Webssearch

[ploma1]

Dobrý den, s instalací nějaké webové aplikace se mi v počítači oběvil ,,vir,, co si hraje na webový doplňek jmenuje se Webssearchs nevíte jak ho odstranit? Předem děkuju

[vyosek]

Zdravim

Zpusob by asi i byl, ale vestit z kristalove koule se mi moc nechce

Proto prosim dejte log z FRST http://forum.viry.cz/viewtopic.php?f=24&t=132509 a mrknem na to

[ploma1]

vyhodilo mi to 2 logy..první s názvem FRST.txt tady je :
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-01-2015
Ran by user (administrator) on USER-PC on 08-01-2015 11:38:16
Running from C:\Users\user\Desktop
Loaded Profile: user (Available profiles: user)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Syntek America Inc.) C:\Windows\System32\StkCSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\user\Desktop\FRSaT.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKU\S-1-5-21-1161798421-1374263499-860267216-1000\...\Run: [DAEMON Tools Lite] => "I:\David\Programy na spuatní her\Demon Tools lite\DAEMON Tools Lite\DTLite.exe" -autorun
HKU\S-1-5-21-1161798421-1374263499-860267216-1000\...\MountPoints2: {912f837a-c257-11e3-9416-001d6010cccc} - J:\autorun.exe
HKU\S-1-5-21-1161798421-1374263499-860267216-1000\...\MountPoints2: {93097c2f-34b1-11dc-bba5-001d6010cccc} - I:\Startme.exe
HKU\S-1-5-21-1161798421-1374263499-860267216-1000\...\MountPoints2: {f6040f5f-4a76-11e2-afd0-806e6f6e6963} - E:\setup.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1161798421-1374263499-860267216-1000 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1161798421-1374263499-860267216-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1161798421-1374263499-860267216-1000 -> {97DB78A0-51AC-403D-99A8-2D4A35ADF5C1} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.7.0_45\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.7.0_45\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.9.1 213.168.176.3

FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\ja7w1r9c.default
FF NewTab: hxxp://www.google.com/firefox
FF DefaultSearchUrl: hxxp://www.google.com/search?btnG=Google+Search&q=
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com/firefox
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre1.7.0_45\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre1.7.0_45\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1161798421-1374263499-860267216-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\user\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1161798421-1374263499-860267216-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: HDQ-1.2cV31.12 - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\ja7w1r9c.default\Extensions\6c03cee0ab9442c4a67a507@58d658df5a30468fabf5c7a.com [2014-12-31]
FF Extension: Greasemonkey - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\ja7w1r9c.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-12-26]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-12-22]

