VIRY.CZ

Dobrý den přeji.
Počítač mé ženy je už nějaký MOC líný. Hraje tam dost ty online hry a tak bude systém asi velice "zanesený".
Odinstaloval jsem co se dalo.
Chtěl bych odebrat i Media Center, ale nevím jak na to.
Prosím o kontrolu logu a o pomoc při vyčištění.
Děkuji.
KEMA.

---------------------------------------------------------------------------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by Danuška at 2014-12-22 14:36:33
Microsoft Windows 8 Pro with Media Center
System drive C: has 22 GB (17%) free of 131 GB
Total RAM: 4095 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:36:38, on 22. 12. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17183)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Danuška.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13415
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WinToFlash Suggestor - {FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Internet Speed Tracker EPM Support] "C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\9tmedint.exe" T8EPMSUP.DLL,S
O4 - HKCU\..\Run: [Raptr] C:\Program Files (x86)\Raptr\raptrstub.exe --startup
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Danuška\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Danuška\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: WinToFlash Suggestor - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll
O9 - Extra 'Tools' menuitem: WinToFlash Suggestor options - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{A9E0D0A8-0BB9-418E-A769-85AD4CE81CD3}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{D3EB5B15-635A-45FF-A99A-4C41211F9607}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AllShare Framework DMS - Samsung - C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung Link Service - Copyright 2013 SAMSUNG - D:\Samsung Link\Samsung Link.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - Unknown owner - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7357 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"dwm.exe"
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe"
\??\C:\Windows\system32\conhost.exe 0x4
taskhostex.exe
C:\Windows\Explorer.EXE
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
dashost.exe {e322be91-687c-4bdb-b62def1f7389be48}
"D:\Samsung Link\Samsung Link.exe"
"D:\Samsung Link\Samsung Link.exe" "Samsung Link Service" __i4j_restart
C:\Windows\slsvc.exe
C:\Windows\PersonalizeEnabler.exe
"C:\Program Files\Windows Defender\MsMpEng.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"D:\Samsung Link\Samsung Link Tray Agent.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"

"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "http://forum.viry.cz/viewtopic.php?f=13&t=130786"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 552 556 564 65536 560
"C:\Users\Danuška\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe gE8jjmGamGojsfksfvembG5+q6nGeQEto1u6YQJeFhd928fGtajvmUC1lkTsMddlxFqNn4UWh4uxdeyFzAs+OYE45b3lFapjhzCKnVZRUSoVmKTw== ed Tracker Plugin
"Path"=C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\NP9tStub.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.246 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll


C:\Users\Danuška\AppData\Roaming\Mozilla\Firefox\Profiles\u5rq627b.default\extensions\
9tffxtbr@InternetSpeedTracker_9t.com
{ea614400-e918-4741-9a97-7a972ff7c30b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD}]
WinToFlash Suggestor - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll [2012-04-09 301872]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Samsung Link"=D:\Samsung Link\Samsung Link Tray Agent.exe [2014-12-16 607584]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Raptr"=C:\Program Files (x86)\Raptr\raptrstub.exe [2014-02-18 55360]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"cz.seznam.software.autoupdate"=C:\Users\Danuška\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Danuška\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-08-27 22041192]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-02-23 767200]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-02-21 152392]
"Internet Speed Tracker EPM Support"=C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\9tmedint.exe [2014-07-25 12872]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\chrome.exe]
"Debugger=""C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-12-22 14:36:33 ----D---- C:\rsit
2014-12-22 14:36:33 ----D---- C:\Program Files\trend micro
2014-12-22 10:00:45 ----ASH---- C:\pagefile.sys
2014-12-21 12:21:47 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-12-21 11:01:54 ----D---- C:\Upload
2014-12-21 11:01:24 ----D---- C:\Program Files\Samsung
2014-12-21 11:01:16 ----D---- C:\Users\Danuška\AppData\Roaming\SAMSUNG
2014-12-21 11:01:15 ----D---- C:\ProgramData\SAMSUNG
2014-12-17 06:15:32 ----A---- C:\Windows\system32\AutoUpdate.exe
2014-12-17 06:15:31 ----A---- C:\Windows\system32\NotificationUI.exe
2014-12-11 06:13:41 ----A---- C:\Windows\system32\Windows.UI.Immersive.dll
2014-12-11 06:13:37 ----A---- C:\Windows\system32\twinui.dll
2014-12-11 06:13:33 ----A---- C:\Windows\system32\slwga.dll
2014-12-11 06:13:29 ----A---- C:\Windows\system32\slmgr.vbs
2014-12-11 06:13:24 ----A---- C:\Windows\system32\shell32.dll
2014-12-11 06:13:20 ----A---- C:\Windows\system32\GenuineCenter.dll
2014-12-11 06:13:16 ----A---- C:\Windows\system32\ActionCenterCPL.dll
2014-12-11 06:10:31 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-12-10 06:10:38 ----A---- C:\Windows\SYSWOW64\vsstrace.dll
2014-12-10 06:10:38 ----A---- C:\Windows\system32\vsstrace.dll
2014-12-10 06:10:37 ----A---- C:\Windows\SYSWOW64\vssapi.dll
2014-12-10 06:10:37 ----A---- C:\Windows\system32\VSSVC.exe
2014-12-10 06:10:37 ----A---- C:\Windows\system32\vssapi.dll
2014-12-10 05:59:13 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-12-10 05:59:13 ----A---- C:\Windows\system32\srmclient.dll
2014-12-10 05:59:13 ----A---- C:\Windows\system32\mfmpeg2srcsnk.dll
2014-12-10 05:59:12 ----A---- C:\Windows\SYSWOW64\srmclient.dll
2014-12-10 05:59:12 ----A---- C:\Windows\SYSWOW64\mfmpeg2srcsnk.dll
2014-12-10 05:59:12 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2014-12-10 05:59:12 ----A---- C:\Windows\system32\srmscan.dll
2014-12-10 05:59:12 ----A---- C:\Windows\system32\dnsapi.dll
2014-12-10 05:59:11 ----A---- C:\Windows\SYSWOW64\srmscan.dll
2014-12-10 05:59:11 ----A---- C:\Windows\SYSWOW64\srm.dll
2014-12-10 05:59:11 ----A---- C:\Windows\SYSWOW64\adrclient.dll
2014-12-10 05:59:11 ----A---- C:\Windows\system32\srm.dll
2014-12-10 05:59:11 ----A---- C:\Windows\system32\dnsrslvr.dll
2014-12-10 05:59:11 ----A---- C:\Windows\system32\adrclient.dll
2014-12-10 05:58:55 ----A---- C:\Windows\system32\mshtml.dll
2014-12-10 05:58:50 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-12-10 05:58:48 ----A---- C:\Windows\system32\ieframe.dll
2014-12-10 05:58:47 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-12-10 05:58:47 ----A---- C:\Windows\system32\iertutil.dll
2014-12-10 05:58:46 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-12-10 05:58:46 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-12-10 05:58:46 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-12-10 05:58:46 ----A---- C:\Windows\system32\wininet.dll
2014-12-10 05:58:46 ----A---- C:\Windows\system32\urlmon.dll
2014-12-10 05:58:46 ----A---- C:\Windows\system32\msfeeds.dll
2014-12-10 05:58:45 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-12-10 05:58:45 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-12-10 05:58:45 ----A---- C:\Windows\SYSWOW64\jscript.dll
2014-12-10 05:58:45 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2014-12-10 05:58:45 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-12-10 05:58:45 ----A---- C:\Windows\system32\uxtheme.dll
2014-12-10 05:58:45 ----A---- C:\Windows\system32\jscript9.dll
2014-12-10 05:58:45 ----A---- C:\Windows\system32\jscript.dll
2014-12-10 05:58:45 ----A---- C:\Windows\system32\iesysprep.dll
2014-12-10 05:58:45 ----A---- C:\Windows\system32\iedkcs32.dll
2014-12-10 05:58:44 ----A---- C:\Windows\SYSWOW64\UXInit.dll
2014-12-10 05:58:44 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-12-10 05:58:44 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-12-10 05:58:44 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-12-10 05:58:44 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-12-10 05:58:44 ----A---- C:\Windows\system32\UXInit.dll
2014-12-10 05:58:44 ----A---- C:\Windows\system32\msrating.dll
2014-12-10 05:58:44 ----A---- C:\Windows\system32\mshtmled.dll
2014-12-10 05:58:44 ----A---- C:\Windows\system32\iernonce.dll
2014-12-10 05:58:44 ----A---- C:\Windows\system32\ie4uinit.exe
2014-12-10 05:58:44 ----A---- C:\Windows\system32\dxtrans.dll
2014-12-10 05:58:43 ----A---- C:\Windows\SYSWOW64\uxtheme.dll
2014-12-10 05:58:43 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-12-10 05:58:43 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-12-10 05:58:43 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-12-10 05:58:43 ----A---- C:\Windows\system32\jsproxy.dll
2014-12-10 05:58:43 ----A---- C:\Windows\system32\iesetup.dll
2014-12-10 05:58:43 ----A---- C:\Windows\system32\dxtmsft.dll
2014-12-10 05:58:41 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-12-10 05:58:40 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-12-10 05:57:47 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2014-12-10 05:57:47 ----A---- C:\Windows\system32\crypt32.dll
2014-12-09 19:03:02 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe

======List of files/folders modified in the last 1 month======

2014-12-22 14:36:33 ----RD---- C:\Program Files
2014-12-22 14:36:21 ----D---- C:\Windows\Prefetch
2014-12-22 14:33:41 ----D---- C:\Users\Danuška\AppData\Roaming\Skype
2014-12-22 14:31:01 ----D---- C:\Windows\Temp
2014-12-22 14:24:54 ----RD---- C:\Program Files (x86)
2014-12-22 14:00:00 ----D---- C:\Windows\system32\sru
2014-12-22 10:06:47 ----D---- C:\Users\Danuška\AppData\Roaming\Seznam.cz
2014-12-22 10:00:32 ----D---- C:\Windows
2014-12-22 09:58:44 ----D---- C:\Users\Danuška\AppData\Roaming\vlc
2014-12-22 09:44:15 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-22 09:10:16 ----D---- C:\Windows\Tasks
2014-12-22 09:10:16 ----D---- C:\Windows\system32\Tasks
2014-12-22 09:10:16 ----D---- C:\Program Files (x86)\Google
2014-12-22 06:23:22 ----D---- C:\Windows\Microsoft.NET
2014-12-21 11:03:44 ----D---- C:\Windows\system32\config
2014-12-21 11:01:52 ----SHD---- C:\Windows\Installer
2014-12-21 11:01:42 ----D---- C:\Windows\WinSxS
2014-12-21 11:01:32 ----D---- C:\Windows\SysWOW64
2014-12-21 11:01:29 ----RD---- C:\Windows\System32
2014-12-21 11:01:15 ----HD---- C:\ProgramData
2014-12-21 09:06:08 ----D---- C:\Windows\Inf
2014-12-21 09:06:08 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-12-20 18:22:45 ----D---- C:\Windows\SoftwareDistribution
2014-12-20 15:54:01 ----D---- C:\Windows\debug
2014-12-20 15:09:16 ----D---- C:\Windows\Minidump
2014-12-20 14:21:34 ----D---- C:\Program Files (x86)\FastShare
2014-12-20 07:29:17 ----SHD---- C:\System Volume Information
2014-12-19 15:14:39 ----D---- C:\Windows\system32\catroot2
2014-12-17 18:09:16 ----D---- C:\Program Files (x86)\Opera
2014-12-17 06:13:24 ----D---- C:\Windows\CbsTemp
2014-12-13 10:55:58 ----D---- C:\Windows\AUInstallAgent
2014-12-13 10:55:52 ----HD---- C:\Program Files\WindowsApps
2014-12-11 18:12:59 ----D---- C:\Windows\rescache
2014-12-11 06:13:14 ----D---- C:\Windows\system32\cs-CZ
2014-12-11 06:07:46 ----RD---- C:\Windows\ToastData
2014-12-11 06:07:43 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-11 06:07:41 ----D---- C:\Program Files\Internet Explorer
2014-12-11 06:07:40 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-12-10 06:13:21 ----D---- C:\Windows\system32\MRT
2014-12-10 06:11:24 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 dtsoftbus01;@oem4.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\Windows\System32\drivers\dtsoftbus01.sys [2014-03-15 283064]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-02-24 13929472]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2014-02-24 636928]
R3 AtiHDAudioService;@oem3.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW86.sys [2013-12-19 215040]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 RTL8168;@oem7.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2013-06-21 816344]
S0 amdkmafd;@oem1.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\Windows\System32\drivers\amdkmafd.sys [2012-09-23 21160]
S3 b57nd60a;@netb57va.inf,%SvcDispName%;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60a.sys [2012-06-02 425472]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys []
S3 WUDFWpdFs;WUDFWpdFs; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 198656]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AllShare Framework DMS;AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [2013-12-21 404360]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2014-02-24 240128]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-02-12 43336]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 Samsung Link Service;Samsung Link Service; D:\Samsung Link\Samsung Link.exe [2014-12-16 616288]
R2 slsvc;Software Licensing Service; C:\Windows\slsvc.exe [2012-09-25 10240]
S2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09 267440]
S3 ehRecvr;@%SystemRoot%\ehome\ehrecvr.exe,-101; C:\Windows\ehome\ehRecvr.exe [2012-07-26 663552]
S3 ehSched;@%SystemRoot%\ehome\ehsched.exe,-101; C:\Windows\ehome\ehsched.exe [2012-07-26 125440]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-06 43616]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-02-21 641352]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-12-21 114800]
S4 Mcx2Svc;@%SystemRoot%\ehome\ehres.dll,-15501; C:\Windows\system32\svchost.exe [2012-09-20 29696]

-----------------EOF-----------------

Zdravím!
Spusťte nejprve tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Povedlo se

Posílám log:

---------------------
# AdwCleaner v4.106 - Report created 22/12/2014 at 17:55:35
# Updated 21/12/2014 by Xplode
# Database : 2014-12-21.4 [Live]
# Operating System : Windows 8 Pro with Media Center (64 bits)
# Username : Danuška - DANA
# Running from : C:\Users\Danuška\Downloads\adwcleaner_4.106.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\InternetSpeedTracker_9t
Folder Deleted : C:\Program Files (x86)\WinToFlash Suggestor
Folder Deleted : C:\Users\Danuška\AppData\Local\InternetSpeedTracker_9t
Folder Deleted : C:\Users\Danuška\AppData\LocalLow\InternetSpeedTracker_9t
Folder Deleted : C:\Users\Danuška\AppData\Roaming\Mozilla\Firefox\Profiles\u5rq627b.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Folder Deleted : C:\Users\Danuška\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Folder Deleted : C:\Users\Danuška\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbeihidkikgdcoogkeoeconphggdhop

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\acaoakiamfeidcmgooclgeleejkbaecf
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Key Deleted : HKLM\SOFTWARE\Classes\AppID\SMBarBroker.EXE
Key Deleted : HKLM\SOFTWARE\Classes\SMBarBroker.SMBarDealer
Key Deleted : HKLM\SOFTWARE\Classes\SMBarBroker.SMBarDealer.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Internet Speed Tracker EPM Support]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3A188115-B81B-48F2-A958-F974C8F3F309}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{43769158-3B03-4932-8D8A-8F0F344BF024}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FC36B0BD-27F0-4CDD-8AB1-50651EFC3EFD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78CE34FD-F6D4-4866-B79C-A37268D06A04}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{80904944-C726-4C7D-A452-3FFF2A882095}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555335560}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566336660}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2D9B1B31-D034-4738-8F6E-40F0AFCC742C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC36B0BD-27F0-4CDD-8AB1-50651EFC3EFD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC36B0BD-27F0-4CDD-8AB1-50651EFC3EFD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC36B0BD-27F0-4CDD-8AB1-50651EFC3EFD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{78CE34FD-F6D4-4866-B79C-A37268D06A04}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{80904944-C726-4C7D-A452-3FFF2A882095}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555335560}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566336660}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Pokki
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\WinToFlash Suggestor
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinToFlash Suggestor
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.17183


-\\ Mozilla Firefox v34.0.5 (x86 cs)

[u5rq627b.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9tMembers_.BUTTON_STRUCTURE", "[{\"b\":221351975,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":221351976,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]
[u5rq627b.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9tMembers_.browser.version.last", "34.0");
[u5rq627b.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9tMembers_.firstKnownVersion", "6.58.4.18165");
[u5rq627b.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9tMembers_.homepage", "hxxp://home.tb.ask.com/index.jhtml?ptb=70F25572-BFA0-4602-82E4-717978042059&n=780c4ebe&p2=^BBQ^man000^YYA^");
[u5rq627b.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9tMembers_.hp.user.defined", true);
[u5rq627b.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9tMembers_.initialized", true);
[u5rq627b.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9tMembers_.installKeysSource", "File");
[u5rq627b.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9tMembers_.installation.contextKey", "");
[u5rq627b.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9tMembers_.installation.installDate", "2014072510");
[u5rq627b.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9tMembers_.installation.partnerId", "^BBQ^man000^YYA^");
[u5rq627b.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9tMembers_.installation.partnerSubId", "");
[u5rq627b.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9tMembers_.installation.success", true);
[u5rq627b.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9tMembers_.installation.toolbarId", "70F25572-BFA0-4602-82E4-717978042059");
[u5rq627b.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9tMembers_.isCompliantUninstallImplementation", true);
[u5rq627b.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9tMembers_.lastActivePing", "1419259857009");
[u5rq627b.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9tMembers_.lastKnownVersion", "6.83.5.42135");
[u5rq627b.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9tMembers_.options.defaultSearch", false);
[u5rq627b.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9tMembers_.options.homePageEnabled", false);
[u5rq627b.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9tMembers_.options.keywordEnabled", false);
[u5rq627b.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9tMembers_.options.tabEnabled", false);
[u5rq627b.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9tMembers_.searchHistory", "aktualizace");
[u5rq627b.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9tMembers_.successUrl", "hxxp://internetspeedtracker.dl.tb.ask.com/installComplete.jhtml");
[u5rq627b.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9tMembers_.toolbarCollapsed", false);
[u5rq627b.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9tMembers_.weather.location", "10001");
[u5rq627b.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "internetspeedtracker@mindspark.com");

-\\ Google Chrome v

[C:\Users\Danuška\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZNxpt437YYCZ&ptb=HIIMWg1K8TayN8q_vRjWJg&ind=2011061607&ptnrS=ZNxpt437YYCZ&si=67129&n=77de5d67&psa=&st=sb&searchfor={searchTerms}
[C:\Users\Danuška\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZNxpt437YYCZ&ptb=HIIMWg1K8TayN8q_vRjWJg&ind=2011061607&ptnrS=ZNxpt437YYCZ&si=67129&n=77de5d67&psa=&st=sb&searchfor={searchTerms}
[C:\Users\Danuška\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystart.com/results.php??pr=vmn&id= ... earchTerms}
[C:\Users\Danuška\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : lifbcibllhkdhoafpjfnlhfpfgnpldfl
[C:\Users\Danuška\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : cgbeihidkikgdcoogkeoeconphggdhop

-\\ Opera v26.0.1656.60

[C:\Users\Danuška\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZNxpt437YYCZ&ptb=HIIMWg1K8TayN8q_vRjWJg&ind=2011061607&ptnrS=ZNxpt437YYCZ&si=67129&n=77de5d67&psa=&st=sb&searchfor={searchTerms}
[C:\Users\Danuška\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZNxpt437YYCZ&ptb=HIIMWg1K8TayN8q_vRjWJg&ind=2011061607&ptnrS=ZNxpt437YYCZ&si=67129&n=77de5d67&psa=&st=sb&searchfor={searchTerms}
[C:\Users\Danuška\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystart.com/results.php??pr=vmn&id= ... earchTerms}
[C:\Users\Danuška\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : aaipilfmheplbcghignccoiiebekkdhe
[C:\Users\Danuška\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : elchiiiejkobdbblfejjkbphbddgmljf
[C:\Users\Danuška\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : ffhfoagmjcnkolneahbpagjcjjaeofbg
[C:\Users\Danuška\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : hjghiofiijcepdnocbgefbdlbckjfheg
[C:\Users\Danuška\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : iklgpchfbohgmghgfagediakopecfmbm
[C:\Users\Danuška\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : kfgaibfbmkjgmimhbbaikfnpkkjkpoan
[C:\Users\Danuška\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : lmnbobhffedhdhfpcjkjphcfpeeiocdn
[C:\Users\Danuška\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : kjpifmjicccpbkfjdkehimhgklfkbanh
[C:\Users\Danuška\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : hoidflomjnnnbiemmkjdjkkialmhbago
[C:\Users\Danuška\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : ekpibplnnkfdcafdpoekhoffegcajene
[C:\Users\Danuška\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : ipljmghelflfikejmgkmlmpjmehfjodc
[C:\Users\Danuška\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : ejddjnilmdncjilbfjgameihlklfpohp
[C:\Users\Danuška\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : eagomcfjiefffhpaejnlpjccikpipdoe

*************************

AdwCleaner[R0].txt - [10570 octets] - [22/12/2014 17:54:39]
AdwCleaner[S0].txt - [11490 octets] - [22/12/2014 17:55:35]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11551 octets] ##########

Dejte nový log FRST.

Zde to je:

--------------------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by Danuška at 2014-12-22 18:25:55
Microsoft Windows 8 Pro with Media Center
System drive C: has 21 GB (16%) free of 131 GB
Total RAM: 4095 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:25:57, on 22. 12. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17183)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera_crashreporter.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files\trend micro\Danuška.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13415
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Raptr] C:\Program Files (x86)\Raptr\raptrstub.exe --startup
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Danuška\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Danuška\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: WinToFlash Suggestor - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - (no file)
O9 - Extra 'Tools' menuitem: WinToFlash Suggestor options - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{A9E0D0A8-0BB9-418E-A769-85AD4CE81CD3}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{D3EB5B15-635A-45FF-A99A-4C41211F9607}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AllShare Framework DMS - Samsung - C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung Link Service - Copyright 2013 SAMSUNG - D:\Samsung Link\Samsung Link.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - Unknown owner - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7620 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
"dwm.exe"
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe"
\??\C:\Windows\system32\conhost.exe 0x4
taskhostex.exe
C:\Windows\Explorer.EXE
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
dashost.exe {e8e6cda5-cd7f-4772-8f1cd3d2128aeeba}
"D:\Samsung Link\Samsung Link.exe"
"D:\Samsung Link\Samsung Link.exe" "Samsung Link Service" __i4j_restart
C:\Windows\slsvc.exe
C:\Windows\PersonalizeEnabler.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Windows Defender\MsMpEng.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"D:\Samsung Link\Samsung Link Tray Agent.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\Windows NT\Accessories\WORDPAD.EXE" "C:\AdwCleaner\AdwCleaner[S0].txt"

"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --ran-launcher
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --ran-launcher /crash-reporter-parent-id=4692
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=gpu-process --channel="4692.0.1084505286\1540621526" --enable-proprietary-media-types-playback --crash-reporter-pid=4696 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,17,39 --gpu-vendor-id=0x1002 --gpu-device-id=0x6758 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=13.350.1005.0 --enable-proprietary-media-types-playback --crash-reporter-pid=4696 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_240.dll" --ppapi-flash-version=16.0.0.240 --with-feature:enhanced-autofill --crash-reporter-pid=4696 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4692.3.1762530946\750360425" /prefetch:673131151
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_240.dll" --ppapi-flash-version=16.0.0.240 --with-feature:enhanced-autofill --crash-reporter-pid=4696 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4692.5.1852804170\468189650" /prefetch:673131151
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_240.dll" --ppapi-flash-version=16.0.0.240 --with-feature:enhanced-autofill --crash-reporter-pid=4696 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4692.6.967687513\1816932477" /prefetch:673131151
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_240.dll" --ppapi-flash-version=16.0.0.240 --with-feature:enhanced-autofill --crash-reporter-pid=4696 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4692.7.324161031\321717313" /prefetch:673131151
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_240.dll" --ppapi-flash-version=16.0.0.240 --with-feature:enhanced-autofill --crash-reporter-pid=4696 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4692.9.779981518\931914941" /prefetch:673131151
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_240.dll" --ppapi-flash-version=16.0.0.240 --with-feature:enhanced-autofill --crash-reporter-pid=4696 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4692.10.466770422\563508070" /prefetch:673131151
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_240.dll" --ppapi-flash-version=16.0.0.240 --with-feature:enhanced-autofill --crash-reporter-pid=4696 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4692.11.230417472\865478148" /prefetch:673131151
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_240.dll" --ppapi-flash-version=16.0.0.240 --with-feature:enhanced-autofill --crash-reporter-pid=4696 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4692.12.564346015\1863034474" /prefetch:673131151
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_240.dll" --ppapi-flash-version=16.0.0.240 --with-feature:enhanced-autofill --crash-reporter-pid=4696 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4692.13.1741824001\1084743376" /prefetch:673131151
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_240.dll" --ppapi-flash-version=16.0.0.240 --with-feature:enhanced-autofill --crash-reporter-pid=4696 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4692.14.1247341543\944709935" /prefetch:673131151
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_240.dll" --ppapi-flash-version=16.0.0.240 --with-feature:enhanced-autofill --crash-reporter-pid=4696 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4692.15.1579641269\113985289" /prefetch:673131151
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_240.dll" --ppapi-flash-version=16.0.0.240 --with-feature:enhanced-autofill --crash-reporter-pid=4696 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4692.16.1997855624\645137835" /prefetch:673131151
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=ppapi --channel="4692.18.1683892184\1192539283" --ppapi-flash-args --lang=cs --enable-proprietary-media-types-playback --crash-reporter-pid=4696 --ignored=" --type=renderer " /prefetch:-632637702
C:\Windows\system32\msiexec.exe /V
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 556 560 568 65536 564
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-136166f7-26bc-4a31-98a7-115d34474bee -SystemEventPortName:HostProcess-99557a94-1165-42d6-b53c-d86740a4638f -IoCancelEventPortName:HostProcess-f38eda7a-1dbb-4157-9a33-e6f918c39f2c -NonStateChangingEventPortName:HostProcess-63b824ae-fdf8-474e-a938-12a1684216c5 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:0d07fa59-b528-4d81-8361-e91f6bafb2ca -DeviceGroupId:WpdFsGroup
"C:\Users\Danuška\Downloads\RSITx64(1).exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe xbR3+qN13SnXZLKKeaeAQD37hI/jqvRcJTckxFGG1IkpgHPth2mrOWQbk4us8OviwhexAGErA2jenpk3tK/PT9pNWwe/1jK3aCPESOlEDnpxbV95IRYDApFe8xZkp8N3cO1OXM8GfbAXgXQlF/FFiXD/KyCUcjvCPv0rKbv3pfOn9ba+QrdXsefvvSP/6phz9j3mpTHOZl9VV0UZj7DzETdglpQk+gwtFY1kRAixOi3lKISDKk1RdNc9dna8t0OaxHsUdulcshl2RV5n/AASt+W7MEyCjTM8XXe8Nv/L2N8ygAKjIf73/BK0INVBnOx3U0aw7jAS0ImcRf5mh2hv6zAubYce9cdWuQePQxycar8yfn4r7Z2G+WMbVXH3A635sP4IuucJaRgWMD6JtPO4UlV3cJRReUc+M2QihHato3f/3Chq05nIjaO1oqKUEIQZZwMx7nScqFHTpvHM7IcCFNOfE9nVe30Xrdbd/+CrVFlUbxt0nbcIdBfrqugpRVSfNLCF4KmrH5Wi7FP31mAb2PzbU8h7I7DSGya0eEPhRmiN1KoYf9SB3CVzOvftl4JjWkvMhCd8VK/30L6meNul6PfTs20+ktOLVT/zvNFp792xhAVmhsGBTO1bZg+oeBYswKDYHOiCy0liKgogc0Qiysxr0zGYe/vWDiun6xSTtxmhlGsmIpVLKcCgkAHh7J7vkSih5kgyOZvMUHa0VT3I+ncIi0DHZcJY1QVMHg3MBlNYUUE5WlFyFYdciwqRvvCQ6aKxWn03+9ApIbv3IrSHWWBIw7zXYR3UNcTf+DvKB735+jWjarnMZrNZcJheytP5hCKvWahXEzDjJcPVjOXILWJLkkC/yvyGHOp0SBQC2Tk/tbFpNtyu2figvf5PFYURD6y3vRh9lPQF5c6hbvinLE6VZlGKs3EztvqaTPJJVYVClS0pq/L4LbH26uHqB7z345SX3y7fYVgn7b777PEfnoHm5u+BztsgE8jjmGamGojsfksfvembG5+q6nGeQEto1u6YQJeFhd928fGtajvmUC1lkTsMddlxFqNn4UWh4uxdeyFzAs+OYE45b3lFapjhzCKnVZRUSoVmKTw== in=http://update.srvstatsdata.com /updaterversion=2 /monetizationdomain=http://stats.mstatsserv.com /autoupdateulr='http://update.srvstatsdata.com/updater_ ... pdate.json' /runfrom='task' /externallog='' --D---- C:\AdwCleaner
2014-12-22 15:47:32 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-12-22 15:47:31 ----A---- C:\Windows\system32\services.exe
2014-12-22 15:47:31 ----A---- C:\Windows\system32\localspl.dll
2014-12-22 15:47:30 ----A---- C:\Windows\system32\win32spl.dll
2014-12-22 15:47:30 ----A---- C:\Windows\system32\drivers\vhdmp.sys
2014-12-22 15:47:21 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2014-12-22 15:47:21 ----A---- C:\Windows\system32\wucltux.dll
2014-12-22 15:47:21 ----A---- C:\Windows\system32\wuaueng.dll
2014-12-22 15:47:21 ----A---- C:\Windows\system32\wuauclt.exe
2014-12-22 15:47:20 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2014-12-22 15:47:20 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2014-12-22 15:47:20 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2014-12-22 15:47:20 ----A---- C:\Windows\system32\wuwebv.dll
2014-12-22 15:47:20 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2014-12-22 15:47:20 ----A---- C:\Windows\system32\wudriver.dll
2014-12-22 15:47:20 ----A---- C:\Windows\system32\wuapp.exe
2014-12-22 15:47:20 ----A---- C:\Windows\system32\wuapi.dll
2014-12-22 15:47:20 ----A---- C:\Windows\system32\storewuauth.dll
2014-12-22 14:36:33 ----D---- C:\rsit
2014-12-22 14:36:33 ----D---- C:\Program Files\trend micro
2014-12-22 10:00:45 ----ASH---- C:\pagefile.sys
2014-12-21 12:21:47 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-12-21 11:01:54 ----D---- C:\Upload
2014-12-21 11:01:24 ----D---- C:\Program Files\Samsung
2014-12-21 11:01:16 ----D---- C:\Users\Danuška\AppData\Roaming\SAMSUNG
2014-12-21 11:01:15 ----D---- C:\ProgramData\SAMSUNG
2014-12-17 06:15:32 ----A---- C:\Windows\system32\AutoUpdate.exe
2014-12-17 06:15:31 ----A---- C:\Windows\system32\NotificationUI.exe
2014-12-11 06:13:41 ----A---- C:\Windows\system32\Windows.UI.Immersive.dll
2014-12-11 06:13:37 ----A---- C:\Windows\system32\twinui.dll
2014-12-11 06:13:33 ----A---- C:\Windows\system32\slwga.dll
2014-12-11 06:13:29 ----A---- C:\Windows\system32\slmgr.vbs
2014-12-11 06:13:24 ----A---- C:\Windows\system32\shell32.dll
2014-12-11 06:13:20 ----A---- C:\Windows\system32\GenuineCenter.dll
2014-12-11 06:13:16 ----A---- C:\Windows\system32\ActionCenterCPL.dll
2014-12-11 06:10:31 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-12-10 06:10:38 ----A---- C:\Windows\SYSWOW64\vsstrace.dll
2014-12-10 06:10:38 ----A---- C:\Windows\system32\vsstrace.dll
2014-12-10 06:10:37 ----A---- C:\Windows\SYSWOW64\vssapi.dll
2014-12-10 06:10:37 ----A---- C:\Windows\system32\VSSVC.exe
2014-12-10 06:10:37 ----A---- C:\Windows\system32\vssapi.dll
2014-12-10 05:59:13 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-12-10 05:59:13 ----A---- C:\Windows\system32\srmclient.dll
2014-12-10 05:59:13 ----A---- C:\Windows\system32\mfmpeg2srcsnk.dll
2014-12-10 05:59:12 ----A---- C:\Windows\SYSWOW64\srmclient.dll
2014-12-10 05:59:12 ----A---- C:\Windows\SYSWOW64\mfmpeg2srcsnk.dll
2014-12-10 05:59:12 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2014-12-10 05:59:12 ----A---- C:\Windows\system32\srmscan.dll
2014-12-10 05:59:12 ----A---- C:\Windows\system32\dnsapi.dll
2014-12-10 05:59:11 ----A---- C:\Windows\SYSWOW64\srmscan.dll
2014-12-10 05:59:11 ----A---- C:\Windows\SYSWOW64\srm.dll
2014-12-10 05:59:11 ----A---- C:\Windows\SYSWOW64\adrclient.dll
2014-12-10 05:59:11 ----A---- C:\Windows\system32\srm.dll
2014-12-10 05:59:11 ----A---- C:\Windows\system32\dnsrslvr.dll
2014-12-10 05:59:11 ----A---- C:\Windows\system32\adrclient.dll
2014-12-10 05:58:55 ----A---- C:\Windows\system32\mshtml.dll
2014-12-10 05:58:50 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-12-10 05:58:48 ----A---- C:\Windows\system32\ieframe.dll
2014-12-10 05:58:47 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-12-10 05:58:47 ----A---- C:\Windows\system32\iertutil.dll
2014-12-10 05:58:46 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-12-10 05:58:46 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-12-10 05:58:46 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-12-10 05:58:46 ----A---- C:\Windows\system32\wininet.dll
2014-12-10 05:58:46 ----A---- C:\Windows\system32\urlmon.dll
2014-12-10 05:58:46 ----A---- C:\Windows\system32\msfeeds.dll
2014-12-10 05:58:45 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-12-10 05:58:45 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-12-10 05:58:45 ----A---- C:\Windows\SYSWOW64\jscript.dll
2014-12-10 05:58:45 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2014-12-10 05:58:45 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-12-10 05:58:45 ----A---- C:\Windows\system32\uxtheme.dll
2014-12-10 05:58:45 ----A---- C:\Windows\system32\jscript9.dll
2014-12-10 05:58:45 ----A---- C:\Windows\system32\jscript.dll
2014-12-10 05:58:45 ----A---- C:\Windows\system32\iesysprep.dll
2014-12-10 05:58:45 ----A---- C:\Windows\system32\iedkcs32.dll
2014-12-10 05:58:44 ----A---- C:\Windows\SYSWOW64\UXInit.dll
2014-12-10 05:58:44 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-12-10 05:58:44 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-12-10 05:58:44 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-12-10 05:58:44 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-12-10 05:58:44 ----A---- C:\Windows\system32\UXInit.dll
2014-12-10 05:58:44 ----A---- C:\Windows\system32\msrating.dll
2014-12-10 05:58:44 ----A---- C:\Windows\system32\mshtmled.dll
2014-12-10 05:58:44 ----A---- C:\Windows\system32\iernonce.dll
2014-12-10 05:58:44 ----A---- C:\Windows\system32\ie4uinit.exe
2014-12-10 05:58:44 ----A---- C:\Windows\system32\dxtrans.dll
2014-12-10 05:58:43 ----A---- C:\Windows\SYSWOW64\uxtheme.dll
2014-12-10 05:58:43 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-12-10 05:58:43 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-12-10 05:58:43 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-12-10 05:58:43 ----A---- C:\Windows\system32\jsproxy.dll
2014-12-10 05:58:43 ----A---- C:\Windows\system32\iesetup.dll
2014-12-10 05:58:43 ----A---- C:\Windows\system32\dxtmsft.dll
2014-12-10 05:58:41 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-12-10 05:58:40 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-12-10 05:57:47 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2014-12-10 05:57:47 ----A---- C:\Windows\system32\crypt32.dll
2014-12-09 19:03:02 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe

======List of files/folders modified in the last 1 month======

2014-12-22 18:23:44 ----D---- C:\Windows\Prefetch
2014-12-22 18:17:25 ----D---- C:\Users\Danuška\AppData\Roaming\Skype
2014-12-22 18:09:15 ----D---- C:\Windows\Temp
2014-12-22 18:02:04 ----D---- C:\Windows\system32\sru
2014-12-22 17:55:37 ----RD---- C:\Program Files (x86)
2014-12-22 16:31:38 ----D---- C:\Windows\system32\config
2014-12-22 15:56:17 ----D---- C:\Windows\WinSxS
2014-12-22 15:54:40 ----RD---- C:\Windows\System32
2014-12-22 15:54:40 ----D---- C:\Windows\SysWOW64
2014-12-22 15:54:40 ----D---- C:\Windows\system32\cs-CZ
2014-12-22 15:54:38 ----D---- C:\Windows\system32\DriverStore
2014-12-22 15:54:38 ----D---- C:\Windows\system32\Drivers
2014-12-22 15:54:38 ----D---- C:\Windows\Inf
2014-12-22 15:49:00 ----D---- C:\Windows\CbsTemp
2014-12-22 15:48:00 ----SHD---- C:\System Volume Information
2014-12-22 15:47:09 ----D---- C:\Windows\system32\catroot2
2014-12-22 15:06:02 ----D---- C:\Windows\system32\drivers\UMDF
2014-12-22 15:06:02 ----D---- C:\Windows
2014-12-22 14:38:37 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-12-22 14:36:33 ----RD---- C:\Program Files
2014-12-22 10:06:47 ----D---- C:\Users\Danuška\AppData\Roaming\Seznam.cz
2014-12-22 10:00:32 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-22 09:58:44 ----D---- C:\Users\Danuška\AppData\Roaming\vlc
2014-12-22 09:10:16 ----D---- C:\Windows\Tasks
2014-12-22 09:10:16 ----D---- C:\Windows\system32\Tasks
2014-12-22 09:10:16 ----D---- C:\Program Files (x86)\Google
2014-12-22 06:23:22 ----D---- C:\Windows\Microsoft.NET
2014-12-21 11:01:52 ----SHD---- C:\Windows\Installer
2014-12-21 11:01:15 ----HD---- C:\ProgramData
2014-12-20 18:22:45 ----D---- C:\Windows\SoftwareDistribution
2014-12-20 15:54:01 ----D---- C:\Windows\debug
2014-12-20 15:09:16 ----D---- C:\Windows\Minidump
2014-12-20 14:21:34 ----D---- C:\Program Files (x86)\FastShare
2014-12-17 18:09:16 ----D---- C:\Program Files (x86)\Opera
2014-12-13 10:55:58 ----D---- C:\Windows\AUInstallAgent
2014-12-13 10:55:52 ----HD---- C:\Program Files\WindowsApps
2014-12-11 18:12:59 ----D---- C:\Windows\rescache
2014-12-11 06:07:46 ----RD---- C:\Windows\ToastData
2014-12-11 06:07:43 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-11 06:07:41 ----D---- C:\Program Files\Internet Explorer
2014-12-11 06:07:40 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-12-10 06:13:21 ----D---- C:\Windows\system32\MRT
2014-12-10 06:11:24 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 dtsoftbus01;@oem4.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\Windows\System32\drivers\dtsoftbus01.sys [2014-03-15 283064]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-02-24 13929472]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2014-02-24 636928]
R3 AtiHDAudioService;@oem3.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW86.sys [2013-12-19 215040]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 RTL8168;@oem7.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2013-06-21 816344]
R3 WUDFWpdFs;WUDFWpdFs; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 198656]
R3 WUDFWpdMtp;WUDFWpdMtp; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 198656]
S0 amdkmafd;@oem1.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\Windows\System32\drivers\amdkmafd.sys [2012-09-23 21160]
S3 b57nd60a;@netb57va.inf,%SvcDispName%;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60a.sys [2012-06-02 425472]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys []
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2012-07-26 57344]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AllShare Framework DMS;AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [2013-12-21 404360]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2014-02-24 240128]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-02-12 43336]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 Samsung Link Service;Samsung Link Service; D:\Samsung Link\Samsung Link.exe [2014-12-16 616288]
R2 slsvc;Software Licensing Service; C:\Windows\slsvc.exe [2012-09-25 10240]
S2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09 267440]
S3 ehRecvr;@%SystemRoot%\ehome\ehrecvr.exe,-101; C:\Windows\ehome\ehRecvr.exe [2012-07-26 663552]
S3 ehSched;@%SystemRoot%\ehome\ehsched.exe,-101; C:\Windows\ehome\ehsched.exe [2012-07-26 125440]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-06 43616]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-02-21 641352]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-12-21 114800]
S4 Mcx2Svc;@%SystemRoot%\ehome\ehres.dll,-15501; C:\Windows\system32\svchost.exe [2012-09-20 29696]

-----------------EOF-----------------

Toto je RSIT, chtěl jsem FRST.

Jéje - sorry

-------------
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-12-2014 01
Ran by Danuška (administrator) on DANA on 22-12-2014 18:42:38
Running from C:\Users\Danuška\Downloads
Loaded Profile: Danuška (Available profiles: Danuška)
Platform: Windows 8 Pro with Media Center (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Copyright 2013 SAMSUNG) D:\Samsung Link\Samsung Link.exe
(Copyright 2013 SAMSUNG) D:\Samsung Link\Samsung Link.exe
(Microsoft Corporation) C:\Windows\slsvc.exe
() C:\Windows\PersonalizeEnabler.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Copyright 2013 SAMSUNG) D:\Samsung Link\Samsung Link Tray Agent.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Farbar) C:\Users\Danuška\Downloads\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Samsung Link] => D:\Samsung Link\Samsung Link Tray Agent.exe [607584 2014-12-16] (Copyright 2013 SAMSUNG)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-02-23] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKU\S-1-5-21-3411682585-1557998769-1010772987-1001\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2014-02-18] (Raptr, Inc)
HKU\S-1-5-21-3411682585-1557998769-1010772987-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3411682585-1557998769-1010772987-1001\...\Run: [cz.seznam.software.autoupdate] => "C:\Users\Danuaka\AppData\Roaming\Seznam.cz\szninstall.exe" -c
HKU\S-1-5-21-3411682585-1557998769-1010772987-1001\...\Run: [cz.seznam.software.szndesktop] => "C:\Users\Danuaka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
HKU\S-1-5-21-3411682585-1557998769-1010772987-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-3411682585-1557998769-1010772987-1001\...\MountPoints2: G - "G:\Setup.exe"
HKU\S-1-5-21-3411682585-1557998769-1010772987-1001\...\MountPoints2: {1ca723a2-aa72-11e3-be70-d43d7e3405f8} - "G:\sources\setup.exe"
IFEO\chrome.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3411682585-1557998769-1010772987-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13415
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3411682585-1557998769-1010772987-1001 -> {00613891-7B18-4D5A-8B61-C4E44AE7936A} URL = http://search.seznam.cz/?q={searchTerms ... arch_13415
SearchScopes: HKU\S-1-5-21-3411682585-1557998769-1010772987-1001 -> {2DB6C7F8-6B8B-424E-82D7-60A80B572CB9} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKU\S-1-5-21-3411682585-1557998769-1010772987-1001 -> {570FDE79-2AC0-440B-8013-C9A1E18CAAF0} URL = http://www.mapy.cz/?query={searchTerms} ... arch_13415
SearchScopes: HKU\S-1-5-21-3411682585-1557998769-1010772987-1001 -> {8630BBD9-E580-4B82-AA46-6F248932B3D3} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_13415
SearchScopes: HKU\S-1-5-21-3411682585-1557998769-1010772987-1001 -> {A2D9846A-1666-4B58-8EBD-4935B21A7F2D} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKU\S-1-5-21-3411682585-1557998769-1010772987-1001 -> {CC1E1AB7-C4FC-4F4D-9DBB-B8CC68F01056} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415
SearchScopes: HKU\S-1-5-21-3411682585-1557998769-1010772987-1001 -> {D6469064-D090-4E79-8518-4037CFD6F442} URL = http://www.novinky.cz/hledej?w={searchT ... arch_13415
SearchScopes: HKU\S-1-5-21-3411682585-1557998769-1010772987-1001 -> {D6E97170-1274-4010-A9C9-99A1A772BE41} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
SearchScopes: HKU\S-1-5-21-3411682585-1557998769-1010772987-1001 -> {EE247C0F-A5ED-4AD6-85D4-234F53F26803} URL = http://encyklopedie.seznam.cz/search?q= ... arch_13415
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\..\Interfaces\{A9E0D0A8-0BB9-418E-A769-85AD4CE81CD3}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{D3EB5B15-635A-45FF-A99A-4C41211F9607}: [NameServer] 8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\Danuška\AppData\Roaming\Mozilla\Firefox\Profiles\u5rq627b.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @InternetSpeedTracker_9t.com/Plugin -> C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\NP9tStub.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKU\S-1-5-21-3411682585-1557998769-1010772987-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Danuška\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: Internet Speed Tracker - C:\Users\Danuška\AppData\Roaming\Mozilla\Firefox\Profiles\u5rq627b.default\Extensions\9tffxtbr@InternetSpeedTracker_9t.com [2014-12-22]
FF Extension: WinToFlash Suggestor - C:\Users\Danuška\AppData\Roaming\Mozilla\Firefox\Profiles\u5rq627b.default\Extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi [2012-04-09]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-12-21]

Chrome:
=======
CHR Profile: C:\Users\Danuška\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Danuška\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-08]
CHR Extension: (Disk Google) - C:\Users\Danuška\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-08]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Danuška\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2014-03-15]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Danuška\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2014-03-15]
CHR Extension: (YouTube) - C:\Users\Danuška\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-08]
CHR Extension: (Vyhledávání Google) - C:\Users\Danuška\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-08]
CHR Extension: (Peněženka Google) - C:\Users\Danuška\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-08]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Danuška\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2014-03-15]
CHR Extension: (Gmail) - C:\Users\Danuška\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-08]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 Samsung Link Service; D:\Samsung Link\Samsung Link.exe [616288 2014-12-16] (Copyright 2013 SAMSUNG)
R2 slsvc; C:\Windows\slsvc.exe [10240 2012-09-25] (Microsoft Corporation) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16032 2014-09-22] (Microsoft Corporation)
S2 TuneUp.UtilitiesSvc; "C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [215040 2013-12-19] (Advanced Micro Devices)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-03-15] (Disc Soft Ltd)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-22 18:42 - 2014-12-22 18:43 - 00011511 _____ () C:\Users\Danuška\Downloads\FRST.txt
2014-12-22 18:41 - 2014-12-22 18:42 - 00000000 ____D () C:\FRST
2014-12-22 18:40 - 2014-12-22 18:40 - 02122240 _____ (Farbar) C:\Users\Danuška\Downloads\FRST64 (1).exe
2014-12-22 18:38 - 2014-12-22 18:38 - 02122240 _____ (Farbar) C:\Users\Danuška\Downloads\FRST64.exe
2014-12-22 18:25 - 2014-12-22 18:25 - 01222144 _____ () C:\Users\Danuška\Downloads\RSITx64(1).exe
2014-12-22 18:00 - 2014-12-22 18:00 - 00880784 _____ (Google Inc.) C:\Users\Danuška\Downloads\ChromeSetup (6).exe
2014-12-22 17:53 - 2014-12-22 17:55 - 00000000 ____D () C:\AdwCleaner
2014-12-22 17:51 - 2014-12-22 17:51 - 02173952 _____ () C:\Users\Danuška\Downloads\adwcleaner_4.106.exe
2014-12-22 16:16 - 2014-12-22 16:16 - 00880784 _____ (Google Inc.) C:\Users\Danuška\Downloads\ChromeSetup (5).exe
2014-12-22 16:11 - 2014-12-22 16:11 - 00087775 _____ () C:\Users\Danuška\Downloads\winupcompat.diagcab
2014-12-22 16:05 - 2014-12-22 16:05 - 00880784 _____ (Google Inc.) C:\Users\Danuška\Downloads\ChromeSetup (4).exe
2014-12-22 15:47 - 2014-11-15 07:06 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-12-22 15:47 - 2014-11-15 06:13 - 03286016 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-12-22 15:47 - 2014-11-15 06:13 - 01623552 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-12-22 15:47 - 2014-11-15 06:13 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-12-22 15:47 - 2014-11-15 06:13 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-12-22 15:47 - 2014-11-15 06:13 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-12-22 15:47 - 2014-11-15 06:13 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-12-22 15:47 - 2014-11-15 06:13 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-12-22 15:47 - 2014-11-15 06:12 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-12-22 15:47 - 2014-11-15 04:54 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-12-22 15:47 - 2014-11-15 04:53 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-12-22 15:47 - 2014-11-15 04:53 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-12-22 15:47 - 2014-11-15 04:53 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-12-22 15:47 - 2014-11-05 07:40 - 00733184 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-12-22 15:47 - 2014-11-05 07:39 - 01024512 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-12-22 15:47 - 2014-11-01 08:33 - 06973760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-12-22 15:47 - 2014-11-01 07:28 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2014-12-22 15:47 - 2014-10-29 15:21 - 00499008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2014-12-22 15:47 - 2014-10-27 23:10 - 00390841 _____ () C:\Windows\system32\ApnDatabase.xml
2014-12-22 15:06 - 2014-12-22 17:58 - 00001509 _____ () C:\Windows\setupact.log
2014-12-22 15:06 - 2014-12-22 15:06 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-12-22 15:06 - 2014-12-22 15:06 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-22 14:45 - 2014-12-22 14:46 - 00880784 _____ (Google Inc.) C:\Users\Danuška\Downloads\ChromeSetup (3).exe
2014-12-22 14:36 - 2014-12-22 18:25 - 00000000 ____D () C:\Program Files\trend micro
2014-12-22 14:36 - 2014-12-22 14:36 - 00000000 ____D () C:\rsit
2014-12-22 14:35 - 2014-12-22 14:35 - 01222144 _____ () C:\Users\Danuška\Downloads\RSITx64.exe
2014-12-22 14:10 - 2014-12-22 14:10 - 00001116 _____ () C:\Users\Danuška\Desktop\Samsung Link d.zemkova@seznam.cz.lnk
2014-12-22 10:00 - 2014-12-22 17:56 - 00001446 _____ () C:\Windows\PFRO.log
2014-12-22 09:11 - 2014-12-22 09:11 - 00880784 _____ (Google Inc.) C:\Users\Danuška\Downloads\ChromeSetup (2).exe
2014-12-22 09:07 - 2014-12-22 09:07 - 00880784 _____ (Google Inc.) C:\Users\Danuška\Downloads\ChromeSetup (1).exe
2014-12-21 12:21 - 2014-12-21 12:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-21 11:01 - 2014-12-21 11:01 - 00000000 ____D () C:\Users\Danuška\Samsung Link
2014-12-21 11:01 - 2014-12-21 11:01 - 00000000 ____D () C:\Users\Danuška\AppData\Roaming\SAMSUNG
2014-12-21 11:01 - 2014-12-21 11:01 - 00000000 ____D () C:\Users\Danuška\.swt
2014-12-21 11:01 - 2014-12-21 11:01 - 00000000 ____D () C:\Upload
2014-12-21 11:01 - 2014-12-21 11:01 - 00000000 ____D () C:\ProgramData\SAMSUNG
2014-12-21 11:01 - 2014-12-21 11:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2014-12-21 11:01 - 2014-12-21 11:01 - 00000000 ____D () C:\Program Files\Samsung
2014-12-21 11:00 - 2014-12-21 11:00 - 00002147 _____ () C:\Users\Danuška\Downloads\error.log
2014-12-21 10:58 - 2014-12-21 10:59 - 92382560 _____ (Copyright 2013 SAMSUNG) C:\Users\Danuška\Downloads\SamsungLink_Installer64.exe
2014-12-20 18:22 - 2014-12-22 18:33 - 00365694 _____ () C:\Windows\WindowsUpdate.log
2014-12-20 15:10 - 2014-12-20 15:10 - 00001014 _____ () C:\Users\Danuška\Documents\cc_20141220_151006.reg
2014-12-17 18:09 - 2014-12-17 18:09 - 00003812 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1400698827
2014-12-17 18:09 - 2014-12-17 18:09 - 00001055 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-12-17 06:15 - 2014-12-09 08:12 - 00590816 _____ (Microsoft Corporation) C:\Windows\system32\AutoUpdate.exe
2014-12-17 06:15 - 2014-12-09 08:12 - 00467408 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-12-11 06:13 - 2012-10-07 01:32 - 10094592 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-12-11 06:13 - 2012-10-02 11:06 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2014-12-11 06:13 - 2012-09-26 13:39 - 01357312 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2014-12-11 06:13 - 2012-09-19 12:37 - 00133287 _____ () C:\Windows\system32\slmgr.vbs
2014-12-11 06:13 - 2012-09-19 10:25 - 19778048 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-12-11 06:13 - 2012-07-26 04:07 - 00415232 _____ (Microsoft Corporation) C:\Windows\system32\GenuineCenter.dll
2014-12-11 06:13 - 2012-07-26 04:05 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenterCPL.dll
2014-12-11 06:10 - 2014-11-26 22:11 - 00714184 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-11 06:10 - 2014-11-26 22:11 - 00106440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-10 16:26 - 2014-12-10 16:26 - 04558763 _____ () C:\Users\Danuška\Downloads\SVKUL10.12.2014.pptx
2014-12-10 06:10 - 2014-10-09 05:00 - 01519104 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2014-12-10 06:10 - 2014-10-09 05:00 - 01484288 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2014-12-10 06:10 - 2014-10-09 05:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\vsstrace.dll
2014-12-10 06:10 - 2014-10-09 04:59 - 01195520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2014-12-10 06:10 - 2014-10-09 04:59 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vsstrace.dll
2014-12-10 05:59 - 2014-10-11 06:57 - 17562112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-12-10 05:59 - 2014-10-09 04:59 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-12-10 05:59 - 2014-10-09 04:59 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-12-10 05:59 - 2014-10-09 04:58 - 00458240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-12-10 05:59 - 2014-09-22 06:38 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2014-12-10 05:59 - 2014-09-22 04:56 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2014-12-10 05:59 - 2014-09-18 00:24 - 00987136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmclient.dll
2014-12-10 05:59 - 2014-09-18 00:24 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmscan.dll
2014-12-10 05:59 - 2014-09-18 00:24 - 00278528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srm.dll
2014-12-10 05:59 - 2014-09-18 00:24 - 00104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adrclient.dll
2014-12-10 05:59 - 2014-09-17 23:57 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\srmclient.dll
2014-12-10 05:59 - 2014-09-17 23:57 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\srmscan.dll
2014-12-10 05:59 - 2014-09-17 23:57 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\srm.dll
2014-12-10 05:59 - 2014-09-17 23:57 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\adrclient.dll
2014-12-10 05:58 - 2014-11-21 09:38 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 05:58 - 2014-11-21 09:38 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 05:58 - 2014-11-21 09:37 - 01409536 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 05:58 - 2014-11-21 09:37 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-12-10 05:58 - 2014-11-21 09:37 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-12-10 05:58 - 2014-11-21 09:36 - 19283456 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 05:58 - 2014-11-21 09:36 - 15400960 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 05:58 - 2014-11-21 09:36 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 05:58 - 2014-11-21 09:36 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 05:58 - 2014-11-21 09:36 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-10 05:58 - 2014-11-21 09:36 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 05:58 - 2014-11-21 09:36 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 05:58 - 2014-11-21 09:36 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 05:58 - 2014-11-21 09:36 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 05:58 - 2014-11-21 09:36 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 05:58 - 2014-11-21 09:36 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-12-10 05:58 - 2014-11-21 09:36 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 05:58 - 2014-11-21 09:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 05:58 - 2014-11-21 09:36 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 05:58 - 2014-11-21 09:36 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 05:58 - 2014-11-21 09:35 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 05:58 - 2014-11-21 08:17 - 14364672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 05:58 - 2014-11-21 08:17 - 01762816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 05:58 - 2014-11-21 08:17 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 05:58 - 2014-11-21 08:17 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 05:58 - 2014-11-21 08:17 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 05:58 - 2014-11-21 08:17 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-12-10 05:58 - 2014-11-21 08:16 - 13758976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 05:58 - 2014-11-21 08:16 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 05:58 - 2014-11-21 08:16 - 02054656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 05:58 - 2014-11-21 08:16 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 05:58 - 2014-11-21 08:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-10 05:58 - 2014-11-21 08:16 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 05:58 - 2014-11-21 08:16 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 05:58 - 2014-11-21 08:16 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 05:58 - 2014-11-21 08:16 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 05:58 - 2014-11-21 08:16 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-12-10 05:58 - 2014-11-21 08:16 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 05:58 - 2014-11-21 08:16 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 05:58 - 2014-11-21 08:16 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 05:58 - 2014-11-21 08:00 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 05:58 - 2014-11-21 07:54 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 05:58 - 2014-11-21 05:30 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-12-10 05:58 - 2014-11-06 07:50 - 01627648 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 05:58 - 2014-11-06 06:03 - 01339392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 05:57 - 2014-10-30 08:20 - 01890816 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-12-10 05:57 - 2014-10-30 06:22 - 01569792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-12-09 19:03 - 2014-12-09 19:03 - 03981488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-12-05 17:05 - 2014-12-05 17:41 - 2170049376 _____ () C:\Users\Danuška\Downloads\hubiC-05.12.2014 5_04_48.zip
2014-11-29 10:18 - 2014-11-29 10:18 - 00331878 _____ () C:\Users\Danuška\Downloads\je (1).odt
2014-11-28 20:30 - 2014-11-28 20:48 - 324994702 _____ () C:\Users\Danuška\Downloads\Vzpominky-S02E13.mp4
2014-11-28 20:06 - 2014-11-28 20:26 - 365150622 _____ () C:\Users\Danuška\Downloads\Vzpomínky-(Unforgettable)-S03E13orig+SK-tit.avi
2014-11-28 19:44 - 2014-11-28 20:04 - 365602610 _____ () C:\Users\Danuška\Downloads\Vzpomínky-(Unforgettable)-S03E12orig+SK-tit.avi
2014-11-28 19:04 - 2014-11-28 19:25 - 364967958 _____ () C:\Users\Danuška\Downloads\Vzpomínky-(Unforgettable)-S03E11orig+SK-tit.avi
2014-11-28 17:39 - 2014-11-28 18:17 - 365102990 _____ () C:\Users\Danuška\Downloads\Vzpomínky-(Unforgettable)-S03E10orig.+SKtit.avi
2014-11-28 17:38 - 2014-11-28 17:38 - 00331878 _____ () C:\Users\Danuška\Downloads\je.odt
2014-11-28 17:13 - 2014-11-28 17:33 - 365572216 _____ () C:\Users\Danuška\Downloads\Vzpomínky-(Unforgettable)-S03E09orig.+SKtit.avi
2014-11-28 16:46 - 2014-11-28 17:06 - 365463016 _____ () C:\Users\Danuška\Downloads\Vzpomínky-(Unforgettable)-S03E08orig.+SKtit.avi
2014-11-28 15:47 - 2014-11-28 16:08 - 365449004 _____ () C:\Users\Danuška\Downloads\Vzpomínky-(Unforgettable)-S03E07orig.+SKtit.avi
2014-11-27 20:01 - 2014-11-27 20:21 - 365426976 _____ () C:\Users\Danuška\Downloads\Vzpomínky-(Unforgettable)-S03E06orig.+SKtit.avi
2014-11-27 19:40 - 2014-11-27 20:00 - 363339736 _____ () C:\Users\Danuška\Downloads\Vzpomínky-(Unforgettable)-S03E05orig.+SKtit.avi
2014-11-27 18:44 - 2014-11-27 19:05 - 365409596 _____ () C:\Users\Danuška\Downloads\Vzpomínky-(Unforgettable)-S03E04orig.+SKtit.avi
2014-11-27 18:23 - 2014-11-27 18:38 - 281732426 _____ () C:\Users\Danuška\Downloads\Vzpomínky-(Unforgettable)-S03E03orig.+SKtit.mp4
2014-11-26 20:34 - 2014-11-26 20:50 - 296251603 _____ () C:\Users\Danuška\Downloads\Vzpomínky-(Unforgettable)-S03E02orig.+SKtit.mp4
2014-11-26 19:53 - 2014-11-26 20:22 - 278554167 _____ () C:\Users\Danuška\Downloads\Vzpomínky-(Unforgettable)-S03E01orig.+SKtit.mp4
2014-11-22 08:29 - 2014-11-22 08:29 - 00458327 _____ () C:\Users\Danuška\Downloads\Sdilej_Manager (2).zip
2014-11-22 08:29 - 2014-11-22 08:29 - 00000318 _____ () C:\Users\Danuška\Desktop\SDÍLEJ.CZ Manager.appref-ms
2014-11-22 08:29 - 2014-11-22 08:29 - 00000000 ____D () C:\Users\Danuška\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SDÍLEJ.CZ
2014-11-22 08:29 - 2014-05-20 14:02 - 00005819 _____ () C:\Users\Danuška\Downloads\SdilejCZManager.application
2014-11-22 08:28 - 2014-11-22 08:28 - 00000000 ____D () C:\Users\Danuška\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CZShare
2014-11-22 08:18 - 2014-11-22 08:18 - 00458327 _____ () C:\Users\Danuška\Downloads\Sdilej_Manager (1).zip

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-22 18:37 - 2014-03-08 10:31 - 00000000 ____D () C:\Users\Danuška\AppData\Roaming\Skype
2014-12-22 18:28 - 2012-07-26 11:01 - 00726246 _____ () C:\Windows\system32\perfh005.dat
2014-12-22 18:28 - 2012-07-26 11:01 - 00147800 _____ () C:\Windows\system32\perfc005.dat
2014-12-22 18:28 - 2012-07-26 08:28 - 01714430 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-22 18:24 - 2014-05-03 12:24 - 01464832 ___SH () C:\Users\Danuška\Downloads\Thumbs.db
2014-12-22 18:03 - 2014-09-20 06:50 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-22 18:02 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\sru
2014-12-22 17:56 - 2014-03-15 13:57 - 00001516 _____ () C:\Windows\Tasks\hdtotal1.1-updater.job
2014-12-22 17:56 - 2014-03-15 13:56 - 00003102 _____ () C:\Windows\Tasks\hdtotal1.1-chromeinstaller.job
2014-12-22 17:56 - 2014-03-15 13:56 - 00002540 _____ () C:\Windows\Tasks\hdtotal1.1-firefoxinstaller.job
2014-12-22 17:56 - 2014-03-15 13:56 - 00001470 _____ () C:\Windows\Tasks\hdtotal1.1-codedownloader.job
2014-12-22 17:56 - 2014-03-15 13:56 - 00001370 _____ () C:\Windows\Tasks\hdtotal1.1-enabler.job
2014-12-22 17:56 - 2012-07-26 08:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-22 15:49 - 2012-07-26 08:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-12-22 14:21 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-12-22 10:42 - 2014-03-07 19:29 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3411682585-1557998769-1010772987-1001
2014-12-22 10:06 - 2014-03-15 13:57 - 00000000 ____D () C:\Users\Danuška\AppData\Roaming\Seznam.cz
2014-12-22 10:00 - 2014-06-09 17:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-22 09:58 - 2014-03-08 12:26 - 00000000 ____D () C:\Users\Danuška\AppData\Roaming\vlc
2014-12-22 09:10 - 2014-03-08 10:29 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-21 11:01 - 2014-03-07 19:23 - 00000000 ____D () C:\Users\Danuška
2014-12-21 10:16 - 2014-03-10 20:47 - 00000000 ____D () C:\Users\Danuška\Desktop\Seriály
2014-12-21 09:01 - 2014-03-09 09:21 - 00000000 ____D () C:\Users\Danuška\AppData\Local\Deployment
2014-12-20 15:09 - 2014-04-01 17:04 - 00000000 ____D () C:\Windows\Minidump
2014-12-20 14:21 - 2014-03-09 09:23 - 00000000 ____D () C:\Program Files (x86)\FastShare
2014-12-17 18:09 - 2014-05-21 20:00 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-12-13 10:55 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-12-11 18:12 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\rescache
2014-12-11 06:07 - 2012-07-26 09:12 - 00000000 ___RD () C:\Windows\ToastData
2014-12-10 06:13 - 2014-03-08 20:28 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 06:11 - 2014-03-08 20:28 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-09 19:03 - 2014-09-20 06:50 - 00003802 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-06 16:14 - 2014-03-07 19:23 - 00000000 ____D () C:\Users\Danuška\AppData\Local\Packages
2014-11-25 20:34 - 2014-05-21 20:10 - 00000000 ____D () C:\Users\Danuška\AppData\Local\Adobe
2014-11-22 08:29 - 2014-03-09 09:21 - 00000000 ____D () C:\Users\Danuška\Downloads\Application Files

Some content of TEMP:
====================
C:\Users\Danuška\AppData\Local\Temp\i4jdel0.exe
C:\Users\Danuška\AppData\Local\Temp\Quarantine.exe
C:\Users\Danuška\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-20 11:51

==================== End Of Log ============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-3411682585-1557998769-1010772987-1001\...\MountPoints2: G - "G:\Setup.exe"
HKU\S-1-5-21-3411682585-1557998769-1010772987-1001\...\MountPoints2: {1ca723a2-aa72-11e3-be70-d43d7e3405f8} - "G:\sources\setup.exe"
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
C:\Users\Danuška\AppData\Local\Temp
Task: {00016FB6-79D4-482C-A559-B056B23439A8} - System32\Tasks\hdtotal1.1-updater => C:\Program Files (x86)\hdtotal1.1\hdtotal1.1-updater.exe <==== ATTENTION
Task: {5D4C07E4-6448-4041-B845-F156832C7D85} - System32\Tasks\hdtotal1.1-codedownloader => C:\Program Files (x86)\hdtotal1.1\hdtotal1.1-codedownloader.exe <==== ATTENTION
Task: {7D606559-7940-4BF7-A987-41574A6F0E25} - System32\Tasks\hdtotal1.1-chromeinstaller => C:\Program Files (x86)\hdtotal1.1\hdtotal1.1-chromeinstaller.exe <==== ATTENTION
Task: {B81DD2B4-F8EF-4DBD-903F-20E77DE8719B} - System32\Tasks\hdtotal1.1-enabler => C:\Program Files (x86)\hdtotal1.1\hdtotal1.1-enabler.exe <==== ATTENTION
Task: {D8E15871-1B6E-4B20-BEEE-B41EBD3ED113} - System32\Tasks\hdtotal1.1-firefoxinstaller => C:\Program Files (x86)\hdtotal1.1\hdtotal1.1-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\hdtotal1.1-chromeinstaller.job => C:\Program Files (x86)\hdtotal1.1\hdtotal1.1-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\hdtotal1.1-codedownloader.job => C:\Program Files (x86)\hdtotal1.1\hdtotal1.1-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\hdtotal1.1-enabler.job => C:\Program Files (x86)\hdtotal1.1\hdtotal1.1-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\hdtotal1.1-firefoxinstaller.job => C:\Program Files (x86)\hdtotal1.1\hdtotal1.1-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\hdtotal1.1-updater.job => C:\Program Files (x86)\hdtotal1.1\hdtotal1.1-updater.exe <==== ATTENTION
C:\Program Files (x86)\hdtotal1.1
End

Uložte do C:\Users\Danuška\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Zde to je:

-----------------------
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 22-12-2014 01
Ran by Danuška at 2014-12-22 20:08:12 Run:1
Running from C:\Users\Danuška\Downloads
Loaded Profile: Danuška (Available profiles: Danuška)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKU\S-1-5-21-3411682585-1557998769-1010772987-1001\...\MountPoints2: G - "G:\Setup.exe"
HKU\S-1-5-21-3411682585-1557998769-1010772987-1001\...\MountPoints2: {1ca723a2-aa72-11e3-be70-d43d7e3405f8} - "G:\sources\setup.exe"
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
C:\Users\Danuška\AppData\Local\Temp
Task: {00016FB6-79D4-482C-A559-B056B23439A8} - System32\Tasks\hdtotal1.1-updater => C:\Program Files (x86)\hdtotal1.1\hdtotal1.1-updater.exe <==== ATTENTION
Task: {5D4C07E4-6448-4041-B845-F156832C7D85} - System32\Tasks\hdtotal1.1-codedownloader => C:\Program Files (x86)\hdtotal1.1\hdtotal1.1-codedownloader.exe <==== ATTENTION
Task: {7D606559-7940-4BF7-A987-41574A6F0E25} - System32\Tasks\hdtotal1.1-chromeinstaller => C:\Program Files (x86)\hdtotal1.1\hdtotal1.1-chromeinstaller.exe <==== ATTENTION
Task: {B81DD2B4-F8EF-4DBD-903F-20E77DE8719B} - System32\Tasks\hdtotal1.1-enabler => C:\Program Files (x86)\hdtotal1.1\hdtotal1.1-enabler.exe <==== ATTENTION
Task: {D8E15871-1B6E-4B20-BEEE-B41EBD3ED113} - System32\Tasks\hdtotal1.1-firefoxinstaller => C:\Program Files (x86)\hdtotal1.1\hdtotal1.1-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\hdtotal1.1-chromeinstaller.job => C:\Program Files (x86)\hdtotal1.1\hdtotal1.1-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\hdtotal1.1-codedownloader.job => C:\Program Files (x86)\hdtotal1.1\hdtotal1.1-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\hdtotal1.1-enabler.job => C:\Program Files (x86)\hdtotal1.1\hdtotal1.1-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\hdtotal1.1-firefoxinstaller.job => C:\Program Files (x86)\hdtotal1.1\hdtotal1.1-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\hdtotal1.1-updater.job => C:\Program Files (x86)\hdtotal1.1\hdtotal1.1-updater.exe <==== ATTENTION
C:\Program Files (x86)\hdtotal1.1
End
*****************

HKU\S-1-5-21-3411682585-1557998769-1010772987-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-3411682585-1557998769-1010772987-1001 => Key not found.
"HKU\S-1-5-21-3411682585-1557998769-1010772987-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1ca723a2-aa72-11e3-be70-d43d7e3405f8}" => Key deleted successfully.
HKCR\CLSID\{1ca723a2-aa72-11e3-be70-d43d7e3405f8} => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKCR\PROTOCOLS\Handler\skypec2c" => Key deleted successfully.
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => Key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
C:\Program Files (x86)\Skype\Toolbars => Moved successfully.
c2cautoupdatesvc => Unable to stop service
c2cautoupdatesvc => Service deleted successfully.
c2cpnrsvc => Unable to stop service
c2cpnrsvc => Service deleted successfully.

"C:\Users\Danuška\AppData\Local\Temp" directory move:

C:\Users\Danuška\AppData\Local\Temp\adwcleaner.db => Moved successfully.
C:\Users\Danuška\AppData\Local\Temp\AdwCleaner.jpg => Moved successfully.
C:\Users\Danuška\AppData\Local\Temp\chrome_installer.log => Moved successfully.
C:\Users\Danuška\AppData\Local\Temp\Cleaning.ico => Moved successfully.
C:\Users\Danuška\AppData\Local\Temp\CProgram Files (x86)Opera26.0.1656.60opera_autoupdate.download.lock => Moved successfully.
C:\Users\Danuška\AppData\Local\Temp\CProgram Files (x86)Opera26.0.1656.60opera_autoupdate.metrics.lock => Moved successfully.
C:\Users\Danuška\AppData\Local\Temp\EULA.txt => Moved successfully.
C:\Users\Danuška\AppData\Local\Temp\i4jdel0.exe => Moved successfully.
C:\Users\Danuška\AppData\Local\Temp\i4j_nlog_2 => Moved successfully.
C:\Users\Danuška\AppData\Local\Temp\i4j_nlog_3 => Moved successfully.
C:\Users\Danuška\AppData\Local\Temp\license.txt => Moved successfully.
C:\Users\Danuška\AppData\Local\Temp\opera_crashreporter.log => Moved successfully.
C:\Users\Danuška\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Danuška\AppData\Local\Temp\Report.ico => Moved successfully.
C:\Users\Danuška\AppData\Local\Temp\Scan.ico => Moved successfully.
C:\Users\Danuška\AppData\Local\Temp\sqlite3.dll => Moved successfully.
C:\Users\Danuška\AppData\Local\Temp\StructuredQuery.log => Moved successfully.
C:\Users\Danuška\AppData\Local\Temp\Uninstall.ico => Moved successfully.
C:\Users\Danuška\AppData\Local\Temp\winstore.log => Moved successfully.
C:\Users\Danuška\AppData\Local\Temp\wmplog00.sqm => Moved successfully.
C:\Users\Danuška\AppData\Local\Temp\wmplog01.sqm => Moved successfully.
C:\Users\Danuška\AppData\Local\Temp\wmplog02.sqm => Moved successfully.
C:\Users\Danuška\AppData\Local\Temp\{BEA94C3E-B32E-4147-A1CE-A0F804AF0D14}\fpb.tmp => Moved successfully.
C:\Users\Danuška\AppData\Local\Temp\VSD6D3B.tmp\install.log => Moved successfully.
Could not move "C:\Users\Danuška\AppData\Local\Temp\Skype\DbTemp\temp-7PdQjlao2S5eO9vJc6s7n0jl" => Scheduled to move on reboot.
Could not move "C:\Users\Danuška\AppData\Local\Temp\Skype\DbTemp\temp-fto3WKeey99CdzEmB22Fn7df" => Scheduled to move on reboot.
Could not move "C:\Users\Danuška\AppData\Local\Temp\Skype\DbTemp\temp-l4MAvVGue5UE41GgI1HcyMTm" => Scheduled to move on reboot.
Could not move "C:\Users\Danuška\AppData\Local\Temp\Skype\DbTemp\temp-ML3jgWVYM0f2yRF0xl1tVvhF" => Scheduled to move on reboot.
Could not move "C:\Users\Danuška\AppData\Local\Temp\Skype\DbTemp\temp-PKBjGncS5YbOotgaldSAr0d6" => Scheduled to move on reboot.
Could not move "C:\Users\Danuška\AppData\Local\Temp\Skype\DbTemp\temp-sonu1AqKC5jj0O9mZWMuZPX2" => Scheduled to move on reboot.
C:\Users\Danuška\AppData\Local\Temp\Samsung Link\Logs\log4j.log => Moved successfully.
Could not move "C:\Users\Danuška\AppData\Local\Temp\Samsung Link\Logs\log4jDB.log" => Scheduled to move on reboot.
Could not move "C:\Users\Danuška\AppData\Local\Temp\Samsung Link\Logs\log4jMeta.log" => Scheduled to move on reboot.
C:\Users\Danuška\AppData\Local\Temp\hsperfdata_Danuška\3240 => Moved successfully.
Could not move "C:\Users\Danuška\AppData\Local\Temp" directory. => Scheduled to move on reboot.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{00016FB6-79D4-482C-A559-B056B23439A8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{00016FB6-79D4-482C-A559-B056B23439A8}" => Key deleted successfully.
C:\Windows\System32\Tasks\hdtotal1.1-updater => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\hdtotal1.1-updater" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5D4C07E4-6448-4041-B845-F156832C7D85}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D4C07E4-6448-4041-B845-F156832C7D85}" => Key deleted successfully.
C:\Windows\System32\Tasks\hdtotal1.1-codedownloader => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\hdtotal1.1-codedownloader" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7D606559-7940-4BF7-A987-41574A6F0E25}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D606559-7940-4BF7-A987-41574A6F0E25}" => Key deleted successfully.
C:\Windows\System32\Tasks\hdtotal1.1-chromeinstaller => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\hdtotal1.1-chromeinstaller" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B81DD2B4-F8EF-4DBD-903F-20E77DE8719B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B81DD2B4-F8EF-4DBD-903F-20E77DE8719B}" => Key deleted successfully.
C:\Windows\System32\Tasks\hdtotal1.1-enabler => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\hdtotal1.1-enabler" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D8E15871-1B6E-4B20-BEEE-B41EBD3ED113}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D8E15871-1B6E-4B20-BEEE-B41EBD3ED113}" => Key deleted successfully.
C:\Windows\System32\Tasks\hdtotal1.1-firefoxinstaller => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\hdtotal1.1-firefoxinstaller" => Key deleted successfully.
C:\Windows\Tasks\hdtotal1.1-chromeinstaller.job => Moved successfully.
C:\Windows\Tasks\hdtotal1.1-codedownloader.job => Moved successfully.
C:\Windows\Tasks\hdtotal1.1-enabler.job => Moved successfully.
C:\Windows\Tasks\hdtotal1.1-firefoxinstaller.job => Moved successfully.
C:\Windows\Tasks\hdtotal1.1-updater.job => Moved successfully.
C:\Program Files (x86)\hdtotal1.1 => Moved successfully.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-12-22 20:09:46)<=

C:\Users\Danuška\AppData\Local\Temp\Skype\DbTemp\temp-7PdQjlao2S5eO9vJc6s7n0jl => Is moved successfully.
C:\Users\Danuška\AppData\Local\Temp\Skype\DbTemp\temp-fto3WKeey99CdzEmB22Fn7df => Is moved successfully.
C:\Users\Danuška\AppData\Local\Temp\Skype\DbTemp\temp-l4MAvVGue5UE41GgI1HcyMTm => Is moved successfully.
C:\Users\Danuška\AppData\Local\Temp\Skype\DbTemp\temp-ML3jgWVYM0f2yRF0xl1tVvhF => Is moved successfully.
C:\Users\Danuška\AppData\Local\Temp\Skype\DbTemp\temp-PKBjGncS5YbOotgaldSAr0d6 => Is moved successfully.
C:\Users\Danuška\AppData\Local\Temp\Skype\DbTemp\temp-sonu1AqKC5jj0O9mZWMuZPX2 => Is moved successfully.
C:\Users\Danuška\AppData\Local\Temp\Samsung Link\Logs\log4jDB.log => Is moved successfully.
C:\Users\Danuška\AppData\Local\Temp\Samsung Link\Logs\log4jMeta.log => Is moved successfully.
C:\Users\Danuška\AppData\Local\Temp => Moved successfully.

==== End of Fixlog 20:09:47 ====

Smazáno. Nastala nějaká změna?

Děkuji.
Počítač je opravdu v lepší kondici.
Už reaguje svižně a i načítání stránek je o mnoho lepší.
Nevíte proč mi nefunguje Chrome?
Před tím nešel spustit a tak jsem ho opětovně zkusil nainstalovat, ikonu mám na ploše i dole na rychlém spuštění, ale chrome se nespustí.
Přitom v Program files ..... ho vidím a je tam i chrome.exe.

To nevím! Zkuste reinstal.

Hezký sváteční den.

Tak vše je už OK.
Děkuji za pomoc.
Teď mám problém s mým počítačem. Otevřu nové vlákno a toto se asi může zamknout.

KEMA.

Klidně dejte sem.