VIRY.CZ

Dobrý den, mám tu jeden problém, CCA po hodině se mi PC začne načítat a nejde s ním absolutně nic dělat, pokaždé musím počítač vypnout a znovu zapnout, děkuji... zde je log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Ruda at 2014-12-13 19:01:32
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 89 GB (19%) free of 466 GB
Total RAM: 8172 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:01:37, on 13.12.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Users\Ruda\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.15.4\dsrlte.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLMSService.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
C:\Program Files (x86)\Surftastic\bin\Surftastic.BrowserAdapter.exe
C:\Program Files (x86)\Surftastic\bin\Surftastic.expext.exe
C:\Program Files (x86)\Surftastic\bin\Surftastic.BOASHelper.exe
C:\Users\Ruda\AppData\Local\Pokki\Engine\pokki.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Users\Ruda\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Program Files (x86)\Clownfish\Clownfish.exe
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Users\Ruda\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Users\Ruda\AppData\Local\Pokki\Engine\pokki.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
C:\Program Files\trend micro\Ruda.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://rts.dsrlte.com?affID=na
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: BitTorrentControl_v12 Toolbar - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBit0.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - C:\Users\Ruda\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll (file missing)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: BitTorrentControl_v12 - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBit0.dll
O2 - BHO: Surftastic 1.0.0.4 - {c6673938-a52b-4dc6-af05-783e7e2c8b65} - C:\Program Files (x86)\Surftastic\SurftasticBHO.dll
O2 - BHO: MediaWatchV1home3540 - {cb34e612-a6a1-4c55-bf3a-44d20e81701b} - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home3540\ie\MediaWatchV1home3540.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: BitTorrentControl_v12 Toolbar - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBit0.dll
O3 - Toolbar: avast! EasyPass Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [OOTag] C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe
O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [Google Update] "C:\Users\Ruda\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Ruda\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Clownfish] "C:\Program Files (x86)\Clownfish\Clownfish.exe"
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [BitTorrent] "C:\Users\Ruda\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Pokki] C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
O4 - HKCU\..\Run: [GSplay.exe] C:\Users\Ruda\Desktop\GSplay.exe
O4 - HKCU\..\Run: [Yahoo! Search] C:\Users\Ruda\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.15.4\dsrlte.exe
O4 - HKCU\..\RunOnce: [Application Restart #3] C:\Users\Ruda\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Ruda\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Startup: GamersFirst LIVE!.lnk = C:\Users\Ruda\AppData\Local\GamersFirst\LIVE!\Live.exe
O8 - Extra context menu item: Customize Menu - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html
O8 - Extra context menu item: Fill Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Show avast! EasyPass Toolbar - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Show avast! EasyPass Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - C:\Users\Ruda\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll (file missing)
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~2\mocaflix\sprote~1.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\PROGRAM FILES (X86)\LOGMEIN HAMACHI\LMIGUARDIANSVC.EXE
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MaintainerSvc2.68.0219210 - Unknown owner - C:\ProgramData\f7d523a7-723b-4679-8c70-0e90e3053cba\maintainer.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Update Surftastic - Unknown owner - C:\Program Files (x86)\Surftastic\updateSurftastic.exe
O23 - Service: Util Surftastic - Unknown owner - C:\Program Files (x86)\Surftastic\bin\utilSurftastic.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 18985 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {72B595E5-3137-4B38-AC21-2DA45B168640}
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe"
"taskhost.exe"
taskeng.exe {F9814770-87E3-4A4D-8B6A-CA9E9ACB2E31}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\PROGRAM FILES (X86)\LOGMEIN HAMACHI\LMIGUARDIANSVC.EXE"
"C:\ProgramData\f7d523a7-723b-4679-8c70-0e90e3053cba\maintainer.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files (x86)\Surftastic\updateSurftastic.exe"
"C:\Program Files (x86)\Surftastic\bin\utilSurftastic.exe"
taskeng.exe {5F744FE3-BA16-4E24-A95B-EB475A8BBB37}
"C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Ruda\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.15.4\dsrlte.exe"
"C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLMSService.exe"
"C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-3487a4f9-cbea-4c74-8c0a-57a1645eaaf8 -SystemEventPortName:HostProcess-29b3d1d9-0cca-470d-bc1c-54313bef8c8d -IoCancelEventPortName:HostProcess-70b11725-3107-403b-b96d-4401a41a60d5 -NonStateChangingEventPortName:HostProcess-d0613caf-e74d-4e02-ac6b-daccb1e44455 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:3b1cd46a-7dbd-400c-83fc-5ce874688e57 -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe"
"C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe"
"C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version9\TeamViewer9_Logfile.log
"C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version9\TeamViewer9_Logfile.log
/c 7afdf09f-2962-474b-921e-0eb348d3fe27 /i 1311c8d0-9528-43e4-8099-1c956663567d /z "n=Surftastic&is=amp12lmcz&dpt=20"
/c 7afdf09f-2962-474b-921e-0eb348d3fe27 /i 1311c8d0-9528-43e4-8099-1c956663567d /z "n=Surftastic&is=amp12lmcz&dpt=20"
/ieg 1311c8d0-9528-43e4-8099-1c956663567d /is amp12lmcz
/w 910 /h 100 /cg cf271df7-77ff-4ce8-bd50-1da0a0190cf2 /gc 1 /ff 1 /ie 1 /is amp12lmcz
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Users\Ruda\AppData\Local\Pokki\Engine\pokki.exe"
"C:\Program Files (x86)\Surftastic\bin\Surftastic.PurBrowse64.exe" /l false /s false /c "Surftastic" /t "C:\Program Files (x86)\Surftastic\bin\TEMP" /i "http://apisurftasticnet-a.akamaihd.net/ ... 0000000000" /d {03d08387-c95c-46e0-b2f8-4cd0ed929279}w64 /p 7afdf09f-2962-474b-921e-0eb348d3fe27:chrome /p 1311c8d0-9528-43e4-8099-1c956663567d:iexplore /p 8750e2d0-c5e5-4f1f-a0f9-1dbec7f66454:opera /h cdn.sharedaddomain.com,cdn.sharedaddomain2.com 0 10 "C:\Program Files (x86)\Surftastic\bin\bau" true
\??\C:\Windows\system32\conhost.exe "-5407957846962369841497287527510839655382984-1575393662785084280-540780153
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe"
"C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe"
"C:\Users\Ruda\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
"C:\Program Files (x86)\Clownfish\Clownfish.exe"
"C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe"
"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" /ELEVATED
C:\Windows\SysWOW64\DllHost.exe /Processid:{3F6B5E16-092A-41ED-930B-0B4125D91D4E}
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe"
"C:\Users\Ruda\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
"C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
"C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
"C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
"C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe" -PID:"4580" -RunMxAddonsMgr -UserName:"guest" -LangIni:"C:\Program Files (x86)\Maxthon\Language\cs-cz.ini" -AppDataPath:"C:\Users\Ruda\AppData\Roaming\Maxthon3\" /prefetch:3
"C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe" -RunResMgr -MainFrmIpc:"IPC_M_R_000011E4" -UsersFolder:"C:\Users\Ruda\AppData\Roaming\Maxthon3\Users\" -UserName:"guest" -LangIni:"C:\Program Files (x86)\Maxthon\Language\cs-cz.ini" -AppDataPath:"C:\Users\Ruda\AppData\Roaming\Maxthon3\" -ProductType:"intl" /prefetch:3
"C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe" -RunCore -CoreType:"webkit-normal-0-000011E4" -MainFrmIpc:"IPC_M_C_000011E4" -ResMgrIpc:"IPC_R_C_000011E4" -UserName:"guest" -LangIni:"C:\Program Files (x86)\Maxthon\Language\cs-cz.ini" -AppDataPath:"C:\Users\Ruda\AppData\Roaming\Maxthon3\" -ProductType:"intl" -CustomCacheFolder:"%TEMP%\Maxthon3Cache\Temp\Webkit\Cache" -SyEvent:"mxevent_IPC_R_C_000011E4" /prefetch:3
"C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" "-launchedbycsxs"
"C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe"
"C:\Users\Ruda\AppData\Local\Pokki\Engine\pokki.exe" --type=renderer --disable-breakpad --disable-desktop-notifications --disable-logging --disable-speech-input --lang=en-US --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/1/OneClickSignIn/Standard/Prefetch/ContentPrefetchPrefetchOn/Prerender/PrerenderMulti/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V1/SpdyCwnd/cwndDynamic/SpeculativePrefetchingLearning/SpeculativePrefetchingLearningEnabled/Test0PercentDefault/group_01/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_69/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --noerrdialogs --disable-client-side-phishing-detection --disable-bundled-ppapi-flash --channel="4904.2.778403813\1977419010" /prefetch:3
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\/../CoreSync/CoreSync.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe" --type=renderer --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --channel="5664.0.1556767420\2050681720" /prefetch:3
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe" -RunMxDl -IPC_M_D_NAME:"IPC_M_D_000011E4" -IPC_C_D_NAME:"IPC_C_D_00001670" -IPC_R_D_NAME:"IPC_R_D_000011E4" -SyEvent:"mxevent_IPC_R_D_000011E4" -LANG_INI_FILE:"C:\Program Files (x86)\Maxthon\Language\cs-cz.ini" -MxdlConfigFolder:"C:\Users\Ruda\AppData\Roaming\Maxthon3\Public\Downloader\" /prefetch:3
"C:\Users\Ruda\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\AmiUpdXp.job - C:\Users\Ruda\AppData\Local\17009\Updater.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-393152356-2371770671-4028496107-1000Core.job - C:\Users\Ruda\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-393152356-2371770671-4028496107-1000UA.job - C:\Users\Ruda\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-393152356-2371770671-4028496107-1000Core.job - C:\Users\Ruda\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-393152356-2371770671-4028496107-1000UA.job - C:\Users\Ruda\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\OptimizerProUpdaterTask{9A578FB7-C0AC-4946-85D6-5824F7D34832}.job - C:\ProgramData\Premium\OptimizerPro\OptimizerPro.exe /schedule /profilepath "C:\ProgramData\Premium\OptimizerPro\profile.ini"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
avast! EasyPass Toolbar Helper - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2012-09-28 24518144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-07-19 537576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-08-07 612248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11 1154720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-07-19 193512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
avast! EasyPass Toolbar Helper - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2012-09-28 18425000]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-04-28 462752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-08-07 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}]
Rich Media Downloader - C:\Users\Ruda\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}]
BitTorrentControl_v12 Toolbar - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBit0.dll [2013-06-18 231712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c6673938-a52b-4dc6-af05-783e7e2c8b65}]
Surftastic 1.0.0.4 - C:\Program Files (x86)\Surftastic\SurftasticBHO.dll [2014-11-26 249768]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cb34e612-a6a1-4c55-bf3a-44d20e81701b}]
Media Watch - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home3540\ie\MediaWatchV1home3540.dll [2014-03-20 87040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11 1431712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-04-28 171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{724d43a0-0d85-11d4-9908-00400523e39a} - avast! EasyPass Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2012-09-28 24518144]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11 1154720]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - BitTorrentControl_v12 Toolbar - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBit0.dll [2013-06-18 231712]
{724d43a0-0d85-11d4-9908-00400523e39a} - avast! EasyPass Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2012-09-28 18425000]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11 1431712]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-11-30 11660904]
"OOTag"=C:\Program Files (x86)\Acer\OOBEOffer\ootag.exe [2010-02-23 13856]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2012-09-07 2777296]
"SpywareTerminatorUpdater"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2013-04-03 3684488]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03 472984]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Ruda\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-15 116648]
"AdobeBridge"= []
"RoboForm"=C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2012-09-28 96056]
"Facebook Update"=C:\Users\Ruda\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-30 138096]
"Clownfish"=C:\Program Files (x86)\Clownfish\Clownfish.exe [2012-09-27 1122040]
"Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2012-12-14 3093624]
"Sony PC Companion"=C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2014-10-15 468192]
"EA Core"=C:\Program Files (x86)\Electronic Arts\EADM\Core.exe [2009-09-03 3342336]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-05-08 21445248]
"BitTorrent"=C:\Users\Ruda\AppData\Roaming\BitTorrent\BitTorrent.exe [2014-11-30 1388888]
"Pokki"=C:\Users\Ruda\AppData\Local\Pokki\Engine\Launcher.dll [2013-12-05 1271064]
"GSplay.exe"=C:\Users\Ruda\Desktop\GSplay.exe [2014-03-12 4772747]
"Yahoo! Search"=C:\Users\Ruda\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.15.4\dsrlte.exe [2014-10-29 533352]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #3"=C:\Users\Ruda\AppData\Local\Pokki\Engine\pokki.exe [2013-12-05 8285512]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-04-02 340848]
"EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2011-03-29 408432]
"EgisUpdate"=C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2011-03-29 202608]
"OOTag"=C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe [2010-02-23 13856]
"ArcadeMovieService"=C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [2011-08-31 185640]
"Hotkey Utility"=C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2011-08-11 627304]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2013-06-14 2236816]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-08-07 4085896]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2014-12-01 3835728]

