014-10-16 19:24 - 2013-12-26 20:45 - 00000000 ____D () C:\ProgramData\Skype
2014-10-16 13:22 - 2013-12-22 19:38 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 13:19 - 2006-11-02 13:35 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-10-09 20:43 - 2014-08-19 17:45 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-10-09 15:22 - 2013-11-13 22:00 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Nero
2014-10-09 14:52 - 2006-11-02 14:33 - 00000000 ____D () C:\Windows\Cursors
2014-10-09 14:47 - 2013-10-06 09:11 - 00000000 ____D () C:\ProgramData\Package Cache

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-07 12:03

==================== End Of Log ============================

[altrok]

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/

• ukoncete vsechny programy
• kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
• kliknete na Scan, pote na Clean
• po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

[johnyyy]

# AdwCleaner v3.311 - Report created 07/11/2014 at 14:10:58
# Updated 30/09/2014 by Xplode
# Operating System : Windows (TM) Vista Home Premium Service Pack 2 (64 bits)
# Username : Honza - HONZA-PC
# Running from : K:\stahovani chrome\adwcleaner_3.311.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

[!] Folder Deleted : C:\ProgramData\Conduit
[!] Folder Deleted : C:\Program Files (x86)\BS_Player_ControlBar
[!] Folder Deleted : C:\Program Files (x86)\Conduit
[!] Folder Deleted : C:\Program Files (x86)\Tbccint
[!] Folder Deleted : C:\Program Files (x86)\BS_Player_ControlBar
[!] Folder Deleted : C:\Users\Honza\AppData\Local\Conduit
[!] Folder Deleted : C:\Users\Honza\AppData\LocalLow\BS_Player_ControlBar
[!] Folder Deleted : C:\Users\Honza\AppData\LocalLow\Conduit
[!] Folder Deleted : C:\Users\Honza\AppData\LocalLow\BS_Player_ControlBar
[!] Folder Deleted : C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhhjmlmdpcpiojiffodbldlkgcnaeogp

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1750559
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{055DD326-956C-4827-9467-A172509E81B3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{055DD326-956C-4827-9467-A172509E81B3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7B31388E-EB3C-42AF-995B-A0CBCF8C6D85}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4C7D19F1-5F39-4EEA-80C5-8DE24FD33317}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Tbccint_HKLM
Key Deleted : HKCU\Software\BS_Player_ControlBar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\BS_Player_ControlBar
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\DeviceVM
Key Deleted : HKLM\SOFTWARE\BS_Player_ControlBar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99AD9D6D-A456-49EE-8360-F22EE7AA1272}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{99AD9D6D-A456-49EE-8360-F22EE7AA1272}
Key Deleted : [x64] HKLM\SOFTWARE\DeviceVM

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16584


-\\ Mozilla Firefox v29.0.1 (en-US)

[ File : C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\zio14vp1.default\prefs.js ]


-\\ Google Chrome v38.0.2125.111

[ File : C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [5097 octets] - [07/11/2014 14:10:04]
AdwCleaner[S0].txt - [3997 octets] - [07/11/2014 14:10:58]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4057 octets] ##########

[altrok]

odinstalujte nelegalni ESS7 a nainstalujte nektere free reseni (Avast, Avira...)

odinstalujte nebo aktualizujte Javu na http://java.com/verify

dejte novy log FRST.txt, opet prilozte i Addition (pri druhem spusteni FRST musite rucne zatrhnout moznost Addition.txt)

[johnyyy]

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-11-2014
Ran by Honza (administrator) on HONZA-PC on 07-11-2014 14:33:41
Running from K:\stahovani chrome
Loaded Profiles: Honza & UpdatusUser (Available profiles: Honza & UpdatusUser)
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(DeviceVM) C:\ASUS.SYS\config\DVMExportService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Allstar Group, s.r.o.) C:\Program Files\GamePark2\gpcl.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-27] (NVIDIA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7637536 2013-07-12] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2013-07-12] (Realtek Semiconductor Corp.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707472 2013-12-12] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5223016 2014-11-07] (AVAST Software)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2741616 2011-03-04] (Hewlett-Packard Company)
HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\...\Run: [System-boot] => C:\Windows\inf\SYSTEM-x32.exe [454144 2014-11-06] ()
HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\...\MountPoints2: {8805148b-2041-11e3-a8cc-00248c5b18e3} - L:\iStudio.exe
HKU\S-1-5-21-1823901968-3445124325-2316364854-1001\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-18\...\Run: [Google Update] => "C:\Windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe" /c
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamePark klient 2.lnk
ShortcutTarget: GamePark klient 2.lnk -> C:\Program Files\GamePark2\gpcl.exe (Allstar Group, s.r.o.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe ()
Startup: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FacKb00k.&￮k.lnk
ShortcutTarget: FacKb00k.&￮k.lnk -> (No File)
Startup: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Officejet 6500 E710n-z.lnk
ShortcutTarget: Sledovat výstrahy inkoustu - HP Officejet 6500 E710n-z.lnk -> C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Společnost Microsoft)
Winsock: Catalog5-x64 02 %SystemRoot%\system32\napinsp.dll [62976] (Společnost Microsoft)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\zio14vp1.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> K:\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-07-15]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-11-07]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-07-12]
CHR Extension: (Disk Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-12]
CHR Extension: (YouTube) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-12]
CHR Extension: (Vyhledávání Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-12]
CHR Extension: (Peněženka Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Gmail) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-12]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-07]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-07] (AVAST Software)
R2 DvmMDES; C:\ASUS.SYS\config\DVMExportService.exe [323584 2008-11-26] (DeviceVM) [File not signed]
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2014-01-28] (Futuremark)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 acsint; C:\Windows\System32\DRIVERS\acsint64.sys [49520 2013-12-12] (Cisco Systems, Inc.)
S3 acsmux; C:\Windows\System32\DRIVERS\acsmux64.sys [73584 2013-12-12] (Cisco Systems, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-07] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-07] (AVAST Software)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12368 2014-11-07] (ALWIL Software)
R0 aswNdis2; C:\Windows\System32\Drivers\aswNdis2.sys [331504 2014-11-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64752 2014-11-07] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-07] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-07] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2014-11-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-07] ()
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-12-27] (Disc Soft Ltd)
U1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [275432 2009-04-11] (Společnost Microsoft)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15680 2006-11-01] ()
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1513320 2013-03-03] (Společnost Microsoft)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
R4 eamonm; system32\DRIVERS\eamonm.sys [X]
R4 ehdrv; system32\DRIVERS\ehdrv.sys [X]
R4 epfw; system32\DRIVERS\epfw.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 npkcusb; \??\C:\Program Files (x86)\Lineage II\System\npkcusb.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-07 14:30 - 2014-11-07 14:30 - 00331504 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdis2.sys
2014-11-07 14:30 - 2014-11-07 14:30 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-11-07 14:30 - 2014-11-07 14:30 - 00012368 _____ (ALWIL Software) C:\Windows\system32\Drivers\aswNdis.sys
2014-11-07 14:30 - 2014-11-07 14:30 - 00000000 ____D () C:\Windows\LastGood
2014-11-07 14:30 - 2014-11-07 14:27 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-11-07 14:28 - 2014-11-07 14:28 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\AVAST Software
2014-11-07 14:27 - 2014-11-07 14:30 - 00003838 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-11-07 14:27 - 2014-11-07 14:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-11-07 14:27 - 2014-11-07 14:27 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-07 14:27 - 2014-11-07 14:27 - 01049920 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1415366836185
2014-11-07 14:27 - 2014-11-07 14:27 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-11-07 14:27 - 2014-11-07 14:27 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-11-07 14:27 - 2014-11-07 14:27 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2014-11-07 14:27 - 2014-11-07 14:27 - 00082768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys.1415366836185
2014-11-07 14:27 - 2014-11-07 14:27 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-11-07 14:27 - 2014-11-07 14:27 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2014-11-07 14:27 - 2014-11-07 14:27 - 00064752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2014-11-07 14:27 - 2014-11-07 14:27 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-11-07 14:27 - 2014-11-07 14:27 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-11-07 14:27 - 2014-11-07 14:27 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-07 14:27 - 2014-11-07 14:27 - 00000000 _____ () C:\Windows\setupact.log
2014-11-07 14:26 - 2014-11-07 14:26 - 00004714 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_71-b14.log
2014-11-07 14:26 - 2014-09-26 18:36 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-11-07 14:25 - 2014-11-07 14:25 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-11-07 14:25 - 2014-11-07 14:25 - 00000000 ____D () C:\Program Files\AVAST Software
2014-11-07 14:12 - 2014-11-07 14:12 - 00011306 _____ () C:\Windows\PFRO.log
2014-11-07 14:10 - 2014-11-07 14:11 - 00000000 ____D () C:\AdwCleaner
2014-11-07 13:51 - 2014-11-07 14:33 - 00000000 ____D () C:\FRST
2014-11-06 20:12 - 2014-11-06 20:12 - 00003416 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Honza-PC-Honza
2014-11-06 20:04 - 2014-11-06 20:04 - 00001019 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2014-11-06 20:03 - 2014-11-06 20:04 - 00000000 ____D () C:\Program Files\Adobe
2014-11-06 20:03 - 2014-11-06 20:03 - 00001042 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk
2014-11-06 20:03 - 2014-11-06 20:03 - 00000981 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2014-11-06 20:02 - 2014-11-06 20:02 - 00001350 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2014-11-06 20:02 - 2014-11-06 20:02 - 00001188 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2014-11-06 20:02 - 2014-11-06 20:02 - 00001004 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
2014-11-06 20:01 - 2014-11-06 20:04 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-11-06 20:01 - 2014-11-06 20:01 - 00361836 _____ () C:\Users\Honza\AppData\Local\dd_vcredistMSI3426.txt
2014-11-06 20:01 - 2014-11-06 20:01 - 00350768 _____ () C:\Users\Honza\AppData\Local\dd_vcredistMSI3437.txt
2014-11-06 20:01 - 2014-11-06 20:01 - 00011580 _____ () C:\Users\Honza\AppData\Local\dd_vcredistUI3437.txt
2014-11-06 20:01 - 2014-11-06 20:01 - 00011564 _____ () C:\Users\Honza\AppData\Local\dd_vcredistUI3426.txt
2014-11-06 18:49 - 2014-11-06 18:49 - 00350766 _____ () C:\Users\Honza\AppData\Local\dd_vcredistMSI7CAF.txt
2014-11-06 18:49 - 2014-11-06 18:49 - 00011580 _____ () C:\Users\Honza\AppData\Local\dd_vcredistUI7CAF.txt
2014-11-06 18:48 - 2014-11-06 18:48 - 00361836 _____ () C:\Users\Honza\AppData\Local\dd_vcredistMSI7C9C.txt
2014-11-06 18:48 - 2014-11-06 18:48 - 00011564 _____ () C:\Users\Honza\AppData\Local\dd_vcredistUI7C9C.txt
2014-11-06 01:15 - 2014-11-06 01:15 - 00360736 _____ () C:\Users\Honza\AppData\Local\dd_vcredistMSI568F.txt
2014-11-06 01:15 - 2014-11-06 01:15 - 00348980 _____ () C:\Users\Honza\AppData\Local\dd_vcredistMSI5696.txt
2014-11-06 01:15 - 2014-11-06 01:15 - 00011532 _____ () C:\Users\Honza\AppData\Local\dd_vcredistUI568F.txt
2014-11-06 01:15 - 2014-11-06 01:15 - 00011516 _____ () C:\Users\Honza\AppData\Local\dd_vcredistUI5696.txt
2014-11-06 00:54 - 2014-11-06 20:12 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-11-06 00:51 - 2014-11-06 00:51 - 00439472 _____ () C:\Users\Honza\AppData\Local\dd_vcredistMSI440A.txt
2014-11-06 00:51 - 2014-11-06 00:51 - 00435460 _____ () C:\Users\Honza\AppData\Local\dd_vcredistMSI4424.txt
2014-11-06 00:51 - 2014-11-06 00:51 - 00011788 _____ () C:\Users\Honza\AppData\Local\dd_vcredistUI440A.txt
2014-11-06 00:51 - 2014-11-06 00:51 - 00011772 _____ () C:\Users\Honza\AppData\Local\dd_vcredistUI4424.txt
2014-10-24 21:24 - 2014-10-24 21:24 - 00000944 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2014-10-24 21:24 - 2014-10-24 21:24 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Canneverbe Limited
2014-10-24 21:24 - 2014-10-24 21:24 - 00000000 ____D () C:\ProgramData\Canneverbe Limited
2014-10-24 21:24 - 2014-10-24 21:24 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-10-17 08:59 - 2014-09-28 00:41 - 02782208 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-17 08:59 - 2014-09-17 07:57 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-17 08:59 - 2014-09-16 17:56 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-17 08:57 - 2014-06-15 23:18 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-17 08:57 - 2014-06-15 23:18 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-17 08:57 - 2014-06-13 19:22 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-17 08:57 - 2014-06-13 19:22 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-17 08:57 - 2014-06-13 18:36 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-17 08:57 - 2014-06-13 18:36 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-17 08:56 - 2014-09-05 00:38 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2014-10-16 19:24 - 2014-10-16 19:24 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-16 19:24 - 2014-10-16 19:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-10-16 13:21 - 2014-09-20 01:09 - 17867776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 13:21 - 2014-09-20 00:55 - 02339328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 13:21 - 2014-09-20 00:54 - 10920960 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 13:21 - 2014-09-20 00:50 - 01385472 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 13:21 - 2014-09-20 00:49 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 13:21 - 2014-09-20 00:48 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 13:21 - 2014-09-20 00:48 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-10-16 13:21 - 2014-09-20 00:48 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-16 13:21 - 2014-09-20 00:47 - 02157056 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 13:21 - 2014-09-20 00:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-10-16 13:21 - 2014-09-20 00:47 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 13:21 - 2014-09-20 00:47 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 13:21 - 2014-09-20 00:47 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-16 13:21 - 2014-09-20 00:46 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-16 13:21 - 2014-09-20 00:46 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-16 13:21 - 2014-09-20 00:46 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 13:21 - 2014-09-20 00:46 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 13:21 - 2014-09-20 00:46 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-10-16 13:21 - 2014-09-20 00:46 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-10-16 13:21 - 2014-09-20 00:45 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-16 13:21 - 2014-09-20 00:45 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-10-16 13:21 - 2014-09-19 23:53 - 12364288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-16 13:21 - 2014-09-19 23:44 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-16 13:21 - 2014-09-19 23:41 - 09739776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-16 13:21 - 2014-09-19 23:39 - 01138688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-16 13:21 - 2014-09-19 23:38 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-16 13:21 - 2014-09-19 23:37 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-16 13:21 - 2014-09-19 23:36 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-10-16 13:21 - 2014-09-19 23:36 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-16 13:21 - 2014-09-19 23:36 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-16 13:21 - 2014-09-19 23:35 - 01802752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-16 13:21 - 2014-09-19 23:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-10-16 13:21 - 2014-09-19 23:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-16 13:21 - 2014-09-19 23:35 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-16 13:21 - 2014-09-19 23:35 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-10-16 13:21 - 2014-09-19 23:34 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-16 13:21 - 2014-09-19 23:34 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-16 13:21 - 2014-09-19 23:34 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-16 13:21 - 2014-09-19 23:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-16 13:21 - 2014-09-19 23:34 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-10-16 13:21 - 2014-09-19 23:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-10-16 13:21 - 2014-09-19 23:33 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-09 15:22 - 2014-10-09 15:22 - 00000000 ____D () C:\ProgramData\LightScribe
2014-10-09 14:47 - 2014-10-09 14:47 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-07 14:28 - 2014-03-12 22:29 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-07 14:28 - 2014-02-09 10:23 - 00001016 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job
2014-11-07 14:26 - 2014-03-12 23:18 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-07 14:16 - 2008-01-21 10:32 - 01621384 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-07 14:16 - 2008-01-21 10:31 - 00673934 _____ () C:\Windows\system32\perfh005.dat
2014-11-07 14:16 - 2008-01-21 10:31 - 00153016 _____ () C:\Windows\system32\perfc005.dat
2014-11-07 14:12 - 2013-07-12 00:01 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-07 14:12 - 2006-11-02 16:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-07 14:12 - 2006-11-02 16:22 - 00003840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-07 14:12 - 2006-11-02 16:22 - 00003840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-07 14:11 - 2008-01-21 02:53 - 01873927 _____ () C:\Windows\WindowsUpdate.log
2014-11-07 14:11 - 2006-11-02 16:42 - 00032540 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-07 13:54 - 2013-07-12 00:01 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-07 13:32 - 2013-08-27 16:57 - 00000000 ____D () C:\Users\Honza\AppData\Local\Adobe
2014-11-07 12:28 - 2014-06-08 20:08 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-07 12:28 - 2014-01-21 11:16 - 00000000 ____D () C:\Windows\Minidump
2014-11-07 12:28 - 2013-10-21 12:20 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\uTorrent
2014-11-07 12:28 - 2013-07-12 14:39 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\TS3Client
2014-11-07 12:07 - 2013-08-27 16:58 - 00000000 ____D () C:\ProgramData\Adobe
2014-11-07 12:03 - 2013-10-14 16:38 - 00000000 ____D () C:\Users\Honza\AppData\Local\Paint.NET
2014-11-07 11:56 - 2013-11-05 17:25 - 00000000 ____D () C:\Program Files (x86)\HP
2014-11-07 10:28 - 2014-02-09 10:23 - 00000964 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job
2014-11-06 20:55 - 2006-11-02 16:21 - 04893520 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-06 20:12 - 2013-12-27 18:58 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\NVIDIA
2014-11-06 20:12 - 2013-07-12 15:43 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Adobe
2014-11-06 20:12 - 2013-07-11 16:55 - 00059864 _____ () C:\Users\Honza\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-06 20:03 - 2013-08-27 16:59 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-11-06 18:58 - 2013-11-13 21:33 - 00000000 ____D () C:\ProgramData\Nero
2014-11-06 18:49 - 2013-10-21 14:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCsoft
2014-11-06 18:49 - 2013-07-11 23:58 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-28 06:34 - 2013-07-12 20:38 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-22 20:49 - 2013-07-12 00:01 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-22 20:49 - 2013-07-12 00:01 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-17 08:58 - 2013-09-28 11:02 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-17 00:07 - 2013-12-26 20:46 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Skype
2014-10-16 19:24 - 2013-12-26 20:45 - 00000000 ____D () C:\ProgramData\Skype
2014-10-16 13:22 - 2013-12-22 19:38 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 13:19 - 2006-11-02 13:35 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-10-09 20:43 - 2014-08-19 17:45 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-10-09 15:22 - 2013-11-13 22:00 - 00000000 ____D () C:\Users\Honza\AppData\Roaming\Nero
2014-10-09 14:52 - 2006-11-02 14:33 - 00000000 ____D () C:\Windows\Cursors
2014-10-09 14:47 - 2013-10-06 09:11 - 00000000 ____D () C:\ProgramData\Package Cache

Some content of TEMP:
====================
C:\Users\Honza\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Honza\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-07 14:19

==================== End Of Log ============================

[altrok]

• Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
• ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
• znovu spustte FRST a kliknete na Fix
• po restartu na Vas vyskoci fixlog, jehoz obsah mi vlozte do pristi odpovedi

  Kód: Vybrat vše

  Start
  CloseProcesses:
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job => C:\Windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job => C:\Windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe
  HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-27] (NVIDIA Corporation)
  HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
  HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
  HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
  HKLM-x32\...\Run: [] => [X]
  HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
  HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
  HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
  HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
  HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\...\Run: [AdobeBridge] => [X]
  HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\...\Run: [System-boot] => C:\Windows\inf\SYSTEM-x32.exe [454144 2014-11-06] ()
  HKU\S-1-5-21-1823901968-3445124325-2316364854-1000\...\MountPoints2: {8805148b-2041-11e3-a8cc-00248c5b18e3} - L:\iStudio.exe
  C:\Windows\inf\SYSTEM-x32.exe
  Startup: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FacKb00k.&￮k.lnk
  ShortcutTarget: FacKb00k.&￮k.lnk -> (No File)
  FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
  U1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)
  S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
  R4 eamonm; system32\DRIVERS\eamonm.sys [X]
  R4 ehdrv; system32\DRIVERS\ehdrv.sys [X]
  R4 epfw; system32\DRIVERS\epfw.sys [X]
  S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
  S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
  S3 npkcusb; \??\C:\Program Files (x86)\Lineage II\System\npkcusb.sys [X]
  S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
  S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
  C:\ProgramData\Conduit
  C:\Program Files (x86)\BS_Player_ControlBar
  C:\Program Files (x86)\Conduit
  C:\Program Files (x86)\Tbccint
  C:\Program Files (x86)\BS_Player_ControlBar
  C:\Users\Honza\AppData\Local\Conduit
  C:\Users\Honza\AppData\LocalLow\BS_Player_ControlBar
  C:\Users\Honza\AppData\LocalLow\Conduit
  C:\Users\Honza\AppData\LocalLow\BS_Player_ControlBar
  C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhhjmlmdpcpiojiffodbldlkgcnaeogp
  Hosts:
  EmptyTemp:
  End
  

[johnyyy]

kdyz dam fix pise to ze to zadny takto pojmenovany soubor nenalezlo mam pritom na plose ulozeno fixlist

[altrok]

protoze jste nepostupoval presne jiz podle prvniho navodu na FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

FRST i fixlist musi byt na plose

Kód: Vybrat vše

Running from K:\stahovani chrome

[johnyyy]

Tak uz to fungovalo ovsem po restartu na me nevyskocil fixlog a nefunguje mi klavesnice sviti ale tlacitka nereaguji

[altrok]

restartujte PC

fixlog je umisten na plose... zkopirujte mi jeho obsah do pristi odpovedi

[johnyyy]

Pc jsem restartoval 3x a klavesnice i pres to nefunguje v ovladacich panelech to u ni pise ze neco chybi nebo je nejaka chyba v registru omlouvam se ale musim nyni odejit odjizdim do nedele pryc zatim Vam moc dekuji za Vasi ochotu a pomoc v nedeli prilozim do prispevku ten vypis P.S dole v liste uz se neobjevuje ta ikona spusteni bitcoinu tak mozna uz to bude v poradku pak nato kdyztak mrknete zatim dekuji

[altrok]

taky ted padim pryc.. v nedeli kolem obeda nebo vecer to doresime

[johnyyy]

Tak jiz jsem doma stale mi ale nefunguje klavesnice konfiguracni informace v registru jsou neuplne nebo poskozene