Vyskakující reklamy v prohlížeči.

[Ondrastr]

Zdravím, v obou prohlížečích vyskakují reklamní banery a občas mi vyskočí i okno. Log přikládám., Dík. O.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Ondras at 2014-12-28 14:25:39
Microsoft Windows 8.1
System drive C: has 265 GB (57%) free of 466 GB
Total RAM: 3979 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:25:49, on 28. 12. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Smart File Advisor\SFAUpdater.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Ondras.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com/?pc=TEJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: uNisales - {2cca6973-50a3-49c0-9d77-fc13a5eb1def} - C:\Program Files (x86)\uNisales\OV987tDzf5uJWM.dll
O2 - BHO: unuisales - {598669cd-ffda-4d9a-84e2-c2c0ce468cd1} - C:\Program Files (x86)\unuisales\XzwH8MsjqP7o2k.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\Common~1\McAfee\Platform\mcuicnt.exe" /platui /runkey
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Smart File Advisor] "C:\Program Files (x86)\Smart File Advisor\sfa.exe" /checkassoc
O4 - HKLM\..\Run: [SFAUpdater] "C:\Program Files (x86)\Smart File Advisor\SFAUpdater.exe"
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DTS APO Service (dts_apo_service) - Unknown owner - C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Stardock Start8 (Start8) - Stardock Software, Inc - C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: TEMPRO Service (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA eco Utility Service - Toshiba Corporation - C:\Program Files\TOSHIBA\Teco\TecoService.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12706 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
"dwm.exe"
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe"
"C:\Program Files (x86)\Stardock\Start8\Start8_64.exe" START
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.exe"
"C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe"
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe"
"C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc
"C:\Windows\system32\mfevtps.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Windows\SysWOW64\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll", saHooker_Initialize_and_Wait
"C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\x64\saHook.dll", saHooker_Initialize_and_Wait
taskhostex.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\McAfee\MSC\McAPExe.exe"
"C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"
"C:\Program Files\TOSHIBA\Teco\TecoService.exe"
dashost.exe {9fe2cfa0-ed11-4daa-872706299499159b}
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe" /platui /runkey
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\Smart File Advisor\SFAUpdater.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Deskjet F4100 series#1414559815" -Startup
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding
"C:\Program Files\TOSHIBA\Teco\TecoResident.exe"
C:\Windows\system32\igfxtray.exe
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\Windows\system32\hkcmd.exe
C:\Windows\system32\igfxpers.exe
"C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4700.0.500958516\329731287" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,17,38 --gpu-vendor-id=0x8086 --gpu-device-id=0x0f31 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3355 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group4 dev:r1 prefetch_results:1 reuse_instant_search_base_page:1 allow_prefetch_non_default_match:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/NewAvatarMenu/PasswordGeneration/Disabled/Prerender/PrerenderMulti/PrerenderLocalPredictorSpec/cd=3:LocalPredictor=Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Default/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_49/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4700.2.1940409066\1426428159" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group4 dev:r1 prefetch_results:1 reuse_instant_search_base_page:1 allow_prefetch_non_default_match:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/NewAvatarMenu/PasswordGeneration/Disabled/Prerender/PrerenderMulti/PrerenderLocalPredictorSpec/cd=3:LocalPredictor=Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Default/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_49/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4700.4.783073866\1307274698" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group4 dev:r1 prefetch_results:1 reuse_instant_search_base_page:1 allow_prefetch_non_default_match:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/NewAvatarMenu/PasswordGeneration/Disabled/Prerender/PrerenderMulti/PrerenderLocalPredictorSpec/cd=3:LocalPredictor=Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Default/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_49/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4700.5.2086309451\541992443" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="4700.8.1900672369\1218205009" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe" /hide
"C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group4 dev:r1 prefetch_results:1 reuse_instant_search_base_page:1 allow_prefetch_non_default_match:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/NewAvatarMenu/PasswordGeneration/Disabled/Prerender/PrerenderMulti/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/cd=3:LocalPredictor=Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Default/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_49/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4700.9.1682040880\1509493872" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 556 560 568 65536 564

"C:\Users\Ondras\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\AutoKMS.job - C:\Windows\AutoKMS.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2cca6973-50a3-49c0-9d77-fc13a5eb1def}]
uNisales - C:\Program Files (x86)\uNisales\OV987tDzf5uJWM.x64.dll [2014-12-26 654336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{598669cd-ffda-4d9a-84e2-c2c0ce468cd1}]
unuisales - C:\Program Files (x86)\unuisales\XzwH8MsjqP7o2k.x64.dll [2014-12-26 654336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2014-10-30 294400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-24 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2cca6973-50a3-49c0-9d77-fc13a5eb1def}]
uNisales - C:\Program Files (x86)\uNisales\OV987tDzf5uJWM.dll [2014-12-26 512512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{598669cd-ffda-4d9a-84e2-c2c0ce468cd1}]
unuisales - C:\Program Files (x86)\unuisales\XzwH8MsjqP7o2k.dll [2014-12-26 512512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-03-29 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2014-10-30 241864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-19 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2014-10-30 294400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2014-10-30 241864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"TSSSrv"=C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [2013-10-22 296008]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"=C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [2013-12-27 1199576]
"AlcoholAutomount"=C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [2012-01-05 75624]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"mcpltui_exe"=C:\Program Files\Common~1\McAfee\Platform\mcuicnt.exe [2014-08-05 642040]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-24 926896]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"Smart File Advisor"=C:\Program Files (x86)\Smart File Advisor\sfa.exe [2014-10-10 283248]
"SFAUpdater"=C:\Program Files (x86)\Smart File Advisor\SFAUpdater.exe [2014-10-10 655472]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-11-13 624640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-12-28 14:25:39 ----D---- C:\rsit
2014-12-28 14:25:39 ----D---- C:\Program Files\trend micro
2014-12-28 14:13:43 ----D---- C:\AdwCleaner
2014-12-26 17:12:06 ----D---- C:\Program Files (x86)\uNisales
2014-12-26 17:11:43 ----D---- C:\ProgramData\hnadioegenodinooephbagidliafggbi
2014-12-26 17:03:48 ----D---- C:\Program Files (x86)\unuisales
2014-12-26 17:03:15 ----D---- C:\Program Files (x86)\unnissalEs
2014-12-26 17:02:51 ----D---- C:\ProgramData\ebbnknkkhhccdfihkhinohenbkkkckfl
2014-12-14 09:17:43 ----A---- C:\Windows\system32\poqexec.exe
2014-12-14 09:17:42 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2014-12-12 11:36:35 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-12-11 14:24:08 ----A---- C:\Windows\SYSWOW64\DeviceSetupStatusProvider.dll
2014-12-11 14:24:08 ----A---- C:\Windows\system32\DeviceSetupStatusProvider.dll
2014-12-11 14:24:05 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2014-12-11 14:24:05 ----A---- C:\Windows\system32\crypt32.dll
2014-12-11 14:19:42 ----A---- C:\Windows\system32\mshtml.dll
2014-12-11 14:19:40 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-12-11 14:19:35 ----A---- C:\Windows\system32\ieframe.dll
2014-12-11 14:19:34 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-12-11 14:19:33 ----A---- C:\Windows\system32\jscript9.dll
2014-12-11 14:19:32 ----A---- C:\Windows\system32\wininet.dll
2014-12-11 14:19:31 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-12-11 14:19:31 ----A---- C:\Windows\system32\urlmon.dll
2014-12-11 14:19:31 ----A---- C:\Windows\system32\iertutil.dll
2014-12-11 14:19:30 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-12-11 14:19:30 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-12-11 14:19:29 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-12-11 14:19:21 ----A---- C:\Windows\system32\ieapfltr.dll
2014-12-11 14:19:20 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-12-11 14:19:18 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-12-11 14:19:16 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-12-11 14:19:16 ----A---- C:\Windows\system32\msfeeds.dll
2014-12-11 14:19:15 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-12-11 14:19:15 ----A---- C:\Windows\system32\vbscript.dll
2014-12-11 14:19:15 ----A---- C:\Windows\system32\iedkcs32.dll
2014-12-11 14:19:15 ----A---- C:\Windows\system32\ie4uinit.exe
2014-12-11 14:19:13 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-12-11 14:19:13 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-12-11 14:19:13 ----A---- C:\Windows\system32\iepeers.dll
2014-12-11 14:19:12 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-12-11 14:19:12 ----A---- C:\Windows\system32\dxtrans.dll
2014-12-11 14:19:11 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2014-12-11 14:19:11 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-12-11 14:19:11 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2014-12-11 14:19:11 ----A---- C:\Windows\system32\webcheck.dll
2014-12-11 14:19:11 ----A---- C:\Windows\system32\mshtmled.dll
2014-12-11 14:19:10 ----A---- C:\Windows\SYSWOW64\jscript.dll
2014-12-11 14:19:10 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2014-12-11 14:19:10 ----A---- C:\Windows\system32\jscript.dll
2014-12-11 14:19:10 ----A---- C:\Windows\system32\inetcomm.dll
2014-12-11 14:18:45 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-12-11 14:18:45 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-12-11 14:18:23 ----A---- C:\Windows\system32\MrmCoreR.dll
2014-12-11 14:18:22 ----A---- C:\Windows\SYSWOW64\MrmCoreR.dll
2014-12-11 14:18:16 ----AC---- C:\Windows\system32\drivers\sdbus.sys
2014-12-11 14:18:16 ----AC---- C:\Windows\system32\drivers\dumpsd.sys
2014-12-11 14:18:15 ----AC---- C:\Windows\system32\drivers\intelpep.sys
2014-12-11 14:18:15 ----A---- C:\Windows\system32\drivers\pdc.sys
2014-12-06 16:34:46 ----D---- C:\Program Files (x86)\Smart File Advisor
2014-12-06 16:34:42 ----A---- C:\Windows\system32\drivers\axscsidrv.sys
2014-12-06 16:34:06 ----D---- C:\Program Files (x86)\Alcohol Soft
2014-12-06 16:31:16 ----A---- C:\Windows\system32\drivers\sptd.sys

======List of files/folders modified in the last 1 month======

2014-12-28 14:25:41 ----D---- C:\Windows\Temp
2014-12-28 14:25:39 ----RD---- C:\Program Files
2014-12-28 14:23:34 ----D---- C:\Windows\Inf
2014-12-28 14:19:59 ----AD---- C:\Windows
2014-12-28 14:17:38 ----RD---- C:\Program Files (x86)
2014-12-28 14:17:32 ----HD---- C:\ProgramData
2014-12-28 14:00:01 ----D---- C:\Windows\system32\sru
2014-12-28 10:36:14 ----D---- C:\Users\Ondras\AppData\Roaming\WiseUpdate
2014-12-28 04:21:12 ----D---- C:\Windows\Microsoft.NET
2014-12-27 18:02:04 ----RAD---- C:\Windows\System32
2014-12-27 18:02:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-12-27 10:52:14 ----SHD---- C:\System Volume Information
2014-12-27 10:18:34 ----D---- C:\Windows\AppReadiness
2014-12-26 18:52:14 ----D---- C:\Windows\system32\DriverStore
2014-12-26 18:51:32 ----D---- C:\Windows\system32\drivers
2014-12-19 18:31:38 ----D---- C:\Windows\system32\config
2014-12-19 17:34:10 ----D---- C:\Windows\WinSxS
2014-12-19 15:04:46 ----D---- C:\Windows\system32\catroot2
2014-12-18 14:14:14 ----HD---- C:\Program Files\WindowsApps
2014-12-18 13:43:25 ----D---- C:\Windows\CbsTemp
2014-12-16 20:59:23 ----D---- C:\Users\Ondras\AppData\Roaming\Skype
2014-12-14 11:19:12 ----D---- C:\Windows\SysWOW64
2014-12-13 08:43:02 ----D---- C:\Windows\rescache
2014-12-12 07:45:34 ----D---- C:\Windows\SYSWOW64\en-US
2014-12-12 07:45:34 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-12-12 07:45:34 ----D---- C:\Windows\system32\sr-Latn-RS
2014-12-12 07:45:34 ----D---- C:\Windows\system32\sr-Latn-CS
2014-12-12 07:45:34 ----D---- C:\Windows\system32\en-US
2014-12-12 07:45:34 ----D---- C:\Windows\system32\cs-CZ
2014-12-12 07:45:30 ----D---- C:\Windows\PolicyDefinitions
2014-12-12 07:45:30 ----D---- C:\Program Files\Internet Explorer
2014-12-12 07:45:30 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-12 04:22:21 ----SHD---- C:\Windows\Installer
2014-12-12 04:22:20 ----HD---- C:\Config.Msi
2014-12-12 04:22:13 ----D---- C:\ProgramData\Microsoft Help
2014-12-11 14:28:51 ----D---- C:\Windows\system32\MRT
2014-12-11 14:20:01 ----A---- C:\Windows\system32\MRT.exe
2014-12-02 20:21:47 ----RD---- C:\Program Files (x86)\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2014-07-18 786296]
R0 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2014-07-18 348552]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-12-06 386680]
R0 tos_sps64;@oem22.inf,%SERVICE_DESC_amd64%;TOSHIBA tos_sps64 Service; C:\Windows\System32\drivers\tos_sps64.sys [2012-06-18 499096]
R0 TVALZ;@oem19.inf,%TVALZ.SvcDesc%;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\System32\drivers\TVALZ_O.SYS [2013-08-15 32832]
R0 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\System32\Drivers\TVALZFL.sys [2013-06-08 17208]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R3 athr;@oem13.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athwbx.sys [2013-10-24 3858944]
R3 cfwids;McAfee Inc. cfwids; C:\Windows\system32\drivers\cfwids.sys [2014-07-18 72128]
R3 FwLnk;@oem21.inf,%DiskServiceDesc%;FwLnk Driver; C:\Windows\System32\drivers\FwLnk.sys [2013-08-20 9216]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-11-13 4208640]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-11-12 3713240]
R3 IntcDAud;@oem5.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-11-13 449496]
R3 iwdbus;@oem8.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2013-10-29 27032]
R3 mfeapfk;McAfee Inc. mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys [2014-07-18 181704]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2014-07-18 313800]
R3 mfefirek;McAfee Inc. mfefirek; C:\Windows\system32\drivers\mfefirek.sys [2014-07-18 526352]
R3 mfencbdc;McAfee Inc. mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [2014-07-24 444720]
R3 RSUSBVSTOR;@oem15.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2013-08-08 329944]
R3 RTL8168;@oem10.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2013-06-21 816344]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2014-08-06 34544]
R3 SynTP;@oem46.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2014-08-06 528112]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2012-07-25 31184]
R3 Thotkey;@oem16.inf,%Thotkey%;Toshiba Hotkey Driver; C:\Windows\System32\drivers\Thotkey.sys [2013-08-19 32624]
R3 tosrfec;@oem23.inf,%busenum.SVCDESC%;Bluetooth ACPI; C:\Windows\System32\drivers\tosrfec.sys [2013-11-01 27032]
R3 TXEIx64;@oem4.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\Windows\System32\drivers\TXEIx64.sys [2013-07-02 87568]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-08-22 212224]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\Windows\system32\drivers\mfeelamk.sys [2014-07-18 70600]
S3 axscsidrv;axscsidrv; C:\Windows\system32\drivers\axscsidrv.sys [2014-12-06 293888]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2013-10-01 594632]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2013-08-22 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\Windows\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2014-07-24 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2014-07-24 1200640]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-01-31 81920]
S3 dg_ssudbus;@oem29.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 dot4;@oem47.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2012-09-25 151968]
S3 Dot4Print;@oem48.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\Windows\System32\drivers\Dot4Prt.sys [2012-09-25 27040]
S3 dot4usb;@oem47.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2012-09-25 49056]
S3 HipShieldK;McAfee Inc. HipShieldK; C:\Windows\system32\drivers\HipShieldK.sys [2013-09-23 197704]
S3 intaud_WaveExtensible;@oem7.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2013-10-29 39320]
S3 iscFlash;iscFlash; \??\C:\Users\Ondras\AppData\Local\Temp\7zSC5F3.tmp\iscflashx64.sys [2013-02-25 60680]
S3 mfencrk;McAfee Inc. mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [2014-07-24 96592]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2014-01-27 167424]
S3 RTWlanE;@netrtwlane.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\Windows\system32\DRIVERS\rtwlane.sys [2013-07-31 1936088]
S3 ssudmdm;@oem34.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 ssudserd;@oem42.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudserd.sys [2014-01-22 206080]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-08-22 44544]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-24 65192]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-10-01 312448]
R2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.exe [2012-01-25 192792]
R2 dts_apo_service;DTS APO Service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [2013-11-06 19792]
R2 HomeNetSvc;McAfee Home Network; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-07-30 335064]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2013-08-22 37768]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-07-02 733696]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-07-30 335064]
R2 McAPExe;McAfee AP Service; C:\Program Files\McAfee\MSC\McAPExe.exe [2014-09-04 562200]
R2 McMPFSvc;McAfee Personal Firewall Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-07-30 335064]
R2 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-07-30 335064]
R2 mcpltsvc;McAfee Platform Services; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-07-30 335064]
R2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-07-30 335064]
R2 mfecore;McAfee Anti-Malware Core; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2014-07-24 1041192]
R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2014-07-18 219752]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2014-07-18 189912]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-14 769432]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2013-08-22 37768]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2013-08-22 37768]
R2 Start8;Stardock Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [2014-03-29 143288]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\Teco\TecoService.exe [2013-09-14 347488]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2013-08-22 37768]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 TMachInfo;TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2013-09-24 53864]
R3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2013-10-12 466504]
S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [2012-01-05 75624]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-27 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.exe [2012-01-25 240408]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-11-22 279024]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-22 43696]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-27 116648]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-07-02 822232]
S3 McODS;McAfee Scanner; C:\Program Files\mcafee\VirusScan\mcods.exe [2014-08-01 601864]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-10 174440]
S3 TemproMonitoringService;TEMPRO Service; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2013-07-19 116088]

-----------------EOF-----------------

[vyosek]

Zdravim

Ty Office by zaslouzily zakoupenou licenci a ne crack, co myslite

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Po spusteni probehne stazeni databaze
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  resethosts;
  emptyclsid;
  IEdefaults;
  FFdefaults;
  CHRdefaults;
  emptyIEcache;
  emptyFFcache;
  emptyCHRcache;
  emptyalltemp;
  emptyflash;
  emptyjava;
  emptyrecycle.bin;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[Ondrastr]

Taky zdravím, ty Oficce, bohužel mám doma korporátní multilicenci ale je nějaký problém s ověřením. Do té doby než to naši Ajťáci vyřeší s Microsoftem bohužel toto dočasné řešení.

První scan.
AdwCleaner v4.106 - Report created 28/12/2014 at 14:56:45
# Updated 21/12/2014 by Xplode
# Database : 2014-12-28.1 [Live]
# Operating System : Windows 8.1 (64 bits)
# Username : Ondras - ONDRA
# Running from : C:\Users\Ondras\Desktop\adwcleaner_4.106.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Google Chrome v39.0.2171.95


*************************

AdwCleaner[R0].txt - [8650 octets] - [28/12/2014 14:13:46]
AdwCleaner[R1].txt - [844 octets] - [28/12/2014 14:53:02]
AdwCleaner[S0].txt - [8907 octets] - [28/12/2014 14:17:32]
AdwCleaner[S1].txt - [766 octets] - [28/12/2014 14:56:45]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [825 octets] ##########

[Ondrastr]

Ten zoek mi MC Affe detekoval jako trojana.
Zoek.exe v5.0.0.0 Updated 24-12-2014
Tool run by Ondras on ne 28. 12. 2014 at 15:04:24,80.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Ondras\Desktop\zoek.exe [Scan all users] [Script inserted]

===== Runcheck 15:06:08,03 =====

--- Create Environment Variables 15:06:11,35
--- Create System Restore Point 15:06:24,08
--- Checking Input 15:07:29,95
--- Reset Hosts File 15:07:39,78
--- AU AppData Check 15:07:40,73
--- Remove From Windows Installer 15:07:46,44

[Ondrastr]

Tak a teď úplný scan, poprvé jsem se unáhlil.
Zoek.exe v5.0.0.0 Updated 24-12-2014
Tool run by Ondras on ne 28. 12. 2014 at 15:04:24,80.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Ondras\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

28. 12. 2014 15:07:27 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~3\Oracle deleted successfully
C:\Users\Ondras\AppData\Roaming\mkvtoolnix deleted successfully
C:\Users\Ondras\AppData\Roaming\WiseUpdate deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~3\ebbnknkkhhccdfihkhinohenbkkkckfl deleted
C:\PROGRA~3\hnadioegenodinooephbagidliafggbi deleted
C:\PROGRA~2\sweetpacks bundle uninstaller_SweetPlayer_1348381 deleted
C:\PROGRA~2\Wise\Wise Registry Cleaner deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart File Advisor deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\GPT.INI deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
"C:\Windows\Installer\228b0.msi" deleted
"C:\PROGRA~2\Smart File Advisor\SFAUpdater.exe" deleted
"C:\PROGRA~2\Smart File Advisor" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor" [21. 11. 2014 16:48]

==== Chromium Look ======================

Google Chrome Version: 39.0.2171.95 (Up to date, latest Stable version: 39.0.2171.95)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
fheoggkfdfchfphceeifdbepaooicaho - No path found[]


==== Chromium Startpages ======================

C:\Users\Ondras\AppData\Local\Google\Chrome\User Data\Default\Preferences
"startup_urls": [ "http://www.seznam.cz/" ],


==== Chromium Fix ======================

C:\Users\Ondras\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{FE3A96B7-3A03-49A3-94C0-FC2E8EDE94BD} Unknown Url="Not_Found"

==== Reset Google Chrome ======================

C:\Users\Ondras\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Ondras\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2531649694-1421795942-439383358-1001\Software\Microsoft\Internet Explorer\SearchScopes\{FE3A96B7-3A03-49A3-94C0-FC2E8EDE94BD} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E40670FF068C9E042A033EF74AF101A3 deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FF07604E-C860-40E9-A230-E37FA41F103A} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\E40670FF068C9E042A033EF74AF101A3 deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Ondras\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Ondras\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Ondras\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Ondras\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Ondras\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=101 folders=40 47718471 bytes)

==== Empty Temp Folders ======================

C:\Users\ADMINI~1\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Ondras\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Ondras\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ne 28. 12. 2014 at 15:32:39,75 ======================

[vyosek]

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

[Ondrastr]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-12-2014
Ran by Ondras at 2014-12-28 15:46:09
Running from C:\Users\Ondras\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus and Antispyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Antispyware (Disabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Reader XI - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Avidemux 2.6 - 64bits (HKLM-x32\...\Avidemux 2.6 - 64bits (64-bit)) (Version: 2.6.8.9046 - )
AviSynth (HKLM-x32\...\AviSynth) (Version: 2.6.0 MT - )
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DJ_AIO_NS_LP_DocCD (x32 Version: 90.0.222.000 - Hewlett-Packard) Hidden
DJ_AIO_ProductContext (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
DJ_AIO_Software (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
DJ_AIO_Software_min (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
DTS Sound (HKLM-x32\...\{2C7A5AF4-1793-4B5A-89C0-021FB198EDE8}) (Version: 1.01.3900 - DTS, Inc.)
Empress of the Deep - The Darkest Secret (x32 Version: 2.2.0.98 - WildTangent) Hidden
Evernote (HKLM-x32\...\Evernote) (Version: 1.0.0 - Evernote Launcher by Toshiba Europe GmbH)
F4100 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
F4100_Help (x32 Version: 90.0.222.000 - Hewlett-Packard) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet All-In-One Software (HKLM\...\{2CB8566A-8EA6-417A-BAB1-1B10A88C79BB}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3355 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1050 - Intel Corporation)
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
MarketResearch (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
McAfee AntiVirus Plus (HKLM-x32\...\MSC) (Version: 13.6.1248 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.154 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d07b0db5-8dad-40e1-be90-88026298a46b}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{2749c485-3a8b-4533-92ff-7cf6e8221cff}) (Version: 11.0.61030.0 - Microsoft Corporation)
MKVToolNix 7.3.0 (64bit) (HKLM-x32\...\MKVToolNix) (Version: 7.3.0 - Moritz Bunkus)
Nero 12 (HKLM-x32\...\{560FC78C-A4B2-461D-9B47-820C1EEF87B8}) (Version: 12.0.02000 - Nero AG)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.306 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7090 - Realtek Semiconductor Corp.)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.)
Smart File Advisor 1.1.6 (HKLM-x32\...\Smart File Advisor_is1) (Version: 1.1.6 - Filefacts.net)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB)
Stardock Start8 (HKLM\...\Start8_is1) (Version: 1.40.1 - Stardock Software, Inc.)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
SweeetPlayer bundle (HKLM-x32\...\SweeetPlayer bundle) (Version: 2.0.0.5 - Perion Network LTD.)
SweetPlayer version 1.0 (HKLM-x32\...\{3F5700A1-5116-4BAA-9AD8-3FB238BE9334}_is1) (Version: 1.0 - Perion Network Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.51 - Synaptics Incorporated)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TOSHIBA Desktop Assist (HKLM\...\{C4CDCEF0-0A7A-4425-887C-33E39533D758}) (Version: 1.03.01.6402 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{5F6AC07E-50EF-422E-B56E-6521E5B35139}) (Version: 1.1.12.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{94D2A899-0C34-4420-880E-AE337E635AB0}) (Version: 2.4.1.6403 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{1844CFE2-EBA3-490A-8A5E-9BFC646342FD}) (Version: 1.1.04.6403 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.18 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\{2DB90351-FBAA-472B-9F12-6E1EBBB354DE}) (Version: v2.1.0.15 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.10.1.6400 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.1.02.55065006 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{BFE4C813-4DD4-4B1C-97F4-76A459055C8D}) (Version: 2.6.13 - Toshiba Corporation)
TOSHIBA Start Screen Option (HKLM\...\{06B71035-F19F-4F76-9875-FFCCD4FC3F83}) (Version: 1.00.00.6403 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0032 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{4D57ED72-6B01-40BD-9CA9-012B8FC09CEB}) (Version: 2.0.0.32003 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.6.0 - Toshiba Europe GmbH)
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Universal Media Server (HKLM-x32\...\Universal Media Server) (Version: 3.4.2 - Universal Media Server) <==== ATTENTION!
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Welcome App (Start-up experience) (x32 Version: 12.0.14000 - Nero AG) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.9.7 - WildTangent) Hidden
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Wise Registry Cleaner 8.31 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 8.31 - WiseCleaner.com, Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

11-12-2014 14:08:19 Windows Update
19-12-2014 18:29:50 Naplánovaný kontrolní bod
27-12-2014 10:51:24 Naplánovaný kontrolní bod
28-12-2014 15:06:30 zoek.exe restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2014-12-28 15:07 - 00000753 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {03CF14AE-9454-4BE2-91F9-1261EB90ABD6} - System32\Tasks\TOSHIBA\Persistence => C:\Windows\system32\igfxpers.exe [2013-11-22] (Intel Corporation)
Task: {218C27C2-50AB-42B2-A654-A31E84E8E2B9} - System32\Tasks\TOSHIBA\TCrdMain => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2013-10-09] (TOSHIBA Corporation)
Task: {25640ED9-86FD-462C-8C17-A58B0BBE40E9} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-09-24] (TOSHIBA Corporation)
Task: {2E4A1259-538C-4E21-A720-DE496C371A97} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2013-07-19] (Toshiba Europe GmbH)
Task: {3AB697CF-62DA-4209-9CD7-AB21E07FCC32} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-08-06] (Synaptics Incorporated)
Task: {3CA29645-82AC-45C5-9AA4-836787928E58} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-27] (Google Inc.)
Task: {40A64CDA-E610-43A5-876F-D1BA09C552AD} - System32\Tasks\TOSHIBA\TSVU => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [2013-07-23] (TOSHIBA)
Task: {45B81B55-4595-4467-8C9A-402C0F4DBBA4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-27] (Google Inc.)
Task: {4AC14172-E604-4E03-8C27-0ABE0C9C9280} - System32\Tasks\TOSHIBA\TecoResident => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [2013-10-15] (TOSHIBA Corporation)
Task: {58BE96D8-9828-4BA7-A82F-BF4E49AA7C6B} - System32\Tasks\TOSHIBA\HotKeysCmds => C:\Windows\system32\hkcmd.exe [2013-11-22] (Intel Corporation)
Task: {69A5FB7D-4AF4-42A0-AF38-0C62DD6283A0} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {A99696FA-1581-4F78-9620-482A3F43CC09} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe [2014-03-28] ()
Task: {A9DC824F-61ED-4176-9455-9302E01ED56F} - System32\Tasks\TOSHIBA\TosWaitSrv => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2013-08-14] (TOSHIBA Corporation)
Task: {EDB45DBD-F5D4-4B83-A73C-9A19F8EC0FF1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-12-11] (Microsoft Corporation)
Task: {EFA5DDF8-5789-488E-80D6-9043B3D708ED} - System32\Tasks\TOSHIBA\IgfxTray => C:\Windows\system32\igfxtray.exe [2013-11-22] (Intel Corporation)
Task: {FE79FB96-AB72-44FC-81BC-0DE089555430} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-10-24] (Realtek Semiconductor)
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-11-06 23:26 - 2013-11-06 23:26 - 00019792 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2013-09-05 08:17 - 2013-09-05 08:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2012-07-19 03:38 - 2012-07-19 03:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2014-12-11 23:58 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-11 23:58 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-11 23:58 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-11 23:58 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Ondras\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-2531649694-1421795942-439383358-1001\...\StartupApproved\Run: => "Spotify Web Helper"

========================= Accounts: ==========================

Administrator (S-1-5-21-2531649694-1421795942-439383358-500 - Administrator - Disabled)
Guest (S-1-5-21-2531649694-1421795942-439383358-501 - Limited - Disabled)
Ondras (S-1-5-21-2531649694-1421795942-439383358-1001 - Administrator - Enabled) => C:\Users\Ondras

==================== Faulty Device Manager Devices =============

Name: Neznámé zařízení USB (požadavek popisovače zařízení selhal)
Description: Neznámé zařízení USB (požadavek popisovače zařízení selhal)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standardní hostitelský řadič USB)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/28/2014 03:15:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program McUICnt.exe verze 6.6.179.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 774

Čas spuštění: 01d022a8955c3fd0

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe

ID hlášení: f9bafeb2-8e9b-11e4-82bc-008cfa928d1f

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (12/28/2014 04:21:42 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro ACME,processorArchitecture="x86",type="win32",version="12.0.0.0"1 se nezdařilo.
Závislé sestavení ACME,processorArchitecture="x86",type="win32",version="12.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/28/2014 04:21:40 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"1 se nezdařilo. Chyba v souboru manifestu nebo zásady SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"2 na řádku SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"3.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je SMC,processorArchitecture="x86",type="win32",version="8.2.0.0".
Definice je SMC,processorArchitecture="x86",type="win32",version="12.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/27/2014 10:50:06 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro ACME,processorArchitecture="x86",type="win32",version="12.0.0.0"1 se nezdařilo.
Závislé sestavení ACME,processorArchitecture="x86",type="win32",version="12.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/27/2014 10:50:05 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"1 se nezdařilo. Chyba v souboru manifestu nebo zásady SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"2 na řádku SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"3.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je SMC,processorArchitecture="x86",type="win32",version="8.2.0.0".
Definice je SMC,processorArchitecture="x86",type="win32",version="12.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/27/2014 10:47:07 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro ACME,processorArchitecture="x86",type="win32",version="12.0.0.0"1 se nezdařilo.
Závislé sestavení ACME,processorArchitecture="x86",type="win32",version="12.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/27/2014 10:47:04 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"1 se nezdařilo. Chyba v souboru manifestu nebo zásady SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"2 na řádku SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"3.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je SMC,processorArchitecture="x86",type="win32",version="8.2.0.0".
Definice je SMC,processorArchitecture="x86",type="win32",version="12.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/25/2014 10:41:27 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro ACME,processorArchitecture="x86",type="win32",version="12.0.0.0"1 se nezdařilo.
Závislé sestavení ACME,processorArchitecture="x86",type="win32",version="12.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/25/2014 10:41:24 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"1 se nezdařilo. Chyba v souboru manifestu nebo zásady SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"2 na řádku SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"3.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je SMC,processorArchitecture="x86",type="win32",version="8.2.0.0".
Definice je SMC,processorArchitecture="x86",type="win32",version="12.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/25/2014 00:34:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SynTPEnh.exe, verze: 17.0.10.51, časové razítko: 0x53d06d8c
Název chybujícího modulu: SynTPEnh.exe, verze: 17.0.10.51, časové razítko: 0x53d06d8c
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007f872
ID chybujícího procesu: 0xfec
Čas spuštění chybující aplikace: 0xSynTPEnh.exe0
Cesta k chybující aplikaci: SynTPEnh.exe1
Cesta k chybujícímu modulu: SynTPEnh.exe2
ID zprávy: SynTPEnh.exe3
Úplný název chybujícího balíčku: SynTPEnh.exe4
ID aplikace související s chybujícím balíčkem: SynTPEnh.exe5


System errors:
=============
Error: (12/28/2014 03:26:53 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název ONDRA :20 nelze zaregistrovat v rozhraní s IP adresou 192.168.2.106.
Počítač s IP adresou 192.168.2.105 nepovolil získání názvu
tímto počítačem.

Error: (12/28/2014 03:26:53 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název ONDRA :0 nelze zaregistrovat v rozhraní s IP adresou 192.168.2.106.
Počítač s IP adresou 192.168.2.105 nepovolil získání názvu
tímto počítačem.

Error: (12/28/2014 03:26:53 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{B3E286DE-24BA-478E-AC3A-918D6410A04A}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (12/28/2014 03:26:32 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (12/28/2014 03:26:31 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (12/28/2014 03:26:31 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (12/28/2014 03:26:30 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (12/28/2014 03:26:30 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (12/28/2014 02:18:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Search neuspěla při spuštění v důsledku následující chyby:
%%1069

Error: (12/28/2014 02:18:12 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba WSearch se nemohla přihlásit jako NT AUTHORITY\SYSTEM s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%50

Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).


Microsoft Office Sessions:
=========================
Error: (12/28/2014 03:15:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: McUICnt.exe6.6.179.077401d022a8955c3fd04294967295C:\Program Files\Common Files\McAfee\Platform\McUICnt.exef9bafeb2-8e9b-11e4-82bc-008cfa928d1f

Error: (12/28/2014 04:21:42 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: ACME,processorArchitecture="x86",type="win32",version="12.0.0.0"c:\program files (x86)\Nero\Nero 12\nero recode\NeroBRServer.exe.Manifest

Error: (12/28/2014 04:21:40 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"SMC,processorArchitecture="x86",type="win32",version="12.0.0.0"c:\program files (x86)\Nero\Nero 12\nero burning rom\NeroCmd.exe.Manifestc:\program files (x86)\Nero\Nero 12\nero burning rom\SMC\SMC.MANIFEST3

Error: (12/27/2014 10:50:06 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: ACME,processorArchitecture="x86",type="win32",version="12.0.0.0"c:\program files (x86)\Nero\Nero 12\nero recode\NeroBRServer.exe.Manifest

Error: (12/27/2014 10:50:05 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"SMC,processorArchitecture="x86",type="win32",version="12.0.0.0"c:\program files (x86)\Nero\Nero 12\nero burning rom\NeroCmd.exe.Manifestc:\program files (x86)\Nero\Nero 12\nero burning rom\SMC\SMC.MANIFEST3

Error: (12/27/2014 10:47:07 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: ACME,processorArchitecture="x86",type="win32",version="12.0.0.0"c:\program files (x86)\Nero\Nero 12\nero recode\NeroBRServer.exe.Manifest

Error: (12/27/2014 10:47:04 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"SMC,processorArchitecture="x86",type="win32",version="12.0.0.0"c:\program files (x86)\Nero\Nero 12\nero burning rom\NeroCmd.exe.Manifestc:\program files (x86)\Nero\Nero 12\nero burning rom\SMC\SMC.MANIFEST3

Error: (12/25/2014 10:41:27 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: ACME,processorArchitecture="x86",type="win32",version="12.0.0.0"c:\program files (x86)\Nero\Nero 12\nero recode\NeroBRServer.exe.Manifest

Error: (12/25/2014 10:41:24 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"SMC,processorArchitecture="x86",type="win32",version="12.0.0.0"c:\program files (x86)\Nero\Nero 12\nero burning rom\NeroCmd.exe.Manifestc:\program files (x86)\Nero\Nero 12\nero burning rom\SMC\SMC.MANIFEST3

Error: (12/25/2014 00:34:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: SynTPEnh.exe17.0.10.5153d06d8cSynTPEnh.exe17.0.10.5153d06d8cc0000005000000000007f872fec01d01f82c4817573C:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exe67b692f0-8bc5-11e4-82b5-40f02f281627


==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU N2820 @ 2.13GHz
Percentage of memory in use: 42%
Total physical RAM: 3979.19 MB
Available physical RAM: 2306.83 MB
Total Pagefile: 4683.19 MB
Available Pagefile: 2770.48 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (TI31262600A) (Fixed) (Total:454.65 GB) (Free:281.46 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

[Ondrastr]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-12-2014
Ran by Ondras at 2014-12-28 15:46:09
Running from C:\Users\Ondras\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus and Antispyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Antispyware (Disabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Reader XI - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Avidemux 2.6 - 64bits (HKLM-x32\...\Avidemux 2.6 - 64bits (64-bit)) (Version: 2.6.8.9046 - )
AviSynth (HKLM-x32\...\AviSynth) (Version: 2.6.0 MT - )
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DJ_AIO_NS_LP_DocCD (x32 Version: 90.0.222.000 - Hewlett-Packard) Hidden
DJ_AIO_ProductContext (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
DJ_AIO_Software (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
DJ_AIO_Software_min (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
DTS Sound (HKLM-x32\...\{2C7A5AF4-1793-4B5A-89C0-021FB198EDE8}) (Version: 1.01.3900 - DTS, Inc.)
Empress of the Deep - The Darkest Secret (x32 Version: 2.2.0.98 - WildTangent) Hidden
Evernote (HKLM-x32\...\Evernote) (Version: 1.0.0 - Evernote Launcher by Toshiba Europe GmbH)
F4100 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
F4100_Help (x32 Version: 90.0.222.000 - Hewlett-Packard) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet All-In-One Software (HKLM\...\{2CB8566A-8EA6-417A-BAB1-1B10A88C79BB}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3355 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1050 - Intel Corporation)
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
MarketResearch (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
McAfee AntiVirus Plus (HKLM-x32\...\MSC) (Version: 13.6.1248 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.154 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d07b0db5-8dad-40e1-be90-88026298a46b}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{2749c485-3a8b-4533-92ff-7cf6e8221cff}) (Version: 11.0.61030.0 - Microsoft Corporation)
MKVToolNix 7.3.0 (64bit) (HKLM-x32\...\MKVToolNix) (Version: 7.3.0 - Moritz Bunkus)
Nero 12 (HKLM-x32\...\{560FC78C-A4B2-461D-9B47-820C1EEF87B8}) (Version: 12.0.02000 - Nero AG)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.306 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7090 - Realtek Semiconductor Corp.)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.)
Smart File Advisor 1.1.6 (HKLM-x32\...\Smart File Advisor_is1) (Version: 1.1.6 - Filefacts.net)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB)
Stardock Start8 (HKLM\...\Start8_is1) (Version: 1.40.1 - Stardock Software, Inc.)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
SweeetPlayer bundle (HKLM-x32\...\SweeetPlayer bundle) (Version: 2.0.0.5 - Perion Network LTD.)
SweetPlayer version 1.0 (HKLM-x32\...\{3F5700A1-5116-4BAA-9AD8-3FB238BE9334}_is1) (Version: 1.0 - Perion Network Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.51 - Synaptics Incorporated)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TOSHIBA Desktop Assist (HKLM\...\{C4CDCEF0-0A7A-4425-887C-33E39533D758}) (Version: 1.03.01.6402 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{5F6AC07E-50EF-422E-B56E-6521E5B35139}) (Version: 1.1.12.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{94D2A899-0C34-4420-880E-AE337E635AB0}) (Version: 2.4.1.6403 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{1844CFE2-EBA3-490A-8A5E-9BFC646342FD}) (Version: 1.1.04.6403 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.18 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\{2DB90351-FBAA-472B-9F12-6E1EBBB354DE}) (Version: v2.1.0.15 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.10.1.6400 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.1.02.55065006 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{BFE4C813-4DD4-4B1C-97F4-76A459055C8D}) (Version: 2.6.13 - Toshiba Corporation)
TOSHIBA Start Screen Option (HKLM\...\{06B71035-F19F-4F76-9875-FFCCD4FC3F83}) (Version: 1.00.00.6403 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0032 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{4D57ED72-6B01-40BD-9CA9-012B8FC09CEB}) (Version: 2.0.0.32003 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.6.0 - Toshiba Europe GmbH)
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Universal Media Server (HKLM-x32\...\Universal Media Server) (Version: 3.4.2 - Universal Media Server) <==== ATTENTION!
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Welcome App (Start-up experience) (x32 Version: 12.0.14000 - Nero AG) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.9.7 - WildTangent) Hidden
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Wise Registry Cleaner 8.31 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 8.31 - WiseCleaner.com, Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

11-12-2014 14:08:19 Windows Update
19-12-2014 18:29:50 Naplánovaný kontrolní bod
27-12-2014 10:51:24 Naplánovaný kontrolní bod
28-12-2014 15:06:30 zoek.exe restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2014-12-28 15:07 - 00000753 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {03CF14AE-9454-4BE2-91F9-1261EB90ABD6} - System32\Tasks\TOSHIBA\Persistence => C:\Windows\system32\igfxpers.exe [2013-11-22] (Intel Corporation)
Task: {218C27C2-50AB-42B2-A654-A31E84E8E2B9} - System32\Tasks\TOSHIBA\TCrdMain => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2013-10-09] (TOSHIBA Corporation)
Task: {25640ED9-86FD-462C-8C17-A58B0BBE40E9} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-09-24] (TOSHIBA Corporation)
Task: {2E4A1259-538C-4E21-A720-DE496C371A97} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2013-07-19] (Toshiba Europe GmbH)
Task: {3AB697CF-62DA-4209-9CD7-AB21E07FCC32} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-08-06] (Synaptics Incorporated)
Task: {3CA29645-82AC-45C5-9AA4-836787928E58} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-27] (Google Inc.)
Task: {40A64CDA-E610-43A5-876F-D1BA09C552AD} - System32\Tasks\TOSHIBA\TSVU => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [2013-07-23] (TOSHIBA)
Task: {45B81B55-4595-4467-8C9A-402C0F4DBBA4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-27] (Google Inc.)
Task: {4AC14172-E604-4E03-8C27-0ABE0C9C9280} - System32\Tasks\TOSHIBA\TecoResident => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [2013-10-15] (TOSHIBA Corporation)
Task: {58BE96D8-9828-4BA7-A82F-BF4E49AA7C6B} - System32\Tasks\TOSHIBA\HotKeysCmds => C:\Windows\system32\hkcmd.exe [2013-11-22] (Intel Corporation)
Task: {69A5FB7D-4AF4-42A0-AF38-0C62DD6283A0} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {A99696FA-1581-4F78-9620-482A3F43CC09} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe [2014-03-28] ()
Task: {A9DC824F-61ED-4176-9455-9302E01ED56F} - System32\Tasks\TOSHIBA\TosWaitSrv => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2013-08-14] (TOSHIBA Corporation)
Task: {EDB45DBD-F5D4-4B83-A73C-9A19F8EC0FF1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-12-11] (Microsoft Corporation)
Task: {EFA5DDF8-5789-488E-80D6-9043B3D708ED} - System32\Tasks\TOSHIBA\IgfxTray => C:\Windows\system32\igfxtray.exe [2013-11-22] (Intel Corporation)
Task: {FE79FB96-AB72-44FC-81BC-0DE089555430} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-10-24] (Realtek Semiconductor)
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-11-06 23:26 - 2013-11-06 23:26 - 00019792 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2013-09-05 08:17 - 2013-09-05 08:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2012-07-19 03:38 - 2012-07-19 03:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2014-12-11 23:58 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-11 23:58 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-11 23:58 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-11 23:58 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Ondras\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-2531649694-1421795942-439383358-1001\...\StartupApproved\Run: => "Spotify Web Helper"

========================= Accounts: ==========================

Administrator (S-1-5-21-2531649694-1421795942-439383358-500 - Administrator - Disabled)
Guest (S-1-5-21-2531649694-1421795942-439383358-501 - Limited - Disabled)
Ondras (S-1-5-21-2531649694-1421795942-439383358-1001 - Administrator - Enabled) => C:\Users\Ondras

==================== Faulty Device Manager Devices =============

Name: Neznámé zařízení USB (požadavek popisovače zařízení selhal)
Description: Neznámé zařízení USB (požadavek popisovače zařízení selhal)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standardní hostitelský řadič USB)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/28/2014 03:15:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program McUICnt.exe verze 6.6.179.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 774

Čas spuštění: 01d022a8955c3fd0

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe

ID hlášení: f9bafeb2-8e9b-11e4-82bc-008cfa928d1f

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (12/28/2014 04:21:42 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro ACME,processorArchitecture="x86",type="win32",version="12.0.0.0"1 se nezdařilo.
Závislé sestavení ACME,processorArchitecture="x86",type="win32",version="12.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/28/2014 04:21:40 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"1 se nezdařilo. Chyba v souboru manifestu nebo zásady SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"2 na řádku SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"3.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je SMC,processorArchitecture="x86",type="win32",version="8.2.0.0".
Definice je SMC,processorArchitecture="x86",type="win32",version="12.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/27/2014 10:50:06 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro ACME,processorArchitecture="x86",type="win32",version="12.0.0.0"1 se nezdařilo.
Závislé sestavení ACME,processorArchitecture="x86",type="win32",version="12.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/27/2014 10:50:05 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"1 se nezdařilo. Chyba v souboru manifestu nebo zásady SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"2 na řádku SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"3.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je SMC,processorArchitecture="x86",type="win32",version="8.2.0.0".
Definice je SMC,processorArchitecture="x86",type="win32",version="12.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/27/2014 10:47:07 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro ACME,processorArchitecture="x86",type="win32",version="12.0.0.0"1 se nezdařilo.
Závislé sestavení ACME,processorArchitecture="x86",type="win32",version="12.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/27/2014 10:47:04 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"1 se nezdařilo. Chyba v souboru manifestu nebo zásady SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"2 na řádku SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"3.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je SMC,processorArchitecture="x86",type="win32",version="8.2.0.0".
Definice je SMC,processorArchitecture="x86",type="win32",version="12.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/25/2014 10:41:27 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro ACME,processorArchitecture="x86",type="win32",version="12.0.0.0"1 se nezdařilo.
Závislé sestavení ACME,processorArchitecture="x86",type="win32",version="12.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/25/2014 10:41:24 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"1 se nezdařilo. Chyba v souboru manifestu nebo zásady SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"2 na řádku SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"3.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je SMC,processorArchitecture="x86",type="win32",version="8.2.0.0".
Definice je SMC,processorArchitecture="x86",type="win32",version="12.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/25/2014 00:34:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SynTPEnh.exe, verze: 17.0.10.51, časové razítko: 0x53d06d8c
Název chybujícího modulu: SynTPEnh.exe, verze: 17.0.10.51, časové razítko: 0x53d06d8c
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007f872
ID chybujícího procesu: 0xfec
Čas spuštění chybující aplikace: 0xSynTPEnh.exe0
Cesta k chybující aplikaci: SynTPEnh.exe1
Cesta k chybujícímu modulu: SynTPEnh.exe2
ID zprávy: SynTPEnh.exe3
Úplný název chybujícího balíčku: SynTPEnh.exe4
ID aplikace související s chybujícím balíčkem: SynTPEnh.exe5


System errors:
=============
Error: (12/28/2014 03:26:53 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název ONDRA :20 nelze zaregistrovat v rozhraní s IP adresou 192.168.2.106.
Počítač s IP adresou 192.168.2.105 nepovolil získání názvu
tímto počítačem.

Error: (12/28/2014 03:26:53 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název ONDRA :0 nelze zaregistrovat v rozhraní s IP adresou 192.168.2.106.
Počítač s IP adresou 192.168.2.105 nepovolil získání názvu
tímto počítačem.

Error: (12/28/2014 03:26:53 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{B3E286DE-24BA-478E-AC3A-918D6410A04A}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (12/28/2014 03:26:32 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (12/28/2014 03:26:31 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (12/28/2014 03:26:31 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (12/28/2014 03:26:30 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (12/28/2014 03:26:30 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (12/28/2014 02:18:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Search neuspěla při spuštění v důsledku následující chyby:
%%1069

Error: (12/28/2014 02:18:12 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba WSearch se nemohla přihlásit jako NT AUTHORITY\SYSTEM s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%50

Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).


Microsoft Office Sessions:
=========================
Error: (12/28/2014 03:15:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: McUICnt.exe6.6.179.077401d022a8955c3fd04294967295C:\Program Files\Common Files\McAfee\Platform\McUICnt.exef9bafeb2-8e9b-11e4-82bc-008cfa928d1f

Error: (12/28/2014 04:21:42 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: ACME,processorArchitecture="x86",type="win32",version="12.0.0.0"c:\program files (x86)\Nero\Nero 12\nero recode\NeroBRServer.exe.Manifest

Error: (12/28/2014 04:21:40 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"SMC,processorArchitecture="x86",type="win32",version="12.0.0.0"c:\program files (x86)\Nero\Nero 12\nero burning rom\NeroCmd.exe.Manifestc:\program files (x86)\Nero\Nero 12\nero burning rom\SMC\SMC.MANIFEST3

Error: (12/27/2014 10:50:06 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: ACME,processorArchitecture="x86",type="win32",version="12.0.0.0"c:\program files (x86)\Nero\Nero 12\nero recode\NeroBRServer.exe.Manifest

Error: (12/27/2014 10:50:05 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"SMC,processorArchitecture="x86",type="win32",version="12.0.0.0"c:\program files (x86)\Nero\Nero 12\nero burning rom\NeroCmd.exe.Manifestc:\program files (x86)\Nero\Nero 12\nero burning rom\SMC\SMC.MANIFEST3

Error: (12/27/2014 10:47:07 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: ACME,processorArchitecture="x86",type="win32",version="12.0.0.0"c:\program files (x86)\Nero\Nero 12\nero recode\NeroBRServer.exe.Manifest

Error: (12/27/2014 10:47:04 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"SMC,processorArchitecture="x86",type="win32",version="12.0.0.0"c:\program files (x86)\Nero\Nero 12\nero burning rom\NeroCmd.exe.Manifestc:\program files (x86)\Nero\Nero 12\nero burning rom\SMC\SMC.MANIFEST3

Error: (12/25/2014 10:41:27 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: ACME,processorArchitecture="x86",type="win32",version="12.0.0.0"c:\program files (x86)\Nero\Nero 12\nero recode\NeroBRServer.exe.Manifest

Error: (12/25/2014 10:41:24 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: SMC,processorArchitecture="x86",type="win32",version="8.2.0.0"SMC,processorArchitecture="x86",type="win32",version="12.0.0.0"c:\program files (x86)\Nero\Nero 12\nero burning rom\NeroCmd.exe.Manifestc:\program files (x86)\Nero\Nero 12\nero burning rom\SMC\SMC.MANIFEST3

Error: (12/25/2014 00:34:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: SynTPEnh.exe17.0.10.5153d06d8cSynTPEnh.exe17.0.10.5153d06d8cc0000005000000000007f872fec01d01f82c4817573C:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exe67b692f0-8bc5-11e4-82b5-40f02f281627


==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU N2820 @ 2.13GHz
Percentage of memory in use: 42%
Total physical RAM: 3979.19 MB
Available physical RAM: 2306.83 MB
Total Pagefile: 4683.19 MB
Available Pagefile: 2770.48 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (TI31262600A) (Fixed) (Total:454.65 GB) (Free:281.46 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

[Ondrastr]

Ještě zararovaný log.

[vyosek]

Do prispevku jste dal Addition.txt a do raru taky, takze jeste poprosim o FRST.txt

[Ondrastr]

Omlouvám se, jsem nějaký roztržitý. Tady je. Jinak se zdá že problémy zmizely.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-12-2014
Ran by Ondras (administrator) on ONDRA on 28-12-2014 15:44:40
Running from C:\Users\Ondras\Desktop
Loaded Profile: Ondras (Available profiles: Ondras)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.EXE
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(McAfee, Inc.) C:\Program Files\mcafee\MSC\McAPExe.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(Společnost TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(forum.viry.cz) C:\Users\Ondras\Desktop\FRSTLauncher (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296008 2013-10-22] (TOSHIBA Corporation)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [642040 2014-08-05] (McAfee, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Smart File Advisor] => "C:\Program Files (x86)\Smart File Advisor\sfa.exe" /checkassoc
HKLM-x32\...\Run: [SFAUpdater] => "C:\Program Files (x86)\Smart File Advisor\SFAUpdater.exe"
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-2531649694-1421795942-439383358-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1199576 2013-12-27] (Spotify Ltd)
HKU\S-1-5-21-2531649694-1421795942-439383358-1001\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
HKU\S-1-5-21-2531649694-1421795942-439383358-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2531649694-1421795942-439383358-1001\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-2531649694-1421795942-439383358-1001\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2531649694-1421795942-439383358-1001\...\MountPoints2: {16c9c6b1-fda5-11e3-8277-40f02f281627} - "E:\WD SmartWare.exe" autoplay=true
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
BootExecute: autocheck autochk /m /P \Device\HarddiskVolume28autocheck autochk *

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2531649694-1421795942-439383358-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2531649694-1421795942-439383358-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com/?pc=TEJB
HKU\S-1-5-21-2531649694-1421795942-439383358-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://toshiba.eu/symbaloo_c
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2531649694-1421795942-439383358-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: uNisales -> {2cca6973-50a3-49c0-9d77-fc13a5eb1def} -> C:\Program Files (x86)\uNisales\OV987tDzf5uJWM.x64.dll ()
BHO: unuisales -> {598669cd-ffda-4d9a-84e2-c2c0ce468cd1} -> C:\Program Files (x86)\unuisales\XzwH8MsjqP7o2k.x64.dll ()
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: uNisales -> {2cca6973-50a3-49c0-9d77-fc13a5eb1def} -> C:\Program Files (x86)\uNisales\OV987tDzf5uJWM.dll ()
BHO-x32: unuisales -> {598669cd-ffda-4d9a-84e2-c2c0ce468cd1} -> C:\Program Files (x86)\unuisales\XzwH8MsjqP7o2k.dll ()
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-03-27]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Ondras\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Ondras\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-28]
CHR Extension: (Docs) - C:\Users\Ondras\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-27]
CHR Extension: (Disk Google) - C:\Users\Ondras\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-27]
CHR Extension: (YouTube) - C:\Users\Ondras\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-27]
CHR Extension: (Vyhledávání Google) - C:\Users\Ondras\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-27]
CHR Extension: (Tabulky Google) - C:\Users\Ondras\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-28]
CHR Extension: (SiteAdvisor) - C:\Users\Ondras\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-12-28]
CHR Extension: (Gmail) - C:\Users\Ondras\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-27]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-11-20]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-10-01] (Windows (R) Win 7 DDK provider)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-11-06] ()
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2014-09-04] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [601864 2014-08-01] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-07-24] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-07-18] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-07-18] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [143288 2014-03-29] (Stardock Software, Inc)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
R3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-07-19] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3858944 2013-10-24] (Qualcomm Atheros Communications, Inc.)
U3 axscsidrv; C:\Windows\System32\Drivers\axscsidrv.sys [293888 2014-12-06] (Alcohol Soft Development Team)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-07-18] (McAfee, Inc.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-09-25] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-09-25] (Windows (R) Win 7 DDK provider)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-07-18] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313800 2014-07-18] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-07-18] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526352 2014-07-18] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-07-18] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [444720 2014-07-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-07-18] (McAfee, Inc.)
S3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2014-08-06] (Synaptics Incorporated)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-12-06] (Duplex Secure Ltd.)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows (R) Win 7 DDK provider)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [87568 2013-07-02] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 iscFlash; \??\C:\Users\Ondras\AppData\Local\Temp\7zSC5F3.tmp\iscflashx64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-28 15:44 - 2014-12-28 15:45 - 00020586 _____ () C:\Users\Ondras\Desktop\FRST.txt
2014-12-28 15:44 - 2014-12-28 15:44 - 00000000 ____D () C:\FRST
2014-12-28 15:42 - 2014-12-28 15:42 - 00112640 _____ (forum.viry.cz) C:\Users\Ondras\Desktop\FRSTLauncher (1).exe
2014-12-28 15:41 - 2014-12-28 15:41 - 02122752 _____ (Farbar) C:\Users\Ondras\Downloads\FRST64 (1).exe
2014-12-28 15:40 - 2014-12-28 15:40 - 02122752 _____ (Farbar) C:\Users\Ondras\Desktop\FRST64.exe
2014-12-28 15:30 - 2014-12-28 15:03 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-12-28 15:06 - 2014-12-28 15:32 - 00007513 _____ () C:\zoek-results.log
2014-12-28 15:03 - 2014-12-28 15:27 - 00000000 ____D () C:\zoek_backup
2014-12-28 14:46 - 2014-12-28 14:46 - 02173952 _____ () C:\Users\Ondras\Desktop\adwcleaner_4.106.exe
2014-12-28 14:25 - 2014-12-28 14:25 - 00000000 ____D () C:\rsit
2014-12-28 14:25 - 2014-12-28 14:25 - 00000000 ____D () C:\Program Files\trend micro
2014-12-28 14:24 - 2014-12-28 14:24 - 01222144 _____ () C:\Users\Ondras\Desktop\RSITx64.exe
2014-12-28 14:13 - 2014-12-28 14:56 - 00000000 ____D () C:\AdwCleaner
2014-12-28 10:32 - 2014-12-28 10:32 - 00000000 __SHD () C:\Users\Ondras\AppData\Local\EmieBrowserModeList
2014-12-26 17:12 - 2014-12-26 17:12 - 00000000 ____D () C:\Program Files (x86)\uNisales
2014-12-26 17:03 - 2014-12-26 17:03 - 00000000 ____D () C:\Program Files (x86)\unuisales
2014-12-26 17:03 - 2014-12-26 17:03 - 00000000 ____D () C:\Program Files (x86)\unnissalEs
2014-12-25 12:41 - 2014-12-26 18:00 - 00000000 ____D () C:\Users\Ondras\Documents\Sygic GPS Navigation 14.7.1 Final
2014-12-14 09:17 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-12-14 09:17 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-12-12 11:36 - 2014-11-26 22:10 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-12 11:36 - 2014-11-26 22:10 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-11 14:24 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupStatusProvider.dll
2014-12-11 14:24 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-11 14:24 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-12-11 14:24 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-12-11 14:19 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-11 14:19 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-11 14:19 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-11 14:19 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-12-11 14:19 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-11 14:19 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-11 14:19 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-11 14:19 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-11 14:19 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-11 14:19 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-11 14:19 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-12-11 14:19 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-12-11 14:19 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-11 14:19 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-11 14:19 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-11 14:19 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-12-11 14:19 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-11 14:19 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-12-11 14:19 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-11 14:19 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-11 14:19 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-11 14:19 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-11 14:19 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-11 14:19 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-11 14:19 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-12-11 14:19 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-11 14:19 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-11 14:19 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-12-11 14:19 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-11 14:19 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-12-11 14:19 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-11 14:19 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-11 14:19 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-11 14:19 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-11 14:19 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-11 14:19 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-11 14:19 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-11 14:19 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-11 14:19 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-11 14:18 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-11 14:18 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-11 14:18 - 2014-11-01 00:57 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-12-11 14:18 - 2014-11-01 00:47 - 00790528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-12-11 14:18 - 2014-10-13 03:43 - 00238912 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2014-12-11 14:18 - 2014-10-13 03:43 - 00153920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2014-12-11 14:18 - 2014-10-13 03:43 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2014-12-11 14:18 - 2014-10-13 03:43 - 00039744 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2014-12-06 16:35 - 2014-12-06 16:35 - 00000000 ____D () C:\Users\Ondras\Documents\Alcohol 52%
2014-12-06 16:34 - 2014-12-06 16:34 - 00293888 _____ (Alcohol Soft Development Team) C:\Windows\system32\Drivers\axscsidrv.sys
2014-12-06 16:34 - 2014-12-06 16:34 - 00001200 _____ () C:\Users\Public\Desktop\Alcohol 52%.lnk
2014-12-06 16:34 - 2014-12-06 16:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 52%
2014-12-06 16:34 - 2014-12-06 16:34 - 00000000 ____D () C:\Program Files (x86)\Alcohol Soft
2014-12-06 16:31 - 2014-12-06 16:31 - 00386680 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2014-12-06 16:20 - 2014-12-06 16:36 - 00000000 ____D () C:\Users\Ondras\Documents\kamera
2014-12-01 16:14 - 2014-12-01 16:14 - 00032316 _____ () C:\Users\Ondras\Documents\Prezentace1.pptx
2014-12-01 15:52 - 2014-12-01 20:16 - 00256918 _____ () C:\Users\Ondras\Documents\Podívejte se .pptx

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-28 15:37 - 2014-03-26 13:45 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2531649694-1421795942-439383358-1001
2014-12-28 15:32 - 2014-03-28 16:39 - 00031152 _____ () C:\Windows\AutoKMS.log
2014-12-28 15:32 - 2014-03-28 16:29 - 00000214 _____ () C:\Windows\Tasks\AutoKMS.job
2014-12-28 15:31 - 2014-09-13 06:55 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-12-28 15:31 - 2014-03-27 00:19 - 00000968 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-28 15:31 - 2013-12-06 12:06 - 00030570 _____ () C:\Windows\PFRO.log
2014-12-28 15:31 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-28 15:26 - 2014-03-28 18:42 - 00000000 ____D () C:\Program Files (x86)\Wise
2014-12-28 15:26 - 2013-08-22 16:36 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-12-28 15:26 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-12-28 15:20 - 2013-12-27 18:48 - 01462798 _____ () C:\Windows\WindowsUpdate.log
2014-12-28 15:02 - 2013-12-06 03:20 - 01745984 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-28 15:02 - 2013-08-28 15:02 - 00739924 _____ () C:\Windows\system32\perfh005.dat
2014-12-28 15:02 - 2013-08-28 15:02 - 00151610 _____ () C:\Windows\system32\perfc005.dat
2014-12-28 15:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2014-12-28 14:56 - 2014-03-27 00:19 - 00000972 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-28 14:17 - 2014-06-27 00:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SweeetPlayer bundle
2014-12-28 10:54 - 2014-03-26 14:55 - 00003962 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{EF70A103-74F2-43DA-BAFE-AD691154C117}
2014-12-27 16:00 - 2013-08-22 15:46 - 00122097 _____ () C:\Windows\setupact.log
2014-12-27 10:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-12-26 17:12 - 2014-03-28 18:55 - 00000000 ____D () C:\Users\Ondras\Documents\Soubory aplikace Outlook
2014-12-26 15:55 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-12-24 15:05 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-12-18 13:43 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-12-16 20:59 - 2014-04-06 18:49 - 00000000 ____D () C:\Users\Ondras\AppData\Roaming\Skype
2014-12-16 18:55 - 2014-10-17 03:30 - 00000000 ____D () C:\Users\Ondras\Documents\Dokumenty-Ondra
2014-12-13 08:43 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2014-12-12 07:45 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
2014-12-12 07:45 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-12-12 07:45 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-12 04:22 - 2014-03-28 16:08 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-11 23:59 - 2014-03-27 00:20 - 00002214 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-11 14:28 - 2014-03-28 14:34 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-11 14:20 - 2014-03-28 14:34 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-10 14:10 - 2014-04-12 00:50 - 00044435 _____ () C:\Windows\system32\tmp.xml
2014-12-07 12:11 - 2014-03-28 19:45 - 00000000 ____D () C:\Users\Ondras\Documents\Mamka
2014-12-02 20:21 - 2014-04-06 18:49 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-02 16:38 - 2014-04-27 20:17 - 00812032 _____ () C:\Users\Ondras\Desktop\směny 2014-úprava skutečnosti květen 2014.xls

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: McAfee Anti-Virus and Antispyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Antispyware (Disabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Ondras\Desktop" je 6 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[vyosek]

Jeste docistime

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  HKLM\...\Run: [] => [X]
  HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-24] (Adobe Systems Incorporated)
  HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
  HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
  HKLM-x32\...\Run: [] => [X]
  HKLM\...\Policies\Explorer: [NoControlPanel] 0
  HKLM\...\Policies\Explorer: [NoFolderOptions] 0
  HKU\S-1-5-21-2531649694-1421795942-439383358-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1199576 2013-12-27] (Spotify Ltd)
  HKU\S-1-5-21-2531649694-1421795942-439383358-1001\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
  HKU\S-1-5-21-2531649694-1421795942-439383358-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
  HKU\S-1-5-21-2531649694-1421795942-439383358-1001\...\Policies\Explorer: [NoFolderOptions] 0
  HKU\S-1-5-21-2531649694-1421795942-439383358-1001\...\Policies\Explorer: [NoControlPanel] 0
  HKU\S-1-5-21-2531649694-1421795942-439383358-1001\...\MountPoints2: {16c9c6b1-fda5-11e3-8277-40f02f281627} - "E:\WD SmartWare.exe" autoplay=true
  
  SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  BHO: uNisales -> {2cca6973-50a3-49c0-9d77-fc13a5eb1def} -> C:\Program Files (x86)\uNisales\OV987tDzf5uJWM.x64.dll ()
  BHO: unuisales -> {598669cd-ffda-4d9a-84e2-c2c0ce468cd1} -> C:\Program Files (x86)\unuisales\XzwH8MsjqP7o2k.x64.dll ()
  BHO-x32: uNisales -> {2cca6973-50a3-49c0-9d77-fc13a5eb1def} -> C:\Program Files (x86)\uNisales\OV987tDzf5uJWM.dll ()
  BHO-x32: unuisales -> {598669cd-ffda-4d9a-84e2-c2c0ce468cd1} -> C:\Program Files (x86)\unuisales\XzwH8MsjqP7o2k.dll ()
  
  CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - No Path
  
  S3 iscFlash; \??\C:\Users\Ondras\AppData\Local\Temp\7zSC5F3.tmp\iscflashx64.sys [X]
  
  2014-12-28 15:44 - 2014-12-28 15:45 - 00020586 _____ () C:\Users\Ondras\Desktop\FRST.txt
  2014-12-28 15:42 - 2014-12-28 15:42 - 00112640 _____ (forum.viry.cz) C:\Users\Ondras\Desktop\FRSTLauncher (1).exe
  2014-12-28 15:41 - 2014-12-28 15:41 - 02122752 _____ (Farbar) C:\Users\Ondras\Downloads\FRST64 (1).exe
  2014-12-28 15:30 - 2014-12-28 15:03 - 00024064 _____ () C:\Windows\zoek-delete.exe
  2014-12-28 15:06 - 2014-12-28 15:32 - 00007513 _____ () C:\zoek-results.log
  2014-12-28 15:03 - 2014-12-28 15:27 - 00000000 ____D () C:\zoek_backup
  2014-12-28 14:46 - 2014-12-28 14:46 - 02173952 _____ () C:\Users\Ondras\Desktop\adwcleaner_4.106.exe
  2014-12-28 14:25 - 2014-12-28 14:25 - 00000000 ____D () C:\rsit
  2014-12-28 14:25 - 2014-12-28 14:25 - 00000000 ____D () C:\Program Files\trend micro
  2014-12-28 14:24 - 2014-12-28 14:24 - 01222144 _____ () C:\Users\Ondras\Desktop\RSITx64.exe
  2014-12-28 14:13 - 2014-12-28 14:56 - 00000000 ____D () C:\AdwCleaner
  2014-12-28 10:32 - 2014-12-28 10:32 - 00000000 __SHD () C:\Users\Ondras\AppData\Local\EmieBrowserModeList
  2014-12-26 17:12 - 2014-12-26 17:12 - 00000000 ____D () C:\Program Files (x86)\uNisales
  2014-12-26 17:03 - 2014-12-26 17:03 - 00000000 ____D () C:\Program Files (x86)\unuisales
  2014-12-26 17:03 - 2014-12-26 17:03 - 00000000 ____D () C:\Program Files (x86)\unnissalEs
  2014-12-28 14:17 - 2014-06-27 00:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SweeetPlayer bundle
  C:\Windows\AutoKMS.exe
  
  Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  
  Hosts:
  EmptyTemp:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[Ondrastr]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-12-2014
Ran by Ondras at 2014-12-28 21:09:12 Run:1
Running from C:\Users\Ondras\Desktop
Loaded Profile: Ondras (Available profiles: Ondras)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-2531649694-1421795942-439383358-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1199576 2013-12-27] (Spotify Ltd)
HKU\S-1-5-21-2531649694-1421795942-439383358-1001\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
HKU\S-1-5-21-2531649694-1421795942-439383358-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2531649694-1421795942-439383358-1001\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-2531649694-1421795942-439383358-1001\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2531649694-1421795942-439383358-1001\...\MountPoints2: {16c9c6b1-fda5-11e3-8277-40f02f281627} - "E:\WD SmartWare.exe" autoplay=true

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: uNisales -> {2cca6973-50a3-49c0-9d77-fc13a5eb1def} -> C:\Program Files (x86)\uNisales\OV987tDzf5uJWM.x64.dll ()
BHO: unuisales -> {598669cd-ffda-4d9a-84e2-c2c0ce468cd1} -> C:\Program Files (x86)\unuisales\XzwH8MsjqP7o2k.x64.dll ()
BHO-x32: uNisales -> {2cca6973-50a3-49c0-9d77-fc13a5eb1def} -> C:\Program Files (x86)\uNisales\OV987tDzf5uJWM.dll ()
BHO-x32: unuisales -> {598669cd-ffda-4d9a-84e2-c2c0ce468cd1} -> C:\Program Files (x86)\unuisales\XzwH8MsjqP7o2k.dll ()

CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - No Path

S3 iscFlash; \??\C:\Users\Ondras\AppData\Local\Temp\7zSC5F3.tmp\iscflashx64.sys [X]

2014-12-28 15:44 - 2014-12-28 15:45 - 00020586 _____ () C:\Users\Ondras\Desktop\FRST.txt
2014-12-28 15:42 - 2014-12-28 15:42 - 00112640 _____ (forum.viry.cz) C:\Users\Ondras\Desktop\FRSTLauncher (1).exe
2014-12-28 15:41 - 2014-12-28 15:41 - 02122752 _____ (Farbar) C:\Users\Ondras\Downloads\FRST64 (1).exe
2014-12-28 15:30 - 2014-12-28 15:03 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-12-28 15:06 - 2014-12-28 15:32 - 00007513 _____ () C:\zoek-results.log
2014-12-28 15:03 - 2014-12-28 15:27 - 00000000 ____D () C:\zoek_backup
2014-12-28 14:46 - 2014-12-28 14:46 - 02173952 _____ () C:\Users\Ondras\Desktop\adwcleaner_4.106.exe
2014-12-28 14:25 - 2014-12-28 14:25 - 00000000 ____D () C:\rsit
2014-12-28 14:25 - 2014-12-28 14:25 - 00000000 ____D () C:\Program Files\trend micro
2014-12-28 14:24 - 2014-12-28 14:24 - 01222144 _____ () C:\Users\Ondras\Desktop\RSITx64.exe
2014-12-28 14:13 - 2014-12-28 14:56 - 00000000 ____D () C:\AdwCleaner
2014-12-28 10:32 - 2014-12-28 10:32 - 00000000 __SHD () C:\Users\Ondras\AppData\Local\EmieBrowserModeList
2014-12-26 17:12 - 2014-12-26 17:12 - 00000000 ____D () C:\Program Files (x86)\uNisales
2014-12-26 17:03 - 2014-12-26 17:03 - 00000000 ____D () C:\Program Files (x86)\unuisales
2014-12-26 17:03 - 2014-12-26 17:03 - 00000000 ____D () C:\Program Files (x86)\unnissalEs
2014-12-28 14:17 - 2014-06-27 00:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SweeetPlayer bundle
C:\Windows\AutoKMS.exe

Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFolderOptions => value deleted successfully.
HKU\S-1-5-21-2531649694-1421795942-439383358-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Spotify Web Helper => value deleted successfully.
HKU\S-1-5-21-2531649694-1421795942-439383358-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AlcoholAutomount => value deleted successfully.
HKU\S-1-5-21-2531649694-1421795942-439383358-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLowDiskSpaceChecks => value deleted successfully.
HKU\S-1-5-21-2531649694-1421795942-439383358-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFolderOptions => value deleted successfully.
HKU\S-1-5-21-2531649694-1421795942-439383358-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value deleted successfully.
"HKU\S-1-5-21-2531649694-1421795942-439383358-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{16c9c6b1-fda5-11e3-8277-40f02f281627}" => Key deleted successfully.
HKCR\CLSID\{16c9c6b1-fda5-11e3-8277-40f02f281627} => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2cca6973-50a3-49c0-9d77-fc13a5eb1def}" => Key deleted successfully.
"HKCR\CLSID\{2cca6973-50a3-49c0-9d77-fc13a5eb1def}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{598669cd-ffda-4d9a-84e2-c2c0ce468cd1}" => Key deleted successfully.
"HKCR\CLSID\{598669cd-ffda-4d9a-84e2-c2c0ce468cd1}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2cca6973-50a3-49c0-9d77-fc13a5eb1def}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{2cca6973-50a3-49c0-9d77-fc13a5eb1def}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{598669cd-ffda-4d9a-84e2-c2c0ce468cd1}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{598669cd-ffda-4d9a-84e2-c2c0ce468cd1}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho" => Key deleted successfully.
iscFlash => Service deleted successfully.
"C:\Users\Ondras\Desktop\FRST.txt" => File/Directory not found.
"C:\Users\Ondras\Desktop\FRSTLauncher (1).exe" => File/Directory not found.
C:\Users\Ondras\Downloads\FRST64 (1).exe => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Ondras\Desktop\adwcleaner_4.106.exe => Moved successfully.
C:\rsit => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\Users\Ondras\Desktop\RSITx64.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Ondras\AppData\Local\EmieBrowserModeList => Moved successfully.
C:\Program Files (x86)\uNisales => Moved successfully.
C:\Program Files (x86)\unuisales => Moved successfully.
C:\Program Files (x86)\unnissalEs => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SweeetPlayer bundle => Moved successfully.
C:\Windows\AutoKMS.exe => Moved successfully.
C:\Windows\Tasks\AutoKMS.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 608.4 MB temporary data.


The system needed a reboot.

==== End of Fixlog 21:10:17 ====

[vyosek]

Tak jeste uklidime

DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remote disinfection tools
• Kliknete na Run

Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standard
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

[Ondrastr]

O.K. díky moc za bezvadnou a účinnou pomoc. Šťastný a veselý příští rok 2015 a ještě jednou díky.