Chrome:
=======
CHR HomePage: Default -> hxxp://istart.webssearches.com/?type=hp&ts=1419949037&from=cvs&uid=ST9250410AS_5VG02CS6XXXX5VG02CS6
CHR StartupUrls: Default -> "hxxp://istart.webssearches.com/?type=hp&ts=1419949037&from=cvs&uid=ST9250410AS_5VG02CS6XXXX5VG02CS6"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-17]
CHR Extension: (HDQ-1.2cV31.12) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\afpabppcibfahafilhkbbgfnlncppdnc [2014-12-31]
CHR Extension: (Dokumenty Google) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-17]
CHR Extension: (Tabulky Google) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-17]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [770944 2014-12-30] (Enigma Software Group USA, LLC.)
R2 StkSSrv; C:\Windows\System32\StkCSrv.exe [24576 2012-12-20] (Syntek America Inc.)
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [73360 2014-07-23] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswFsBlk; C:\Windows\system32\Drivers\aswFsBlk.sys [29816 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [61680 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49376 2013-08-30] ()
R1 aswSnx; C:\Windows\system32\Drivers\aswSnx.sys [770784 2014-12-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\Drivers\aswSP.sys [369584 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\system32\Drivers\aswTdi.sys [56080 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [177864 2013-08-30] ()
R3 Atc002; C:\Windows\System32\DRIVERS\l260x86.sys [29184 2009-07-13] (Atheros Communications, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-04-12] (Disc Soft Ltd)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [19984 2014-12-30] ()
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [25280 2014-10-28] (LogMeIn, Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2007-07-31] (ATK0100)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [16472 2010-08-16] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [11104 2010-08-16] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [320120 2014-04-12] (Duplex Secure Ltd.)
R3 StkCMini; C:\Windows\System32\Drivers\StkCMini.sys [1260672 2012-12-20] (Syntek)
U3 a4jyo3g0; C:\Windows\system32\Drivers\a4jyo3g0.sys [0 ] (Microsoft Corporation)
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-08 11:38 - 2015-01-08 11:38 - 00014229 _____ () C:\Users\user\Desktop\FRST.txt
2015-01-08 11:38 - 2015-01-08 11:38 - 00000000 ____D () C:\FRST
2015-01-08 11:37 - 2015-01-08 11:37 - 01115136 _____ (Farbar) C:\Users\user\Desktop\FRSaT.exe
2015-01-08 11:35 - 2015-01-08 11:36 - 00029696 _____ () C:\Users\user\AppData\Local\MSGBOX.EXE
2015-01-08 11:35 - 2015-01-08 11:35 - 00112640 _____ (forum.viry.cz) C:\Users\user\Downloads\Nepotvrzeno 120823.crdownload
2015-01-08 11:34 - 2015-01-08 11:34 - 00112640 _____ (forum.viry.cz) C:\Users\user\Downloads\Nepotvrzeno 850833.crdownload
2015-01-08 11:33 - 2015-01-08 11:33 - 00112640 _____ (forum.viry.cz) C:\Users\user\Downloads\Nepotvrzeno 254604.crdownload
2015-01-08 10:56 - 2015-01-08 10:56 - 04116949 _____ () C:\Users\user\Downloads\uniextract161_noinst (1).rar
2015-01-08 10:54 - 2015-01-08 10:54 - 00000000 ____D () C:\Users\user\Desktop\Věci na překlad
2015-01-08 10:34 - 2015-01-08 10:55 - 04116949 _____ () C:\Users\user\Desktop\Překlad.rar
2015-01-08 10:34 - 2015-01-08 10:35 - 00000000 ____D () C:\Users\user\Desktop\universalextraxtor
2015-01-08 10:32 - 2015-01-08 10:33 - 05186991 _____ () C:\Users\user\Downloads\uniextract161_noinst.rar
2015-01-08 10:30 - 2015-01-08 10:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SourceTec
2015-01-08 10:30 - 2015-01-08 10:30 - 00000000 ____D () C:\Program Files\SourceTec
2015-01-08 10:30 - 2015-01-08 10:30 - 00000000 ____D () C:\Program Files\Common Files\SourceTec
2015-01-08 10:28 - 2015-01-08 10:29 - 13118366 _____ () C:\Users\user\Downloads\swfdec.zip
2015-01-08 10:16 - 2015-01-08 10:22 - 00000000 ____D () C:\FR
2015-01-08 10:15 - 2015-01-08 10:16 - 00141279 _____ () C:\Users\user\Downloads\FR.rar
2015-01-02 20:24 - 2015-01-02 20:24 - 00001790 _____ () C:\Users\Public\Desktop\PRODICT 2005 Demo.lnk
2015-01-02 20:24 - 2015-01-02 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StormWare Office
2015-01-02 20:24 - 2015-01-02 20:24 - 00000000 ____D () C:\Program Files\StormWare
2015-01-02 20:24 - 2005-01-19 17:29 - 00966656 ____R (STORMWARE s.r.o.) C:\Windows\system32\StwTb633.dll
2015-01-02 20:24 - 2005-01-19 17:28 - 00057344 ____R (STORMWARE s.r.o.) C:\Windows\system32\StwTb63E.dll
2015-01-02 20:24 - 2005-01-19 17:14 - 00049152 ____R (STORMWARE s.r.o.) C:\Windows\system32\StwTb63C.dll
2015-01-02 20:20 - 2015-01-02 20:20 - 07921664 _____ () C:\Users\user\Downloads\Prodict2005.exe
2015-01-02 19:16 - 2015-01-02 20:20 - 00000000 ____D () C:\Users\user\Desktop\překlad
2015-01-02 18:56 - 2015-01-02 18:57 - 05059196 _____ () C:\Users\user\Downloads\pspad458cz.zip
2015-01-02 15:43 - 2015-01-02 15:44 - 01104259 _____ () C:\Users\user\Downloads\HackTheGame121.zip
2015-01-02 13:14 - 2015-01-02 13:14 - 00105139 _____ () C:\Users\user\Downloads\easyphphosting.rar
2014-12-31 09:34 - 2007-07-18 00:02 - 00001326 _____ () C:\Windows\Tasks\WJ.job
2014-12-31 09:33 - 2014-12-31 09:56 - 00000000 ____D () C:\Program Files\globalUpdate
2014-12-31 09:33 - 2014-12-31 09:34 - 00000000 ____D () C:\Program Files\2939292d-35ff-488e-92b3-48ae409eab2e
2014-12-31 09:33 - 2014-12-31 09:33 - 00000000 ____D () C:\Users\user\AppData\Local\globalUpdate
2014-12-31 09:33 - 2007-07-18 00:02 - 00001332 _____ () C:\Windows\Tasks\WDTPY.job
2014-12-31 08:15 - 2014-12-31 08:18 - 00000000 ____D () C:\Users\user\Desktop\Antiviry
2014-12-30 18:21 - 2014-12-30 18:23 - 00000000 ____D () C:\Program Files\Uplink
2014-12-30 18:21 - 2014-12-30 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uplink
2014-12-30 18:21 - 1997-11-19 15:49 - 00303616 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe
2014-12-30 15:41 - 2014-12-30 15:41 - 00000000 ____D () C:\Users\user\AppData\Roaming\Enigma Software Group
2014-12-30 15:41 - 2014-12-30 15:41 - 00000000 ____D () C:\sh4ldr
2014-12-30 15:39 - 2014-12-30 15:39 - 00019984 _____ () C:\Windows\system32\Drivers\EsgScanner.sys
2014-12-30 15:39 - 2014-12-30 15:39 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-12-30 15:18 - 2014-12-31 09:56 - 00000000 ____D () C:\Program Files\XTab
2014-12-30 13:19 - 2014-12-30 13:19 - 00000000 ____D () C:\Users\user\wireshark
2014-12-30 10:08 - 2014-12-30 10:08 - 00000000 ____D () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CrypTool
2014-12-30 10:08 - 2014-12-30 10:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrypTool
2014-12-30 10:08 - 2014-12-30 10:08 - 00000000 ____D () C:\Program Files\CrypTool
2014-12-28 12:31 - 2014-12-28 12:31 - 00000943 _____ () C:\Users\Public\Desktop\GeoGet.lnk
2014-12-28 12:31 - 2014-12-28 12:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GeoGet
2014-12-28 12:31 - 2014-12-28 12:31 - 00000000 ____D () C:\Program Files\GeoGet
2014-12-27 09:39 - 2014-12-27 09:40 - 00000000 ____D () C:\ATF
2014-12-27 08:58 - 2010-01-20 22:44 - 00000296 _____ () C:\Users\user\Desktop\profiles.xml
2014-12-27 08:58 - 2010-01-20 22:40 - 00029934 _____ () C:\Users\user\Desktop\00000001.xml
2014-12-26 13:52 - 2014-12-26 13:52 - 00000000 ____D () C:\Users\user\AppData\Roaming\EncryptStick
2014-12-25 11:01 - 2014-12-25 11:01 - 00000000 ____D () C:\Users\user\AppData\Roaming\NuGet
2014-12-25 10:55 - 2014-12-25 11:08 - 00000000 ____D () C:\Users\user\Documents\Visual Studio 2013
2014-12-25 10:51 - 2014-12-25 10:51 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 11.0
2014-12-25 10:40 - 2014-12-25 10:40 - 00000000 ____D () C:\ProgramData\NuGet
2014-12-25 10:40 - 2014-12-25 10:40 - 00000000 ____D () C:\Program Files\NuGet
2014-12-25 10:26 - 2014-12-25 10:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2014-12-25 10:24 - 2014-12-25 10:26 - 00000000 ____D () C:\Program Files\Windows Kits
2014-12-25 10:13 - 2014-12-25 10:52 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-12-25 10:13 - 2014-12-25 10:13 - 00000000 ____D () C:\Windows\system32\1033
2014-12-25 10:11 - 2014-12-25 10:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013
2014-12-25 10:07 - 2014-12-25 10:52 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 12.0
2014-12-24 20:19 - 2014-12-25 09:06 - 00000000 ____D () C:\Users\user\AppData\Roaming\Polda 6
2014-12-24 20:18 - 2014-12-24 20:18 - 00000000 ____D () C:\ProgramData\Solidshield
2014-12-24 15:46 - 2014-12-24 15:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MTA San Andreas 1.4
2014-12-24 15:43 - 2014-12-24 15:43 - 00000000 ____D () C:\ProgramData\MTA San Andreas All
2014-12-24 15:42 - 2014-12-25 10:50 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-23 15:31 - 2014-12-23 15:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Planet Horse Demo
2014-12-19 19:34 - 2014-12-19 19:34 - 00043520 _____ () C:\Windows\system32\CmdLineExt03.dll
2014-12-19 17:09 - 2014-12-19 17:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Polda 5
2014-12-19 17:09 - 2014-12-19 17:09 - 00000000 ____D () C:\Program Files\Polda 5
2014-12-19 16:45 - 2014-12-19 16:59 - 00000000 ____D () C:\Program Files\Polda 4
2014-12-19 16:45 - 2014-12-19 16:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Polda 4
2014-12-19 16:00 - 2014-12-19 16:41 - 00000000 ____D () C:\Users\user\Documents\Polda III
2014-12-19 15:57 - 2014-12-19 15:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Polda 3
2014-12-19 15:56 - 2014-12-19 15:57 - 00000000 ____D () C:\Program Files\Polda 3
2014-12-18 20:20 - 2014-12-28 18:59 - 00000000 ____D () C:\Users\user\Documents\Polda II
2014-12-18 20:19 - 2014-12-18 20:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Polda 2
2014-12-18 20:19 - 2014-12-18 20:19 - 00000000 ____D () C:\Program Files\Polda 2
2014-12-18 20:13 - 2014-12-18 20:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Polda
2014-12-17 12:55 - 2014-12-17 12:55 - 00000935 _____ () C:\Users\user\Desktop\µTorrent.lnk
2014-12-17 12:55 - 2014-12-17 12:55 - 00000000 ____D () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2014-12-17 11:05 - 2014-12-17 11:05 - 00000000 ___RD () C:\Program Files\Skype
2014-12-17 11:05 - 2014-12-17 11:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-12-17 11:05 - 2014-12-17 11:05 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-12-14 15:00 - 2014-12-31 08:14 - 00000000 ____D () C:\Users\user\Desktop\referáty hudebka

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-08 11:31 - 2013-01-15 20:19 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-08 11:09 - 2012-12-22 11:49 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-08 10:14 - 2012-12-20 12:07 - 00115464 _____ () C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-08 10:10 - 2009-07-14 05:34 - 00025424 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-08 10:10 - 2009-07-14 05:34 - 00025424 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-08 10:07 - 2012-12-20 11:44 - 00006260 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-02 21:36 - 2012-12-20 08:32 - 01544725 _____ () C:\Windows\WindowsUpdate.log
2015-01-02 20:24 - 2013-01-19 20:24 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-01-02 13:52 - 2014-10-28 18:59 - 00000000 ____D () C:\Users\user\AppData\Roaming\Notepad++
2014-12-31 10:06 - 2014-11-17 17:28 - 00000000 ____D () C:\Users\user\Desktop\Čištění PC
2014-12-31 09:35 - 2014-11-16 17:25 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-31 09:34 - 2014-01-29 15:45 - 00000000 ____D () C:\Program Files\Adobe
2014-12-31 08:24 - 2014-11-23 17:57 - 00000000 ____D () C:\Users\user\Desktop\fotky
2014-12-30 20:01 - 2014-06-28 14:33 - 00000000 ___RD () C:\Users\user\Desktop\Programy
2014-12-30 18:23 - 2013-02-01 12:29 - 00000000 ____D () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-12-30 15:31 - 2014-11-17 15:40 - 00000000 ____D () C:\AdwCleaner
2014-12-30 15:22 - 2012-12-22 11:52 - 00002207 _____ () C:\Users\user\Desktop\Google Chrome.lnk
2014-12-30 15:22 - 2012-12-22 11:46 - 00001123 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-30 15:22 - 2012-12-22 11:46 - 00001111 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-30 15:22 - 2012-12-20 11:39 - 00001419 _____ () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-28 22:01 - 2013-04-02 18:11 - 00000000 ____D () C:\Users\user\Documents\Fax
2014-12-28 22:01 - 2009-07-14 05:52 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-12-28 13:23 - 2014-08-04 16:59 - 00000000 ____D () C:\Users\user\AppData\Roaming\GeoGet
2014-12-26 09:28 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-12-25 10:45 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-12-25 10:44 - 2014-05-02 13:33 - 00000000 ____D () C:\Program Files\Microsoft SDKs
2014-12-25 10:36 - 2012-12-20 12:12 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-12-25 10:35 - 2014-05-02 13:33 - 00000000 ____D () C:\Program Files\Common Files\Merge Modules
2014-12-25 10:18 - 2014-05-02 13:33 - 00000000 ____D () C:\Program Files\Microsoft Help Viewer
2014-12-25 10:12 - 2013-09-13 18:51 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-12-25 10:12 - 2009-07-14 05:52 - 00000000 ____D () C:\Program Files\MSBuild
2014-12-25 09:51 - 2013-05-18 20:46 - 00000000 ____D () C:\Users\user\AppData\Roaming\Skype
2014-12-25 09:26 - 2014-06-22 12:48 - 00000000 ____D () C:\Program Files\Steam
2014-12-25 09:26 - 2013-03-17 17:44 - 00000000 ____D () C:\Users\user\AppData\Roaming\DAEMON Tools Lite
2014-12-25 09:04 - 2014-04-12 08:27 - 00000016 _____ () C:\Windows\ka.ini
2014-12-25 09:02 - 2014-11-17 16:42 - 00000000 ____D () C:\zoek_backup
2014-12-24 15:43 - 2009-07-14 05:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-23 13:43 - 2014-06-07 18:27 - 00000000 ____D () C:\Users\user\Documents\GTA San Andreas User Files
2014-12-22 10:03 - 2014-01-29 15:46 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-18 20:07 - 2014-06-10 15:06 - 00000000 ____D () C:\Program Files\Opera
2014-12-17 13:46 - 2012-12-20 12:44 - 00000000 ____D () C:\Users\user\AppData\Roaming\vlc
2014-12-17 13:01 - 2013-03-17 17:44 - 00000000 ____D () C:\Users\user\AppData\Roaming\uTorrent
2014-12-17 11:05 - 2013-05-18 20:46 - 00000000 ____D () C:\ProgramData\Skype
2014-12-17 09:26 - 2009-07-14 03:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-14 16:08 - 2013-06-30 16:46 - 00000175 _____ () C:\Windows\system32\Drivers\aswSnx.sys.sum
2014-12-14 16:08 - 2012-12-22 11:43 - 00770784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-12-10 20:31 - 2012-12-20 11:54 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-12-10 20:31 - 2012-12-20 11:54 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\user\AppData\Local\Temp\Quarantine.exe
C:\Users\user\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-30 10:46

==================== End Of Log ============================

a pak druhý s názvem addition.txt tady je :

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 02-01-2015
Ran by user at 2015-01-08 11:39:35
Running from C:\Users\user\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Out of date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Antivirus (Disabled - Out of date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1.0 (HKLM\...\{18DA6368-9677-4894-B4BD-01FBE542B63E}_is1) (Version: - Tsoft)
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader Free Download Packages (HKU\S-1-5-21-1161798421-1374263499-860267216-1000\...\Adobe Reader Free Download Packages) (Version: - ) <==== ATTENTION
Adobe Reader XI (11.0.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Archeblade (HKLM\...\Steam App 207230) (Version: - CodeBrush Games)
Ashampoo Burning Studio 6 FREE v.6.83 (HKLM\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.3 - Ashampoo GmbH & Co. KG)
ATI Catalyst Install Manager (HKLM\...\{04FC226F-D71D-985B-B69C-9FF3D9696858}) (Version: 3.0.608.0 - ATI Technologies, Inc.)
avast! Free Antivirus (HKLM\...\avast) (Version: 8.0.1497.0 - AVAST Software)
Bandicam (HKLM\...\Bandicam) (Version: 1.8.8.365 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version: - Bandisoft.com)
Battle.net (HKLM\...\Battle.net) (Version: - Blizzard Entertainment)
Behaviors SDK (Windows Phone) for Visual Studio 2013 (Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (Version: 12.0.50429.0 - Microsoft Corporation) Hidden
BitZipper 2013 (HKLM\...\BitZipper_is1) (Version: 2013.13.4.16 - Bitberry Software)
Branding (Version: 1.00.0000 - Your Company Name) Hidden
Build Tools - x86 (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (Version: 12.0.31101 - Microsoft Corporation) Hidden
ccc-core-static (Version: 2007.0202.1923.34565 - Název společnosti:) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
CPUID CPU-Z 1.67.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Cryptext (Remove Only) (HKLM\...\CryptextNT4) (Version: - )
CrypTool 1.4.10 (HKLM\...\CrypTool) (Version: 1.4.10 - )
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Entity Framework 6.1.1 Tools for Visual Studio 2013 (HKLM\...\{85253F13-EE42-4850-A3A5-79B90E92D7AC}) (Version: 12.0.30610.0 - Microsoft Corporation)
ExtractNow (HKLM\...\ExtractNow_is1) (Version: - Nathan Moinvaziri)
Fotogalerie (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fraps (HKLM\...\Fraps) (Version: - )
Gameforge Live 2.0.5 (HKLM\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge)
GeoGet verze 2.9.0.751 (HKLM\...\GeoGet_is1) (Version: 2.9.0.751 - )
Google Drive (HKLM\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
GrabWinText 2.00 (HKLM\...\GrabWinText_is1) (Version: - Monika Novotná)
HammerMT2 Server 1 2014 version 2014 (HKLM\...\{9893B338-1250-4511-A280-520B984F465C}_is1) (Version: 2014 - HammerMT2, Inc.)
Harry Potter II (HKLM\...\{7BF68B83-5057-4D4B-0093-28285EEB9EE3}) (Version: - )
Hearthstone (HKLM\...\Hearthstone) (Version: - Blizzard Entertainment)
HP Deskjet 3520 series Nápověda (HKLM\...\{D259C419-D776-4163-B27C-19722C555237}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 3520 series Setup Guide (HKLM\...\{AEEDCEB7-00B8-4BE1-B492-AB04803D5F1E}) (Version: 27.0.0 - Hewlett Packard)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: - )
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045F0}) (Version: 7.0.450 - Oracle)
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Junior 10 (HKLM\...\{06C74EED-C39D-4468-94DE-AD8418ED38AC}) (Version: 9.18 - ChessBase)
Junk Mail filter update (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
LocalESPC (Version: 8.59.29989 - Microsoft Corporation) Hidden
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.227 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.227 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware verze 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Messenger Key 9.0 (HKLM\...\Messenger Key) (Version: - )
Metin2 (HKLM\...\Metin2_is1) (Version: - Gameforge 4D GmbH)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0405-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1161798421-1374263499-860267216-1000\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{5EF1EBC5-4A40-4D1C-B02E-0C54BC93FD06}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{FE939060-416C-4ECD-890E-13776E2707C4}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{544ACD54-9FAA-4A60-A1E7-B2EC3AA75D24}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{E7654811-38F9-4225-9688-827FDA716582}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{4A1DEB7A-341B-453E-A3AF-7EA9902F9711}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{C340BAB2-9A21-41B9-A465-7AC7B1DF773E}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 ENU (HKLM\...\{773AC1E4-5F27-4DF6-A932-7FDDE35C069D}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.41012.0) (HKLM\...\{AC8E0CF4-42A1-4151-B684-97CF6FD726CF}) (Version: 12.0.41012.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{4AEB505C-95E1-4964-9B64-8D27F3186D30}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 for Windows Desktop - ENU with Update 4 (HKLM\...\{b8a9dbc1-1fd4-4103-a83b-a2896f193ea0}) (Version: 12.0.31101.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Movie Maker (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 34.0 (x86 cs) (HKLM\...\Mozilla Firefox 34.0 (x86 cs)) (Version: 34.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MP3 Speed Changer 2.85 (HKLM\...\MP3SpeedChanger_is1) (Version: - Crazy Boomerang Software)
MTA:SA v1.4.0 (HKLM\...\MTA:SA 1.4) (Version: v1.4.0 - Multi Theft Auto)
Nostale(CZ) (HKLM\...\NosTale(CZ)_is1) (Version: - Gameforge 4D GmbH)
Notepad++ (HKLM\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
Opera Stable 26.0.1656.60 (HKLM\...\Opera 26.0.1656.60) (Version: 26.0.1656.60 - Opera Software ASA)
Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
PDF Settings CS6 (Version: 11.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 0.9.9 - Frank Heindörfer, Philip Chinery)
PicPick (HKLM\...\PicPick) (Version: 3.3.3 - NTeWORKS)
Planet Horse Demo 1.0 (HKLM\...\{6A314ED7-EC7A-4BF7-AFDD-A57A32177E58}_is1) (Version: - Focus Home Interactive)
Polda (HKLM\...\Polda_is1) (Version: - )
Polda II (HKLM\...\Polda II_is1) (Version: - )
Polda III (HKLM\...\Polda III_is1) (Version: - )
Polda IV (HKLM\...\Polda IV_is1) (Version: - )
Polda V (HKLM\...\Polda V_is1) (Version: - )
PowreShellIntegration.Notifications (Version: 2.5.21003.1603 - Microsoft Corporation) Hidden
Prerequisites for SSDT (HKLM\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT (HKLM\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Python Tools Redirection Template (Version: 1.1 - Microsoft Corporation) Hidden
QuadcoreM2 (HKLM\...\QuadcoreM2 1.12.2012) (Version: 1.12.2012 - Quadcore Games)
QuadcoreM2 (Version: 1.12.2012 - Quadcore Games) Hidden
RegistryNuke 2014 version 2.1.6.80 (HKLM\...\{D9DF8D5A-2160-402B-819F-A5A964215528}_is1) (Version: 2.1.6.80 - RegistryNuke, Inc.)
Robin Hood - Legenda Sherwoodu (HKLM\...\InstallShield_{A253DFD0-75ED-4D8F-9AEF-9A2FD3F91384}) (Version: 1.00.000 - Wanadoo)
Robin Hood - Legenda Sherwoodu (Version: 1.00.000 - Wanadoo) Hidden
San Andreas Mod Installer (HKLM\...\San Andreas Mod Installer1.1) (Version: 1.1 - cpmusick)
Screenshot Captor 4.8 (HKLM\...\ScreenshotCaptor_is1) (Version: - )
Skins (Version: 2007.0202.1923.34565 - ATI) Hidden
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sony PC Companion 2.10.235 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.235 - Sony)
Sothink SWF Decompiler (HKLM\...\{BCDB856C-D247-4DEE-9132-89C02F4D6B8C}_is1) (Version: 5.5 - SourceTec Software Co., LTD)
SpyHunter 4 (HKLM\...\SpyHunter) (Version: 4.18.9.4384 - Enigma Software Group, LLC)
Steam (HKLM\...\Steam) (Version: - Valve Corporation)
StormWare Prodict (HKLM\...\{532DCE02-A909-4F72-8419-7207811FC2BE}) (Version: 2005 - StormWare)
Studie vylepšování produktu HP Deskjet 3520 series (HKLM\...\{5A41E45D-435F-4755-AE1B-6A1F0750F166}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Team Explorer for Microsoft Visual Studio 2013 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Torchlight (HKLM\...\{4991FCCE-1131-4B92-B697-9EC0FCAFDA5B}) (Version: 1.00.0000 - Runic Games)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 7.56a - Ghisler Software GmbH)
TypeScript Power Tool (Version: 1.0.5.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (Version: 1.0.5.0 - Microsoft Corporation) Hidden
Unity Web Player (HKU\S-1-5-21-1161798421-1374263499-860267216-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
UpdateStar Password Finder (HKLM\...\Password Finder_is1) (Version: 7.0.0.24 - UpdateStar Password Finder)
Uplink (HKLM\...\Uplink) (Version: - )
USB2.0 1.3M WebCam (HKLM\...\USB2.0 1.3M WebCam) (Version: - )
Vegas Pro 11.0 (HKLM\...\{0BF3B440-408E-11E1-BA79-F04DA23A5C58}) (Version: 11.0.520 - Sony)
Visual Studio 2013 Update 4 (KB2829760) (HKLM\...\{53d408db-eb91-43fb-9d8f-167681c19763}) (Version: 12.0.31101 - Microsoft Corporation)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
VS Update core components (Version: 12.0.31101 - Microsoft Corporation) Hidden
Warcraft III (HKLM\...\Warcraft III) (Version: - )
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Movie Maker 2.6 (HKLM\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinRAR (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Základní software zařízení HP Deskjet 3520 series (HKLM\...\{BE919262-5F86-4361-A027-7677CA44AB08}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1161798421-1374263499-860267216-1000_Classes\CLSID\{31261F21-2B16-45EE-BEAB-07C4CFA18B65}\InprocServer32 -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CustomCLSID: HKU\S-1-5-21-1161798421-1374263499-860267216-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\user\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-1161798421-1374263499-860267216-1000_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\user\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1161798421-1374263499-860267216-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1161798421-1374263499-860267216-1000_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\user\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1161798421-1374263499-860267216-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1161798421-1374263499-860267216-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1161798421-1374263499-860267216-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1161798421-1374263499-860267216-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\user\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\FileSyncApi.dll (Microsoft Corporation)

==================== Restore Points =========================

02-01-2015 20:23:43 Instalováno StormWare Prodict

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2007-07-18 00:07 - 00000840 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {00A82F80-50D0-4D11-B24B-747B3B04A249} - System32\Tasks\GoogleUpdateTaskMachineCore1cf2a13a3debce4 => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-22] (Google Inc.)
Task: {0372A5F8-B8EE-4317-95EF-F95788C99F0F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-08-30] (AVAST Software)
Task: {07E3D06D-5400-42DB-89AD-43D0D2AAB997} - System32\Tasks\{4B7A21C3-DAE9-4D56-82D7-94C223F399E1} => pcalua.exe -a D:\Davidek\uninstall.exe
Task: {0C9453C4-3447-40A5-A8E6-9BBDE9F8FB8D} - System32\Tasks\{28D0DBD4-B6CE-4182-A8B6-216B3DF7C685} => I:\David\Hry\Polda 1-5\Polda_1\Polda\polda.exe [2005-05-03] (TODO: <公司名稱>)
Task: {101064E6-0E1B-4FAF-AFB5-160C7A6F43E9} - System32\Tasks\{21B34579-249C-47FB-94BE-4D3C2D57A939} => pcalua.exe -a E:\MMZakletyHrad.exe -d E:\
Task: {1063C345-0ACB-4C01-8646-9EED3055793C} - System32\Tasks\Program k provádění aktualizací online Adobe => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {17FF63AD-6941-4CD5-A7B9-8C8E327E1B7A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)
Task: {1EDC8285-0697-4364-A8FD-BFCF254A4901} - System32\Tasks\WJ => C:\Users\user\AppData\Roaming\WJ.exe <==== ATTENTION
Task: {33BEA5B0-48C3-4C41-8711-29A660591E2A} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2014-12-30] (Enigma Software Group USA, LLC.)
Task: {35D00F90-94D3-4D2E-9427-5B8C3AF4DF6B} - System32\Tasks\WDTPY => C:\Users\user\AppData\Roaming\WDTPY.exe <==== ATTENTION
Task: {3ACE27F8-D1F9-4483-A290-722C245275EB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-22] (Google Inc.)
Task: {40385325-59BA-4CA0-9DB2-37622B244F59} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: {4077D2A4-D092-4148-AFA2-DE2121F7F882} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {47C5BF22-A326-4F8C-90A6-888DDC61303D} - System32\Tasks\{BF6082DB-157E-4DBF-927E-CE25DFFADD53} => pcalua.exe -a "C:\Program Files\WinRAR\WinRAR.exe" -d I:\David\WinRAR
Task: {4AF3C5DC-0977-4F6B-AD86-BEB99C3563EB} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {699AC5C4-F64A-4ABE-80C3-5A33602220D7} - System32\Tasks\Opera scheduled Autoupdate 1402409186 => C:\Program Files\Opera\launcher.exe [2014-12-17] (Opera Software)
Task: {71A37D30-BF08-4F92-AB11-03443D9ABE24} - System32\Tasks\{49FD2D38-EC3D-4AF7-8B2E-87CDA209F5DA} => pcalua.exe -a C:\Users\user\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=amt
Task: {7217DFCA-9558-4B25-BD69-49691A6B78C5} - System32\Tasks\{90B50DE6-8C9F-4367-9776-DCF6E4BDD6A0} => pcalua.exe -a C:\Users\user\Desktop\devcpp-4.9.9.2_setup.exe -d C:\Users\user\Desktop
Task: {A88C28F6-163D-44F2-B9E7-6C5E9BE1AFE1} - System32\Tasks\{619C064F-7CF0-4534-BAA3-D3EC131FD554} => pcalua.exe -a E:\setup.exe -d E:\
Task: {AD1846DE-59A9-4B6D-B2D5-3F1295D1C075} - System32\Tasks\{28A9BAFE-A024-4B71-9197-047CC90913C0} => pcalua.exe -a C:\Users\user\Desktop\Uplink_CZ10.exe -d C:\Users\user\Desktop
Task: {AF0F44E5-E0C4-4570-985E-21582E01CE87} - System32\Tasks\{FEA9564B-D5FD-4F63-9CA2-BA1770E79417} => I:\David\Hry\Polda 1-5\Polda_1\Polda\polda.exe [2005-05-03] (TODO: <公司名稱>)
Task: {EAEF3A35-EED0-4F91-9BB9-A60944BECFB0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-22] (Google Inc.)
Task: {F6E7C072-E19E-471C-B7BC-BA6B847F0848} - System32\Tasks\{BDF144B1-F429-40A6-858F-5003BBF23F4A} => pcalua.exe -a "C:\Users\user\Downloads\StarStableSetup (1).exe" -d C:\Users\user\Downloads
Task: {F881B2C4-81D2-4FB4-9A8C-0B94562D31B2} - System32\Tasks\HPCustParticipation HP Deskjet 3520 series => C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf2a13a3debce4.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\WDTPY.job => C:\Users\user\AppData\Roaming\WDTPY.exe <==== ATTENTION
Task: C:\Windows\Tasks\WJ.job => C:\Users\user\AppData\Roaming\WJ.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2013-12-03 14:26 - 2013-12-03 12:36 - 02242560 _____ () C:\Program Files\AVAST Software\Avast\defs\13120300\algo.dll
2012-12-20 12:43 - 2001-10-28 16:42 - 00116224 _____ () C:\Windows\System32\pdfcmnnt.dll
2014-10-27 01:06 - 2014-10-27 01:06 - 00081056 _____ () C:\Users\user\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.DLL
2014-04-12 08:17 - 2003-05-15 13:43 - 00119808 _____ () C:\Program Files\WinRAR\rarext.dll
2014-04-12 08:17 - 2003-06-07 23:15 - 00286720 _____ () C:\Program Files\WinRAR\rarlng.dll
2001-11-03 13:39 - 2001-11-03 13:39 - 00278528 _____ () C:\Windows\system32\ShellExt\Cryptext.dll
2012-06-18 16:24 - 2012-06-18 16:24 - 00260096 _____ () C:\Program Files\Notepad++\NppShell_05.dll
2014-12-19 19:34 - 2014-12-19 19:34 - 00043520 _____ () C:\Windows\system32\CmdLineExt03.dll
2006-12-19 19:16 - 2006-12-19 19:16 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
2014-12-13 11:18 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-13 11:18 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-12-13 11:18 - 2014-12-06 02:50 - 14913352 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll
2014-04-11 16:45 - 2014-02-10 12:44 - 04592128 _____ () C:\Users\user\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-04-11 16:45 - 2014-02-10 12:44 - 00112128 _____ () C:\Users\user\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:07F6D9E4
AlternateDataStreams: C:\ProgramData\TEMP:E0EC633E

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^user^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CCC.lnk => C:\Windows\pss\CCC.lnk.Startup
MSCONFIG\startupfolder: C:^Users^user^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk => C:\Windows\pss\MyPC Backup.lnk.Startup
MSCONFIG\startupfolder: C:^Users^user^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk => C:\Windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk.Startup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: DAEMON Tools Lite => "I:\David\Programy na spuštění her\Demon Tools lite\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "H:\David\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: msnmsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: NtVdmSrv => C:\Windows\inf\ntvdm.vbe
MSCONFIG\startupreg: SkyDrive => "C:\Users\user\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: StartCCC => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
MSCONFIG\startupreg: SwitchBoard => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-1161798421-1374263499-860267216-500 - Administrator - Disabled)
Guest (S-1-5-21-1161798421-1374263499-860267216-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1161798421-1374263499-860267216-1002 - Limited - Enabled)
user (S-1-5-21-1161798421-1374263499-860267216-1000 - Administrator - Enabled) => C:\Users\user

==================== Faulty Device Manager Devices =============

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standardní hostitelský řadič USB)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: WD SES Device USB Device
Description: WD SES Device USB Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/08/2015 10:07:38 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo. První hodnota DWORD v datové oblasti obsahuje kód chyby.

Error: (01/08/2015 10:07:38 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error: (01/08/2015 10:07:38 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error: (01/02/2015 08:21:58 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {2e8a952f-b031-46b4-aa9d-a9c7a424513c}

Error: (07/18/2007 00:08:13 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo. První hodnota DWORD v datové oblasti obsahuje kód chyby.

Error: (07/18/2007 00:08:13 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error: (07/18/2007 00:08:13 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error: (12/31/2014 09:51:02 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo. První hodnota DWORD v datové oblasti obsahuje kód chyby.

Error: (12/31/2014 09:51:02 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error: (12/31/2014 09:51:01 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.


System errors:
=============
Error: (03/18/2015 10:04:02 AM) (Source: Microsoft-Windows-Time-Service) (EventID: 34) (User: NT AUTHORITY)
Description: Služba Systémový čas zjistila, že je nutné změnit systémový čas o -6394925 s. Služba Systémový čas nemění systémový čas o více než 54000 s. Ověřte správnost času a časového pásma a zda zdroj času time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->64.4.10.33:123) pracuje správně.

Error: (07/18/2007 00:00:23 AM) (Source: volmgr) (EventID: 49) (User: )
Description: Konfigurace stránkovacího souboru pro výpis stavu systému se
nezdařila. Přesvědčte se, zda na spouštěcím oddílu disku je stránkovací soubor
a zda je na něm dostatek místa pro uložení obsahu celé fyzické paměti.

Error: (07/18/2007 00:02:16 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (20:04:52, ‎28.‎12.‎2014) bylo neočekávané.

Error: (12/26/2014 02:54:40 PM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.

Error: (12/26/2014 02:47:06 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (12/26/2014 01:15:18 PM) (Source: Microsoft-Windows-Time-Service) (EventID: 34) (User: NT AUTHORITY)
Description: Služba Systémový čas zjistila, že je nutné změnit systémový čas o 86415 s. Služba Systémový čas nemění systémový čas o více než 54000 s. Ověřte správnost času a časového pásma a zda zdroj času time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->65.55.56.206:123) pracuje správně.

Error: (12/27/2014 08:37:10 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (12/26/2014 05:19:28 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby avast! Antivirus bylo dosaženo časového limitu (30000 ms).

Error: (12/26/2014 05:18:50 PM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk4\DR6.

Error: (12/24/2014 07:22:52 PM) (Source: Microsoft-Windows-Time-Service) (EventID: 34) (User: NT AUTHORITY)
Description: Služba Systémový čas zjistila, že je nutné změnit systémový čas o 86333 s. Služba Systémový čas nemění systémový čas o více než 54000 s. Ověřte správnost času a časového pásma a zda zdroj času time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->65.55.56.206:123) pracuje správně.


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Genuine Intel(R) CPU T2130 @ 1.86GHz
Percentage of memory in use: 64%
Total physical RAM: 1919.24 MB
Available physical RAM: 687.34 MB
Total Pagefile: 3838.48 MB
Available Pagefile: 2169.95 MB
Total Virtual: 2047.88 MB
Available Virtual: 1891.31 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:42.77 GB) (Free:2.42 GB) NTFS
Drive d: (Rodinka) (Fixed) (Total:130.02 GB) (Free:18.51 GB) NTFS
Drive e: (POLDA6) (CDROM) (Total:2.42 GB) (Free:0 GB) CDFS
Drive g: (Anicka) (Fixed) (Total:60 GB) (Free:55.68 GB) NTFS
Drive i: (My Passport) (Fixed) (Total:465.73 GB) (Free:181.08 GB) NTFS
Drive j: (Kao) (CDROM) (Total:0.17 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 62A6BE66)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=42.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=60 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=130 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 465.7 GB) (Disk ID: 00038A56)
Partition 1: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================

předem děkuji

[vyosek]

Odinstalujte SpyHunter

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Po spusteni probehne stazeni databaze
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  resethosts;
  emptyclsid;
  IEdefaults;
  FFdefaults;
  CHRdefaults;
  emptyIEcache;
  emptyFFcache;
  emptyCHRcache;
  emptyalltemp;
  emptyflash;
  emptyjava;
  emptyrecycle.bin;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem