VIRY.CZ

Dobrý den. Mám problém s načítáním win, začalo to že jsem winrarem rozpackovával soubor a začal se mi sekat PC a hlásit neodpovídá a několikrát během toho vyskočila chyba 0x0000006 hkcmd a že ho nelze spustit tak jsem PC restartoval naběhla úvodní obraz "Vítejte" naskočila plocha ale ikony né nešlo nic na ploše provádět a po chvíli vyskočila ta samá chyba. Takže jsem se musel přesunout do nouzového režimu se sítí poradíte jak se toho zbavit? PC bude jistě řádně zavirovaný.

Zdravím!
Zkuste nejprve obnovu systému k datu, kdy korektně fungoval. Pak dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

Takže obnovení systému pomohlo už opět mohu do systému klasicky a tady je ten log.


Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-01-2015
Ran by Austin (administrator) on AUSTIN-PC on 11-01-2015 18:02:28
Running from C:\Users\Austin\Desktop
Loaded Profile: Austin (Available profiles: Austin)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac7302\Monitor.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_15_0_0_223_ActiveX.exe
(forum.viry.cz) C:\Users\Austin\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [PAC7302_Monitor] => C:\Windows\PixArt\PAC7302\Monitor.exe [323584 2007-12-10] (PixArt Imaging Incorporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5223016 2014-11-01] (AVAST Software)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\...\Run: [LightShot] => C:\Users\Austin\AppData\Local\Skillbrains\lightshot\Lightshot.exe
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\...\Run: [MK LOL] => C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe [1092296 2014-11-12] ()
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = http://www.default-search.net/search?si ... earchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = http://www.default-search.net/search?si ... earchTerms}
SearchScopes: HKU\S-1-5-21-2199681317-980097130-1220238891-1000 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\S-1-5-21-2199681317-980097130-1220238891-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2199681317-980097130-1220238891-1000 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\S-1-5-21-2199681317-980097130-1220238891-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = http://www.default-search.net/search?si ... earchTerms}
BHO: No Name -> {11111111-1111-1111-1111-110511131190} -> No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/s ... wflash.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2199681317-980097130-1220238891-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-23]

Chrome:
=======
CHR Profile: C:\Users\Austin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\Austin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-23]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-31]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-31] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation)
S4 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-09] (globalUpdate) [File not signed]
S4 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-09] (globalUpdate) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe [57344 2011-08-10] (Atheros) [File not signed]
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-10-31] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-10-31] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-10-31] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-10-31] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-10-31] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-10-31] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-07-08] (Disc Soft Ltd)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [532480 2009-04-28] (PixArt Imaging Inc.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 F06DEFF2-5B9C-490D-910F-35D3A91196222; \??\C:\Program Files (x86)\Settings Manager\systemk\x64\systemkmgrc2.cfg [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-11 18:02 - 2015-01-11 18:02 - 00015551 _____ () C:\Users\Austin\Desktop\FRST.txt
2015-01-11 17:59 - 2015-01-11 17:59 - 02124288 _____ (Farbar) C:\Users\Austin\Desktop\FRST64.exe
2015-01-11 17:59 - 2015-01-11 17:59 - 00112640 _____ (forum.viry.cz) C:\Users\Austin\Desktop\FRSTLauncher.exe
2015-01-11 17:39 - 2015-01-11 17:39 - 00000334 _____ () C:\Windows\PFRO.log
2015-01-11 16:53 - 2015-01-11 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-01-11 16:52 - 2014-10-31 12:07 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-01-11 16:43 - 2015-01-11 16:43 - 00000679 _____ () C:\Users\Austin\Desktop\VIRY.CZ • Zobrazit téma - Nenačítá se systém..website
2015-01-11 16:39 - 2015-01-11 18:02 - 00000000 ____D () C:\FRST
2015-01-11 16:37 - 2015-01-11 16:46 - 00000000 ____D () C:\Users\Austin\Desktop\Čištění PC
2015-01-11 15:33 - 2015-01-11 15:33 - 00024814 _____ () C:\ComboFix.txt
2015-01-11 15:13 - 2015-01-11 15:33 - 00000000 ____D () C:\Qoobox
2015-01-11 13:25 - 2015-01-11 14:03 - 00000000 ____D () C:\Users\Austin\Downloads\Tomb Raider
2015-01-10 23:06 - 2015-01-10 23:11 - 549547008 _____ () C:\Users\Austin\Downloads\Jursky-park-3.avi.8zigvwp.partial
2015-01-10 20:00 - 2015-01-10 20:18 - 911518208 _____ () C:\Users\Austin\Downloads\Jursky-park-2-ztraceny-svet.avi.yqlxj4m.partial
2015-01-08 16:31 - 2015-01-08 16:37 - 318781229 _____ () C:\Users\Austin\Downloads\[CNT]_Naruto_Shippuuden_394_1080p_[C5F351B6].mkv
2015-01-08 16:27 - 2015-01-08 16:27 - 00012731 _____ () C:\Users\Austin\Downloads\[CNT]_Naruto_Shippuuden_394_1080p_[C5F351B6].mkv.torrent
2015-01-06 01:21 - 2015-01-06 01:27 - 734011530 _____ () C:\Users\Austin\Downloads\X-Men-Origins---Wolverine-2009-cz.avi.55ywvfk.partial
2015-01-04 01:00 - 2015-01-11 17:40 - 00000336 _____ () C:\Windows\setupact.log
2015-01-04 01:00 - 2015-01-04 01:00 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-02 15:57 - 2015-01-02 16:06 - 726035086 _____ () C:\Users\Austin\Downloads\IP-MAN-2008-AKCNI-DONNIE-YEN-CZ-DABING.avi
2014-12-31 17:02 - 2014-12-31 17:26 - 1571845950 _____ () C:\Users\Austin\Downloads\Toy-Story-3---Pribeh-hracek-3---by-pablos32.avi.frcy1lg.partial
2014-12-30 23:14 - 2014-12-30 23:27 - 640977920 _____ () C:\Users\Austin\Downloads\Toy-Story-2---Pribeh-hracek.Toy-Story-2-1999-CZ-Dabing-Animovany.avi
2014-12-30 18:33 - 2014-12-30 18:33 - 00170117 _____ () C:\Users\Austin\Downloads\TeamSpeak3-cestina-0.2.-beta2_by_hernihosting.cz (1).rar
2014-12-30 18:22 - 2014-12-30 18:22 - 00170117 _____ () C:\Users\Austin\Downloads\TeamSpeak3-cestina-0.2.-beta2_by_hernihosting.cz.rar
2014-12-30 04:06 - 2014-12-30 04:36 - 3556048896 _____ () C:\Users\Austin\Downloads\Bully-Schoolarship-edition.iso
2014-12-29 20:20 - 2014-12-29 20:30 - 716419072 _____ () C:\Users\Austin\Downloads\Toy-Story---Pribeh-hracek.avi
2014-12-28 18:11 - 2014-12-28 18:11 - 00010820 _____ () C:\Users\Austin\Desktop\Poslední-samuraj-cz-(titulky-k-japonstine).srt
2014-12-28 03:11 - 2014-12-28 03:11 - 00001613 _____ () C:\Users\Public\Desktop\League of Legends.lnk
2014-12-28 03:11 - 2014-12-28 03:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-12-28 02:02 - 2014-12-28 02:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-12-28 02:01 - 2014-12-28 02:01 - 26951680 _____ () C:\Users\Austin\Downloads\SkypeSetup_6.21.0.104.msi
2014-12-27 19:22 - 2014-12-27 20:24 - 00239354 _____ () C:\Users\Austin\Downloads\OptiFine-HD-U-D3-1.4.7.zip.8xvarnc.partial
2014-12-27 16:38 - 2014-12-27 17:58 - 1424154342 _____ () C:\Users\Austin\Downloads\Ip-Man-2.cz-dub.avi
2014-12-27 00:35 - 2014-12-27 00:35 - 00000000 ____D () C:\Users\Austin\Desktop\NEW
2014-12-26 23:46 - 2014-12-27 19:58 - 00000000 ____D () C:\Users\Austin\Desktop\MultiMC
2014-12-26 23:46 - 2014-12-26 23:46 - 23304531 _____ () C:\Users\Austin\Downloads\mmc-stable-win32.zip
2014-12-26 19:50 - 2014-12-26 20:05 - 1411080192 _____ () C:\Users\Austin\Downloads\Pelisky-CZ-GHOST04.avi
2014-12-26 18:44 - 2014-12-27 19:16 - 00000000 ____D () C:\Users\Austin\Desktop\Nargonovy mody
2014-12-26 03:51 - 2014-12-26 03:55 - 377332595 _____ () C:\Users\Austin\Downloads\[CNT]_Naruto_Shippuuden_393_1080p_[CA589F5F].mkv
2014-12-26 03:39 - 2014-12-26 03:39 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-12-26 03:39 - 2014-12-26 03:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-25 13:01 - 2014-12-25 13:09 - 734771200 _____ () C:\Users\Austin\Downloads\Nejkrasnejsi-hadanka.avi
2014-12-25 02:30 - 2015-01-03 17:37 - 22764208 _____ () C:\Users\Austin\Desktop\TechnicLauncher.exe
2014-12-25 02:30 - 2015-01-03 17:24 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\.technic
2014-12-24 12:09 - 2014-12-24 12:09 - 00000000 ____D () C:\Users\Austin\Downloads\Nargbox.1.4.7.Beta7
2014-12-24 12:05 - 2014-12-24 12:07 - 128800855 _____ () C:\Users\Austin\Downloads\Nargbox.1.4.7.Beta7.zip
2014-12-24 03:02 - 2014-12-24 03:02 - 00000000 ____D () C:\Program Files\Java
2014-12-23 20:48 - 2014-12-23 20:59 - 766353408 _____ () C:\Users\Austin\Downloads\Vanocni-prazdniny-cz-dabing.avi.4wxzeqj.partial
2014-12-22 19:48 - 2014-12-22 20:08 - 1048872076 _____ () C:\Users\Austin\Downloads\Sam-doma-a-bohaty.avi.vsgjkfp.partial
2014-12-22 18:12 - 2014-12-22 19:18 - 611838592 _____ () C:\Users\Austin\Downloads\Windows-XP-Professional-SP3-32bit-(CZ).zip
2014-12-21 22:53 - 2014-12-21 22:53 - 00001444 _____ () C:\Users\Austin\AppData\Local\recently-used.xbel
2014-12-20 14:01 - 2014-12-20 14:01 - 04740913 _____ ( ) C:\Users\Austin\Downloads\ExplorerSuite(1).exe
2014-12-20 14:01 - 2014-12-20 14:01 - 00000000 ____D () C:\Users\Public\Documents\Explorer Suite Signatures
2014-12-20 14:01 - 2014-12-20 14:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Explorer Suite
2014-12-20 14:01 - 2014-12-20 14:01 - 00000000 ____D () C:\Program Files\NTCore
2014-12-20 14:00 - 2014-12-20 14:00 - 00231920 _____ () C:\Users\Austin\Downloads\ExplorerSuite.exe
2014-12-20 13:29 - 2014-12-21 21:39 - 00000000 ____D () C:\Users\Austin\Desktop\Attomey ---
2014-12-20 13:12 - 2014-12-20 13:23 - 966764556 _____ () C:\Users\Austin\Downloads\Attomey.rar
2014-12-20 05:21 - 2014-12-20 05:28 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Return to Castle Wolfenstein
2014-12-20 05:21 - 2014-12-20 05:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Return to Castle Wolfenstein
2014-12-20 05:20 - 2014-12-20 05:21 - 00000000 ____D () C:\Program Files (x86)\Return to Castle Wolfenstein
2014-12-20 05:19 - 2014-12-20 05:21 - 00000810 _____ () C:\Windows\Rtcw.INI
2014-12-20 05:19 - 2001-06-19 17:53 - 00266293 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.000
2014-12-20 05:17 - 2014-11-25 21:21 - 00000000 ____D () C:\Users\Austin\Desktop\Return to Castle Wolfenstein cz
2014-12-20 05:09 - 2015-01-11 16:46 - 00000000 ____D () C:\Users\Austin\Desktop\LaroxionMT2
2014-12-20 03:59 - 2014-12-26 18:43 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\.minecraft
2014-12-20 03:24 - 2014-12-20 04:45 - 1448469712 _____ () C:\Users\Austin\Downloads\Return-to-Castle-Wolfenstein-cz.rar
2014-12-20 01:58 - 2014-12-20 02:11 - 1216820711 _____ () C:\Users\Austin\Downloads\LaRoXion_full.exe
2014-12-18 23:58 - 2014-12-19 00:03 - 421119135 _____ () C:\Users\Austin\Downloads\[CNT]_Naruto_Shippuuden_392_1080p_[5B314FBD].mkv
2014-12-17 16:17 - 2014-12-17 16:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2014-12-16 03:35 - 2014-12-16 04:43 - 873164800 _____ () C:\Users\Austin\Downloads\Sam-doma-2---Ztracen-v-New-Yorku.avi
2014-12-15 17:18 - 2014-12-15 18:03 - 525991292 _____ () C:\Users\Austin\Downloads\dabelsky-santa-komedie-filmy-cz-avi.avi.ygpbrx7.partial
2014-12-14 22:37 - 2014-12-14 23:40 - 734597120 _____ () C:\Users\Austin\Downloads\Sam-doma-1-cz.avi
2014-12-13 21:42 - 2014-12-13 21:42 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-13 21:36 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-13 21:36 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-11 17:49 - 2009-07-14 05:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-11 17:49 - 2009-07-14 05:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-11 17:47 - 2014-07-04 17:56 - 01642660 _____ () C:\Windows\WindowsUpdate.log
2015-01-11 17:44 - 2014-08-02 23:09 - 00000390 _____ () C:\Windows\Tasks\update-sys.job
2015-01-11 17:42 - 2014-07-04 19:24 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\Skype
2015-01-11 17:41 - 2014-07-23 11:13 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-11 17:40 - 2014-07-09 16:21 - 00003794 _____ () C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-11.job
2015-01-11 17:40 - 2014-07-09 16:21 - 00002304 _____ () C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-4.job
2015-01-11 17:40 - 2014-07-09 16:21 - 00001538 _____ () C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-1.job
2015-01-11 17:40 - 2014-07-09 16:21 - 00001436 _____ () C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5_user.job
2015-01-11 17:40 - 2014-07-09 16:21 - 00001416 _____ () C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5.job
2015-01-11 17:40 - 2014-07-09 16:21 - 00001322 _____ () C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-2.job
2015-01-11 17:40 - 2014-07-09 16:21 - 00000942 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-01-11 17:40 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-11 17:28 - 2014-07-04 19:20 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-11 17:26 - 2014-07-09 16:21 - 00000946 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-01-11 16:46 - 2014-10-04 12:25 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\Webshare
2015-01-11 16:46 - 2014-07-08 17:10 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2015-01-11 16:46 - 2014-07-04 20:01 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\vlc
2015-01-11 16:46 - 2014-07-04 19:55 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\uTorrent
2015-01-11 16:46 - 2014-07-04 18:01 - 00000000 ____D () C:\Users\Austin
2015-01-11 16:46 - 2010-11-21 10:38 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-01-11 16:46 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-01-11 16:46 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-11 16:46 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2015-01-11 16:45 - 2014-07-09 21:31 - 00000000 ____D () C:\Games
2015-01-11 15:23 - 2009-07-14 03:34 - 58195968 _____ () C:\Windows\system32\config\SOFTWARE.bak
2015-01-11 15:23 - 2009-07-14 03:34 - 16252928 _____ () C:\Windows\system32\config\SYSTEM.bak
2015-01-11 15:23 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2015-01-11 15:23 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2015-01-11 15:23 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.bak
2015-01-07 19:44 - 2014-07-11 18:04 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\TeamViewer
2015-01-07 13:12 - 2014-07-05 07:27 - 00000000 ____D () C:\Austin - Filmy
2015-01-05 12:36 - 2014-08-02 23:09 - 00000390 _____ () C:\Windows\Tasks\update-S-1-5-21-2199681317-980097130-1220238891-1000.job
2015-01-05 10:54 - 2014-07-04 18:16 - 00003978 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E6826CC3-287E-4C04-9349-6664373E43B5}
2015-01-02 13:43 - 2014-07-09 10:18 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-02 13:43 - 2014-07-08 17:37 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\DAEMON Tools Lite
2015-01-02 00:42 - 2014-08-16 11:30 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\TS3Client
2014-12-29 14:01 - 2014-08-12 22:57 - 00000000 ____D () C:\Users\Austin\AppData\Local\PMB Files
2014-12-29 03:28 - 2014-11-03 19:14 - 00921636 _____ () C:\PA7302.DAT
2014-12-28 03:43 - 2014-08-12 22:57 - 00000000 ____D () C:\ProgramData\PMB Files
2014-12-28 02:02 - 2014-07-04 19:24 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-28 02:02 - 2014-07-04 19:24 - 00000000 ____D () C:\ProgramData\Skype
2014-12-26 03:39 - 2014-07-08 19:42 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-25 11:36 - 2014-09-08 11:56 - 00000066 _____ () C:\Users\Austin\.atl.properties
2014-12-24 03:08 - 2014-07-08 19:41 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-24 01:55 - 2014-11-04 21:21 - 00000000 ____D () C:\Program Files (x86)\Utherverse Digital Inc
2014-12-21 23:01 - 2014-07-21 15:09 - 00000000 ____D () C:\Users\Austin\.gimp-2.8
2014-12-21 22:55 - 2014-07-21 15:50 - 00000000 ____D () C:\Users\Austin\AppData\Local\gtk-2.0
2014-12-21 21:41 - 2014-07-30 22:33 - 00000000 ____D () C:\Users\Austin\Desktop\Last-World
2014-12-21 16:02 - 2014-07-04 19:56 - 00000000 ____D () C:\Users\Austin\Desktop\Programy
2014-12-20 13:11 - 2014-07-05 08:44 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-12-18 15:09 - 2014-11-22 17:46 - 00000000 ____D () C:\Users\Austin\Desktop\DragonBorn
2014-12-17 16:17 - 2014-08-02 23:09 - 00003266 _____ () C:\Windows\System32\Tasks\update-S-1-5-21-2199681317-980097130-1220238891-1000
2014-12-17 16:17 - 2014-08-02 23:09 - 00000425 _____ () C:\Users\Austin\AppData\Local\UserProducts.xml
2014-12-17 15:56 - 2014-09-17 00:59 - 00003832 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1410911989
2014-12-17 15:56 - 2014-07-04 18:57 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-12-16 19:26 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-13 21:42 - 2014-07-06 04:31 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-13 21:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-13 21:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-13 21:41 - 2014-07-08 20:16 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-13 21:37 - 2014-07-08 20:16 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-11 17:17