C:\Users\Ruda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
GamersFirst LIVE!.lnk - C:\Users\Ruda\AppData\Local\GamersFirst\LIVE!\Live.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-12-13 19:01:32 ----D---- C:\rsit
2014-12-13 19:01:32 ----D---- C:\Program Files\trend micro
2014-12-13 13:36:42 ----D---- C:\Windows\system32\appraiser
2014-12-13 12:33:09 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2014-12-13 12:28:09 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-12-13 12:28:09 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-12-13 12:28:09 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-12-13 12:28:09 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-12-13 12:28:09 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-12-13 12:28:09 ----A---- C:\Windows\system32\rrinstaller.exe
2014-12-13 12:28:09 ----A---- C:\Windows\system32\mfps.dll
2014-12-13 12:28:09 ----A---- C:\Windows\system32\mfpmp.exe
2014-12-13 12:28:09 ----A---- C:\Windows\system32\mferror.dll
2014-12-13 12:28:08 ----A---- C:\Windows\system32\mf.dll
2014-12-12 18:20:22 ----A---- C:\Windows\system32\appraiser.dll
2014-12-12 18:20:22 ----A---- C:\Windows\system32\aitstatic.exe
2014-12-12 18:20:22 ----A---- C:\Windows\system32\aepic.dll
2014-12-12 18:20:22 ----A---- C:\Windows\system32\aeinv.dll
2014-12-12 18:20:21 ----A---- C:\Windows\system32\invagent.dll
2014-12-12 18:20:21 ----A---- C:\Windows\system32\generaltel.dll
2014-12-12 18:20:21 ----A---- C:\Windows\system32\devinv.dll
2014-12-12 18:20:19 ----A---- C:\Windows\system32\aepdu.dll
2014-12-12 18:20:09 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-12-12 18:20:09 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-12-12 18:20:09 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-12-12 18:20:09 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-12-12 18:20:09 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-12-12 18:20:08 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-12-12 18:20:08 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-12-12 18:20:08 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-12-12 18:20:08 ----A---- C:\Windows\system32\iernonce.dll
2014-12-12 18:20:08 ----A---- C:\Windows\system32\ie4uinit.exe
2014-12-12 18:20:07 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-12-12 18:20:07 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-12-12 18:20:07 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-12-12 18:20:07 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-12 18:20:05 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-12-12 18:20:05 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-12-12 18:20:05 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-12-12 18:20:05 ----A---- C:\Windows\system32\urlmon.dll
2014-12-12 18:20:05 ----A---- C:\Windows\system32\iedkcs32.dll
2014-12-12 18:20:04 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-12-12 18:20:04 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-12-12 18:20:04 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-12-12 18:20:04 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-12-12 18:20:03 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-12-12 18:20:03 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-12-12 18:20:03 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-12-12 18:20:03 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-12 18:20:03 ----A---- C:\Windows\system32\msfeeds.dll
2014-12-12 18:20:03 ----A---- C:\Windows\system32\dxtrans.dll
2014-12-12 18:20:02 ----A---- C:\Windows\system32\iesetup.dll
2014-12-12 18:20:02 ----A---- C:\Windows\system32\ieapfltr.dll
2014-12-12 18:20:01 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-12-12 18:20:01 ----A---- C:\Windows\system32\iertutil.dll
2014-12-12 18:20:00 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-12-12 18:20:00 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-12-12 18:20:00 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-12-12 18:20:00 ----A---- C:\Windows\system32\jsproxy.dll
2014-12-12 18:19:59 ----A---- C:\Windows\system32\ieUnatt.exe
2014-12-12 18:19:58 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-12-12 18:19:58 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-12-12 18:19:58 ----A---- C:\Windows\system32\dxtmsft.dll
2014-12-12 18:19:57 ----A---- C:\Windows\system32\ieui.dll
2014-12-12 18:19:57 ----A---- C:\Windows\system32\ieframe.dll
2014-12-12 18:19:56 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-12-12 18:19:56 ----A---- C:\Windows\system32\mshtmled.dll
2014-12-12 18:19:56 ----A---- C:\Windows\system32\jscript9diag.dll
2014-12-12 18:19:56 ----A---- C:\Windows\system32\jscript9.dll
2014-12-12 18:19:55 ----A---- C:\Windows\system32\wininet.dll
2014-12-12 18:19:55 ----A---- C:\Windows\system32\vbscript.dll
2014-12-12 18:19:54 ----A---- C:\Windows\system32\msrating.dll
2014-12-12 18:19:54 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-12-12 18:19:54 ----A---- C:\Windows\system32\mshtml.dll
2014-12-12 18:19:14 ----A---- C:\Windows\system32\drivers\tdx.sys
2014-12-12 18:19:13 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-12-12 18:19:12 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-12-12 18:19:10 ----A---- C:\Windows\SYSWOW64\charmap.exe
2014-12-12 18:19:10 ----A---- C:\Windows\system32\charmap.exe
2014-12-12 18:19:07 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-12-12 18:19:07 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-12-12 18:19:07 ----A---- C:\Windows\system32\WsmSvc.dll
2014-12-12 18:19:06 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2014-12-12 18:19:06 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2014-12-12 18:19:06 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2014-12-12 18:19:06 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2014-12-12 18:19:06 ----A---- C:\Windows\system32\WsmAuto.dll
2014-12-12 18:19:06 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-12 18:19:06 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2014-12-12 18:19:00 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-12-12 18:19:00 ----A---- C:\Windows\system32\tzres.dll
2014-12-06 20:40:23 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2014-11-30 17:31:39 ----A---- C:\Windows\system32\drivers\{03d08387-c95c-46e0-b2f8-4cd0ed929279}w64.sys
2014-11-23 15:24:12 ----SHD---- C:\found.001
2014-11-21 16:00:17 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2014-11-21 16:00:17 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-11-21 16:00:17 ----A---- C:\Windows\system32\pku2u.dll
2014-11-21 16:00:17 ----A---- C:\Windows\system32\kerberos.dll
2014-11-16 18:29:40 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2014-11-16 18:29:40 ----A---- C:\Windows\system32\termsrv.dll
2014-11-16 18:29:40 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-16 18:29:40 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-16 18:29:40 ----A---- C:\Windows\system32\adtschema.dll
2014-11-16 18:29:39 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-11-16 18:29:39 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-11-16 18:29:39 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2014-11-16 18:29:39 ----A---- C:\Windows\system32\msaudite.dll
2014-11-16 18:27:27 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-11-16 18:27:27 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-11-16 18:27:27 ----A---- C:\Windows\system32\msxml3.dll
2014-11-16 18:27:26 ----A---- C:\Windows\system32\msxml3r.dll
2014-11-16 18:27:25 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2014-11-16 18:27:25 ----A---- C:\Windows\system32\IMJP10K.DLL
2014-11-16 18:27:06 ----A---- C:\Windows\system32\schannel.dll
2014-11-16 18:27:06 ----A---- C:\Windows\system32\ncrypt.dll
2014-11-16 18:27:05 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-11-16 18:27:05 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-11-16 18:27:05 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-11-16 18:27:04 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-11-16 18:27:04 ----A---- C:\Windows\system32\wdigest.dll
2014-11-16 18:27:04 ----A---- C:\Windows\system32\TSpkg.dll
2014-11-16 18:27:04 ----A---- C:\Windows\system32\msv1_0.dll
2014-11-16 18:27:03 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-11-16 18:27:03 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-11-16 18:27:03 ----A---- C:\Windows\system32\credssp.dll
2014-11-16 18:26:39 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-11-16 18:26:39 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-11-16 18:26:39 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-11-16 18:26:39 ----A---- C:\Windows\system32\EncDump.dll
2014-11-16 18:26:39 ----A---- C:\Windows\system32\audiosrv.dll
2014-11-16 18:26:39 ----A---- C:\Windows\system32\AudioSes.dll
2014-11-16 18:26:39 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-11-16 18:26:39 ----A---- C:\Windows\system32\AudioEng.dll
2014-11-16 18:26:31 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-11-16 18:26:31 ----A---- C:\Windows\system32\packager.dll
2014-11-16 18:26:29 ----A---- C:\Windows\system32\win32k.sys
2014-11-16 18:26:23 ----A---- C:\Windows\system32\msi.dll
2014-11-16 18:26:22 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-11-16 18:25:52 ----A---- C:\Windows\system32\oleaut32.dll
2014-11-16 18:25:51 ----A---- C:\Windows\SYSWOW64\oleaut32.dll

======List of files/folders modified in the last 1 month======

2014-12-13 19:01:35 ----D---- C:\Windows\Temp
2014-12-13 19:01:32 ----D---- C:\Program Files
2014-12-13 19:01:09 ----D---- C:\Users\Ruda\AppData\Roaming\BitTorrent
2014-12-13 18:57:23 ----A---- C:\Windows\SYSWOW64\log.txt
2014-12-13 18:56:12 ----D---- C:\Users\Ruda\AppData\Roaming\Skype
2014-12-13 18:55:39 ----D---- C:\Windows\system32\config
2014-12-13 18:55:27 ----A---- C:\Windows\win.ini
2014-12-13 18:55:17 ----D---- C:\Program Files (x86)\Surftastic
2014-12-13 18:54:48 ----D---- C:\Windows\SysWOW64
2014-12-13 18:54:37 ----D---- C:\ProgramData\NVIDIA
2014-12-13 18:14:51 ----A---- C:\Windows\wininit.ini
2014-12-13 17:43:14 ----D---- C:\ProgramData\f7d523a7-723b-4679-8c70-0e90e3053cba
2014-12-13 17:07:13 ----D---- C:\ProgramData\Spyware Terminator
2014-12-13 17:06:30 ----D---- C:\Windows
2014-12-13 14:20:56 ----HD---- C:\ProgramData
2014-12-13 14:20:55 ----RD---- C:\Program Files (x86)
2014-12-13 14:20:21 ----D---- C:\Program Files (x86)\Clownfish
2014-12-13 14:20:05 ----SHD---- C:\Windows\Installer
2014-12-13 14:20:05 ----SHD---- C:\Config.Msi
2014-12-13 14:19:37 ----D---- C:\Program Files (x86)\DsNET Corp
2014-12-13 14:19:29 ----D---- C:\Windows\inf
2014-12-13 14:16:33 ----D---- C:\Windows\debug
2014-12-13 13:39:25 ----D---- C:\Windows\winsxs
2014-12-13 13:39:17 ----D---- C:\Windows\system32\catroot2
2014-12-13 13:36:42 ----SD---- C:\Windows\system32\CompatTel
2014-12-13 13:36:42 ----D---- C:\Windows\System32
2014-12-13 13:36:42 ----D---- C:\Windows\AppCompat
2014-12-13 13:36:41 ----SD---- C:\ProgramData\Microsoft
2014-12-13 13:36:41 ----D---- C:\Windows\SYSWOW64\en-US
2014-12-13 13:36:41 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-12-13 13:36:41 ----D---- C:\Windows\system32\drivers
2014-12-13 13:36:41 ----D---- C:\Program Files\Internet Explorer
2014-12-13 13:36:40 ----D---- C:\Windows\system32\en-US
2014-12-13 13:36:40 ----D---- C:\Windows\system32\cs-CZ
2014-12-13 13:36:40 ----D---- C:\Windows\PolicyDefinitions
2014-12-13 13:36:39 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-13 12:40:05 ----D---- C:\Windows\SYSWOW64\drivers
2014-12-13 12:36:48 ----D---- C:\Windows\system32\MRT
2014-12-13 12:33:21 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-12-13 12:29:32 ----A---- C:\Windows\system32\MRT.exe
2014-12-13 12:28:16 ----D---- C:\Windows\system32\catroot
2014-12-13 12:27:25 ----SHD---- C:\System Volume Information
2014-12-13 12:22:05 ----D---- C:\Windows\Prefetch
2014-12-06 20:40:43 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-11-30 19:20:14 ----D---- C:\Windows\rescache
2014-11-22 06:37:53 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-21 15:59:17 ----D---- C:\Windows\Microsoft.NET
2014-11-17 15:53:52 ----RSD---- C:\Windows\assembly
2014-11-17 11:18:53 ----D---- C:\SG Interactive
2014-11-16 19:01:18 ----D---- C:\Windows\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-08-07 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-08-07 224896]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-11-06 438808]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 {01531192-f7ef-415f-a549-cfdb11836731}w64;{01531192-f7ef-415f-a549-cfdb11836731}w64; C:\Windows\system32\drivers\{01531192-f7ef-415f-a549-cfdb11836731}w64.sys [2014-09-16 44320]
R1 {03d08387-c95c-46e0-b2f8-4cd0ed929279}w64;{03d08387-c95c-46e0-b2f8-4cd0ed929279}w64; C:\Windows\system32\drivers\{03d08387-c95c-46e0-b2f8-4cd0ed929279}w64.sys [2014-11-30 48416]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2012-10-30 21136]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-08-07 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-21 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-08-07 427360]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2011-07-11 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2011-07-11 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-07-11 62776]
R1 nethfdrv;nethfdrv; \??\C:\Windows\system32\drivers\nethfdrv.sys [2014-10-22 46160]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-08-07 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-08-07 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-08-07 92008]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2012-08-19 51496]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2011-06-30 54784]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2011-06-30 77696]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-11-30 2647528]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2011-05-10 174184]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-05-16 533096]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2012-12-26 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2012-12-26 27760]
S3 netr7364;ASUS USB - ovladač karty pro bezdrátovou síť LAN pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr7364.sys [2009-06-10 707072]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
S3 X6va011;X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 []
S3 X6va012;X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 []
S3 X6va013;X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 []
S3 X6va015;X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 []
S3 X6va016;X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 []
S3 X6va017;X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 []
S3 X6va027;X6va027; \??\C:\Windows\SysWOW64\Drivers\X6va027 []
S3 X6va028;X6va028; \??\C:\Windows\SysWOW64\Drivers\X6va028 []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-08-07 50344]
R2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [2014-03-11 193696]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-05-30 36456]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-12-01 2530128]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\PROGRAM FILES (X86)\LOGMEIN HAMACHI\LMIGUARDIANSVC.EXE [2014-11-14 417552]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-20 325656]
R2 MaintainerSvc2.68.0219210;MaintainerSvc2.68.0219210; C:\ProgramData\f7d523a7-723b-4679-8c70-0e90e3053cba\maintainer.exe [2014-12-13 123304]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-07-23 980072]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-05-06 76888]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2012-06-21 1148664]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-07-23 379496]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-09-12 4799760]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
R2 Update Surftastic;Update Surftastic; C:\Program Files (x86)\Surftastic\updateSurftastic.exe [2014-12-13 523176]
R2 Util Surftastic;Util Surftastic; C:\Program Files (x86)\Surftastic\bin\utilSurftastic.exe [2014-12-13 523176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-13 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [2014-03-11 247968]
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-04-02 173424]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2012-10-24 4999600]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-08-17 1255736]
S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S4 NetHttpService;Network HTTP Support Service; C:\Windows\SysWOW64\nethtsrv.exe [2014-10-22 180224]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 ServiceUpdater;Network Support Service Updater; C:\Windows\SysWOW64\netupdsrv.exe [2014-10-22 162304]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------

Zdravim a pekny vecer preji

Mate tam peknou sbirecku bordelu

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Po spusteni probehne stazeni databaze
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  resethosts;
  emptyclsid;
  IEdefaults;
  FFdefaults;
  CHRdefaults;
  emptyIEcache;
  emptyFFcache;
  emptyCHRcache;
  emptyalltemp;
  emptyflash;
  emptyjava;
  emptyrecycle.bin;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Zde je log z Adw Cleaner

# AdwCleaner v4.105 - Report created 18/12/2014 at 16:10:30
# Updated 08/12/2014 by Xplode
# Database : 2014-12-16.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Ruda - RUDA-PC
# Running from : C:\Users\Ruda\Desktop\adwcleaner_4.105.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : APNMCP
Service Deleted : nethfdrv
[#] Service Deleted : NethxxpService
[#] Service Deleted : ServiceUpdater
[#] Service Deleted : Update Surftastic
[#] Service Deleted : Util Surftastic
Service Deleted : c2cautoupdatesvc
Service Deleted : c2cpnrsvc
Service Deleted : {01531192-f7ef-415f-a549-cfdb11836731}w64
Service Deleted : {03d08387-c95c-46e0-b2f8-4cd0ed929279}w64

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\FTDownloader.com
Folder Deleted : C:\Program Files (x86)\GreenTree Applications
Folder Deleted : C:\Program Files (x86)\MediaWatchV1
Folder Deleted : C:\Program Files (x86)\Mobogenie
Folder Deleted : C:\Program Files (x86)\MocaFlix
[!] Folder Deleted : C:\Program Files (x86)\Surftastic
Folder Deleted : C:\Program Files (x86)\VNT
[!] Folder Deleted : C:\Program Files (x86)\Surftastic
Folder Deleted : C:\Users\Ruda\AppData\Local\Temp\apn
Folder Deleted : C:\Users\Guest\AppData\Local\AskPartnerNetwork
Folder Deleted : C:\Users\Guest\AppData\Local\VNT
Folder Deleted : C:\Users\Guest\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Guest\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Ruda\AppData\Local\AskPartnerNetwork
Folder Deleted : C:\Users\Ruda\AppData\Local\Conduit
Folder Deleted : C:\Users\Ruda\AppData\Local\genienext
Folder Deleted : C:\Users\Ruda\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Ruda\AppData\Local\pay-by-ads
Folder Deleted : C:\Users\Ruda\AppData\Local\PutLockerDownloader
Folder Deleted : C:\Users\Ruda\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Ruda\AppData\Local\VNT
Folder Deleted : C:\Users\Ruda\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Ruda\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Ruda\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Ruda\AppData\Roaming\IClaro
Folder Deleted : C:\Users\Ruda\AppData\Roaming\Media Finder
Folder Deleted : C:\Users\Ruda\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Folder Deleted : C:\Users\Ruda\AppData\Roaming\newnext.me
Folder Deleted : C:\Users\Ruda\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Ruda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com
Folder Deleted : C:\Users\Ruda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Folder Deleted : C:\Users\Ruda\Documents\Mobogenie
Folder Deleted : C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Folder Deleted : C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmiifdbnlinfkcbohhdcfijbcipfndff
Folder Deleted : C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkjoindjjcmbdpbfppabdgflnkgbbcli
Folder Deleted : C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Folder Deleted : C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf
File Deleted : C:\Windows\SysWOW64\hfpapi.dll
File Deleted : C:\Windows\SysWOW64\installd.exe
File Deleted : C:\Windows\SysWOW64\nethtsrv.exe
File Deleted : C:\Windows\SysWOW64\netupdsrv.exe
File Deleted : C:\Windows\System32\drivers\nethfdrv.sys
File Deleted : C:\Windows\System32\drivers\{01531192-f7ef-415f-a549-cfdb11836731}w64.sys
File Deleted : C:\Windows\System32\drivers\{03d08387-c95c-46e0-b2f8-4cd0ed929279}w64.sys
File Deleted : C:\Users\Ruda\daemonprocess.txt
File Deleted : C:\Users\Ruda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Goodgame Empire.lnk

***** [ Scheduled Tasks ] *****

Task Deleted : AmiUpdXp
Task Deleted : Yahoo! Search
Task Deleted : Yahoo! Search Updater

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dmiifdbnlinfkcbohhdcfijbcipfndff
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\gkjoindjjcmbdpbfppabdgflnkgbbcli
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Key Deleted : HKCU\Software\Google\Chrome\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf
Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Key Deleted : HKLM\SOFTWARE\Classes\FTDownloader
Key Deleted : HKLM\SOFTWARE\Classes\MF
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [VNT]
Key Deleted : HKCU\Software\Classes\keepmysearch
Key Deleted : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Key Deleted : HKCU\Software\Classes\Directory\shell\pokki
Key Deleted : HKCU\Software\Classes\Drive\shell\pokki
Key Deleted : HKCU\Software\Classes\lnkfile\shell\pokki
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update Surftastic
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util Surftastic
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_8e4eb48d
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3225826
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{c6673938-a52b-4dc6-af05-783e7e2c8b65}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{861E67AE-B5A7-4EC6-9B02-54AA7825F2DC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07eeef8a-080a-4478-94b6-778245d7a04f}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c6673938-a52b-4dc6-af05-783e7e2c8b65}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{c6673938-a52b-4dc6-af05-783e7e2c8b65}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{8DCB7100-DF86-4384-8842-8FA844297B3F}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{861E67AE-B5A7-4EC6-9B02-54AA7825F2DC}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{8DCB7100-DF86-4384-8842-8FA844297B3F}]
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\A35375B141B04B8B8AD8CFA5431CE468
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D4F73C29-C2FD-4FC9-968A-1AD327B5131F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\MediaFinder
Key Deleted : HKCU\Software\Pokki
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Surftastic
Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\MediaWatchV1
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\SP Global
Key Deleted : HKLM\SOFTWARE\SProtector
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\Surftastic
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{74AF34F6-ACF4-438C-9C7E-FA0307B60E45}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\inethnfd
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
Key Deleted : [x64] HKLM\SOFTWARE\Speedchecker Limited
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Surftastic
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\mocaflix\sprote~1.dll
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\6F43FA474FCAC834C9E7AF30706BE054
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\6F43FA474FCAC834C9E7AF30706BE054
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6F43FA474FCAC834C9E7AF30706BE054

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17420

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v


-\\ Google Chrome v

[C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT3225826
[C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT3225826
[C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://isearch.claro-search.com/?q={searchTerms}&affID=115131&tt=3512_8&babsrc=SP_iclro&mntrId=127752fc0000000000003860773d812c
[C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://isearch.claro-search.com/?q={searchTerms}&affID=115131&tt=3512_8&babsrc=SP_iclro&mntrId=127752fc0000000000003860773d812c
[C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.mocaflix.com/?l=1&q={searchTerms}
[C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.mocaflix.com/?l=1&q={searchTerms}

*************************

AdwCleaner[R0].txt - [16614 octets] - [18/12/2014 16:08:36]
AdwCleaner[S0].txt - [15614 octets] - [18/12/2014 16:10:30]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [15675 octets] ##########

Pokracujte Zoek-em

zde je

Zoek.exe v5.0.0.0 Updated 17-December-2014
Tool run by Ruda on źt 18.12.2014 at 16:17:27,19.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Ruda\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

18.12.2014 16:19:48 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\Counter-Strike 1.6 Standalone deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\NewGeneration deleted successfully
C:\PROGRA~3\Evernote deleted successfully
C:\Users\Ruda\AppData\Roaming\Publish Providers deleted successfully
C:\Users\Ruda\AppData\Roaming\Spyware Terminator deleted successfully
C:\Users\Guest\AppData\Local\VirtualStore deleted successfully
C:\Users\Ruda\AppData\Local\cache deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-393152356-2371770671-4028496107-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{cb34e612-a6a1-4c55-bf3a-44d20e81701b} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cb34e612-a6a1-4c55-bf3a-44d20e81701b} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-393152356-2371770671-4028496107-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{cb34e612-a6a1-4c55-bf3a-44d20e81701b} deleted successfully
HKEY_USERS\S-1-5-21-393152356-2371770671-4028496107-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{8DCB7100-DF86-4384-8842-8FA844297B3F} deleted successfully
HKEY_USERS\S-1-5-21-393152356-2371770671-4028496107-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully
HKEY_USERS\S-1-5-21-393152356-2371770671-4028496107-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_USERS\S-1-5-21-393152356-2371770671-4028496107-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_USERS\S-1-5-21-393152356-2371770671-4028496107-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} deleted successfully
HKEY_USERS\S-1-5-21-393152356-2371770671-4028496107-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{C6673938-A52B-4DC6-AF05-783E7E2C8B65} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@MediaWatchV1home3540.net deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MaintainerSvc2.68.0219210 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\MaintainerSvc2.68.0219210 deleted successfully

==== Deleting Files \ Folders ======================

C:\PROGRA~3\f7d523a7-723b-4679-8c70-0e90e3053cba deleted
C:\Users\Ruda\AppData\Local\17009 deleted
C:\Users\Guest\AppData\LocalLow\BitTorrentControl_v12 deleted
C:\Users\Ruda\AppData\LocalLow\BitTorrentControl_v12 deleted
C:\Users\Ruda\.android deleted
C:\PROGRA~2\COMMON~1\Config\uninstinethnfd.exe deleted
C:\PROGRA~2\COMMON~1\Config deleted
C:\extensions.ini deleted
C:\awh147.tmp deleted
C:\awhD25B.tmp deleted
C:\awhF5A4.tmp deleted
C:\found.000 deleted
C:\found.001 deleted
C:\PROGRA~3\boost_interprocess deleted
C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Ruda\AppData\Local\CRE deleted
C:\Users\Ruda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk deleted
C:\Users\Ruda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki deleted
C:\Windows\wininit.ini deleted
C:\Windows\tasks\OptimizerProUpdaterTask{9A578FB7-C0AC-4946-85D6-5824F7D34832}.job deleted
C:\windows\SysNative\tasks\OptimizerProUpdaterTask{9A578FB7-C0AC-4946-85D6-5824F7D34832} deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\Windows\Syswow64\GroupPolicy\Machine deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\Windows\Syswow64\hfnapi.dll deleted
C:\Windows\SysWow64\AI_RecycleBin deleted
C:\Users\Ruda\Desktop\Crossfire_downloader(5).exe deleted
C:\Users\Ruda\Desktop\all\iLividSetup-r514-n-bc.exe deleted
C:\Users\Ruda\Desktop\Downloads\SoftonicDownloader_for_fifa-12.exe deleted
"C:\Users\Ruda\AppData\Local\Pokki\ocdeskband_0.dll" deleted
"C:\Users\Ruda\AppData\Local\Pokki" not deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [17.12.2014 19:53]

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
aaaailpifkkekipiachodfkfmgmiapmp - C:\ProgramData\AskPartnerNetwork\Toolbar\SGT-V7\CRX\ToolbarCR.crx[]
aaaajmcbjelppeedjdebbfppfjdeeinp - C:\ProgramData\AskPartnerNetwork\Toolbar\ATU3-SAT\CRX\ToolbarCR.crx[]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[07.08.2014 08:38]
ocogbmeojbdlelhibbniilobjpeecflb - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home3540\ch\MediaWatchV1home3540.crx[]

Ask Toolbar - Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaailpifkkekipiachodfkfmgmiapmp
Ask Shopping Toolbar - Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaajmcbjelppeedjdebbfppfjdeeinp
Color Changer for Facebook - Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjonbnnoflopmbacbicphohfappebbkf
Dislike on Facebook - Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\dalglnklbdkfhihfcagbcdbnmlhcdpha
Rockbook - Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejmmmemigdemfelfhhdoefmmajokhico
avast WebRep - Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda
Surftastic - Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkbhmdcccmdakmgaaejjjgllahmljpge
Media Watch - Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocogbmeojbdlelhibbniilobjpeecflb

==== Chromium Fix ======================

C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aaaailpifkkekipiachodfkfmgmiapmp deleted successfully
C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aaaajmcbjelppeedjdebbfppfjdeeinp deleted successfully
C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocogbmeojbdlelhibbniilobjpeecflb deleted successfully
C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaajmcbjelppeedjdebbfppfjdeeinp deleted successfully
C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaailpifkkekipiachodfkfmgmiapmp deleted successfully
C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkbhmdcccmdakmgaaejjjgllahmljpge deleted successfully
C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mkbhmdcccmdakmgaaejjjgllahmljpge_0.localstorage deleted successfully
C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mkbhmdcccmdakmgaaejjjgllahmljpge_0.localstorage-journal deleted successfully
C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mkbhmdcccmdakmgaaejjjgllahmljpge deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{85B73411-1018-487A-1214-27DD89FF3155} deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\aaaailpifkkekipiachodfkfmgmiapmp deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\aaaailpifkkekipiachodfkfmgmiapmp deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\aaaajmcbjelppeedjdebbfppfjdeeinp deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\aaaajmcbjelppeedjdebbfppfjdeeinp deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ocogbmeojbdlelhibbniilobjpeecflb deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA} deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Ruda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Ruda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\76056J7R will be deleted at reboot
C:\Users\Ruda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8XRA0ICH will be deleted at reboot
C:\Users\Ruda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QI76OZTM will be deleted at reboot
C:\Users\Ruda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RDTB32OZ will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache is not empty, a reboot is needed

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=4360 folders=388 211613440 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Guest\AppData\Local\Temp emptied successfully
C:\Users\Ruda\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Ruda\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Ruda\AppData\Local\Pokki" not found
"C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaailpifkkekipiachodfkfmgmiapmp" not found
"C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaajmcbjelppeedjdebbfppfjdeeinp" not found
"C:\Users\Ruda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\76056J7R" not found
"C:\Users\Ruda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8XRA0ICH" not found
"C:\Users\Ruda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QI76OZTM" not found
"C:\Users\Ruda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RDTB32OZ" not found
"C:\Users\Ruda\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GUJ5E8JG\bbcdn-bbnaut.ibillboard.com" not found

==== EOF on źt 18.12.2014 at 16:41:01,98 ======================

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

Zde je FRST log:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-12-2014 01
Ran by Ruda (administrator) on RUDA-PC on 21-12-2014 17:58:15
Running from C:\Users\Ruda\Desktop
Loaded Profile: Ruda (Available profiles: Ruda & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLMSService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11660904 2010-11-30] (Realtek Semiconductor)
HKLM\...\Run: [OOTag] => C:\Program Files (x86)\Acer\OOBEOffer\ootag.exe [13856 2010-02-23] (Microsoft)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2777296 2012-09-07] (Crawler.com)
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488 2013-04-03] (Crawler.com)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340848 2011-04-02] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [408432 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [202608 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [OOTag] => C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe [13856 2010-02-23] (Microsoft)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [185640 2011-08-31] (CyberLink Corp.)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [627304 2011-08-11] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2236816 2013-06-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-07] (AVAST Software)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3838800 2014-12-13] (LogMeIn Inc.)
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\...\Run: [Google Update] => C:\Users\Ruda\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-08-15] (Google Inc.)
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [96056 2012-09-28] (Siber Systems)
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\...\Run: [Facebook Update] => C:\Users\Ruda\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-09-30] (Facebook Inc.)
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1122040 2012-09-27] (Bogdan Sharkov)
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2012-12-14] ()
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [468192 2014-10-15] (Sony)
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\...\Run: [EA Core] => C:\Program Files (x86)\Electronic Arts\EADM\Core.exe [3342336 2009-09-03] (Electronic Arts)
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21445248 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\...\Run: [BitTorrent] => C:\Users\Ruda\AppData\Roaming\BitTorrent\BitTorrent.exe [1388888 2014-11-30] (BitTorrent Inc.)
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\...\Run: [GSplay.exe] => C:\Users\Ruda\Desktop\GSplay.exe [4772747 2014-03-12] ()
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\...\Run: [Yahoo! Search] => C:\Users\Ruda\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.15.4\dsrlte.exe
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\...\RunOnce: [Application Restart #3] => C:\Users\Ruda\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-p (the data entry has 538 more characters).
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\...\MountPoints2: {5dc8aa94-4dfe-11e2-8b99-3860773d812c} - G:\Startme.exe
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
Startup: C:\Users\Ruda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
ShortcutTarget: GamersFirst LIVE!.lnk -> C:\Users\Ruda\AppData\Local\GamersFirst\LIVE!\Live.exe (GamersFirst)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-393152356-2371770671-4028496107-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
URLSearchHook: HKLM-x32 - BitTorrentControl_v12 Toolbar - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBit0.dll (Conduit Ltd.)
URLSearchHook: HKU\S-1-5-21-393152356-2371770671-4028496107-1000 - BitTorrentControl_v12 Toolbar - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBit0.dll (Conduit Ltd.)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-393152356-2371770671-4028496107-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: avast! EasyPass Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: avast! EasyPass Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: BitTorrentControl_v12 Toolbar -> {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} -> C:\Program Files (x86)\BitTorrentControl_v12\prxtbBit0.dll (Conduit Ltd.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! EasyPass Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (AVAST Software)
Toolbar: HKLM-x32 - BitTorrentControl_v12 Toolbar - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBit0.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - avast! EasyPass Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
Toolbar: HKU\S-1-5-21-393152356-2371770671-4028496107-1000 -> No Name - {B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14} - No File
Toolbar: HKU\S-1-5-21-393152356-2371770671-4028496107-1000 -> avast! EasyPass Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (AVAST Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-393152356-2371770671-4028496107-1000: @eximion.com/KalydoPlayer -> C:\Users\Ruda\AppData\Roaming\Kalydo\KalydoPlayer\bin1\npkalydo.dll (Eximion B.V.)
FF Plugin HKU\S-1-5-21-393152356-2371770671-4028496107-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Ruda\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-393152356-2371770671-4028496107-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Ruda\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-393152356-2371770671-4028496107-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Ruda\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-393152356-2371770671-4028496107-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Ruda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-393152356-2371770671-4028496107-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppluginrichmediaplayer.dll ()
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-09-28]

Chrome:
=======
CHR Profile: C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Facebook Emoticon & Smiley) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\baidofcbhhfddopoadebjdcmlignfdlf [2012-08-27]
CHR Extension: (Color Changer for Facebook) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjonbnnoflopmbacbicphohfappebbkf [2012-08-27]
CHR Extension: (Dislike on Facebook) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\dalglnklbdkfhihfcagbcdbnmlhcdpha [2012-08-27]
CHR Extension: (Rockbook!) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejmmmemigdemfelfhhdoefmmajokhico [2012-08-27]
CHR Extension: (avast! WebRep) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2012-09-28]
CHR Extension: (Peněženka Google) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-03]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-07]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-07] (AVAST Software)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-12-02] (LogMeIn, Inc.)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4999600 2012-10-24] (INCA Internet Co., Ltd.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-05-06] ()
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1148664 2012-06-21] (Crawler.com)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-07] ()
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21136 2012-10-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-07] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-07] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-07] ()
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2012-08-19] (Windows (R) Win 7 DDK provider)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]
S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X]
S3 X6va027; \??\C:\Windows\SysWOW64\Drivers\X6va027 [X]
S3 X6va028; \??\C:\Windows\SysWOW64\Drivers\X6va028 [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-21 17:58 - 2014-12-21 17:58 - 00000000 ____D () C:\Users\Ruda\Desktop\FRST-OlderVersion
2014-12-19 21:52 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-19 21:52 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-18 22:04 - 2014-12-18 22:04 - 00000000 ____D () C:\Users\Ruda\AppData\Local\Windows Live
2014-12-18 22:04 - 2014-12-18 22:04 - 00000000 ____D () C:\Users\Ruda\AppData\Local\{91C6DE87-4866-452F-854D-D02F8F585983}
2014-12-18 21:47 - 2014-12-18 21:47 - 00000832 _____ () C:\Users\Ruda\Desktop\Crossfire Europe.lnk
2014-12-18 21:47 - 2014-12-18 21:47 - 00000832 _____ () C:\Users\Guest\Desktop\Crossfire Europe.lnk
2014-12-18 21:15 - 2014-12-18 21:15 - 00000000 ____D () C:\Users\Ruda\Desktop\CrossFire EU Setup
2014-12-18 21:13 - 2014-12-18 21:13 - 02156048 _____ (Reloaded Technologies) C:\Users\Ruda\Desktop\Crossfire_downloader(6).exe
2014-12-18 18:45 - 2014-12-21 17:58 - 00022029 _____ () C:\Users\Ruda\Desktop\FRST.txt
2014-12-18 18:45 - 2014-12-18 18:46 - 00038857 _____ () C:\Users\Ruda\Desktop\Addition.txt
2014-12-18 18:44 - 2014-12-21 17:58 - 00000000 ____D () C:\FRST
2014-12-18 18:27 - 2014-12-21 17:58 - 02122240 _____ (Farbar) C:\Users\Ruda\Desktop\FRST64.exe
2014-12-18 18:02 - 2014-12-19 13:34 - 00000130 _____ () C:\Windows\wininit.ini
2014-12-18 16:39 - 2014-12-18 16:17 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-12-18 16:19 - 2014-12-18 16:41 - 00014635 _____ () C:\zoek-results.log
2014-12-18 16:17 - 2014-12-18 16:35 - 00000000 ____D () C:\zoek_backup
2014-12-18 16:17 - 2014-12-18 16:17 - 01295360 _____ () C:\Users\Ruda\Desktop\zoek.exe
2014-12-18 16:12 - 2014-12-18 16:40 - 00001784 _____ () C:\Windows\PFRO.log
2014-12-18 16:12 - 2014-12-18 16:12 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-18 16:08 - 2014-12-18 16:11 - 00000000 ____D () C:\AdwCleaner
2014-12-18 16:07 - 2014-12-18 16:07 - 02166272 _____ () C:\Users\Ruda\Desktop\adwcleaner_4.105.exe
2014-12-18 16:00 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-18 15:52 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-18 15:52 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-18 15:52 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-18 15:52 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-18 15:52 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-18 15:52 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-18 15:52 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-18 15:52 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-18 15:52 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-18 15:52 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-17 20:03 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-17 20:03 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-17 20:03 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-17 20:03 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-17 20:03 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-17 20:03 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-17 20:03 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-17 20:03 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-17 20:03 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-17 20:03 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-17 20:03 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-17 20:03 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-17 20:03 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-17 20:03 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-17 20:03 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-17 20:03 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-17 20:03 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-17 20:03 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-17 20:03 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-17 20:03 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-17 20:03 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-17 20:03 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-17 20:03 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-17 20:03 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-17 20:03 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-17 20:03 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-17 20:03 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-17 20:03 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-17 20:03 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-17 20:03 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-17 20:03 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-17 20:03 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-17 20:03 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-17 20:03 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-17 20:03 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-17 20:03 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-17 20:03 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-17 20:03 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-17 20:03 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-17 20:03 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-17 20:03 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-17 20:03 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-17 20:03 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-17 20:03 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-17 20:03 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-17 20:03 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-17 20:03 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-17 20:03 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-17 20:03 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-17 20:03 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-17 20:03 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-17 20:03 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-17 20:03 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-17 20:03 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-17 20:03 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-17 20:03 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-17 20:03 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-17 20:03 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-17 20:03 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-17 20:03 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-17 20:03 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-17 20:03 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-17 20:03 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-17 20:01 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-17 20:01 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-17 20:01 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-17 20:01 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-17 20:01 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-17 20:01 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-17 20:01 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-17 20:01 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-17 20:01 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-17 20:01 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-17 20:01 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-17 20:01 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-17 20:00 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-17 20:00 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-17 19:58 - 2014-12-17 19:58 - 00067072 _____ () C:\Users\Ruda\Desktop\Němčina - slovíčka_1.xls
2014-12-17 19:50 - 2014-12-17 19:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-12-17 19:50 - 2014-12-17 19:50 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-12-14 12:48 - 2014-12-14 12:48 - 00082944 _____ () C:\Users\Ruda\Desktop\23bilkov.ppt.mxdl
2014-12-14 12:44 - 2014-12-14 12:45 - 00000000 ____D () C:\Users\Ruda\Desktop\MO-Gastronomie
2014-12-13 19:01 - 2014-12-18 04:28 - 00000000 ____D () C:\Program Files\trend micro
2014-12-13 19:01 - 2014-12-13 19:01 - 00000000 ____D () C:\rsit
2014-12-13 18:21 - 2014-12-18 04:28 - 00000000 ____D () C:\Users\Ruda\Desktop\Nová složka (2)
2014-12-12 18:20 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-21 16:00 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-21 16:00 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-21 16:00 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-21 16:00 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-21 17:58 - 2012-12-14 19:28 - 00000000 ____D () C:\Users\Ruda\AppData\Local\PMB Files
2014-12-21 17:55 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-21 17:55 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-21 17:50 - 2012-08-15 14:03 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\Skype
2014-12-21 17:49 - 2013-09-05 20:01 - 00000000 ____D () C:\Users\Ruda\AppData\Local\LogMeIn Hamachi
2014-12-21 17:48 - 2012-08-19 14:21 - 00000000 ____D () C:\Users\Ruda\AppData\Roaming\BitTorrent
2014-12-21 17:48 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-21 17:47 - 2014-11-03 19:10 - 00004932 _____ () C:\Windows\setupact.log
2014-12-21 17:47 - 2012-02-10 20:57 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-21 17:33 - 2012-09-28 10:44 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-21 17:25 - 2012-08-25 13:55 - 00000000 ____D () C:\Users\Ruda\AppData\Local\Adobe
2014-12-21 17:21 - 2012-02-10 20:54 - 01666382 _____ () C:\Windows\WindowsUpdate.log
2014-12-21 17:17 - 2012-09-28 20:05 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-21 00:06 - 2012-08-15 14:40 - 00000958 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-393152356-2371770671-4028496107-1000UA.job
2014-12-18 22:23 - 2012-09-30 18:18 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-393152356-2371770671-4028496107-1000UA.job
2014-12-18 21:47 - 2012-12-14 19:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossfire Europe
2014-12-18 21:38 - 2012-12-14 19:17 - 00000000 ____D () C:\SG Interactive
2014-12-18 21:30 - 2014-09-18 09:47 - 00000708 _____ () C:\console.log
2014-12-18 19:23 - 2012-09-30 18:18 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-393152356-2371770671-4028496107-1000Core.job
2014-12-18 19:06 - 2012-08-15 14:40 - 00000906 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-393152356-2371770671-4028496107-1000Core.job
2014-12-18 16:41 - 2012-08-19 14:21 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2014-12-18 16:40 - 2014-03-23 15:43 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-12-18 16:40 - 2012-09-24 14:09 - 00000008 __RSH () C:\Users\Ruda\ntuser.pol
2014-12-18 16:40 - 2012-07-30 14:46 - 00000000 ____D () C:\Users\Ruda
2014-12-18 16:34 - 2013-03-01 14:03 - 00000000 ____D () C:\Users\Ruda\Desktop\all
2014-12-18 16:34 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-12-18 16:34 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-12-18 16:12 - 2014-04-30 15:45 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-18 16:12 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-18 16:12 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-18 16:04 - 2013-08-24 21:45 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-18 15:55 - 2013-06-09 05:02 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-18 15:54 - 2009-07-14 03:34 - 00000537 _____ () C:\Windows\win.ini
2014-12-18 04:28 - 2013-09-16 15:24 - 00000000 ____D () C:\Users\Guest
2014-12-18 04:28 - 2013-07-09 21:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2014-12-18 04:28 - 2013-07-09 21:56 - 00000000 ____D () C:\Program Files (x86)\DsNET Corp
2014-12-18 04:28 - 2012-12-14 19:28 - 00000000 ____D () C:\ProgramData\PMB Files
2014-12-18 04:28 - 2012-10-05 18:00 - 00000000 ____D () C:\Program Files (x86)\Clownfish
2014-12-18 04:28 - 2012-07-30 14:46 - 00000000 ____D () C:\Users\Ruda\AppData\Local\clear.fi
2014-12-18 04:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\servicing
2014-12-18 04:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-18 04:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-12-18 04:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-12-18 04:26 - 2012-08-29 10:26 - 00000000 ____D () C:\Program Files (x86)\Gameforge4D
2014-12-17 20:33 - 2012-09-28 10:44 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-17 20:33 - 2012-09-28 10:44 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-17 20:33 - 2011-07-11 05:09 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-17 19:54 - 2012-11-11 15:32 - 00001930 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-12-14 11:49 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-12-13 12:26 - 2012-08-15 14:41 - 00002325 _____ () C:\Users\Ruda\Desktop\Google Chrome.lnk
2014-12-06 20:41 - 2014-11-16 18:14 - 00016930 _____ () C:\Windows\DPINST.LOG
2014-12-06 20:41 - 2014-03-26 17:56 - 00002030 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-12-06 20:41 - 2012-08-25 12:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-12-06 20:40 - 2011-07-11 04:44 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-24 14:04 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-22 06:37 - 2012-02-09 02:44 - 02248486 _____ () C:\Windows\system32\perfh005.dat
2014-11-22 06:37 - 2012-02-09 02:44 - 00674886 _____ () C:\Windows\system32\perfc005.dat
2014-11-22 06:37 - 2009-07-14 06:13 - 00006256 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-21 18:50 - 2012-09-28 20:05 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys

Some content of TEMP:
====================
C:\Users\Ruda\AppData\Local\Temp\EAD11FA.exe
C:\Users\Ruda\AppData\Local\Temp\EAD27AB.exe
C:\Users\Ruda\AppData\Local\Temp\EAD3BF6.exe
C:\Users\Ruda\AppData\Local\Temp\EAD535C.exe
C:\Users\Ruda\AppData\Local\Temp\EAD58B.exe
C:\Users\Ruda\AppData\Local\Temp\EAD704F.exe
C:\Users\Ruda\AppData\Local\Temp\EAD750.exe
C:\Users\Ruda\AppData\Local\Temp\EAD7C40.exe
C:\Users\Ruda\AppData\Local\Temp\EAD90E9.exe
C:\Users\Ruda\AppData\Local\Temp\EAD981.exe
C:\Users\Ruda\AppData\Local\Temp\EADB1FF.exe
C:\Users\Ruda\AppData\Local\Temp\EADC6A8.exe
C:\Users\Ruda\AppData\Local\Temp\EADD5C5.exe
C:\Users\Ruda\AppData\Local\Temp\EADFB00.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-14 16:35

==================== End Of Log ============================

Pokud najdete, odinstalujte Spyware Terminator, jelikoz koliduje s Avastem - ten Vas ochrani dostatecne

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2777296 2012-09-07] (Crawler.com)
  HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488 2013-04-03] (Crawler.com)
  HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
  HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [408432 2011-03-29] (Egis Technology Inc.)
  HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [202608 2011-03-29] (Egis Technology Inc.)
  HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
  HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2236816 2013-06-14] (Adobe Systems Incorporated)
  HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3838800 2014-12-13] (LogMeIn Inc.)
  HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
  HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
  HKU\S-1-5-21-393152356-2371770671-4028496107-1000\...\Run: [Google Update] => C:\Users\Ruda\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-08-15] (Google Inc.)
  HKU\S-1-5-21-393152356-2371770671-4028496107-1000\...\Run: [AdobeBridge] => [X]
  HKU\S-1-5-21-393152356-2371770671-4028496107-1000\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [96056 2012-09-28] (Siber Systems)
  HKU\S-1-5-21-393152356-2371770671-4028496107-1000\...\Run: [Facebook Update] => C:\Users\Ruda\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-09-30] (Facebook Inc.)
  HKU\S-1-5-21-393152356-2371770671-4028496107-1000\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1122040 2012-09-27] (Bogdan Sharkov)
  HKU\S-1-5-21-393152356-2371770671-4028496107-1000\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2012-12-14] ()
  HKU\S-1-5-21-393152356-2371770671-4028496107-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [468192 2014-10-15] (Sony)
  HKU\S-1-5-21-393152356-2371770671-4028496107-1000\...\Run: [EA Core] => C:\Program Files (x86)\Electronic Arts\EADM\Core.exe [3342336 2009-09-03] (Electronic Arts)
  HKU\S-1-5-21-393152356-2371770671-4028496107-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21445248 2014-05-08] (Skype Technologies S.A.)
  HKU\S-1-5-21-393152356-2371770671-4028496107-1000\...\Run: [BitTorrent] => C:\Users\Ruda\AppData\Roaming\BitTorrent\BitTorrent.exe [1388888 2014-11-30] (BitTorrent Inc.)
  HKU\S-1-5-21-393152356-2371770671-4028496107-1000\...\Run: [GSplay.exe] => C:\Users\Ruda\Desktop\GSplay.exe [4772747 2014-03-12] ()
  HKU\S-1-5-21-393152356-2371770671-4028496107-1000\...\Run: [Yahoo! Search] => C:\Users\Ruda\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.15.4\dsrlte.exe
  HKU\S-1-5-21-393152356-2371770671-4028496107-1000\...\RunOnce: [Application Restart #3] => C:\Users\Ruda\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-p (the data entry has 538 more characters).
  HKU\S-1-5-21-393152356-2371770671-4028496107-1000\...\MountPoints2: {5dc8aa94-4dfe-11e2-8b99-3860773d812c} - G:\Startme.exe
  HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
  Startup: C:\Users\Ruda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
  
  HKU\S-1-5-21-393152356-2371770671-4028496107-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
  URLSearchHook: HKLM-x32 - BitTorrentControl_v12 Toolbar - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBit0.dll (Conduit Ltd.)
  URLSearchHook: HKU\S-1-5-21-393152356-2371770671-4028496107-1000 - BitTorrentControl_v12 Toolbar - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBit0.dll (Conduit Ltd.)
  SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  BHO-x32: BitTorrentControl_v12 Toolbar -> {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} -> C:\Program Files (x86)\BitTorrentControl_v12\prxtbBit0.dll (Conduit Ltd.)
  Toolbar: HKLM-x32 - BitTorrentControl_v12 Toolbar - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBit0.dll (Conduit Ltd.)
  Toolbar: HKU\S-1-5-21-393152356-2371770671-4028496107-1000 -> No Name - {B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14} - No File
  Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
  Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
  
  FF Plugin: @microsoft.com/GENUINE -> disabled No File
  FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
  
  CHR Extension: (Facebook Emoticon & Smiley) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\baidofcbhhfddopoadebjdcmlignfdlf [2012-08-27]
  CHR Extension: (Color Changer for Facebook) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjonbnnoflopmbacbicphohfappebbkf [2012-08-27]
  CHR Extension: (Dislike on Facebook) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\dalglnklbdkfhihfcagbcdbnmlhcdpha [2012-08-27]
  
  R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1148664 2012-06-21] (Crawler.com)
  S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
  S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
  S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
  S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [X]
  S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
  S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]
  S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X]
  S3 X6va027; \??\C:\Windows\SysWOW64\Drivers\X6va027 [X]
  S3 X6va028; \??\C:\Windows\SysWOW64\Drivers\X6va028 [X]
  
  C:\Program Files (x86)\BitTorrentControl_v12
  C:\Program Files (x86)\Spyware Terminator
  C:\Users\Ruda\AppData\Local\Pay-By-Ads
  2014-12-21 17:58 - 2014-12-21 17:58 - 00000000 ____D () C:\Users\Ruda\Desktop\FRST-OlderVersion
  2014-12-18 22:04 - 2014-12-18 22:04 - 00000000 ____D () C:\Users\Ruda\AppData\Local\{91C6DE87-4866-452F-854D-D02F8F585983}
  2014-12-18 18:45 - 2014-12-21 17:58 - 00022029 _____ () C:\Users\Ruda\Desktop\FRST.txt
  2014-12-18 18:45 - 2014-12-18 18:46 - 00038857 _____ () C:\Users\Ruda\Desktop\Addition.txt
  2014-12-18 16:39 - 2014-12-18 16:17 - 00024064 _____ () C:\Windows\zoek-delete.exe
  2014-12-18 16:19 - 2014-12-18 16:41 - 00014635 _____ () C:\zoek-results.log
  2014-12-18 16:17 - 2014-12-18 16:35 - 00000000 ____D () C:\zoek_backup
  2014-12-18 16:17 - 2014-12-18 16:17 - 01295360 _____ () C:\Users\Ruda\Desktop\zoek.exe
  2014-12-18 16:12 - 2014-12-18 16:40 - 00001784 _____ () C:\Windows\PFRO.log
  2014-12-18 16:12 - 2014-12-18 16:12 - 00000000 ____D () C:\Windows\system32\appraiser
  2014-12-18 16:08 - 2014-12-18 16:11 - 00000000 ____D () C:\AdwCleaner
  2014-12-18 16:07 - 2014-12-18 16:07 - 02166272 _____ () C:\Users\Ruda\Desktop\adwcleaner_4.105.exe
  2014-12-18 16:41 - 2012-08-19 14:21 - 00000000 ____D () C:\ProgramData\Spyware Terminator
  
  Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
  Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-393152356-2371770671-4028496107-1000Core.job => C:\Users\Ruda\AppData\Local\Facebook\Update\FacebookUpdate.exe
  Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-393152356-2371770671-4028496107-1000UA.job => C:\Users\Ruda\AppData\Local\Facebook\Update\FacebookUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-393152356-2371770671-4028496107-1000Core.job => C:\Users\Ruda\AppData\Local\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-393152356-2371770671-4028496107-1000UA.job => C:\Users\Ruda\AppData\Local\Google\Update\GoogleUpdate.exe
  
  AlternateDataStreams: C:\ProgramData\Temp:373E1720
  
  Hosts:
  EmptyTemp:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

fix chvilku běží a následně hodí tuhle chybu (soubor), :/ ale log se zapsal:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 21-12-2014 01
Ran by Ruda at 2014-12-21 18:51:28 Run:3
Running from C:\Users\Ruda\Desktop
Loaded Profile: Ruda (Available profiles: Ruda & Guest)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2777296 2012-09-07] (Crawler.com)
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488 2013-04-03] (Crawler.com)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [408432 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [202608 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2236816 2013-06-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3838800 2014-12-13] (LogMeIn Inc.)
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\...\Run: [Google Update] => C:\Users\Ruda\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-08-15] (Google Inc.)
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [96056 2012-09-28] (Siber Systems)
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\...\Run: [Facebook Update] => C:\Users\Ruda\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-09-30] (Facebook Inc.)
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1122040 2012-09-27] (Bogdan Sharkov)
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2012-12-14] ()
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [468192 2014-10-15] (Sony)
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\...\Run: [EA Core] => C:\Program Files (x86)\Electronic Arts\EADM\Core.exe [3342336 2009-09-03] (Electronic Arts)
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21445248 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\...\Run: [BitTorrent] => C:\Users\Ruda\AppData\Roaming\BitTorrent\BitTorrent.exe [1388888 2014-11-30] (BitTorrent Inc.)
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\...\Run: [GSplay.exe] => C:\Users\Ruda\Desktop\GSplay.exe [4772747 2014-03-12] ()
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\...\Run: [Yahoo! Search] => C:\Users\Ruda\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.15.4\dsrlte.exe
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\...\RunOnce: [Application Restart #3] => C:\Users\Ruda\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-p (the data entry has 538 more characters).
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\...\MountPoints2: {5dc8aa94-4dfe-11e2-8b99-3860773d812c} - G:\Startme.exe
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
Startup: C:\Users\Ruda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk

HKU\S-1-5-21-393152356-2371770671-4028496107-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
URLSearchHook: HKLM-x32 - BitTorrentControl_v12 Toolbar - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBit0.dll (Conduit Ltd.)
URLSearchHook: HKU\S-1-5-21-393152356-2371770671-4028496107-1000 - BitTorrentControl_v12 Toolbar - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBit0.dll (Conduit Ltd.)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: BitTorrentControl_v12 Toolbar -> {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} -> C:\Program Files (x86)\BitTorrentControl_v12\prxtbBit0.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - BitTorrentControl_v12 Toolbar - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBit0.dll (Conduit Ltd.)
Toolbar: HKU\S-1-5-21-393152356-2371770671-4028496107-1000 -> No Name - {B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

CHR Extension: (Facebook Emoticon & Smiley) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\baidofcbhhfddopoadebjdcmlignfdlf [2012-08-27]
CHR Extension: (Color Changer for Facebook) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjonbnnoflopmbacbicphohfappebbkf [2012-08-27]
CHR Extension: (Dislike on Facebook) - C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\dalglnklbdkfhihfcagbcdbnmlhcdpha [2012-08-27]

R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1148664 2012-06-21] (Crawler.com)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]
S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X]
S3 X6va027; \??\C:\Windows\SysWOW64\Drivers\X6va027 [X]
S3 X6va028; \??\C:\Windows\SysWOW64\Drivers\X6va028 [X]

C:\Program Files (x86)\BitTorrentControl_v12
C:\Program Files (x86)\Spyware Terminator
C:\Users\Ruda\AppData\Local\Pay-By-Ads
2014-12-21 17:58 - 2014-12-21 17:58 - 00000000 ____D () C:\Users\Ruda\Desktop\FRST-OlderVersion
2014-12-18 22:04 - 2014-12-18 22:04 - 00000000 ____D () C:\Users\Ruda\AppData\Local\{91C6DE87-4866-452F-854D-D02F8F585983}
2014-12-18 18:45 - 2014-12-21 17:58 - 00022029 _____ () C:\Users\Ruda\Desktop\FRST.txt
2014-12-18 18:45 - 2014-12-18 18:46 - 00038857 _____ () C:\Users\Ruda\Desktop\Addition.txt
2014-12-18 16:39 - 2014-12-18 16:17 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-12-18 16:19 - 2014-12-18 16:41 - 00014635 _____ () C:\zoek-results.log
2014-12-18 16:17 - 2014-12-18 16:35 - 00000000 ____D () C:\zoek_backup
2014-12-18 16:17 - 2014-12-18 16:17 - 01295360 _____ () C:\Users\Ruda\Desktop\zoek.exe
2014-12-18 16:12 - 2014-12-18 16:40 - 00001784 _____ () C:\Windows\PFRO.log
2014-12-18 16:12 - 2014-12-18 16:12 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-18 16:08 - 2014-12-18 16:11 - 00000000 ____D () C:\AdwCleaner
2014-12-18 16:07 - 2014-12-18 16:07 - 02166272 _____ () C:\Users\Ruda\Desktop\adwcleaner_4.105.exe
2014-12-18 16:41 - 2012-08-19 14:21 - 00000000 ____D () C:\ProgramData\Spyware Terminator

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-393152356-2371770671-4028496107-1000Core.job => C:\Users\Ruda\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-393152356-2371770671-4028496107-1000UA.job => C:\Users\Ruda\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-393152356-2371770671-4028496107-1000Core.job => C:\Users\Ruda\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-393152356-2371770671-4028496107-1000UA.job => C:\Users\Ruda\AppData\Local\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\ProgramData\Temp:373E1720

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminatorShield => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminatorUpdater => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\EgisTecPMMUpdate => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\EgisUpdate => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Creative Cloud => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\LogMeIn Hamachi Ui => Value not found.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\IsMyWinLockerReboot => Value not found.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\IsMyWinLockerReboot => Value not found.
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => Value not found.
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => Value not found.
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\Software\Microsoft\Windows\CurrentVersion\Run\\RoboForm => Value not found.
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => Value not found.
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Clownfish => Value not found.
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Pando Media Booster => Value not found.
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Sony PC Companion => Value not found.
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\Software\Microsoft\Windows\CurrentVersion\Run\\EA Core => Value not found.
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => Value not found.
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\Software\Microsoft\Windows\CurrentVersion\Run\\BitTorrent => Value not found.
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GSplay.exe => Value not found.
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Yahoo! Search => Value not found.
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Application Restart #3 => Value not found.
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5dc8aa94-4dfe-11e2-8b99-3860773d812c} => Key not found.
HKCR\CLSID\{5dc8aa94-4dfe-11e2-8b99-3860773d812c} => Key not found.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\IsMyWinLockerReboot => Value not found.
C:\Users\Ruda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk not found.
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\Software\Microsoft\Internet Explorer\Main\\First Home Page => Value not found.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} => Value not found.
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} => Value not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} => Key not found.
HKCR\Wow6432Node\CLSID\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} => Key could not be deleted. Error: -1073741772
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} => Value not found.
HKCR\Wow6432Node\CLSID\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} => Key could not be deleted. Error: -1073741772
HKU\S-1-5-21-393152356-2371770671-4028496107-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14} => Value not found.
HKCR\CLSID\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14} => Key not found.
HKCR\PROTOCOLS\Handler\skypec2c => Key not found.
HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => Key not found.
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => Key could not be deleted. Error: -1073741772
HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => Key could not be deleted. Error: -1073741772
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => Key not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => Key not found.
C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\baidofcbhhfddopoadebjdcmlignfdlf directory not found.
C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjonbnnoflopmbacbicphohfappebbkf directory not found.
C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Default\Extensions\dalglnklbdkfhihfcagbcdbnmlhcdpha directory not found.
ST2012_Svc => Service not found.
EagleX64 => Service not found.
X6va011 => Service not found.
X6va012 => Service not found.
X6va013 => Service not found.
X6va015 => Service not found.
X6va016 => Service not found.
X6va017 => Service not found.
X6va027 => Service not found.
X6va028 => Service not found.
"C:\Program Files (x86)\BitTorrentControl_v12" => File/Directory not found.
"C:\Program Files (x86)\Spyware Terminator" => File/Directory not found.
"C:\Users\Ruda\AppData\Local\Pay-By-Ads" => File/Directory not found.
"C:\Users\Ruda\Desktop\FRST-OlderVersion" => File/Directory not found.
"C:\Users\Ruda\AppData\Local\{91C6DE87-4866-452F-854D-D02F8F585983}" => File/Directory not found.
"C:\Users\Ruda\Desktop\FRST.txt" => File/Directory not found.
"C:\Users\Ruda\Desktop\Addition.txt" => File/Directory not found.
"C:\Windows\zoek-delete.exe" => File/Directory not found.
"C:\zoek-results.log" => File/Directory not found.
"C:\zoek_backup" => File/Directory not found.
"C:\Users\Ruda\Desktop\zoek.exe" => File/Directory not found.
"C:\Windows\PFRO.log" => File/Directory not found.
"C:\Windows\system32\appraiser" => File/Directory not found.
"C:\AdwCleaner" => File/Directory not found.
"C:\Users\Ruda\Desktop\adwcleaner_4.105.exe" => File/Directory not found.
"C:\ProgramData\Spyware Terminator" => File/Directory not found.
C:\Windows\Tasks\Adobe Flash Player Updater.job not found.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-393152356-2371770671-4028496107-1000Core.job not found.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-393152356-2371770671-4028496107-1000UA.job not found.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-393152356-2371770671-4028496107-1000Core.job not found.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-393152356-2371770671-4028496107-1000UA.job not found.
"C:\ProgramData\Temp" => ":373E1720" ADS not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 7.2 MB temporary data.

O chybe vime, autor resi

Ale provedlo se vse

Jak se chova PC???

Dobře, PC se chová dobře, o té doby se mi ještě ani jednou nesekl nebo nevypl. Kdyby se ještě něco dělo tak se Vám ozvu, děkuji mnohokrát.

Tak jeste uklidime

DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remote disinfection tools
• Kliknete na Run

Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standard
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse