Malware v PC ?

Zpráva

pe.mk · #1 Příspěvek od **pe.mk** » 14 pro 2014 20:05

Zdravím a žádám o pomoc. V noťasu mi vyskakují nežádoucí reklamy. Nelze mi to ničím zablokovat. Prosím o radu ...
Log z RSIT :

Logfile of random's system information tool 1.10 (written by random/random)
Run by Petr at 2014-12-14 19:51:15
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 37 GB (26%) free of 145 GB
Total RAM: 3001 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:51:39, on 14.12.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
C:\Program Files (x86)\Launch Manager\LManager.EXE
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\neurowise\bin\neurowise.expext.exe
C:\Program Files (x86)\neurowise\bin\neurowise.BOASHelper.exe
C:\Program Files (x86)\neurowise\bin\neurowise.BrowserAdapter.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\neurowise\bin\neurowise.BOASPRT.exe
C:\Program Files (x86)\neurowise\bin\neurowise.BOAS.exe
C:\Users\Petr\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\Petr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://rts.dsrlte.com?affID=na
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: CrossriderApp0035382 - {11111111-1111-1111-1111-110311531182} - (no file)
O2 - BHO: Lync add-on BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: neurowise 1.0.0.5 - {d08ab008-0647-4784-8e2c-5769cd4a7c3a} - C:\Program Files (x86)\neurowise\neurowiseBHO.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Communicator] "C:\Program Files (x86)\Microsoft Lync\communicator.exe" /fromrunkey
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [EADM] "C:\Users\Public\Desktop\petrs songs\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\RunOnce: [Adobe Speed Launcher] 1418581468
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Doplněk aplikace Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll
O9 - Extra 'Tools' menuitem: Doplněk aplikace Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {8CE763DA-0B0F-42E2-8634-91AE02F5AAF8} - http://dfserv7/Eso9Supp.net/LIB/CAB/Eso9Client6.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Users\Petr\Desktop\petrs songs\petrs songs\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update neurowise - Unknown owner - C:\Program Files (x86)\neurowise\updateneurowise.exe
O23 - Service: Util neurowise - Unknown owner - C:\Program Files (x86)\neurowise\bin\utilneurowise.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12871 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-828453966-2143245867-370889090-1000Core.job - C:\Users\Petr\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-828453966-2143245867-370889090-1000UA.job - C:\Users\Petr\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\SmartPCFix Task.job - C:\Program Files (x86)\SmartPCFix\SmartPCFix.exe -run

=========Mozilla firefox=========

ProfilePath - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\ck34kafi.default

prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/?clid=22668"
prefs.js - "keyword.URL" - ""

"{336D0C35-8A85-403a-B9D2-65C292C39087}"=C:\Program Files\Web Assistant\Firefox
"{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}"=C:\Program Files\Web Assistant\Firefox
"{8E9E3331-D360-4f87-8803-52DE43566502}"=C:\Program Files\Web Assistant\Firefox
"ext@WebexpEnhancedV1alpha422.net"=C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha422\ff
"ext@VideoPlayerV3beta583.net"=C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta583\ff
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.235 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1212152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@VideoDownloadConverter_ScriptHelper.com/Plugin]
"Description"=VideoDownloadConverter_ScriptHelper Plugin
"Path"=C:\Program Files (x86)\VideoDownloadConverter\npVDCPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.dll

C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\ck34kafi.default\searchplugins\
dsrlte.xml
seznam-avast.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311531182}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll [2010-11-03 211720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-12-14 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-27 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d08ab008-0647-4784-8e2c-5769cd4a7c3a}]
neurowise 1.0.0.5 - C:\Program Files (x86)\neurowise\neurowiseBHO.dll [2014-12-11 250144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-27 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2009-09-24 825864]
"Communicator"=C:\Program Files (x86)\Microsoft Lync\communicator.exe [2014-05-01 12117312]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20 1021128]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-12-14 5227112]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-04-08 39408]
"EADM"=C:\Users\Public\Desktop\petrs songs\Origin\Origin.exe -AutoStart []
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2014-11-13 7777560]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Adobe Speed Launcher"=1418581468 []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe

C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
MyPC Backup.lnk - C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid.dll
"vidc.tsc2"=C:\Windows\SysWOW64\tsc2_codec32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-12-14 19:51:15 ----D---- C:\rsit
2014-12-14 19:51:15 ----D---- C:\Program Files (x86)\trend micro
2014-12-14 10:58:18 ----D---- C:\ProgramData\Systweak
2014-12-14 10:58:13 ----D---- C:\Program Files (x86)\ASP
2014-12-14 10:35:34 ----A---- C:\Windows\avastSS.scr
2014-12-14 10:25:23 ----D---- C:\ProgramData\McAfee Security Scan
2014-12-14 10:25:11 ----D---- C:\Program Files (x86)\McAfee Security Scan
2014-12-12 19:49:18 ----D---- C:\Users\Petr\AppData\Roaming\SUPERAntiSpyware.com
2014-12-12 19:48:09 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2014-12-11 18:04:31 ----A---- C:\Windows\SysWOW64\mf.dll
2014-12-11 17:42:04 ----A---- C:\Windows\SysWOW64\tzres.dll
2014-12-11 17:38:34 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2014-12-11 17:38:34 ----A---- C:\Windows\SysWOW64\iernonce.dll
2014-12-11 17:38:34 ----A---- C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-11 17:38:32 ----A---- C:\Windows\SysWOW64\urlmon.dll
2014-12-11 17:38:32 ----A---- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-11 17:38:32 ----A---- C:\Windows\SysWOW64\iedkcs32.dll
2014-12-11 17:38:30 ----A---- C:\Windows\SysWOW64\mshtml.dll
2014-12-11 17:38:30 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2014-12-11 17:38:30 ----A---- C:\Windows\SysWOW64\dxtrans.dll
2014-12-11 17:38:28 ----A---- C:\Windows\SysWOW64\iesetup.dll
2014-12-11 17:38:28 ----A---- C:\Windows\SysWOW64\ieapfltr.dll
2014-12-11 17:38:26 ----A---- C:\Windows\SysWOW64\jscript9diag.dll
2014-12-11 17:38:26 ----A---- C:\Windows\SysWOW64\iertutil.dll
2014-12-11 17:38:25 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2014-12-11 17:38:25 ----A---- C:\Windows\SysWOW64\ieUnatt.exe
2014-12-11 17:38:24 ----A---- C:\Windows\SysWOW64\ieui.dll
2014-12-11 17:38:24 ----A---- C:\Windows\SysWOW64\dxtmsft.dll
2014-12-11 17:38:23 ----A---- C:\Windows\SysWOW64\ieframe.dll
2014-12-11 17:38:20 ----A---- C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-11 17:38:20 ----A---- C:\Windows\SysWOW64\jscript9.dll
2014-12-11 17:38:19 ----A---- C:\Windows\SysWOW64\wininet.dll
2014-12-11 17:38:19 ----A---- C:\Windows\SysWOW64\vbscript.dll
2014-12-11 17:38:17 ----A---- C:\Windows\SysWOW64\msrating.dll
2014-12-11 17:38:17 ----A---- C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-11 17:36:43 ----A---- C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-11 17:36:32 ----A---- C:\Windows\SysWOW64\charmap.exe
2014-12-11 17:36:28 ----A---- C:\Windows\SysWOW64\WsmSvc.dll
2014-12-11 17:36:24 ----A---- C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-11 17:36:24 ----A---- C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-11 17:36:24 ----A---- C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-11 17:36:22 ----A---- C:\Windows\SysWOW64\WsmAuto.dll
2014-12-03 16:10:05 ----D---- C:\Windows\474DFABFE55B4905ABAA40791A6AC77F.TMP
2014-11-26 20:25:30 ----D---- C:\Users\Petr\AppData\Roaming\TechSmith
2014-11-26 20:20:27 ----D---- C:\ProgramData\regid.1995-08.com.techsmith
2014-11-26 20:20:25 ----D---- C:\Program Files (x86)\QuickTime
2014-11-26 20:20:09 ----D---- C:\Program Files (x86)\Common Files\TechSmith Shared
2014-11-26 20:19:48 ----D---- C:\ProgramData\TechSmith
2014-11-26 20:19:48 ----D---- C:\Program Files (x86)\TechSmith
2014-11-25 16:04:59 ----A---- C:\Windows\SysWOW64\msvcr71.dll
2014-11-25 16:04:59 ----A---- C:\Windows\SysWOW64\mfc71.dll
2014-11-25 16:04:59 ----A---- C:\Windows\SysWOW64\gdiplus.dll
2014-11-25 15:26:17 ----D---- C:\Counter-Strike 1.6
2014-11-22 15:14:54 ----A---- C:\Windows\Counter-Strike 1.6 Standalone Uninstaller.exe
2014-11-22 15:13:05 ----D---- C:\Program Files (x86)\Common Files\Thraex Software
2014-11-22 15:13:04 ----D---- C:\Program Files (x86)\Counter-Strike 1.6 Standalone
2014-11-22 14:17:11 ----D---- C:\Windows\Minidump
2014-11-21 22:04:18 ----D---- C:\Program Files (x86)\WarThunder
2014-11-19 12:20:44 ----A---- C:\Windows\SysWOW64\pku2u.dll
2014-11-19 12:20:43 ----A---- C:\Windows\SysWOW64\kerberos.dll
2014-11-19 04:31:16 ----A---- C:\Windows\SysWOW64\FM20.DLL

======List of files/folders modified in the last 1 month======

2014-12-14 19:51:15 ----RD---- C:\Program Files (x86)
2014-12-14 19:39:41 ----SHD---- C:\Windows\Installer
2014-12-14 19:39:21 ----SHD---- C:\System Volume Information
2014-12-14 19:39:05 ----D---- C:\Windows\Temp
2014-12-14 19:38:14 ----D---- C:\Windows\System32
2014-12-14 19:38:05 ----D---- C:\Windows\SysWOW64
2014-12-14 19:33:23 ----A---- C:\Windows\win.ini
2014-12-14 19:32:33 ----D---- C:\Windows\Tasks
2014-12-14 19:32:21 ----D---- C:\Users\Petr\AppData\Roaming\Systweak
2014-12-14 18:26:56 ----D---- C:\Program Files (x86)\File Type Assistant
2014-12-14 11:08:10 ----D---- C:\Windows\Prefetch
2014-12-14 11:08:01 ----D---- C:\ProgramData\e5c4ef79-068a-447e-b589-daa814c96056
2014-12-14 10:58:18 ----HD---- C:\ProgramData
2014-12-14 10:51:31 ----D---- C:\Program Files (x86)\Java
2014-12-14 10:36:05 ----D---- C:\Windows
2014-12-14 10:25:13 ----D---- C:\ProgramData\McAfee
2014-12-14 10:25:03 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-14 10:19:53 ----D---- C:\Program Files (x86)\neurowise
2014-12-12 19:48:09 ----D---- C:\Program Files
2014-12-12 19:37:39 ----D---- C:\Program Files (x86)\WinZipper
2014-12-11 20:37:45 ----D---- C:\Windows\rescache
2014-12-11 18:19:31 ----D---- C:\Windows\winsxs
2014-12-11 18:16:28 ----D---- C:\Windows\AppCompat
2014-12-11 18:16:26 ----SD---- C:\ProgramData\Microsoft
2014-12-11 18:16:22 ----D---- C:\Windows\SysWOW64\en-US
2014-12-11 18:16:22 ----D---- C:\Windows\SysWOW64\cs-CZ
2014-12-11 18:16:20 ----D---- C:\Windows\PolicyDefinitions
2014-12-11 18:16:17 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-11 18:14:14 ----D---- C:\ProgramData\Microsoft Help
2014-12-02 16:13:35 ----D---- C:\Program Files (x86)\MyPC Backup
2014-11-28 22:42:25 ----D---- C:\The KMPlayer
2014-11-28 20:24:15 ----D---- C:\Users\Petr\AppData\Roaming\Origin
2014-11-28 20:24:13 ----D---- C:\ProgramData\Origin
2014-11-28 17:50:10 ----SD---- C:\Users\Petr\AppData\Roaming\Microsoft
2014-11-26 20:20:09 ----D---- C:\Program Files (x86)\Common Files
2014-11-25 19:40:06 ----D---- C:\Users\Petr\AppData\Roaming\Skype
2014-11-25 16:05:41 ----D---- C:\Windows\inf
2014-11-22 20:03:17 ----HD---- C:\Program Files (x86)\Common Files\EAInstaller
2014-11-21 22:40:38 ----D---- C:\Windows\SysWOW64\directx

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\SysWOW64\drivers\aswRvrt.sys []
R0 aswVmm;avast! VM Monitor; C:\Windows\SysWOW64\drivers\aswVmm.sys []
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R1 {041c1d3c-f8b8-4859-a117-34b0c3d50700}w64;{041c1d3c-f8b8-4859-a117-34b0c3d50700}w64; C:\Windows\system32\drivers\{041c1d3c-f8b8-4859-a117-34b0c3d50700}w64.sys []
R1 {054bd1e4-abee-467e-ab51-8ab276684243}w64;{054bd1e4-abee-467e-ab51-8ab276684243}w64; C:\Windows\system32\drivers\{054bd1e4-abee-467e-ab51-8ab276684243}w64.sys []
R1 {0dbfb120-504f-40f7-ab6e-e085d8a38097}w64;{0dbfb120-504f-40f7-ab6e-e085d8a38097}w64; C:\Windows\system32\drivers\{0dbfb120-504f-40f7-ab6e-e085d8a38097}w64.sys []
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys []
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys []
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys []
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys []
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys []
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys []
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys []
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys []
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys []
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys []
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys []
S3 ANDNetModem;LGE AndroidNet USB Modem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys []
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys []
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys []
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys []
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys []
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys []
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys []
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys []
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys []
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys []
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys []
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys []
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys []
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys []
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys []
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2014-07-23 172344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-12-14 50344]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-18 864032]
R2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2014-05-27 2139328]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-02-26 841248]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
R2 IviRegMgr;IviRegMgr; C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-06 144640]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-04-23 3574624]
R2 Update neurowise;Update neurowise; C:\Program Files (x86)\neurowise\updateneurowise.exe [2014-12-14 523552]
R2 Util neurowise;Util neurowise; C:\Program Files (x86)\neurowise\bin\utilneurowise.exe [2014-12-14 523552]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-14 267440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19 107912]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-11 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe /V []
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [2012-09-05 234776]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-10-27 119408]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-06 50432]
S3 Origin Client Service;Origin Client Service; C:\Users\Petr\Desktop\petrs songs\petrs songs\Origin\OriginClientService.exe [2014-11-28 1900400]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 14 pro 2014 20:35

Zdravim

Odinstalujte McAfee Security Scan

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Po spusteni probehne stazeni databaze
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

Kód: Vybrat vše

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

pe.mk · #3 Příspěvek od **pe.mk** » 14 pro 2014 21:11

Log AdwCleaner zde :

# AdwCleaner v4.105 - Report created 14/12/2014 at 21:00:22
# Updated 08/12/2014 by Xplode
# Database : 2014-12-13.4 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Petr - PETR-PC
# Running from : C:\Users\Petr\Desktop\adwcleaner_4.105.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : Util neurowise
[#] Service Deleted : Update neurowise
Service Deleted : {041c1d3c-f8b8-4859-a117-34b0c3d50700}w64
Service Deleted : {054bd1e4-abee-467e-ab51-8ab276684243}w64
Service Deleted : {0dbfb120-504f-40f7-ab6e-e085d8a38097}w64
Service Deleted : {111abdcf-3c5d-4ae0-b234-603deb7f8fa0}w64
Service Deleted : {11f7ecce-9c05-4cd0-9fb7-7c98a86a9e46}w64
Service Deleted : {1f903bdd-ef91-4255-acc4-cfb1b73804ba}w64
Service Deleted : {280593ba-de17-4eb2-8400-f39d203204fd}w64
Service Deleted : {29b62904-40dc-4708-b289-42f25c697022}w64
Service Deleted : {3457e5fd-a0a9-479b-87ee-32c6d67f88f0}w64
Service Deleted : {3a810956-fbab-455d-85ad-ac16a6d1316f}w64
Service Deleted : {3b10b41b-c168-4ccf-bebe-a5caf81e576a}w64
Service Deleted : {46e267d7-2aad-4738-adaf-d4d0a8fac9ea}w64
Service Deleted : {58070dfc-583b-44c0-9283-69cefc3dea14}w64
Service Deleted : {9642c3ef-5a92-4f93-9b80-c77005b19940}w64
Service Deleted : {a763727e-b8a0-4b1d-a07a-c56de578d18d}w64
Service Deleted : {bc4b9229-6471-4f8a-a845-83dbbb1de123}w64
Service Deleted : {d3dc5148-cc59-4353-96a9-83d8a155530a}w64
Service Deleted : {d5f4bc08-ce91-46ed-9c30-e1067bdf053a}w64
Service Deleted : {db9dc016-bcac-4bb6-a75a-18b3b47b632f}w64
Service Deleted : {e5e7a5e8-9a65-4724-8bc3-aa322a90dd66}w64
Service Deleted : {f808c2f4-7724-4e8c-b8e7-cfe5a59a50fa}w64
Service Deleted : {fe651286-52a1-461b-a17a-f258b4b81968}w64

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\Systweak
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\e5c4ef79-068a-447e-b589-daa814c96056
Folder Deleted : C:\ProgramData\AlawarWrapper
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced-System Protector
Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
Folder Deleted : C:\Program Files (x86)\ASP
Folder Deleted : C:\Program Files (x86)\DownLite
Folder Deleted : C:\Program Files (x86)\File Type Assistant
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\SiteLookup
Folder Deleted : C:\Program Files (x86)\VideoDownloadConverter
Folder Deleted : C:\Program Files (x86)\VideoPlayerV3
Folder Deleted : C:\Program Files (x86)\WebexpEnhancedV1
Folder Deleted : C:\Program Files (x86)\WinZipper
[!] Folder Deleted : C:\Program Files (x86)\neurowise
Folder Deleted : C:\Program Files (x86)\GotClip
Folder Deleted : C:\Program Files (x86)\hosts
[!] Folder Deleted : C:\Program Files (x86)\neurowise
Folder Deleted : C:\Users\Petr\AppData\Local\Temp\apn
Folder Deleted : C:\Users\Petr\AppData\Local\Temp\neurowise
Folder Deleted : C:\Program Files\Web Assistant
Folder Deleted : C:\Windows\System32\ljkb
Folder Deleted : C:\Users\Petr\AppData\Local\AskPartnerNetwork
Folder Deleted : C:\Users\Petr\AppData\Local\FileTypeAssistant
Folder Deleted : C:\Users\Petr\AppData\Local\pay-by-ads
Folder Deleted : C:\Users\Petr\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Petr\AppData\LocalLow\Industriya
Folder Deleted : C:\Users\Petr\AppData\LocalLow\Minibar
Folder Deleted : C:\Users\Petr\AppData\Roaming\ASP
Folder Deleted : C:\Users\Petr\AppData\Roaming\eUpdate
Folder Deleted : C:\Users\Petr\AppData\Roaming\goforfiles
Folder Deleted : C:\Users\Petr\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Petr\AppData\Roaming\pdfforge
Folder Deleted : C:\Users\Petr\AppData\Roaming\registry mechanic
Folder Deleted : C:\Users\Petr\AppData\Roaming\SimilarAddon
Folder Deleted : C:\Users\Petr\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Petr\AppData\Roaming\WebExtend
Folder Deleted : C:\Users\Petr\AppData\Roaming\WinZipper
Folder Deleted : C:\Users\Petr\AppData\Roaming\Yontoo
Folder Deleted : C:\Users\Petr\AppData\Roaming\RHEng
Folder Deleted : C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Folder Deleted : C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GotClip
Folder Deleted : C:\Users\Public\Documents\AlawarWrapper
Folder Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
File Deleted : C:\Users\Public\Desktop\advanced-System Protector.lnk
File Deleted : C:\Program Files (x86)\PDFCreator\Toolbar\pdfforge Toolbar_setup.exe
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Windows\System32\sasnative64.exe
File Deleted : C:\Windows\System32\drivers\{041c1d3c-f8b8-4859-a117-34b0c3d50700}w64.sys
File Deleted : C:\Windows\System32\drivers\{054bd1e4-abee-467e-ab51-8ab276684243}w64.sys
File Deleted : C:\Windows\System32\drivers\{0dbfb120-504f-40f7-ab6e-e085d8a38097}w64.sys
File Deleted : C:\Windows\System32\drivers\{111abdcf-3c5d-4ae0-b234-603deb7f8fa0}w64.sys
File Deleted : C:\Windows\System32\drivers\{11f7ecce-9c05-4cd0-9fb7-7c98a86a9e46}w64.sys
File Deleted : C:\Windows\System32\drivers\{1f903bdd-ef91-4255-acc4-cfb1b73804ba}w64.sys
File Deleted : C:\Windows\System32\drivers\{280593ba-de17-4eb2-8400-f39d203204fd}w64.sys
File Deleted : C:\Windows\System32\drivers\{29b62904-40dc-4708-b289-42f25c697022}w64.sys
File Deleted : C:\Windows\System32\drivers\{3457e5fd-a0a9-479b-87ee-32c6d67f88f0}w64.sys
File Deleted : C:\Windows\System32\drivers\{3a810956-fbab-455d-85ad-ac16a6d1316f}w64.sys
File Deleted : C:\Windows\System32\drivers\{3b10b41b-c168-4ccf-bebe-a5caf81e576a}w64.sys
File Deleted : C:\Windows\System32\drivers\{46e267d7-2aad-4738-adaf-d4d0a8fac9ea}w64.sys
File Deleted : C:\Windows\System32\drivers\{58070dfc-583b-44c0-9283-69cefc3dea14}w64.sys
File Deleted : C:\Windows\System32\drivers\{9642c3ef-5a92-4f93-9b80-c77005b19940}w64.sys
File Deleted : C:\Windows\System32\drivers\{a763727e-b8a0-4b1d-a07a-c56de578d18d}w64.sys
File Deleted : C:\Windows\System32\drivers\{bc4b9229-6471-4f8a-a845-83dbbb1de123}w64.sys
File Deleted : C:\Windows\System32\drivers\{d3dc5148-cc59-4353-96a9-83d8a155530a}w64.sys
File Deleted : C:\Windows\System32\drivers\{d5f4bc08-ce91-46ed-9c30-e1067bdf053a}w64.sys
File Deleted : C:\Windows\System32\drivers\{db9dc016-bcac-4bb6-a75a-18b3b47b632f}w64.sys
File Deleted : C:\Windows\System32\drivers\{e5e7a5e8-9a65-4724-8bc3-aa322a90dd66}w64.sys
File Deleted : C:\Windows\System32\drivers\{f808c2f4-7724-4e8c-b8e7-cfe5a59a50fa}w64.sys
File Deleted : C:\Windows\System32\drivers\{fe651286-52a1-461b-a17a-f258b4b81968}w64.sys
File Deleted : C:\Users\Petr\AppData\LocalLow\SkwConfig.bin
File Deleted : C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
File Deleted : C:\Users\Petr\Desktop\MyPC Backup.lnk
File Deleted : C:\Users\Petr\Desktop\Live PC Help.lnk
File Deleted : C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\ck34kafi.default\searchplugins\dsrlte.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\user.js
File Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
File Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_en.softonic.com_0.localstorage-journal
File Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_en.softonic.com_0.localstorage

***** [ Scheduled Tasks ] *****

Task Deleted : advanced-System Protector_startup
Task Deleted : ProgramRefresh-ATFST

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{8E9E3331-D360-4f87-8803-52DE43566502}]
Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{8E9E3331-D360-4f87-8803-52DE43566502}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FE1DEEEA-DB6D-44B8-83F0-34FC0F9D1052}]
Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FE1DEEEA-DB6D-44B8-83F0-34FC0F9D1052}]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dedmngkbaffkenlfdcbganndoghblmap
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\poheodfamflhhhdcmjfeggbgigeefaco
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mmifolfpllfdhilecpdpmemhelmanajl
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaadgepjkdffhjbkfjgnnffnfcffbg
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaadgepjkdffhjbkfjgnnffnfcffbg
Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\qvo6.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.qvo6.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter.ScriptHelper
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter.ScriptHelper.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@VideoDownloadConverter_ScriptHelper.com/Plugin
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update neurowise
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util neurowise
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0035382.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0035382.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0035382.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0035382.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A2773ED4-83BD-488A-A186-73590706C916}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322532282}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{d08ab008-0647-4784-8e2c-5769cd4a7c3a}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355535582}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366536682}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{385F1935-3784-48D0-A61F-6385493DED3C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344534482}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{724dd777-5654-4d06-b3bc-c2ff56615998}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d08ab008-0647-4784-8e2c-5769cd4a7c3a}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D6F0AC3-0C2E-4E07-8FDA-11268AB51211}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355535582}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366536682}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1B3276C1-7919-45EA-A20E-61AB4034AF3C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\FileTypeAssistant
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\Webplayer
Key Deleted : HKCU\Software\WNLT
Key Deleted : HKCU\Software\neurowise
Key Deleted : HKCU\Software\AppDataLow\Software\hosts
Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
Key Deleted : HKLM\SOFTWARE\delta-homesSoftware
Key Deleted : HKLM\SOFTWARE\eSafeSecControl
Key Deleted : HKLM\SOFTWARE\hdcode
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\VideoDownloadConverter
Key Deleted : HKLM\SOFTWARE\Web Assistant
Key Deleted : HKLM\SOFTWARE\winzipersvc
Key Deleted : HKLM\SOFTWARE\Webexp Enhanced
Key Deleted : HKLM\SOFTWARE\WebexpEnhancedV1
Key Deleted : HKLM\SOFTWARE\Video Player
Key Deleted : HKLM\SOFTWARE\VideoPlayerV3
Key Deleted : HKLM\SOFTWARE\hosts
Key Deleted : HKLM\SOFTWARE\neurowise
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Trusted Software Assistant_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VideoDownloadConverter
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~4A5BE654_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Webexp Enhanced
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video Player
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hosts
Key Deleted : [x64] HKLM\SOFTWARE\Speedchecker Limited
Key Deleted : [x64] HKLM\SOFTWARE\Web Assistant
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\neurowise
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\icq.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\incredibar.com

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v31.0 (x86 cs)

-\\ Google Chrome v39.0.2171.71

[C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.search.ask.com/web?tpid=KMPV7-SP&o= ... earchTerms}
[C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\Petr\AppData\Local\Comodo\Dragon\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.ask.com/web?o=APN10257&doi=2014-07-27&apn_dtid=%5ECMD161%5EYY%5EUS&apn_ptnrs=%5EAGO&q={searchTerms}

-\\ Comodo Dragon v33.1.0.1

[C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.search.ask.com/web?tpid=KMPV7-SP&o= ... earchTerms}
[C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\Petr\AppData\Local\Comodo\Dragon\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.ask.com/web?o=APN10257&doi=2014-07-27&apn_dtid=%5ECMD161%5EYY%5EUS&apn_ptnrs=%5EAGO&q={searchTerms}
[C:\Users\Petr\AppData\Local\Comodo\Dragon\User Data\Default\preferences] - Deleted [Extension] : cmaiofennmphjldldcpphcechfnnohja
[C:\Users\Petr\AppData\Local\Comodo\Dragon\User Data\Default\preferences] - Deleted [Extension] : aaaalipaokhkccgmgkdglfinfnfhflko

*************************

AdwCleaner[R0].txt - [18824 octets] - [14/12/2014 20:57:33]
AdwCleaner[S0].txt - [18987 octets] - [14/12/2014 21:00:22]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [19048 octets] ##########

#4 Příspěvek od **vyosek** » 14 pro 2014 21:23

Pokracujte Zoek-em

pe.mk · #5 Příspěvek od **pe.mk** » 14 pro 2014 21:25

A u "Zoek", uloženo na plochu, spuštěno jako správce, vyběhlo chybové hlášení C:.... Desktop\zoek.exe není platná aplikace typu Win32.

Edit :

"Antivir

" Avast to vyhazoval jako nebezpečný soubor ...

#6 Příspěvek od **vyosek** » 14 pro 2014 21:40

Vypnete docasne Avast, je to falesna detekce...

pe.mk · #7 Příspěvek od **pe.mk** » 14 pro 2014 22:01

Vůbec mne to nepouští cokoliv přes ten Zoek vytvořit. Nejdříve uloženo na ploše se zaplým avastem .. nic, pak restart vypnutý avast a zkouška znovu .. nic, restart, vypý avast, staženo na plochu znovu Zoek.exe a přes správce to vůbec nenajede nic ...

#8 Příspěvek od **vyosek** » 14 pro 2014 22:06

Tak jeste zkuste v nouzovem rezimu a kdyz ne, tak dejte log z FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

pe.mk · #9 Příspěvek od **pe.mk** » 14 pro 2014 22:26

Stále problém. Nelze. Hlásí mi to znovu, že se mi to nenachází na ploše

. Chtěl jsem poslat screeen, ale nepodařilo se přes váš portál. Mailem bych mohl ihned ...

Edit : Myslel jsem ten FRST64.exe .... hlásí mi to že mám přesunout na plochu a pak znovu spustit

#10 Příspěvek od **vyosek** » 14 pro 2014 22:30

Tak spustte jen FRST64.exe a ne FRSTLauncher

pe.mk · #11 Příspěvek od **pe.mk** » 14 pro 2014 22:39

FRST log :

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2014
Ran by Petr at 2014-12-14 22:37:01
Running from C:\Users\Petr\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Acer Crystal Eye webcam Ver:1.1.160.210 (HKLM-x32\...\{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}) (Version: 1.1.160.210 - Chicony Electronics Co.,Ltd.)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.05.3007 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3011 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.11.1209 - Acer Incorporated)
Acer VCM (HKLM-x32\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3002 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.2.152 - Adobe Systems, Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.17 - Atheros Communications Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Call of Duty(R) 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.2 - Activision)
Call of Duty(R) 2 (x32 Version: 1.2 - Activision) Hidden
Camtasia Studio 8 (HKLM-x32\...\{474DFABF-E55B-4905-ABAA-40791A6AC77F}) (Version: 8.4.4.1859 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 33.1.0.1 - Comodo)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.98.9.0 - Conexant)
Counter-Strike 1.6 Standalone (HKLM-x32\...\Counter-Strike 1.6 Standalone) (Version: 1.00 - www.cservers.cz)
Counter-Strike 1.6 v42 (HKU\S-1-5-21-828453966-2143245867-370889090-1000\...\Counter-Strike 1.6_is1) (Version: - Valve)
Dairy Dash (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version: - Oberon Media)
DownLite (HKLM-x32\...\DownLite) (Version: 1.0.0.1 - ) <==== ATTENTION
Dropbox (HKU\S-1-5-21-828453966-2143245867-370889090-1000\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
ESO9 .NET klient 4.7.9 (HKLM-x32\...\{425F6B47-E2C7-4D25-96DA-0C1A0C20640F}) (Version: 4.7.9 - ESO9 international a.s.)
ESO9 .NET klient 4.8.8 (HKLM-x32\...\{F42E0568-7F6D-40B0-AA48-403F9711DD06}) (Version: 4.8.8 - ESO9 international a.s.)
ESO9 .NET klient 4.9.3 (HKLM-x32\...\{9E8B4048-74D2-4930-B80D-D7B28D74C890}) (Version: 4.9.3 - ESO9 international a.s.)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
FIFA 12 (HKLM-x32\...\{EA8ADAA9-6671-4839-A51E-0C6792B78F3E}) (Version: 1.6.0.0 - Electronic Arts)
FlatOut (HKLM-x32\...\{84BAD30E-07CD-496A-AC88-EE9C8DFE2327}_is1) (Version: 1.0 - US - ACTION, s.r.o.)
Free All-In-One Media Player (HKLM-x32\...\Free Media Player_is1) (Version: - Free Software Group)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GotClip Downloader (HKLM-x32\...\GotClip) (Version: - )
Handy Updater (HKLM-x32\...\HandyUpdater) (Version: - )
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.2202 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
InterVideo WinDVD 8 (HKLM-x32\...\InstallShield_{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}) (Version: 8.5.10.75 - InterVideo Inc.)
InterVideo WinDVD 8 (x32 Version: 8.5.10.75 - InterVideo Inc.) Hidden
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Kalydo Player 6.00.00 (HKU\S-1-5-21-828453966-2143245867-370889090-1000\...\KalydoPlayer) (Version: 6.00.00 - Eximion B.V.)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.9.1.129 - PandoraTV)
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.04 - Acer Inc.)
LG United Mobile Drivers (HKLM-x32\...\{5DB849D6-9392-4FB7-9ABB-87ED433152E5}) (Version: 3.8.1 - LG Electronics)
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Lync 2010 (HKLM\...\{AA256AE1-6B6A-48E6-9957-B38F92CA614B}) (Version: 4.0.7577.4446 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office XP Web Components (HKLM-x32\...\{90260405-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.5605.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 cs)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Need For Speed™ World (HKLM-x32\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.1599 - Electronic Arts)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.64 - )
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.628 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.628 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6630 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6630 - NewTech Infosystems) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.3.10.4710 - Electronic Arts, Inc.)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.3 - Frank Heindörfer, Philip Chinery)
Power Challenge Game Plugin (HKU\S-1-5-21-828453966-2143245867-370889090-1000\...\Power Loader) (Version: - )
Search App by Ask (HKLM-x32\...\{4B4D5056-372D-5350-00A7-A758B70C1500}) (Version: 12.21.0.3794 - APN, LLC) <==== ATTENTION
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Seznam Software (HKU\S-1-5-21-828453966-2143245867-370889090-1000\...\SeznamInstall) (Version: - Seznam.cz)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1164 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.6.0 - Synaptics Incorporated)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.18051 - TeamViewer)
Unity Web Player (HKU\S-1-5-21-828453966-2143245867-370889090-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
VideoDownloadConverter Toolbar Chrome Extension (HKLM-x32\...\VideoDownloadConverter_4z Chrome Extension Uninstall) (Version: - Mindspark Interactive Network) <==== ATTENTION
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.01.3002 - Acer Incorporated)
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9700 - Broadcom Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-828453966-2143245867-370889090-1000_Classes\CLSID\{F7D4B6AD-AB5F-4fe8-9469-3A4697E41129}\InprocServer32 -> C:\Users\Petr\AppData\Roaming\Kalydo\KalydoPlayer\bin2\kalydoplayer64.dll (Eximion B.V.)
CustomCLSID: HKU\S-1-5-21-828453966-2143245867-370889090-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Petr\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-828453966-2143245867-370889090-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Petr\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-828453966-2143245867-370889090-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Petr\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-828453966-2143245867-370889090-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Petr\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

==================== Restore Points =========================

09-12-2014 16:58:05 Windows Update
11-12-2014 17:01:31 Windows Update
14-12-2014 09:29:09 avast! antivirus system restore point
14-12-2014 09:48:13 Installed Java 7 Update 71
14-12-2014 18:35:40 Odebráno: AVG PC TuneUp 2014
14-12-2014 18:38:58 Odebráno: AVG PC TuneUp 2014 (cs-CZ)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {03528E13-9C7C-4427-9240-A99D863B12B8} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-828453966-2143245867-370889090-1000Core => C:\Users\Petr\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {0F99D526-BED5-45B5-9507-131908AED8AB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-14] (Adobe Systems Incorporated)
Task: {19B3B280-3B21-4322-A938-8B9BA10C4E75} - System32\Tasks\{4CA52677-1FCA-4AEB-A5C4-C7A9E5035BE9} => pcalua.exe -a E:\Directx\dxsetup.exe -d E:\
Task: {2173FBDE-CBEB-4880-B067-8B2934E35C66} - System32\Tasks\{24A375C6-239A-4A40-8E64-0D2190F47B07} => C:\Program Files (x86)\Electronic Arts\Need For Speed World\GameLauncher.exe [2013-08-13] (Electronic Arts Inc)
Task: {27E49016-9190-4163-9534-5A8518539196} - System32\Tasks\{F2B9C7A6-7EF9-481D-9504-0C32508237B7} => Firefox.exe http://ui.skype.com/ui/0/6.20.0.104/cs/ ... rogressBar
Task: {2977B076-935D-4021-ABFD-D929C0A68CB7} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-828453966-2143245867-370889090-1000UA => C:\Users\Petr\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {2E6A3F26-E601-47B2-B05C-0098F7C0AEFF} - System32\Tasks\{B035D47D-5F28-4F5B-BD71-A8EAC444C2CB} => pcalua.exe -a "C:\Program Files (x86)\Acer GameZone\Spin & Win\Uninstall.exe" -c "C:\Program Files (x86)\Acer GameZone\Spin & Win\install.log"
Task: {3C58A44D-030F-4813-9B0A-C913F4BCA23D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-14] (AVAST Software)
Task: {4C360C5B-9493-4E42-9FF5-6A86FBDBBC54} - System32\Tasks\{EE73B4C1-F26D-447F-ACF0-C39CAD7415A7} => pcalua.exe -a C:\Users\Petr\Downloads\powersetup.exe -d C:\Users\Petr\Downloads
Task: {653118BA-EEC7-4658-AEF0-9792D9DC7AB6} - System32\Tasks\{8953EBED-4348-45B8-B421-06F028964EB1} => pcalua.exe -a C:\Users\Petr\Downloads\Flash8-en.exe -d C:\Users\Petr\Downloads
Task: {65C43224-B74E-47B2-BA39-2315EA4D4C46} - System32\Tasks\{B0E37282-B221-4DB2-B2E7-14DEAC11BE85} => C:\Program Files (x86)\Electronic Arts\Need For Speed World\GameLauncher.exe [2013-08-13] (Electronic Arts Inc)
Task: {6F357B2F-5E62-40D2-AB81-018A34F1E917} - System32\Tasks\{10EC15E5-C510-4F97-8C92-8E346DCB777E} => pcalua.exe -a C:\Users\Petr\Downloads\Call-Of-Duty-2.exe -d C:\Users\Petr\Downloads
Task: {A3CC4FA0-CDF7-48B6-BC71-62DC2302C3DB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {A62BFE80-529C-494C-A88B-3D69A5F2BEE6} - System32\Tasks\SmartPCFix Task => C:\Program Files (x86)\SmartPCFix\SmartPCFix.exe <==== ATTENTION
Task: {C2BC44CE-8974-43D8-86A6-AA1080512A41} - System32\Tasks\{5C1B0A96-ED0B-4F80-810D-8C586F1F7E37} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{3E2E658F-0EA4-4530-A9E0-F295EF38CD40}\setup.exe" -d "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cenega\El Matador" -c -uninst
Task: {D236C813-09EB-4E77-8B77-EA0FE8967270} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {E22B29C2-16ED-4416-95BA-F9B932EA7304} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {E60F26E7-EA55-4AC3-9E94-C6E487FF0AAB} - System32\Tasks\{712E8471-BA73-4193-9A42-91C5CA3EFC78} => pcalua.exe -a "C:\Users\Petr\Desktop\cq\Command And Conquer - Tiberian Sun + Firestorm Expansion\setup.exe" -d "C:\Users\Petr\Desktop\cq\Command And Conquer - Tiberian Sun + Firestorm Expansion"
Task: {F0F3DDDF-81A7-4BF6-A4A8-4BA1423D72B8} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-828453966-2143245867-370889090-1000Core.job => C:\Users\Petr\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-828453966-2143245867-370889090-1000UA.job => C:\Users\Petr\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SmartPCFix Task.job => C:\Program Files (x86)\SmartPCFix\SmartPCFix.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2012-12-12 15:34 - 2005-03-12 01:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2011-06-16 23:55 - 2011-06-16 23:55 - 00206208 _____ () C:\Windows\PLFSetI.exe
2014-12-14 19:23 - 2014-12-14 19:23 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14121401\algo.dll
2014-12-14 10:35 - 2014-12-14 10:35 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-10-27 18:24 - 2014-10-27 18:24 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-12-14 10:25 - 2014-12-14 10:25 - 16843952 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:4D066AD2
AlternateDataStreams: C:\ProgramData\TEMP:798A3728
AlternateDataStreams: C:\ProgramData\TEMP:93DE1838
AlternateDataStreams: C:\ProgramData\TEMP:93EB7685
AlternateDataStreams: C:\ProgramData\TEMP:ABE89FFE
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
AlternateDataStreams: C:\ProgramData\TEMP:E1F04E8D
AlternateDataStreams: C:\ProgramData\TEMP:E36F5B57

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk => C:\Windows\pss\Acer VCM.lnk.CommonStartup
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: Facebook Update => "C:\Users\Petr\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
MSCONFIG\startupreg: OOTag => C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SSDMonitor => C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-828453966-2143245867-370889090-500 - Administrator - Disabled)
Guest (S-1-5-21-828453966-2143245867-370889090-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-828453966-2143245867-370889090-1002 - Limited - Enabled)
Petr (S-1-5-21-828453966-2143245867-370889090-1000 - Administrator - Enabled) => C:\Users\Petr

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (12/14/2014 09:17:54 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 na řádku C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/14/2014 09:17:54 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 na řádku C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/14/2014 08:49:47 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 na řádku C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/14/2014 04:55:00 PM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description: Nelze inicializovat hostitelský proces filtru. Probíhá ukončování.

Podrobnosti:
Daná operace se vrátila, protože vypršel časový limit. (HRESULT : 0x800705b4) (0x800705b4)

Error: (12/14/2014 04:32:56 PM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description: Nelze inicializovat hostitelský proces filtru. Probíhá ukončování.

Podrobnosti:
Daná operace se vrátila, protože vypršel časový limit. (HRESULT : 0x800705b4) (0x800705b4)

Error: (12/14/2014 01:16:43 PM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description: Nelze inicializovat hostitelský proces filtru. Probíhá ukončování.

Podrobnosti:
Daná operace se vrátila, protože vypršel časový limit. (HRESULT : 0x800705b4) (0x800705b4)

Error: (12/14/2014 00:32:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SUPERAntiSpyware.exe, verze: 6.0.0.1164, časové razítko: 0x5464ee04
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.18247, časové razítko: 0x521eaf24
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000c4102
ID chybujícího procesu: 0x750
Čas spuštění chybující aplikace: 0xSUPERAntiSpyware.exe0
Cesta k chybující aplikaci: SUPERAntiSpyware.exe1
Cesta k chybujícímu modulu: SUPERAntiSpyware.exe2
ID zprávy: SUPERAntiSpyware.exe3

Error: (12/14/2014 00:30:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program chrome.exe verze 39.0.2171.71 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 17b0

Čas spuštění: 01d0178f0a8d4592

Čas ukončení: 2741

Cesta k aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

ID hlášení: 666f6ab9-8384-11e4-9780-c80aa9a0f6cf

Error: (12/14/2014 11:52:37 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program RegCleanPro.exe verze 7.2.63.146 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 77c

Čas spuštění: 01d01787bb94838a

Čas ukončení: 7691

Cesta k aplikaci: C:\Program Files (x86)\RCP\RegCleanPro.exe

ID hlášení: 3071b4c8-837f-11e4-8539-c80aa9a0f6cf

Error: (12/13/2014 10:20:55 PM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description: Nelze inicializovat hostitelský proces filtru. Probíhá ukončování.

Podrobnosti:
Daná operace se vrátila, protože vypršel časový limit. (HRESULT : 0x800705b4) (0x800705b4)

System errors:
=============
Error: (12/14/2014 09:02:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NTI Backup Now 5 Scheduler Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/14/2014 09:02:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba COMODO Dragon Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/14/2014 09:02:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (12/14/2014 09:02:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Util neurowise byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (12/14/2014 09:02:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Update neurowise byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (12/14/2014 09:02:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Matrix Storage Event Monitor byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/14/2014 09:02:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Raw Socket Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/14/2014 09:02:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (12/14/2014 09:02:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/14/2014 09:02:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba SAS Core Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Microsoft Office Sessions:
=========================
Error: (12/14/2014 09:17:54 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Petr\Downloads\SoftonicDownloader_for_crashday.exe

Error: (12/14/2014 09:17:54 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Petr\Downloads\SoftonicDownloader_for_crashday (1).exe

Error: (12/14/2014 08:49:47 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Petr\Downloads\SoftonicDownloader_for_crashday (1).exe

Error: (12/14/2014 04:55:00 PM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description: Podrobnosti:
Daná operace se vrátila, protože vypršel časový limit. (HRESULT : 0x800705b4) (0x800705b4)

Error: (12/14/2014 04:32:56 PM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description: Podrobnosti:
Daná operace se vrátila, protože vypršel časový limit. (HRESULT : 0x800705b4) (0x800705b4)

Error: (12/14/2014 01:16:43 PM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description: Podrobnosti:
Daná operace se vrátila, protože vypršel časový limit. (HRESULT : 0x800705b4) (0x800705b4)

Error: (12/14/2014 00:32:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SUPERAntiSpyware.exe6.0.0.11645464ee04ntdll.dll6.1.7601.18247521eaf24c000037400000000000c410275001d0179193c3971bC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeC:\Windows\SYSTEM32\ntdll.dlle9dfc24c-8384-11e4-9780-c80aa9a0f6cf

Error: (12/14/2014 00:30:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe39.0.2171.7117b001d0178f0a8d45922741C:\Program Files (x86)\Google\Chrome\Application\chrome.exe666f6ab9-8384-11e4-9780-c80aa9a0f6cf

Error: (12/14/2014 11:52:37 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: RegCleanPro.exe7.2.63.14677c01d01787bb94838a7691C:\Program Files (x86)\RCP\RegCleanPro.exe3071b4c8-837f-11e4-8539-c80aa9a0f6cf

Error: (12/13/2014 10:20:55 PM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description: Podrobnosti:
Daná operace se vrátila, protože vypršel časový limit. (HRESULT : 0x800705b4) (0x800705b4)

==================== Memory info ===========================

Processor: Pentium(R) Dual-Core CPU T4500 @ 2.30GHz
Percentage of memory in use: 51%
Total physical RAM: 3000.93 MB
Available physical RAM: 1456.84 MB
Total Pagefile: 6000.04 MB
Available Pagefile: 4228.78 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:142 GB) (Free:48.92 GB) NTFS
Drive d: (DATA) (Fixed) (Total:142.32 GB) (Free:91.96 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 1372B2BB)
Partition 1: (Not Active) - (Size=13.7 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=142 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=142.3 GB) - (Type=07 NTFS)

==================== End Of Log ============================

#12 Příspěvek od **vyosek** » 15 pro 2014 13:50

Jeste dejte log FRST.txt

pe.mk · #13 Příspěvek od **pe.mk** » 15 pro 2014 14:07

FRST.txt zde :

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-12-2014 01
Ran by Petr (administrator) on PETR-PC on 15-12-2014 14:05:28
Running from C:\Users\Petr\Desktop
Loaded Profile: Petr (Available profiles: Petr)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
() C:\Windows\PLFSetI.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
(forum.viry.cz) C:\Users\Petr\Desktop\FRST-OlderVersion\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [503864 2009-07-20] (Conexant Systems, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-17] (Synaptics Incorporated)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [206208 2011-06-16] ()
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [818720 2010-02-26] (Acer Incorporated)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [825864 2009-09-24] (Dritek System Inc.)
HKLM-x32\...\Run: [Communicator] => C:\Program Files (x86)\Microsoft Lync\communicator.exe [12117312 2014-05-01] (Microsoft Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-14] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-828453966-2143245867-370889090-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-04-08] (Google Inc.)
HKU\S-1-5-21-828453966-2143245867-370889090-1000\...\Run: [EADM] => "C:\Users\Public\Desktop\petrs songs\Origin\Origin.exe" -AutoStart
HKU\S-1-5-21-828453966-2143245867-370889090-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7777560 2014-11-13] (SUPERAntiSpyware)
HKU\S-1-5-21-828453966-2143245867-370889090-1000\...\RunOnce: [Adobe Speed Launcher] => 1418589972
HKU\S-1-5-21-828453966-2143245867-370889090-1000\...\MountPoints2: F - F:\LGAutoRun.exe
HKU\S-1-5-21-828453966-2143245867-370889090-1000\...\MountPoints2: {9cc81783-f0f8-11e1-a6e1-506313b902a1} - F:\NokiaPCIA_Autorun.exe
HKU\S-1-5-21-828453966-2143245867-370889090-1000\...\MountPoints2: {ae2f43dc-5f7b-11e3-aaa9-c80aa9a0f6cf} - F:\LGAutoRun.exe
HKU\S-1-5-21-828453966-2143245867-370889090-1000\...\MountPoints2: {caa0c3a2-9dac-11e0-be3a-c80aa9a0f6cf} - F:\LaunchU3.exe -a
HKU\S-1-5-21-828453966-2143245867-370889090-1000\...\MountPoints2: {e935f3df-2949-11e1-b1ca-506313b902a1} - F:\NokiaPCIA_Autorun.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-828453966-2143245867-370889090-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKU\S-1-5-21-828453966-2143245867-370889090-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... lz=1I7ACAW
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-828453966-2143245867-370889090-1000 -> {097015F3-56E7-44EC-A27A-FD17980A8D13} URL = http://encyklopedie.seznam.cz/search?q= ... arch_16194
SearchScopes: HKU\S-1-5-21-828453966-2143245867-370889090-1000 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\S-1-5-21-828453966-2143245867-370889090-1000 -> {51D035AE-D3A9-4430-A7DF-510E9D96FB47} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKU\S-1-5-21-828453966-2143245867-370889090-1000 -> {5B1F2441-B6EA-4B4E-9EEB-BDAD7DBB0822} URL = http://www.novinky.cz/hledej?w={searchT ... arch_16194
SearchScopes: HKU\S-1-5-21-828453966-2143245867-370889090-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... AW_csCZ437
SearchScopes: HKU\S-1-5-21-828453966-2143245867-370889090-1000 -> {7F997DF0-83CD-4019-89E5-2F47A1073986} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKU\S-1-5-21-828453966-2143245867-370889090-1000 -> {A77F6658-F82F-4C93-A0C6-1DC0C309277F} URL = http://search.seznam.cz/?q={searchTerms ... arch_16194
SearchScopes: HKU\S-1-5-21-828453966-2143245867-370889090-1000 -> {B14113AA-5D2F-436D-AEFC-064393826186} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_16194
SearchScopes: HKU\S-1-5-21-828453966-2143245867-370889090-1000 -> {D5A95F16-9253-4A2D-AD27-43DB2B32EF1D} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_16194
SearchScopes: HKU\S-1-5-21-828453966-2143245867-370889090-1000 -> {F18A0669-5333-4CEB-B416-CBF5FA9314AE} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
SearchScopes: HKU\S-1-5-21-828453966-2143245867-370889090-1000 -> {F77C9014-486B-4E4A-9CB4-29B688ED3D01} URL = http://www.mapy.cz/?query={searchTerms} ... arch_16194
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name -> {11111111-1111-1111-1111-110311531182} -> No File
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Lync\OCHelper.dll (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-828453966-2143245867-370889090-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: HKLM-x32 {8CE763DA-0B0F-42E2-8634-91AE02F5AAF8} http://dfserv7/Eso9Supp.net/LIB/CAB/Eso9Client6.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.150 194.228.41.65

FireFox:
========
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\ck34kafi.default
FF NewTab:
FF DefaultSearchEngine: Seznam
FF DefaultSearchUrl: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Seznam
FF SelectedSearchEngine: Seznam
FF Homepage: https://www.seznam.cz/?clid=22668
FF Keyword.URL:
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1212152.dll (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-828453966-2143245867-370889090-1000: @eximion.com/KalydoPlayer -> C:\Users\Petr\AppData\Roaming\Kalydo\KalydoPlayer\bin2\npkalydo.dll (Eximion B.V.)
FF Plugin HKU\S-1-5-21-828453966-2143245867-370889090-1000: @powerchallenge.com/PowerLoader -> C:\Users\Petr\AppData\LocalLow\POWERC~1\nppowerloader.dll (Power Challenge Sweden AB)
FF Plugin HKU\S-1-5-21-828453966-2143245867-370889090-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Petr\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin HKU\S-1-5-21-828453966-2143245867-370889090-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Petr\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\ck34kafi.default\searchplugins\seznam-avast.xml
FF Extension: neurowise 1.0.1 - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\ck34kafi.default\Extensions\{29b62904-40dc-4708-b289-42f25c697022}.xpi [2014-12-08]
FF HKLM-x32\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha422.net] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha422\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@VideoPlayerV3beta583.net] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta583\ff
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-28]

Chrome:
=======
CHR HomePage: Default -> https://www.google.cz/
CHR StartupUrls: Default -> "https://www.google.cz/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-28]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-28]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-16]
CHR Extension: (Vyhledávání Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-16]
CHR Extension: (Avast Online Security) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-28]
CHR Extension: (Peněženka Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-16]
CHR HKLM-x32\...\Chrome\Extension: [adldappccjhelkmbkpiibilgnnjakieg] - C:\Program Files (x86)\VideoDownloadConverter_4z Chrome Extension\bar\VideoDownloadConvert@mindspark.com.gen1 [2013-11-11]
CHR HKLM-x32\...\Chrome\Extension: [bikgopnjkdkacjcldjgbonccfdibbafc] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha422\ch\WebexpEnhancedV1alpha422.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-14]
CHR HKLM-x32\...\Chrome\Extension: [lehjccfcaoclaappdkbikflppliikhil] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta583\ch\VideoPlayerV3beta583.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-14] (AVAST Software)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2139328 2014-05-27] (Comodo Security Solutions, Inc.)
S3 Origin Client Service; C:\Users\Petr\Desktop\petrs songs\petrs songs\Origin\OriginClientService.exe [1900400 2014-11-28] (Electronic Arts)
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-14] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-14] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-14] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-14] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-14] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-14] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-14] ()
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 RSUSBSTOR; System32\Drivers\RtsUStor.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-15 14:05 - 2014-12-15 14:05 - 00021214 _____ () C:\Users\Petr\Desktop\FRST.txt
2014-12-15 14:05 - 2014-12-15 14:05 - 00000000 ____D () C:\Users\Petr\Desktop\FRST-OlderVersion
2014-12-14 22:35 - 2014-12-15 14:05 - 00000000 ____D () C:\FRST
2014-12-14 22:34 - 2014-12-15 14:05 - 02119168 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2014-12-14 22:33 - 2014-12-14 22:34 - 02119680 _____ (Farbar) C:\Users\Petr\Downloads\FRST64.exe
2014-12-14 22:15 - 2014-12-14 22:15 - 00000000 ____D () C:\Users\Petr\Documents\Fax
2014-12-14 22:12 - 2014-12-14 22:12 - 00112640 _____ (forum.viry.cz) C:\Users\Petr\Downloads\FRSTLauncher.exe
2014-12-14 21:58 - 2014-12-14 21:58 - 04134156 _____ () C:\Users\Petr\Downloads\zoek.zip
2014-12-14 21:55 - 2014-12-14 21:55 - 00000000 ____D () C:\zoek_backup
2014-12-14 21:55 - 2014-12-14 21:50 - 01295360 _____ () C:\Users\Petr\Desktop\zoek.exe
2014-12-14 21:54 - 2014-12-14 21:55 - 01295360 _____ () C:\Users\Petr\Downloads\zoek(1).exe
2014-12-14 21:16 - 2014-12-14 21:50 - 01295360 _____ () C:\Users\Petr\Downloads\zoek.exe
2014-12-14 20:57 - 2014-12-14 21:02 - 00000000 ____D () C:\AdwCleaner
2014-12-14 20:50 - 2014-12-14 20:46 - 02166272 _____ () C:\Users\Petr\Desktop\adwcleaner_4.105.exe
2014-12-14 20:46 - 2014-12-14 20:46 - 02166272 _____ () C:\Users\Petr\Downloads\adwcleaner_4.105.exe
2014-12-14 19:51 - 2014-12-14 19:51 - 00000000 ____D () C:\rsit
2014-12-14 19:51 - 2014-12-14 19:51 - 00000000 ____D () C:\Program Files (x86)\trend micro
2014-12-14 19:49 - 2014-12-14 19:49 - 01107968 _____ () C:\Users\Petr\Downloads\RSIT.exe
2014-12-14 12:25 - 2014-12-14 12:25 - 05162080 _____ (Piriform Ltd) C:\Users\Petr\Downloads\ccsetup500.exe
2014-12-14 10:51 - 2014-12-14 10:51 - 00000000 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_71-b14.log
2014-12-14 10:36 - 2014-12-14 10:36 - 00001928 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-12-14 10:36 - 2014-12-14 10:35 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-12-14 10:35 - 2014-12-14 10:35 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-12-12 19:49 - 2014-12-12 19:49 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\SUPERAntiSpyware.com
2014-12-12 19:48 - 2014-12-15 13:50 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-12-12 19:48 - 2014-12-12 19:48 - 00001772 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-12-12 19:48 - 2014-12-12 19:48 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-12-12 19:48 - 2014-12-12 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-12-12 19:47 - 2014-12-12 19:47 - 20688552 _____ (SUPERAntiSpyware) C:\Users\Petr\Downloads\SUPERAntiSpyware.exe
2014-12-11 18:16 - 2014-12-11 18:16 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-11 18:04 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-11 18:04 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-11 17:42 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-11 17:42 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-11 17:38 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-11 17:38 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-11 17:38 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-11 17:38 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-11 17:38 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-11 17:38 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-11 17:38 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-11 17:38 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-11 17:38 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-11 17:38 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-11 17:38 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-11 17:38 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-11 17:38 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-11 17:38 - 2014-11-22 03:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-11 17:38 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-11 17:38 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-11 17:38 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-11 17:38 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-11 17:38 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-11 17:38 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-11 17:38 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-11 17:38 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-11 17:38 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-11 17:38 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-11 17:38 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-11 17:38 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-11 17:38 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-11 17:38 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-11 17:38 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-11 17:38 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-11 17:38 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-11 17:38 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-11 17:38 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-11 17:38 - 2014-11-22 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-11 17:38 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-11 17:38 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-11 17:38 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-11 17:38 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-11 17:38 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-11 17:38 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-11 17:38 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-11 17:38 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-11 17:38 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-11 17:38 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-11 17:38 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-11 17:38 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-11 17:38 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-11 17:38 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-11 17:38 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-11 17:38 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-11 17:38 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-11 17:38 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-11 17:38 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-11 17:38 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-11 17:38 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-11 17:38 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-11 17:36 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-11 17:36 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-11 17:36 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-11 17:36 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-11 17:36 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-11 17:36 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-11 17:36 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-11 17:36 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-11 17:36 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-11 17:36 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-11 17:36 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-11 17:36 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-11 17:36 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-11 17:36 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-11 17:36 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-11 17:36 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-11 17:36 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-11 17:36 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-11 17:36 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-11 17:36 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-11 17:36 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-11 17:36 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-11 17:36 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-09 17:52 - 2014-12-09 18:15 - 413430756 _____ () C:\Users\Petr\Downloads\NHL-14.rar.crdownload
2014-12-03 16:10 - 2014-12-03 16:11 - 00000000 ____D () C:\Windows\474DFABFE55B4905ABAA40791A6AC77F.TMP
2014-11-26 20:25 - 2014-11-26 20:25 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\TechSmith
2014-11-26 20:22 - 2014-11-26 20:22 - 00000000 ____D () C:\Users\Petr\Documents\Camtasia Studio
2014-11-26 20:22 - 2014-11-26 20:22 - 00000000 ____D () C:\Users\Petr\AppData\Local\TechSmith
2014-11-26 20:20 - 2014-11-26 20:20 - 00000000 ____D () C:\ProgramData\regid.1995-08.com.techsmith
2014-11-26 20:20 - 2014-11-26 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2014-11-26 20:20 - 2014-11-26 20:20 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-11-26 20:19 - 2014-11-26 20:19 - 00000000 ____D () C:\ProgramData\TechSmith
2014-11-26 20:19 - 2014-11-26 20:19 - 00000000 ____D () C:\Program Files (x86)\TechSmith
2014-11-25 16:04 - 2014-11-25 16:05 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2014-11-25 16:04 - 2014-11-25 16:04 - 01700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll
2014-11-25 16:04 - 2014-11-25 16:04 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2014-11-25 15:29 - 2014-11-25 16:07 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2014-11-25 15:26 - 2014-11-25 16:03 - 00000000 ____D () C:\Counter-Strike 1.6
2014-11-25 15:19 - 2014-11-25 15:23 - 283746791 _____ () C:\Users\Petr\Downloads\Counter-Strike-1.6-Kotelna-CZ.zip
2014-11-25 14:45 - 2014-11-25 14:45 - 02372536 _____ (Safe Download Ltd. ) C:\Users\Petr\Downloads\RegistryExpert_02d5f79034a0430f9b71474925846956_.exe
2014-11-22 15:14 - 2014-11-22 15:14 - 00722983 _____ () C:\Windows\Counter-Strike 1.6 Standalone Uninstaller.exe
2014-11-22 15:14 - 2014-11-22 15:14 - 00002122 _____ () C:\Users\Petr\Desktop\Counter-Strike 1.6 Standalone.lnk
2014-11-22 15:14 - 2014-11-22 15:14 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6 Standalone
2014-11-22 15:13 - 2014-11-22 15:13 - 00000000 ____D () C:\Program Files (x86)\Counter-Strike 1.6 Standalone
2014-11-22 15:08 - 2014-11-22 15:11 - 345524205 _____ () C:\Users\Petr\Downloads\counter-strike-1-6-non-steam_1.6standalone.exe
2014-11-22 14:28 - 2014-11-22 14:28 - 00618824 _____ () C:\Windows\Minidump\112214-21902-01.dmp
2014-11-22 14:17 - 2014-11-22 14:28 - 497190926 _____ () C:\Windows\MEMORY.DMP
2014-11-22 14:17 - 2014-11-22 14:28 - 00000000 ____D () C:\Windows\Minidump
2014-11-22 14:17 - 2014-11-22 14:17 - 00618608 _____ () C:\Windows\Minidump\112214-21387-01.dmp
2014-11-21 23:05 - 2014-11-21 23:05 - 04708944 _____ (Gaijin Entertainment ) C:\Users\Petr\Downloads\wt_launcher_1.0.1.465 (2).exe
2014-11-21 22:52 - 2014-11-21 22:52 - 04708944 _____ (Gaijin Entertainment ) C:\Users\Petr\Downloads\wt_launcher_1.0.1.465 (1).exe
2014-11-21 22:04 - 2014-11-22 20:00 - 00000000 ____D () C:\Program Files (x86)\WarThunder
2014-11-21 22:04 - 2014-11-21 22:04 - 00000000 ____D () C:\Users\Petr\Documents\My Games
2014-11-21 22:03 - 2014-11-21 22:03 - 04708944 _____ (Gaijin Entertainment ) C:\Users\Petr\Downloads\wt_launcher_1.0.1.465.exe
2014-11-19 12:20 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 12:20 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 12:20 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 12:20 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-19 04:31 - 2014-11-19 04:31 - 01217192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FM20.DLL
2014-11-16 21:11 - 2014-11-16 21:11 - 00000000 __SHD () C:\Users\Petr\AppData\Local\EmieBrowserModeList

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-15 13:18 - 2011-06-25 12:38 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-15 13:15 - 2014-01-09 10:07 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-15 11:29 - 2012-03-09 20:19 - 00000978 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-828453966-2143245867-370889090-1000UA.job
2014-12-15 06:41 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-15 06:41 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-15 05:59 - 2013-08-06 06:50 - 01938835 _____ () C:\Windows\WindowsUpdate.log
2014-12-15 05:50 - 2014-01-09 10:05 - 00078912 _____ () C:\Windows\setupact.log
2014-12-14 23:29 - 2012-03-09 20:19 - 00000956 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-828453966-2143245867-370889090-1000Core.job
2014-12-14 22:11 - 2014-10-27 18:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-14 21:44 - 2013-04-25 14:28 - 00000374 _____ () C:\Windows\Tasks\SmartPCFix Task.job
2014-12-14 21:44 - 2011-06-25 12:38 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-14 21:44 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-14 21:03 - 2014-01-28 15:42 - 00153794 _____ () C:\Windows\PFRO.log
2014-12-14 21:02 - 2014-10-12 18:18 - 00000000 ____D () C:\Program Files (x86)\neurowise
2014-12-14 21:02 - 2009-07-14 03:34 - 00000580 _____ () C:\Windows\win.ini
2014-12-14 20:23 - 2014-01-28 15:20 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-14 12:39 - 2014-03-04 20:47 - 00000000 ____D () C:\Users\Petr\AppData\Local\CrashDumps
2014-12-14 10:51 - 2014-02-16 11:42 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-14 10:39 - 2014-01-28 15:19 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-12-14 10:35 - 2014-04-24 12:06 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-12-14 10:35 - 2014-01-28 15:19 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-12-14 10:35 - 2014-01-28 15:19 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-12-14 10:35 - 2014-01-28 15:19 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-12-14 10:35 - 2014-01-28 15:19 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-12-14 10:35 - 2014-01-28 15:19 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-12-14 10:35 - 2014-01-28 15:19 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-12-14 10:25 - 2014-01-09 10:07 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-14 10:25 - 2012-05-05 09:40 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-14 10:25 - 2011-07-14 19:10 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-14 10:25 - 2010-04-08 16:16 - 00000000 ____D () C:\ProgramData\McAfee
2014-12-14 10:23 - 2012-02-13 15:26 - 00000000 ____D () C:\Users\Petr\AppData\Local\Adobe
2014-12-11 20:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-11 18:16 - 2014-05-08 15:32 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-11 18:16 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-11 18:16 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-11 18:14 - 2010-04-08 16:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-11 18:12 - 2013-08-06 12:26 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-11 18:07 - 2013-04-08 13:13 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-09 17:47 - 2013-08-07 09:51 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-09 17:41 - 2009-07-14 06:08 - 00032560 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-04 08:41 - 2011-07-27 21:19 - 00000000 ____D () C:\Users\Petr\Desktop\moje songy
2014-12-02 17:59 - 2012-05-03 18:39 - 00000000 ____D () C:\Users\Petr\Desktop\petrs songs
2014-12-02 17:50 - 2011-06-23 16:29 - 00000000 ____D () C:\Users\Petr\Desktop\mix. fotky
2014-11-30 08:35 - 2011-07-13 21:23 - 00000952 ___SH () C:\ProgramData\KGyGaAvL.sys
2014-11-30 08:32 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-11-28 22:42 - 2014-07-27 21:59 - 00000000 ____D () C:\The KMPlayer
2014-11-28 20:26 - 2014-10-29 15:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 12
2014-11-28 20:24 - 2014-06-25 18:11 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Origin
2014-11-28 20:24 - 2014-06-25 18:10 - 00000000 ____D () C:\ProgramData\Origin
2014-11-25 19:40 - 2011-08-08 19:01 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Skype
2014-11-25 14:10 - 2014-03-14 21:19 - 00001139 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-11-25 14:10 - 2014-03-14 21:19 - 00001139 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-11-24 19:27 - 2014-10-10 17:47 - 00000000 ____D () C:\Users\Petr\Documents\GTA San Andreas User Files
2014-11-24 19:26 - 2011-06-17 00:34 - 00669132 _____ () C:\Windows\system32\perfh005.dat
2014-11-24 19:26 - 2011-06-17 00:34 - 00141760 _____ () C:\Windows\system32\perfc005.dat
2014-11-24 19:26 - 2009-07-14 06:13 - 01584626 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-22 20:01 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-11-21 22:40 - 2012-04-09 11:49 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-11-20 18:13 - 2014-10-29 15:24 - 00000000 ____D () C:\Users\Petr\Documents\FIFA 12
2014-11-15 16:13 - 2011-06-25 12:38 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-15 16:13 - 2011-06-25 12:38 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

Files to move or delete:
====================
C:\ProgramData\xlfeodvvpputbostkjn.reg

Some content of TEMP:
====================
C:\Users\Petr\AppData\Local\Temp\BackupSetup.exe
C:\Users\Petr\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpy3cg3e.dll
C:\Users\Petr\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Petr\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Petr\AppData\Local\Temp\dsrsetup.exe
C:\Users\Petr\AppData\Local\Temp\installerdll2271343.dll
C:\Users\Petr\AppData\Local\Temp\installerdll2526186.dll
C:\Users\Petr\AppData\Local\Temp\installerdll2972614.dll
C:\Users\Petr\AppData\Local\Temp\installerdll3016263.dll
C:\Users\Petr\AppData\Local\Temp\installerdll4752336.dll
C:\Users\Petr\AppData\Local\Temp\installerdll4877074.dll
C:\Users\Petr\AppData\Local\Temp\installerdll5046023.dll
C:\Users\Petr\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Petr\AppData\Local\Temp\KMP_3.9.0.127.exe
C:\Users\Petr\AppData\Local\Temp\KMP_3.9.1.129.exe
C:\Users\Petr\AppData\Local\Temp\ochelper.exe
C:\Users\Petr\AppData\Local\Temp\Quarantine.exe
C:\Users\Petr\AppData\Local\Temp\res.dll
C:\Users\Petr\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Petr\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Petr\AppData\Local\Temp\SimBundD.exe
C:\Users\Petr\AppData\Local\Temp\SimBundD[1].exe
C:\Users\Petr\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Petr\AppData\Local\Temp\SkypeUpdateSetup.exe
C:\Users\Petr\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-12-15 00:36

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (Acer) (Fixed) (Total:142 GB) (Free:51.61 GB) NTFS
Drive d: (DATA) (Fixed) (Total:142.32 GB) (Free:91.96 GB) NTFS

Available physical RAM: 1606.21 MB
Total physical RAM: 3000.93 MB
Percentage of memory in use: 46%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 1372B2BB)
Partition 1: (Not Active) - (Size=13.7 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=142 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=142.3 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-828453966-2143245867-370889090-1000Core.job => C:\Users\Petr\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-828453966-2143245867-370889090-1000UA.job => C:\Users\Petr\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SmartPCFix Task.job => C:\Program Files (x86)\SmartPCFix\SmartPCFix.exe <==== ATTENTION

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\TEMP:4D066AD2
AlternateDataStreams: C:\ProgramData\TEMP:798A3728
AlternateDataStreams: C:\ProgramData\TEMP:93DE1838
AlternateDataStreams: C:\ProgramData\TEMP:93EB7685
AlternateDataStreams: C:\ProgramData\TEMP:ABE89FFE
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
AlternateDataStreams: C:\ProgramData\TEMP:E1F04E8D
AlternateDataStreams: C:\ProgramData\TEMP:E36F5B57

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Petr\Desktop" je 14485 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync
"C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update
"C:\Users\Petr\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NortonOnlineBackupReminder
"C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OOTag
C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSDMonitor
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk
C:\PROGRA~2\Acer\ACERVC~1\AcerVCM.exe

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#14 Příspěvek od **vyosek** » 15 pro 2014 15:09

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
CloseProcesses:

HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-828453966-2143245867-370889090-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-04-08] (Google Inc.)
HKU\S-1-5-21-828453966-2143245867-370889090-1000\...\Run: [EADM] => "C:\Users\Public\Desktop\petrs songs\Origin\Origin.exe" -AutoStart
HKU\S-1-5-21-828453966-2143245867-370889090-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7777560 2014-11-13] (SUPERAntiSpyware)
HKU\S-1-5-21-828453966-2143245867-370889090-1000\...\RunOnce: [Adobe Speed Launcher] => 1418589972
HKU\S-1-5-21-828453966-2143245867-370889090-1000\...\MountPoints2: F - F:\LGAutoRun.exe
HKU\S-1-5-21-828453966-2143245867-370889090-1000\...\MountPoints2: {9cc81783-f0f8-11e1-a6e1-506313b902a1} - F:\NokiaPCIA_Autorun.exe
HKU\S-1-5-21-828453966-2143245867-370889090-1000\...\MountPoints2: {ae2f43dc-5f7b-11e3-aaa9-c80aa9a0f6cf} - F:\LGAutoRun.exe
HKU\S-1-5-21-828453966-2143245867-370889090-1000\...\MountPoints2: {caa0c3a2-9dac-11e0-be3a-c80aa9a0f6cf} - F:\LaunchU3.exe -a
HKU\S-1-5-21-828453966-2143245867-370889090-1000\...\MountPoints2: {e935f3df-2949-11e1-b1ca-506313b902a1} - F:\NokiaPCIA_Autorun.exe
BootExecute: autocheck autochk * sdnclean64.exe

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
archScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO-x32: No Name -> {11111111-1111-1111-1111-110311531182} -> No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File

FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Extension: neurowise 1.0.1 - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\ck34kafi.default\Extensions\{29b62904-40dc-4708-b289-42f25c697022}.xpi [2014-12-08]
FF HKLM-x32\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha422.net] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha422\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@VideoPlayerV3beta583.net] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta583\ff

CHR HKLM-x32\...\Chrome\Extension: [adldappccjhelkmbkpiibilgnnjakieg] - C:\Program Files (x86)\VideoDownloadConverter_4z Chrome Extension\bar\VideoDownloadConvert@mindspark.com.gen1 [2013-11-11]
CHR HKLM-x32\...\Chrome\Extension: [bikgopnjkdkacjcldjgbonccfdibbafc] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha422\ch\WebexpEnhancedV1alpha422.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [lehjccfcaoclaappdkbikflppliikhil] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta583\ch\VideoPlayerV3beta583.crx [Not Found]

S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 RSUSBSTOR; System32\Drivers\RtsUStor.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

2014-12-15 14:05 - 2014-12-15 14:05 - 00021214 _____ () C:\Users\Petr\Desktop\FRST.txt
2014-12-15 14:05 - 2014-12-15 14:05 - 00000000 ____D () C:\Users\Petr\Desktop\FRST-OlderVersion
2014-12-14 22:12 - 2014-12-14 22:12 - 00112640 _____ (forum.viry.cz) C:\Users\Petr\Downloads\FRSTLauncher.exe
2014-12-14 21:58 - 2014-12-14 21:58 - 04134156 _____ () C:\Users\Petr\Downloads\zoek.zip
2014-12-14 21:55 - 2014-12-14 21:55 - 00000000 ____D () C:\zoek_backup
2014-12-14 21:55 - 2014-12-14 21:50 - 01295360 _____ () C:\Users\Petr\Desktop\zoek.exe
2014-12-14 21:54 - 2014-12-14 21:55 - 01295360 _____ () C:\Users\Petr\Downloads\zoek(1).exe
2014-12-14 21:16 - 2014-12-14 21:50 - 01295360 _____ () C:\Users\Petr\Downloads\zoek.exe
2014-12-14 20:57 - 2014-12-14 21:02 - 00000000 ____D () C:\AdwCleaner
2014-12-14 20:50 - 2014-12-14 20:46 - 02166272 _____ () C:\Users\Petr\Desktop\adwcleaner_4.105.exe
2014-12-14 20:46 - 2014-12-14 20:46 - 02166272 _____ () C:\Users\Petr\Downloads\adwcleaner_4.105.exe
2014-12-14 19:51 - 2014-12-14 19:51 - 00000000 ____D () C:\rsit
2014-12-14 19:51 - 2014-12-14 19:51 - 00000000 ____D () C:\Program Files (x86)\trend micro
2014-12-14 19:49 - 2014-12-14 19:49 - 01107968 _____ () C:\Users\Petr\Downloads\RSIT.exe
2014-12-14 12:25 - 2014-12-14 12:25 - 05162080 _____ (Piriform Ltd) C:\Users\Petr\Downloads\ccsetup500.exe
2014-12-14 10:51 - 2014-12-14 10:51 - 00000000 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_71-b14.log
C:\ProgramData\xlfeodvvpputbostkjn.reg
C:\Program Files (x86)\SmartPCFix

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-828453966-2143245867-370889090-1000Core.job => C:\Users\Petr\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-828453966-2143245867-370889090-1000UA.job => C:\Users\Petr\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SmartPCFix Task.job => C:\Program Files (x86)\SmartPCFix\SmartPCFix.exe <==== ATTENTION

AlternateDataStreams: C:\ProgramData\TEMP:4D066AD2
AlternateDataStreams: C:\ProgramData\TEMP:798A3728
AlternateDataStreams: C:\ProgramData\TEMP:93DE1838
AlternateDataStreams: C:\ProgramData\TEMP:93EB7685
AlternateDataStreams: C:\ProgramData\TEMP:ABE89FFE
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
AlternateDataStreams: C:\ProgramData\TEMP:E1F04E8D
AlternateDataStreams: C:\ProgramData\TEMP:E36F5B57

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NortonOnlineBackupReminder" /f

Hosts:
EmptyTemp:
Reboot:
End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

pe.mk · #15 Příspěvek od **pe.mk** » 15 pro 2014 15:39

Fixlog.txt zde :

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-12-2014 01
Ran by Petr at 2014-12-15 15:33:05 Run:1
Running from C:\Users\Petr\Desktop
Loaded Profile: Petr (Available profiles: Petr)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:

HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-828453966-2143245867-370889090-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-04-08] (Google Inc.)
HKU\S-1-5-21-828453966-2143245867-370889090-1000\...\Run: [EADM] => "C:\Users\Public\Desktop\petrs songs\Origin\Origin.exe" -AutoStart
HKU\S-1-5-21-828453966-2143245867-370889090-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7777560 2014-11-13] (SUPERAntiSpyware)
HKU\S-1-5-21-828453966-2143245867-370889090-1000\...\RunOnce: [Adobe Speed Launcher] => 1418589972
HKU\S-1-5-21-828453966-2143245867-370889090-1000\...\MountPoints2: F - F:\LGAutoRun.exe
HKU\S-1-5-21-828453966-2143245867-370889090-1000\...\MountPoints2: {9cc81783-f0f8-11e1-a6e1-506313b902a1} - F:\NokiaPCIA_Autorun.exe
HKU\S-1-5-21-828453966-2143245867-370889090-1000\...\MountPoints2: {ae2f43dc-5f7b-11e3-aaa9-c80aa9a0f6cf} - F:\LGAutoRun.exe
HKU\S-1-5-21-828453966-2143245867-370889090-1000\...\MountPoints2: {caa0c3a2-9dac-11e0-be3a-c80aa9a0f6cf} - F:\LaunchU3.exe -a
HKU\S-1-5-21-828453966-2143245867-370889090-1000\...\MountPoints2: {e935f3df-2949-11e1-b1ca-506313b902a1} - F:\NokiaPCIA_Autorun.exe
BootExecute: autocheck autochk * sdnclean64.exe

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
archScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: No Name -> {11111111-1111-1111-1111-110311531182} -> No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File

FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Extension: neurowise 1.0.1 - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\ck34kafi.default\Extensions\{29b62904-40dc-4708-b289-42f25c697022}.xpi [2014-12-08]
FF HKLM-x32\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha422.net] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha422\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@VideoPlayerV3beta583.net] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta583\ff

CHR HKLM-x32\...\Chrome\Extension: [adldappccjhelkmbkpiibilgnnjakieg] - C:\Program Files (x86)\VideoDownloadConverter_4z Chrome Extension\bar\VideoDownloadConvert@mindspark.com.gen1 [2013-11-11]
CHR HKLM-x32\...\Chrome\Extension: [bikgopnjkdkacjcldjgbonccfdibbafc] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha422\ch\WebexpEnhancedV1alpha422.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [lehjccfcaoclaappdkbikflppliikhil] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta583\ch\VideoPlayerV3beta583.crx [Not Found]

S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 RSUSBSTOR; System32\Drivers\RtsUStor.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

2014-12-15 14:05 - 2014-12-15 14:05 - 00021214 _____ () C:\Users\Petr\Desktop\FRST.txt
2014-12-15 14:05 - 2014-12-15 14:05 - 00000000 ____D () C:\Users\Petr\Desktop\FRST-OlderVersion
2014-12-14 22:12 - 2014-12-14 22:12 - 00112640 _____ (forum.viry.cz) C:\Users\Petr\Downloads\FRSTLauncher.exe
2014-12-14 21:58 - 2014-12-14 21:58 - 04134156 _____ () C:\Users\Petr\Downloads\zoek.zip
2014-12-14 21:55 - 2014-12-14 21:55 - 00000000 ____D () C:\zoek_backup
2014-12-14 21:55 - 2014-12-14 21:50 - 01295360 _____ () C:\Users\Petr\Desktop\zoek.exe
2014-12-14 21:54 - 2014-12-14 21:55 - 01295360 _____ () C:\Users\Petr\Downloads\zoek(1).exe
2014-12-14 21:16 - 2014-12-14 21:50 - 01295360 _____ () C:\Users\Petr\Downloads\zoek.exe
2014-12-14 20:57 - 2014-12-14 21:02 - 00000000 ____D () C:\AdwCleaner
2014-12-14 20:50 - 2014-12-14 20:46 - 02166272 _____ () C:\Users\Petr\Desktop\adwcleaner_4.105.exe
2014-12-14 20:46 - 2014-12-14 20:46 - 02166272 _____ () C:\Users\Petr\Downloads\adwcleaner_4.105.exe
2014-12-14 19:51 - 2014-12-14 19:51 - 00000000 ____D () C:\rsit
2014-12-14 19:51 - 2014-12-14 19:51 - 00000000 ____D () C:\Program Files (x86)\trend micro
2014-12-14 19:49 - 2014-12-14 19:49 - 01107968 _____ () C:\Users\Petr\Downloads\RSIT.exe
2014-12-14 12:25 - 2014-12-14 12:25 - 05162080 _____ (Piriform Ltd) C:\Users\Petr\Downloads\ccsetup500.exe
2014-12-14 10:51 - 2014-12-14 10:51 - 00000000 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_71-b14.log
C:\ProgramData\xlfeodvvpputbostkjn.reg
C:\Program Files (x86)\SmartPCFix

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-828453966-2143245867-370889090-1000Core.job => C:\Users\Petr\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-828453966-2143245867-370889090-1000UA.job => C:\Users\Petr\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SmartPCFix Task.job => C:\Program Files (x86)\SmartPCFix\SmartPCFix.exe <==== ATTENTION

AlternateDataStreams: C:\ProgramData\TEMP:4D066AD2
AlternateDataStreams: C:\ProgramData\TEMP:798A3728
AlternateDataStreams: C:\ProgramData\TEMP:93DE1838
AlternateDataStreams: C:\ProgramData\TEMP:93EB7685
AlternateDataStreams: C:\ProgramData\TEMP:ABE89FFE
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
AlternateDataStreams: C:\ProgramData\TEMP:E1F04E8D
AlternateDataStreams: C:\ProgramData\TEMP:E36F5B57

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NortonOnlineBackupReminder" /f

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\BCSSync => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value deleted successfully.
HKU\S-1-5-21-828453966-2143245867-370889090-1000\Software\Microsoft\Windows\CurrentVersion\Run\\swg => value deleted successfully.
HKU\S-1-5-21-828453966-2143245867-370889090-1000\Software\Microsoft\Windows\CurrentVersion\Run\\EADM => value deleted successfully.
HKU\S-1-5-21-828453966-2143245867-370889090-1000\Software\Microsoft\Windows\CurrentVersion\Run\\SUPERAntiSpyware => value deleted successfully.
HKU\S-1-5-21-828453966-2143245867-370889090-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Adobe Speed Launcher => value deleted successfully.
"HKU\S-1-5-21-828453966-2143245867-370889090-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-828453966-2143245867-370889090-1000" => Key not found.
"HKU\S-1-5-21-828453966-2143245867-370889090-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9cc81783-f0f8-11e1-a6e1-506313b902a1}" => Key deleted successfully.
"HKCR\CLSID\{9cc81783-f0f8-11e1-a6e1-506313b902a1}" => Key not found.
"HKU\S-1-5-21-828453966-2143245867-370889090-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ae2f43dc-5f7b-11e3-aaa9-c80aa9a0f6cf}" => Key deleted successfully.
"HKCR\CLSID\{ae2f43dc-5f7b-11e3-aaa9-c80aa9a0f6cf}" => Key not found.
"HKU\S-1-5-21-828453966-2143245867-370889090-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{caa0c3a2-9dac-11e0-be3a-c80aa9a0f6cf}" => Key deleted successfully.
"HKCR\CLSID\{caa0c3a2-9dac-11e0-be3a-c80aa9a0f6cf}" => Key not found.
"HKU\S-1-5-21-828453966-2143245867-370889090-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e935f3df-2949-11e1-b1ca-506313b902a1}" => Key deleted successfully.
"HKCR\CLSID\{e935f3df-2949-11e1-b1ca-506313b902a1}" => Key not found.
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
archScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = => Error: No automatic fix found for this entry.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311531182}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{11111111-1111-1111-1111-110311531182}" => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully.
"HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => Key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\ck34kafi.default\Extensions\{29b62904-40dc-4708-b289-42f25c697022}.xpi => Moved successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ext@WebexpEnhancedV1alpha422.net => value deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\ext@VideoPlayerV3beta583.net => value deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\adldappccjhelkmbkpiibilgnnjakieg" => Key deleted successfully.
C:\Program Files (x86)\VideoDownloadConverter_4z Chrome Extension\bar\VideoDownloadConvert@mindspark.com.gen1 => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bikgopnjkdkacjcldjgbonccfdibbafc" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lehjccfcaoclaappdkbikflppliikhil" => Key deleted successfully.
EagleX64 => Service deleted successfully.
RSUSBSTOR => Service deleted successfully.
RtsUIR => Service deleted successfully.
USBCCID => Service deleted successfully.
C:\Users\Petr\Desktop\FRST.txt => Moved successfully.
C:\Users\Petr\Desktop\FRST-OlderVersion => Moved successfully.
C:\Users\Petr\Downloads\FRSTLauncher.exe => Moved successfully.
C:\Users\Petr\Downloads\zoek.zip => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Petr\Desktop\zoek.exe => Moved successfully.
C:\Users\Petr\Downloads\zoek(1).exe => Moved successfully.
C:\Users\Petr\Downloads\zoek.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Petr\Desktop\adwcleaner_4.105.exe => Moved successfully.
C:\Users\Petr\Downloads\adwcleaner_4.105.exe => Moved successfully.
C:\rsit => Moved successfully.
C:\Program Files (x86)\trend micro => Moved successfully.
C:\Users\Petr\Downloads\RSIT.exe => Moved successfully.
C:\Users\Petr\Downloads\ccsetup500.exe => Moved successfully.
C:\Windows\SysWOW64\jupdate-1.7.0_71-b14.log => Moved successfully.
C:\ProgramData\xlfeodvvpputbostkjn.reg => Moved successfully.
"C:\Program Files (x86)\SmartPCFix" => File/Directory not found.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-828453966-2143245867-370889090-1000Core.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-828453966-2143245867-370889090-1000UA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\SmartPCFix Task.job => Moved successfully.
C:\ProgramData\TEMP => ":4D066AD2" ADS removed successfully.
C:\ProgramData\TEMP => ":798A3728" ADS removed successfully.
C:\ProgramData\TEMP => ":93DE1838" ADS removed successfully.
C:\ProgramData\TEMP => ":93EB7685" ADS removed successfully.
C:\ProgramData\TEMP => ":ABE89FFE" ADS removed successfully.
C:\ProgramData\TEMP => ":D1B5B4F1" ADS removed successfully.
C:\ProgramData\TEMP => ":E1F04E8D" ADS removed successfully.
C:\ProgramData\TEMP => ":E36F5B57" ADS removed successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NortonOnlineBackupReminder" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 1.2 GB temporary data.

The system needed a reboot.

==== End of Fixlog ====

VIRY.CZ

Malware v PC ?

Malware v PC ?

Re: Malware v PC ?

Re: Malware v PC ?

Re: Malware v PC ?

Re: Malware v PC ?

Re: Malware v PC ?

Re: Malware v PC ?

Re: Malware v PC ?

Re: Malware v PC ?

Re: Malware v PC ?

Re: Malware v PC ?

Re: Malware v PC ?

Re: Malware v PC ?

Re: Malware v PC ?

Re: Malware v PC ?