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:465.66 GB) (Free:35.68 GB) NTFS

Available physical RAM: 4622.92 MB
Total physical RAM: 6390.71 MB
Percentage of memory in use: 27%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 419E0F09)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-1.job => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-11.job => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-2.job => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-4.job => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5.job => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5_user.job => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\update-S-1-5-21-2199681317-980097130-1220238891-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Austin\Desktop" je 44601 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightShot
C:\Users\Austin\AppData\Local\Skillbrains\lightshot\Lightshot.exe Flags: uninsdeletevalue [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Austin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Registration Far Cry.LNK
C:\PROGRA~2\Ubisoft\Crytek\FARCRY~1\Register\REGIST~1.EXE -d 806027 -l english -r 7 -g Far Cry [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Po restartu naskočil tento log


# AdwCleaner v4.107 - Report created 11/01/2015 at 18:36:42
# Updated 07/01/2015 by Xplode
# Database : 2015-01-11.1 [Live]
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Austin - AUSTIN-PC
# Running from : C:\Users\Austin\Desktop\adwcleaner_4.107.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : F06DEFF2-5B9C-490D-910F-35D3A91196222
[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlvPlayer
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Users\Austin\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Austin\AppData\LocalLow\DataMngr
Folder Deleted : C:\Users\Austin\AppData\Roaming\FlvPlayer
Folder Deleted : C:\Users\Austin\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Austin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
Folder Deleted : C:\Users\Austin\AppData\Roaming\Opera Software\Opera Stable\Extensions\lmnbobhffedhdhfpcjkjphcfpeeiocdn

***** [ Scheduled Tasks ] *****

Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : update-sys
Task Deleted : 3f2f2832-9260-4e98-acaf-0ea966cc2ce9-1
Task Deleted : 3f2f2832-9260-4e98-acaf-0ea966cc2ce9-11
Task Deleted : 3f2f2832-9260-4e98-acaf-0ea966cc2ce9-2
Task Deleted : 3f2f2832-9260-4e98-acaf-0ea966cc2ce9-4
Task Deleted : 3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5
Task Deleted : 3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5_user
Task Deleted : update-S-1-5-21-2199681317-980097130-1220238891-1000

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Lightshot]
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0051390.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0051390.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555135590}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566136690}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555135590}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566136690}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Linkey
Key Deleted : HKCU\Software\StormWatchApp
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKLM\SOFTWARE\FlvPlayer
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\SystemK
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\FlvPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Google Chrome v


-\\ Opera v26.0.1656.60


*************************

AdwCleaner[R0].txt - [12194 octets] - [11/01/2015 18:33:10]
AdwCleaner[S0].txt - [11256 octets] - [11/01/2015 18:36:42]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11317 octets] ##########

Dejte nový log FRST.

Tady ho máte.


Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-01-2015
Ran by Austin (administrator) on AUSTIN-PC on 11-01-2015 20:45:22
Running from C:\Users\Austin\Desktop
Loaded Profile: Austin (Available profiles: Austin)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac7302\Monitor.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_15_0_0_223_ActiveX.exe
(forum.viry.cz) C:\Users\Austin\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [PAC7302_Monitor] => C:\Windows\PixArt\PAC7302\Monitor.exe [323584 2007-12-10] (PixArt Imaging Incorporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5223016 2014-11-01] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\...\Run: [LightShot] => C:\Users\Austin\AppData\Local\Skillbrains\lightshot\Lightshot.exe
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\...\Run: [MK LOL] => C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe [1092296 2014-11-12] ()
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\...\MountPoints2: {db1f61f6-063d-11e4-b02e-dc0ea108a991} - E:\Setup.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
Startup: C:\Users\Austin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tomb Raider[2013 3DM Crack Only ].lnk
ShortcutTarget: Tomb Raider[2013 3DM Crack Only ].lnk -> C:\ProgramData\{12deba25-fe2c-d1eb-12de-eba25fe2e897}\Tomb Raider[2013 3DM Crack Only ].exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2199681317-980097130-1220238891-1000 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\S-1-5-21-2199681317-980097130-1220238891-1000 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
BHO: No Name -> {11111111-1111-1111-1111-110511131190} -> No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/s ... wflash.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2199681317-980097130-1220238891-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-23]

Chrome:
=======
CHR Profile: C:\Users\Austin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\Austin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-23]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-31]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-31] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe [57344 2011-08-10] (Atheros) [File not signed]
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-10-31] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-10-31] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-10-31] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-10-31] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-10-31] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-10-31] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-07-08] (Disc Soft Ltd)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [532480 2009-04-28] (PixArt Imaging Inc.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-11 20:45 - 2015-01-11 20:45 - 00015327 _____ () C:\Users\Austin\Desktop\LM.bat
2015-01-11 20:45 - 2015-01-11 20:45 - 00013700 _____ () C:\Users\Austin\Desktop\FRST.txt
2015-01-11 20:43 - 2015-01-11 20:45 - 00029696 _____ () C:\Users\Austin\AppData\Local\MSGBOX.EXE
2015-01-11 20:42 - 2015-01-11 20:42 - 00112640 _____ (forum.viry.cz) C:\Users\Austin\Desktop\FRSTLauncher.exe
2015-01-11 18:52 - 2015-01-11 18:53 - 04942867 _____ () C:\Users\Austin\Downloads\Tomb-Raider-2013-Crack-CZ.rar
2015-01-11 18:51 - 2015-01-11 18:51 - 00000000 ____D () C:\ProgramData\{12deba25-fe2c-d1eb-12de-eba25fe2e897}
2015-01-11 18:33 - 2015-01-11 18:36 - 00000000 ____D () C:\AdwCleaner
2015-01-11 18:32 - 2015-01-11 18:32 - 02191360 _____ () C:\Users\Austin\Desktop\adwcleaner_4.107.exe
2015-01-11 18:28 - 2015-01-11 20:39 - 00008938 _____ () C:\Users\Austin\Documents\TombRaider.log
2015-01-11 18:28 - 2015-01-11 18:28 - 00000000 ____D () C:\Users\Austin\AppData\Local\SKIDROW
2015-01-11 18:24 - 2015-01-11 18:24 - 00002093 _____ () C:\Users\Public\Desktop\Tombraider.lnk
2015-01-11 18:24 - 2015-01-11 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SQUARE ENIX
2015-01-11 18:15 - 2015-01-11 18:15 - 00000000 ____D () C:\Program Files (x86)\SQUARE ENIX
2015-01-11 17:59 - 2015-01-11 17:59 - 02124288 _____ (Farbar) C:\Users\Austin\Desktop\FRST64.exe
2015-01-11 17:39 - 2015-01-11 18:37 - 00000648 _____ () C:\Windows\PFRO.log
2015-01-11 16:53 - 2015-01-11 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-01-11 16:52 - 2014-10-31 12:07 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-01-11 16:43 - 2015-01-11 18:43 - 00000679 _____ () C:\Users\Austin\Desktop\VIRY.CZ • Zobrazit téma - Nenačítá se systém..website
2015-01-11 16:39 - 2015-01-11 20:45 - 00000000 ____D () C:\FRST
2015-01-11 16:37 - 2015-01-11 16:46 - 00000000 ____D () C:\Users\Austin\Desktop\Čištění PC
2015-01-11 15:33 - 2015-01-11 15:33 - 00024814 _____ () C:\ComboFix.txt
2015-01-11 15:13 - 2015-01-11 15:33 - 00000000 ____D () C:\Qoobox
2015-01-11 13:25 - 2015-01-11 14:03 - 00000000 ____D () C:\Users\Austin\Downloads\Tomb Raider
2015-01-10 23:06 - 2015-01-10 23:11 - 549547008 _____ () C:\Users\Austin\Downloads\Jursky-park-3.avi.8zigvwp.partial
2015-01-10 20:00 - 2015-01-10 20:18 - 911518208 _____ () C:\Users\Austin\Downloads\Jursky-park-2-ztraceny-svet.avi.yqlxj4m.partial
2015-01-08 16:31 - 2015-01-08 16:37 - 318781229 _____ () C:\Users\Austin\Downloads\[CNT]_Naruto_Shippuuden_394_1080p_[C5F351B6].mkv
2015-01-08 16:27 - 2015-01-08 16:27 - 00012731 _____ () C:\Users\Austin\Downloads\[CNT]_Naruto_Shippuuden_394_1080p_[C5F351B6].mkv.torrent
2015-01-06 01:21 - 2015-01-06 01:27 - 734011530 _____ () C:\Users\Austin\Downloads\X-Men-Origins---Wolverine-2009-cz.avi.55ywvfk.partial
2015-01-04 01:00 - 2015-01-11 18:38 - 00000504 _____ () C:\Windows\setupact.log
2015-01-04 01:00 - 2015-01-04 01:00 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-02 15:57 - 2015-01-02 16:06 - 726035086 _____ () C:\Users\Austin\Downloads\IP-MAN-2008-AKCNI-DONNIE-YEN-CZ-DABING.avi
2014-12-31 17:02 - 2014-12-31 17:26 - 1571845950 _____ () C:\Users\Austin\Downloads\Toy-Story-3---Pribeh-hracek-3---by-pablos32.avi.frcy1lg.partial
2014-12-30 23:14 - 2014-12-30 23:27 - 640977920 _____ () C:\Users\Austin\Downloads\Toy-Story-2---Pribeh-hracek.Toy-Story-2-1999-CZ-Dabing-Animovany.avi
2014-12-30 18:33 - 2014-12-30 18:33 - 00170117 _____ () C:\Users\Austin\Downloads\TeamSpeak3-cestina-0.2.-beta2_by_hernihosting.cz (1).rar
2014-12-30 18:22 - 2014-12-30 18:22 - 00170117 _____ () C:\Users\Austin\Downloads\TeamSpeak3-cestina-0.2.-beta2_by_hernihosting.cz.rar
2014-12-30 04:06 - 2014-12-30 04:36 - 3556048896 _____ () C:\Users\Austin\Downloads\Bully-Schoolarship-edition.iso
2014-12-29 20:20 - 2014-12-29 20:30 - 716419072 _____ () C:\Users\Austin\Downloads\Toy-Story---Pribeh-hracek.avi
2014-12-28 18:11 - 2014-12-28 18:11 - 00010820 _____ () C:\Users\Austin\Desktop\Poslední-samuraj-cz-(titulky-k-japonstine).srt
2014-12-28 03:11 - 2014-12-28 03:11 - 00001613 _____ () C:\Users\Public\Desktop\League of Legends.lnk
2014-12-28 03:11 - 2014-12-28 03:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-12-28 02:02 - 2014-12-28 02:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-12-28 02:01 - 2014-12-28 02:01 - 26951680 _____ () C:\Users\Austin\Downloads\SkypeSetup_6.21.0.104.msi
2014-12-27 19:22 - 2014-12-27 20:24 - 00239354 _____ () C:\Users\Austin\Downloads\OptiFine-HD-U-D3-1.4.7.zip.8xvarnc.partial
2014-12-27 16:38 - 2014-12-27 17:58 - 1424154342 _____ () C:\Users\Austin\Downloads\Ip-Man-2.cz-dub.avi
2014-12-27 00:35 - 2015-01-11 18:30 - 00000000 ____D () C:\Users\Austin\Desktop\NEW
2014-12-26 23:46 - 2014-12-27 19:58 - 00000000 ____D () C:\Users\Austin\Desktop\MultiMC
2014-12-26 23:46 - 2014-12-26 23:46 - 23304531 _____ () C:\Users\Austin\Downloads\mmc-stable-win32.zip
2014-12-26 19:50 - 2014-12-26 20:05 - 1411080192 _____ () C:\Users\Austin\Downloads\Pelisky-CZ-GHOST04.avi
2014-12-26 18:44 - 2014-12-27 19:16 - 00000000 ____D () C:\Users\Austin\Desktop\Nargonovy mody
2014-12-26 03:51 - 2014-12-26 03:55 - 377332595 _____ () C:\Users\Austin\Downloads\[CNT]_Naruto_Shippuuden_393_1080p_[CA589F5F].mkv
2014-12-26 03:39 - 2014-12-26 03:39 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-12-26 03:39 - 2014-12-26 03:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-25 13:01 - 2014-12-25 13:09 - 734771200 _____ () C:\Users\Austin\Downloads\Nejkrasnejsi-hadanka.avi
2014-12-25 02:30 - 2015-01-03 17:37 - 22764208 _____ () C:\Users\Austin\Desktop\TechnicLauncher.exe
2014-12-25 02:30 - 2015-01-03 17:24 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\.technic
2014-12-24 12:09 - 2014-12-24 12:09 - 00000000 ____D () C:\Users\Austin\Downloads\Nargbox.1.4.7.Beta7
2014-12-24 12:05 - 2014-12-24 12:07 - 128800855 _____ () C:\Users\Austin\Downloads\Nargbox.1.4.7.Beta7.zip
2014-12-24 03:02 - 2014-12-24 03:02 - 00000000 ____D () C:\Program Files\Java
2014-12-23 20:48 - 2014-12-23 20:59 - 766353408 _____ () C:\Users\Austin\Downloads\Vanocni-prazdniny-cz-dabing.avi.4wxzeqj.partial
2014-12-22 19:48 - 2014-12-22 20:08 - 1048872076 _____ () C:\Users\Austin\Downloads\Sam-doma-a-bohaty.avi.vsgjkfp.partial
2014-12-22 18:12 - 2014-12-22 19:18 - 611838592 _____ () C:\Users\Austin\Downloads\Windows-XP-Professional-SP3-32bit-(CZ).zip
2014-12-21 22:53 - 2014-12-21 22:53 - 00001444 _____ () C:\Users\Austin\AppData\Local\recently-used.xbel
2014-12-20 14:01 - 2014-12-20 14:01 - 04740913 _____ ( ) C:\Users\Austin\Downloads\ExplorerSuite(1).exe
2014-12-20 14:01 - 2014-12-20 14:01 - 00000000 ____D () C:\Users\Public\Documents\Explorer Suite Signatures
2014-12-20 14:01 - 2014-12-20 14:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Explorer Suite
2014-12-20 14:01 - 2014-12-20 14:01 - 00000000 ____D () C:\Program Files\NTCore
2014-12-20 14:00 - 2014-12-20 14:00 - 00231920 _____ () C:\Users\Austin\Downloads\ExplorerSuite.exe
2014-12-20 13:29 - 2014-12-21 21:39 - 00000000 ____D () C:\Users\Austin\Desktop\Attomey ---
2014-12-20 13:12 - 2014-12-20 13:23 - 966764556 _____ () C:\Users\Austin\Downloads\Attomey.rar
2014-12-20 05:21 - 2014-12-20 05:28 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Return to Castle Wolfenstein
2014-12-20 05:21 - 2014-12-20 05:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Return to Castle Wolfenstein
2014-12-20 05:20 - 2014-12-20 05:21 - 00000000 ____D () C:\Program Files (x86)\Return to Castle Wolfenstein
2014-12-20 05:19 - 2014-12-20 05:21 - 00000810 _____ () C:\Windows\Rtcw.INI
2014-12-20 05:19 - 2001-06-19 17:53 - 00266293 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.000
2014-12-20 05:17 - 2014-11-25 21:21 - 00000000 ____D () C:\Users\Austin\Desktop\Return to Castle Wolfenstein cz
2014-12-20 05:09 - 2015-01-11 16:46 - 00000000 ____D () C:\Users\Austin\Desktop\LaroxionMT2
2014-12-20 03:59 - 2014-12-26 18:43 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\.minecraft
2014-12-20 03:24 - 2014-12-20 04:45 - 1448469712 _____ () C:\Users\Austin\Downloads\Return-to-Castle-Wolfenstein-cz.rar
2014-12-20 01:58 - 2014-12-20 02:11 - 1216820711 _____ () C:\Users\Austin\Downloads\LaRoXion_full.exe
2014-12-18 23:58 - 2014-12-19 00:03 - 421119135 _____ () C:\Users\Austin\Downloads\[CNT]_Naruto_Shippuuden_392_1080p_[5B314FBD].mkv
2014-12-17 16:17 - 2014-12-17 16:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2014-12-16 03:35 - 2014-12-16 04:43 - 873164800 _____ () C:\Users\Austin\Downloads\Sam-doma-2---Ztracen-v-New-Yorku.avi
2014-12-15 17:18 - 2014-12-15 18:03 - 525991292 _____ () C:\Users\Austin\Downloads\dabelsky-santa-komedie-filmy-cz-avi.avi.ygpbrx7.partial
2014-12-14 22:37 - 2014-12-14 23:40 - 734597120 _____ () C:\Users\Austin\Downloads\Sam-doma-1-cz.avi
2014-12-13 21:42 - 2014-12-13 21:42 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-13 21:36 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-13 21:36 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-11 20:40 - 2014-07-04 19:24 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\Skype
2015-01-11 20:28 - 2014-07-04 19:20 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-11 18:46 - 2009-07-14 05:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-11 18:46 - 2009-07-14 05:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-11 18:43 - 2014-07-04 17:56 - 01654750 _____ () C:\Windows\WindowsUpdate.log
2015-01-11 18:38 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-11 18:27 - 2014-07-09 10:18 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-11 17:41 - 2014-07-23 11:13 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-11 16:46 - 2014-10-04 12:25 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\Webshare
2015-01-11 16:46 - 2014-07-08 17:10 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2015-01-11 16:46 - 2014-07-04 20:01 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\vlc
2015-01-11 16:46 - 2014-07-04 19:55 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\uTorrent
2015-01-11 16:46 - 2014-07-04 18:01 - 00000000 ____D () C:\Users\Austin
2015-01-11 16:46 - 2010-11-21 10:38 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-01-11 16:46 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-01-11 16:46 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-11 16:46 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2015-01-11 16:45 - 2014-07-09 21:31 - 00000000 ____D () C:\Games
2015-01-11 15:23 - 2009-07-14 03:34 - 58195968 _____ () C:\Windows\system32\config\SOFTWARE.bak
2015-01-11 15:23 - 2009-07-14 03:34 - 16252928 _____ () C:\Windows\system32\config\SYSTEM.bak
2015-01-11 15:23 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2015-01-11 15:23 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2015-01-11 15:23 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.bak
2015-01-07 19:44 - 2014-07-11 18:04 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\TeamViewer
2015-01-07 13:12 - 2014-07-05 07:27 - 00000000 ____D () C:\Austin - Filmy
2015-01-05 10:54 - 2014-07-04 18:16 - 00003978 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E6826CC3-287E-4C04-9349-6664373E43B5}
2015-01-02 13:43 - 2014-07-08 17:37 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\DAEMON Tools Lite
2015-01-02 00:42 - 2014-08-16 11:30 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\TS3Client
2014-12-29 14:01 - 2014-08-12 22:57 - 00000000 ____D () C:\Users\Austin\AppData\Local\PMB Files
2014-12-29 03:28 - 2014-11-03 19:14 - 00921636 _____ () C:\PA7302.DAT
2014-12-28 03:43 - 2014-08-12 22:57 - 00000000 ____D () C:\ProgramData\PMB Files
2014-12-28 02:02 - 2014-07-04 19:24 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-28 02:02 - 2014-07-04 19:24 - 00000000 ____D () C:\ProgramData\Skype
2014-12-26 03:39 - 2014-07-08 19:42 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-25 11:36 - 2014-09-08 11:56 - 00000066 _____ () C:\Users\Austin\.atl.properties
2014-12-24 03:08 - 2014-07-08 19:41 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-24 01:55 - 2014-11-04 21:21 - 00000000 ____D () C:\Program Files (x86)\Utherverse Digital Inc
2014-12-21 23:01 - 2014-07-21 15:09 - 00000000 ____D () C:\Users\Austin\.gimp-2.8
2014-12-21 22:55 - 2014-07-21 15:50 - 00000000 ____D () C:\Users\Austin\AppData\Local\gtk-2.0
2014-12-21 21:41 - 2014-07-30 22:33 - 00000000 ____D () C:\Users\Austin\Desktop\Last-World
2014-12-21 16:02 - 2014-07-04 19:56 - 00000000 ____D () C:\Users\Austin\Desktop\Programy
2014-12-20 13:11 - 2014-07-05 08:44 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-12-18 15:09 - 2014-11-22 17:46 - 00000000 ____D () C:\Users\Austin\Desktop\DragonBorn
2014-12-17 16:17 - 2014-08-02 23:09 - 00000425 _____ () C:\Users\Austin\AppData\Local\UserProducts.xml
2014-12-17 15:56 - 2014-09-17 00:59 - 00003832 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1410911989
2014-12-17 15:56 - 2014-07-04 18:57 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-12-16 19:26 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-13 21:42 - 2014-07-06 04:31 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-13 21:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-13 21:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-13 21:41 - 2014-07-08 20:16 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-13 21:37 - 2014-07-08 20:16 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\Austin\AppData\Local\Temp\Quarantine.exe
C:\Users\Austin\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-11 17:17

==================== End Of Log ============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\...\MountPoints2: {db1f61f6-063d-11e4-b02e-dc0ea108a991} - E:\Setup.exe
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name -> {11111111-1111-1111-1111-110511131190} -> No File
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
C:\Users\Austin\AppData\Local\Temp
Task: {567D70DD-C8F5-467C-AC40-E479ACBCC25F} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-09] (globalUpdate) <==== ATTENTION
Task: {6D4C593E-CC3E-4DB5-A96C-9537DA07E32C} - System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-2 => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-2.exe <==== ATTENTION
Task: {A26FC883-88C5-4A57-9533-2DBA2D272882} - System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-4 => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-4.exe <==== ATTENTION
Task: {A9AF9D23-04DD-43FA-ADA2-A91A5E811CA3} - System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5 => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5.exe <==== ATTENTION
Task: {BB125494-74CD-4ADD-92C1-19598F293C3F} - System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5_user => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5.exe <==== ATTENTION
Task: {BF548EB3-CDE0-4523-9D23-53AAE584092E} - System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-11 => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-11.exe <==== ATTENTION
Task: {CB14A7F3-28FB-4777-8231-EA91A54C6E87} - System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-1 => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-codedownloader.exe <==== ATTENTION
Task: {CD49ED5E-0D1A-4BD2-A8E3-616DE38BD262} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-09] (globalUpdate) <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-1.job => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-11.job => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-2.job => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-4.job => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5.job => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5_user.job => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Tohle je ten FixLog.



Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-01-2015
Ran by Austin at 2015-01-11 22:01:37 Run:1
Running from C:\Users\Austin\Desktop
Loaded Profile: Austin (Available profiles: Austin)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\...\MountPoints2: {db1f61f6-063d-11e4-b02e-dc0ea108a991} - E:\Setup.exe
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name -> {11111111-1111-1111-1111-110511131190} -> No File
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
C:\Users\Austin\AppData\Local\Temp
Task: {567D70DD-C8F5-467C-AC40-E479ACBCC25F} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-09] (globalUpdate) <==== ATTENTION
Task: {6D4C593E-CC3E-4DB5-A96C-9537DA07E32C} - System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-2 => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-2.exe <==== ATTENTION
Task: {A26FC883-88C5-4A57-9533-2DBA2D272882} - System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-4 => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-4.exe <==== ATTENTION
Task: {A9AF9D23-04DD-43FA-ADA2-A91A5E811CA3} - System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5 => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5.exe <==== ATTENTION
Task: {BB125494-74CD-4ADD-92C1-19598F293C3F} - System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5_user => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5.exe <==== ATTENTION
Task: {BF548EB3-CDE0-4523-9D23-53AAE584092E} - System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-11 => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-11.exe <==== ATTENTION
Task: {CB14A7F3-28FB-4777-8231-EA91A54C6E87} - System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-1 => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-codedownloader.exe <==== ATTENTION
Task: {CD49ED5E-0D1A-4BD2-A8E3-616DE38BD262} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-09] (globalUpdate) <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-1.job => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-11.job => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-2.job => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-4.job => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5.job => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5_user.job => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
"HKU\S-1-5-21-2199681317-980097130-1220238891-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{db1f61f6-063d-11e4-b02e-dc0ea108a991}" => Key deleted successfully.
HKCR\CLSID\{db1f61f6-063d-11e4-b02e-dc0ea108a991} => Key not found.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511131190}" => Key deleted successfully.
HKCR\CLSID\{11111111-1111-1111-1111-110511131190} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
C:\Program Files (x86)\Skype\Toolbars => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => Key deleted successfully.
C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll => Moved successfully.
c2cautoupdatesvc => Service stopped successfully.
c2cautoupdatesvc => Service deleted successfully.
c2cpnrsvc => Service stopped successfully.
c2cpnrsvc => Service deleted successfully.

"C:\Users\Austin\AppData\Local\Temp" directory move:

C:\Users\Austin\AppData\Local\Temp\adwcleaner.db => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\AdwCleaner.jpg => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\Cleaning.ico => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\EULA.txt => Moved successfully.
Could not move "C:\Users\Austin\AppData\Local\Temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.
C:\Users\Austin\AppData\Local\Temp\JavaDeployReg.log => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\jusched.log => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\Report.ico => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\Scan.ico => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\sqlite3.dll => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\StructuredQuery.log => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\Uninstall.ico => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\~6FE2.tmp => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\~8304.bat => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\~8304.tmp => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\~97CF.bat => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\~97CF.tmp => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\~D25D.tmp => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\~DD93.tmp => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\~E7C1.bat => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\~E7C1.tmp => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\Low\JavaDeployReg.log => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\c2A7Fb4a\temp\bg.ca => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\c2A7Fb4a\temp\Tomb Raider[2013 3DM Crack Only ].exe => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\c2A7Fb4a\images\loader.gif => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\c2A7Fb4a\images\progressbar.gif => Moved successfully.
Could not move "C:\Users\Austin\AppData\Local\Temp" directory. => Scheduled to move on reboot.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{567D70DD-C8F5-467C-AC40-E479ACBCC25F} => Key not found.
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6D4C593E-CC3E-4DB5-A96C-9537DA07E32C} => Key not found.
C:\Windows\System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-2 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-2 => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A26FC883-88C5-4A57-9533-2DBA2D272882} => Key not found.
C:\Windows\System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-4 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-4 => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9AF9D23-04DD-43FA-ADA2-A91A5E811CA3} => Key not found.
C:\Windows\System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5 => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB125494-74CD-4ADD-92C1-19598F293C3F} => Key not found.
C:\Windows\System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5_user not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5_user => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF548EB3-CDE0-4523-9D23-53AAE584092E} => Key not found.
C:\Windows\System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-11 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-11 => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB14A7F3-28FB-4777-8231-EA91A54C6E87} => Key not found.
C:\Windows\System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-1 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-1 => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CD49ED5E-0D1A-4BD2-A8E3-616DE38BD262} => Key not found.
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA => Key not found.
C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-1.job not found.
C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-11.job not found.
C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-2.job not found.
C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-4.job not found.
C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5.job not found.
C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5_user.job not found.
C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job not found.
C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job not found.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-01-11 22:03:59)<=

C:\Users\Austin\AppData\Local\Temp\FXSAPIDebugLogFile.txt => Is moved successfully.
C:\Users\Austin\AppData\Local\Temp => Moved successfully.

==== End of Fixlog 22:04:00 ====

Smazáno. Je vše v pořádku?

Ano PC startuje rychleji o cca 40% Každopádně jsem se chtěl poptat nedávno jsem také chytil vir a ten mi přepsal klávesnici takže místo toho co jsem chtěl to psalo nesmyslné znaky písmena nebo čísla je i to pryč? Vím že mi tenkrát pomohl avast v nouzovém režimu ale nevěřil jsem že je to zkutečně pryč. Jinak PC se chová zcela normálně. Děkuji moc a přeji pěkný zbytek večera

Pryč je všechno, co jsem v logu viděl. Chcete-li, udělejte ještě kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Ták tady je ten log z MBAM a chtěl bych se zeptat na nějaký schopný antivir ve kterým se dají vypínat štíty avast mi nepřijde nejspolehlivější



Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 11.1.2015
Scan Time: 23:06:07
Logfile: Log MBAM.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.01.11.11
Rootkit Database: v2015.01.07.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Austin

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 323951
Time Elapsed: 1 min, 43 sec

Memory: Enabled
Startup: Enabled
Filesystem: Disabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 5
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, , [cc5b827472170a2c13d4d1130200e917],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, , [cc5b827472170a2c13d4d1130200e917],
PUP.Optional.TornTV.A, HKLM\SOFTWARE\WOW6432NODE\Torntv V9.0, , [eb3ca155652490a64f5b248c33d0fa06],
PUP.Optional.TornTV.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Torntv V9.0, , [e5426591b0d992a427508524da29b749],
PUP.Optional.TornTV.A, HKU\S-1-5-21-2199681317-980097130-1220238891-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Torntv V9.0, , [e24544b29aef8babf2859d0c38cb56aa],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

Vše, co MBAM nalezl, smažte. Co se AV táká, Avast mohu doporučit, na to, že je zdarma, toho umí celkem dost. Můžete ještě vyzkoušet Aviru: http://www.avira.com/en/avira-free-antivirus . Není ale v češtině.

No avira mi přijde luxusní co se obrany týče ale nenalezl jsem v ní vypínání štítů právě že avira toho považuje za virus až moc