VIRY.CZ

Dobrý den,
zasílám log a zabalený addition z FRST.
Trápí mě vyskakující okénka reklam (naštěstí mám adblock, takže jsou ty okénka průhledné, přesto dost otravné) a pomalejší chod notebooku.

Log FRST:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-01-2015 02
Ran by Radek (administrator) on RADEK on 12-01-2015 22:13:06
Running from C:\Programy
Loaded Profile: Radek (Available profiles: Radek)
Platform: Windows 8.1 Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13267016 2013-01-29] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1276488 2013-01-18] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2015-01-08] (AVAST Software)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707496 2014-08-15] (Cisco Systems, Inc.)
HKLM-x32\...\RunOnce: [20150107] => C:\Program Files\AVAST Software\Avast\setup\emupdate\cea1aed4-b2c7-4f6b-8097-22cc565c2762.exe [183232 2015-01-12] (AVAST Software)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-01-28] ( (Qualcomm Atheros Commnucations))
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2255875871-1199464176-1346690243-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... NKRJ5NKRJ5
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... NKRJ5NKRJ5
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?q={searchTerms}
HKU\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.mystartsearch.com/?type=sc&t ... NKRJ5NKRJ5
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
SearchScopes: HKLM-x32 -> {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2255875871-1199464176-1346690243-1002 -> DefaultScope {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2255875871-1199464176-1346690243-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2255875871-1199464176-1346690243-1002 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
SearchScopes: HKU\S-1-5-21-2255875871-1199464176-1346690243-1002 -> {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2255875871-1199464176-1346690243-1002 -> {F4C995CC-29D3-49A6-9C11-46F6A83392CB} URL = https://search.yahoo.com/search?fr=chr- ... earchTerms}
BHO: No Name -> {11111111-1111-1111-1111-110611321185} -> No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: No Name -> {11111111-1111-1111-1111-110611321185} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\85ha3ezc.default
FF DefaultSearchUrl: https://www.google.com/search
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: https://www.google.com/
FF Keyword.URL: https://www.google.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\85ha3ezc.default\searchplugins\google-avast.xml
FF SearchPlugin: C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\85ha3ezc.default\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mystartsearch.xml
FF Extension: Cinema-Plus-1.8c - C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\85ha3ezc.default\Extensions\6cfae8cc4676442fa78d9dcdf@bd4ea874e76d4af1994ba.com [2015-01-01]
FF Extension: Adblock Plus - C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\85ha3ezc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-27]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-06]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\85ha3ezc.default\extensions\faststartff@gmail.com
FF HKU\S-1-5-21-2255875871-1199464176-1346690243-1002\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.mystartsearch.com/?type=hp&ts=14164 ... NKRJ5NKRJ5
CHR StartupUrls: Default -> "hxxp://www.mystartsearch.com/?type=hp&ts=14164 ... NKRJ5NKRJ5", "https://www.google.com/?trackid=sp-006"
CHR DefaultSearchKeyword: Default -> mystartsearch
CHR DefaultSearchURL: Default -> http://www.mystartsearch.com/web/?type= ... earchTerms}
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast Online Security) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-11-19]
CHR Extension: (TotalPlusHD-3.1V19.11) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb [2014-11-19]
CHR Extension: (Peněženka Google) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-25]
CHR Extension: (pdnfnkhpgegpcingjbfihlkjeighnddk) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnfnkhpgegpcingjbfihlkjeighnddk [2014-11-24]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-08]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227456 2013-01-28] (Qualcomm Atheros Commnucations)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-08] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-01-08] (Avast Software)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-20] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2013-10-09] (Dritek System INC.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [490640 2014-11-19] (Fuyu LIMITED)
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-08] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-01-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-08] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-08] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-08] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-08] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-08] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-08] ()
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-28] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-08-14] (Disc Soft Ltd)
S3 MarvinBus; C:\Windows\System32\drivers\MarvinBus64.sys [261120 2005-09-23] (Pinnacle Systems GmbH) [File not signed]
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-10-09] (Dritek System Inc.)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-01-08] (Avast Software)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52080 2013-10-10] (Cisco Systems, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-12 22:11 - 2015-01-12 22:13 - 00000000 ____D () C:\FRST
2015-01-12 22:11 - 2015-01-12 22:11 - 00000000 ____D () C:\rsit
2015-01-12 21:44 - 2015-01-12 22:11 - 00000000 ____D () C:\Program Files\trend micro
2015-01-08 23:14 - 2015-01-08 23:14 - 00000039 _____ () C:\Users\Radek\Desktop\masti.txt
2015-01-08 13:40 - 2015-01-08 13:40 - 00000247 _____ () C:\WINDOWS\system32\2015-01-08-12-40-37.095-aswFe.exe-5248.log
2015-01-08 13:31 - 2015-01-08 13:40 - 00000247 _____ () C:\WINDOWS\system32\2015-01-08-12-31-25.055-aswFe.exe-6120.log
2015-01-08 13:31 - 2015-01-08 13:31 - 00000197 _____ () C:\WINDOWS\system32\2015-01-08-12-31-20.022-AvastVBoxSVC.exe-6044.log
2015-01-08 13:14 - 2015-01-08 13:14 - 00000000 ____D () C:\WINDOWS\SysWOW64\vbox
2015-01-08 13:14 - 2015-01-08 13:14 - 00000000 ____D () C:\WINDOWS\system32\vbox
2015-01-08 13:06 - 2015-01-08 13:06 - 00001944 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-01-08 13:06 - 2015-01-08 13:05 - 00364512 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-01-08 13:05 - 2015-01-08 13:05 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-01-07 13:33 - 2015-01-07 13:33 - 00000027 _____ () C:\Users\Radek\saga_gui.ini
2014-12-28 13:22 - 2014-12-28 13:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-12-28 13:21 - 2014-12-28 13:22 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-12-28 13:21 - 2014-12-28 13:21 - 00003886 _____ () C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2014-12-25 01:31 - 2014-12-28 13:22 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-12-25 01:31 - 2014-12-28 13:21 - 00000000 ____D () C:\Program Files (x86)\McAfee Security Scan
2014-12-18 20:18 - 2014-12-18 20:18 - 00001444 _____ () C:\Users\Radek\Desktop\hotov_grid.sbn
2014-12-18 20:18 - 2014-12-18 20:18 - 00000948 _____ () C:\Users\Radek\Desktop\hotov.sbn
2014-12-18 20:18 - 2014-12-18 20:18 - 00000212 _____ () C:\Users\Radek\Desktop\hotov.sbx
2014-12-18 20:18 - 2014-12-18 20:18 - 00000132 _____ () C:\Users\Radek\Desktop\hotov_grid.sbx
2014-12-18 13:25 - 2014-12-18 13:25 - 00204316 _____ () C:\Users\Radek\Desktop\hotov_grid.shp
2014-12-18 13:25 - 2014-12-18 13:25 - 00002803 _____ () C:\Users\Radek\Desktop\hotov_grid.dbf
2014-12-18 13:25 - 2014-12-18 13:25 - 00001388 _____ () C:\Users\Radek\Desktop\hotov_grid.shx
2014-12-18 13:24 - 2014-12-18 13:24 - 12464716 _____ () C:\Users\Radek\Desktop\hotov.shp
2014-12-18 13:24 - 2014-12-18 13:24 - 00075984 _____ () C:\Users\Radek\Desktop\hotov.dbf
2014-12-18 13:24 - 2014-12-18 13:24 - 00000716 _____ () C:\Users\Radek\Desktop\hotov.shx
2014-12-18 13:02 - 2014-12-18 13:02 - 00629851 _____ () C:\Users\Radek\Desktop\km.pptx
2014-12-18 11:59 - 2014-12-18 11:59 - 12044076 _____ () C:\Users\Radek\Desktop\podil_vysteh_proc.shp
2014-12-18 11:59 - 2014-12-18 11:59 - 00047738 _____ () C:\Users\Radek\Desktop\podil_vysteh_proc.dbf
2014-12-18 11:59 - 2014-12-18 11:59 - 00039899 _____ () C:\Users\Radek\Desktop\podil_vysteh_proc.shp.xml
2014-12-18 11:59 - 2014-12-18 11:59 - 00000948 _____ () C:\Users\Radek\Desktop\podil_vysteh_proc.sbn
2014-12-18 11:59 - 2014-12-18 11:59 - 00000716 _____ () C:\Users\Radek\Desktop\podil_vysteh_proc.shx
2014-12-18 11:59 - 2014-12-18 11:59 - 00000573 _____ () C:\Users\Radek\Desktop\podil_vysteh_proc.prj
2014-12-18 11:59 - 2014-12-18 11:59 - 00000212 _____ () C:\Users\Radek\Desktop\podil_vysteh_proc.sbx
2014-12-18 11:36 - 2014-12-18 12:51 - 00629851 _____ () C:\Users\Radek\Desktop\Kreativní mapa.pptx
2014-12-18 10:20 - 2014-12-18 10:20 - 00000876 _____ () C:\Users\Radek\Desktop\vysledek.txt
2014-12-18 01:35 - 2014-12-18 01:35 - 00000000 __SHD () C:\Users\Radek\AppData\Local\EmieBrowserModeList
2014-12-17 00:15 - 2014-12-17 00:15 - 00000000 ____D () C:\Users\Radek\Desktop\ScapeToad-v11
2014-12-14 02:00 - 2014-12-14 02:00 - 00000000 ____D () C:\Users\Radek\AppData\Roaming\Stellarium
2014-12-14 02:00 - 2014-12-14 02:00 - 00000000 ____D () C:\Users\Radek\AppData\Local\stellarium
2014-12-14 01:54 - 2014-12-14 01:58 - 00001696 _____ () C:\Users\Public\Desktop\Stellarium.lnk
2014-12-14 01:54 - 2014-12-14 01:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellarium
2014-12-14 01:54 - 2014-12-14 01:58 - 00000000 ____D () C:\Program Files\Stellarium

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-12 22:13 - 2014-01-07 03:59 - 00000000 ____D () C:\Programy
2015-01-12 22:04 - 2014-11-11 21:04 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-12 22:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-12 21:55 - 2014-01-06 22:02 - 04747776 ___SH () C:\Users\Radek\Desktop\Thumbs.db
2015-01-12 21:54 - 2014-11-12 23:49 - 00000972 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-12 21:54 - 2014-11-06 13:26 - 00000000 ____D () C:\Users\Radek\AppData\Roaming\inkscape
2015-01-12 21:54 - 2014-08-14 21:26 - 00000000 ____D () C:\Users\Radek\AppData\Roaming\DAEMON Tools Lite
2015-01-12 21:53 - 2014-03-12 09:04 - 00000000 ____D () C:\WINDOWS\Minidump
2015-01-12 21:44 - 2014-11-19 20:44 - 00005530 _____ () C:\WINDOWS\Tasks\13a2e05a-e330-433c-9cf4-62c08fe08ae2-6.job
2015-01-12 20:46 - 2014-11-19 20:46 - 00002458 _____ () C:\WINDOWS\Tasks\13a2e05a-e330-433c-9cf4-62c08fe08ae2-5_user.job
2015-01-12 20:46 - 2014-11-19 20:46 - 00002458 _____ () C:\WINDOWS\Tasks\13a2e05a-e330-433c-9cf4-62c08fe08ae2-5.job
2015-01-12 20:45 - 2014-11-19 20:45 - 00003478 _____ () C:\WINDOWS\Tasks\13a2e05a-e330-433c-9cf4-62c08fe08ae2-1.job
2015-01-12 20:44 - 2014-11-19 20:44 - 00005194 _____ () C:\WINDOWS\Tasks\13a2e05a-e330-433c-9cf4-62c08fe08ae2-7.job
2015-01-12 20:43 - 2014-11-19 20:43 - 00005196 _____ () C:\WINDOWS\Tasks\13a2e05a-e330-433c-9cf4-62c08fe08ae2-11.job
2015-01-12 20:43 - 2014-11-19 20:43 - 00004506 _____ () C:\WINDOWS\Tasks\13a2e05a-e330-433c-9cf4-62c08fe08ae2-3.job
2015-01-12 20:43 - 2014-11-19 20:43 - 00000660 _____ () C:\WINDOWS\Tasks\9c0e5e03-d7fd-4878-8fce-638dcb008680.job
2015-01-12 20:24 - 2014-03-02 17:45 - 00003958 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C14F67F8-2F2F-47EE-AE71-94F39D10661E}
2015-01-12 14:54 - 2014-03-04 16:45 - 00000000 ____D () C:\Users\Radek\AppData\Local\Deployment
2015-01-12 13:37 - 2014-11-12 23:49 - 00000968 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-12 13:34 - 2014-04-11 11:35 - 00000000 ___RD () C:\Users\Radek\OneDrive
2015-01-11 13:16 - 2014-01-06 15:52 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2255875871-1199464176-1346690243-1002
2015-01-11 12:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-11 11:59 - 2014-01-06 14:40 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-01-09 23:44 - 2014-01-13 23:04 - 00000000 ____D () C:\Hudba
2015-01-09 08:10 - 2014-05-15 19:55 - 01771646 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-09 08:10 - 2013-11-14 13:24 - 00748236 _____ () C:\WINDOWS\system32\perfh005.dat
2015-01-09 08:10 - 2013-11-14 13:24 - 00156200 _____ () C:\WINDOWS\system32\perfc005.dat
2015-01-09 08:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-01-08 13:08 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-08 13:07 - 2014-02-25 18:22 - 00000000 ____D () C:\Users\Radek
2015-01-08 13:07 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-08 13:06 - 2014-01-06 14:40 - 01050432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-01-08 13:06 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-01-08 13:05 - 2014-06-07 15:21 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-01-08 13:05 - 2014-01-07 21:23 - 00116728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2015-01-08 13:05 - 2014-01-06 14:40 - 00436624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-01-08 13:05 - 2014-01-06 14:40 - 00267632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-01-08 13:05 - 2014-01-06 14:40 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-01-08 13:05 - 2014-01-06 14:40 - 00083280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-01-08 13:05 - 2014-01-06 14:40 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-01-07 12:07 - 2014-01-24 13:59 - 00000000 ____D () C:\Users\Radek\AppData\Roaming\vlc
2015-01-05 01:24 - 2014-01-06 13:31 - 00000000 ____D () C:\Users\Radek\AppData\Roaming\uTorrent
2015-01-01 14:37 - 2014-02-18 12:20 - 00000000 ____D () C:\Filmy
2014-12-27 21:02 - 2014-01-25 20:23 - 00000000 ____D () C:\Users\Radek\AppData\Roaming\Audacity
2014-12-25 01:33 - 2014-08-25 21:55 - 00000000 ____D () C:\Users\Radek\AppData\Local\Adobe
2014-12-25 01:31 - 2014-01-06 13:50 - 00003802 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-12-24 12:26 - 2014-01-07 03:26 - 00000000 ____D () C:\Users\Radek\AppData\Roaming\Atheros
2014-12-23 22:16 - 2014-02-25 18:50 - 00000000 ____D () C:\Users\Radek\Documents\Bluetooth Folder
2014-12-21 17:09 - 2014-10-29 19:49 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-21 17:07 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-14 23:43 - 2014-01-10 13:26 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

Some content of TEMP:
====================
C:\Users\Radek\AppData\Local\Temp\lib1130884621844506281.dll
C:\Users\Radek\AppData\Local\Temp\lib1132505424713815522.dll
C:\Users\Radek\AppData\Local\Temp\lib1139089346439374122.dll
C:\Users\Radek\AppData\Local\Temp\lib1238978584687582781.dll
C:\Users\Radek\AppData\Local\Temp\lib1246027183584785498.dll
C:\Users\Radek\AppData\Local\Temp\lib1427618243480276040.dll
C:\Users\Radek\AppData\Local\Temp\lib1484102332777613835.dll
C:\Users\Radek\AppData\Local\Temp\lib1511467292330371542.dll
C:\Users\Radek\AppData\Local\Temp\lib1640357552214479004.dll
C:\Users\Radek\AppData\Local\Temp\lib1699379226146989023.dll
C:\Users\Radek\AppData\Local\Temp\lib1776971391688281363.dll
C:\Users\Radek\AppData\Local\Temp\lib1890103633541412537.dll
C:\Users\Radek\AppData\Local\Temp\lib2001661263406835888.dll
C:\Users\Radek\AppData\Local\Temp\lib2059058489163963496.dll
C:\Users\Radek\AppData\Local\Temp\lib21813235713397631.dll
C:\Users\Radek\AppData\Local\Temp\lib2194724630930835006.dll
C:\Users\Radek\AppData\Local\Temp\lib225960445479648678.dll
C:\Users\Radek\AppData\Local\Temp\lib2294808366953448243.dll
C:\Users\Radek\AppData\Local\Temp\lib2364843267521497049.dll
C:\Users\Radek\AppData\Local\Temp\lib2368551284951395232.dll
C:\Users\Radek\AppData\Local\Temp\lib2398149846849574976.dll
C:\Users\Radek\AppData\Local\Temp\lib2443293422029147912.dll
C:\Users\Radek\AppData\Local\Temp\lib2630907504629127816.dll
C:\Users\Radek\AppData\Local\Temp\lib2674348201196907358.dll
C:\Users\Radek\AppData\Local\Temp\lib2707359118607148058.dll
C:\Users\Radek\AppData\Local\Temp\lib2751789287169834275.dll
C:\Users\Radek\AppData\Local\Temp\lib2869260882270167100.dll
C:\Users\Radek\AppData\Local\Temp\lib2931454762739012777.dll
C:\Users\Radek\AppData\Local\Temp\lib3111861858143560850.dll
C:\Users\Radek\AppData\Local\Temp\lib3357046263547413032.dll
C:\Users\Radek\AppData\Local\Temp\lib3401168193256478327.dll
C:\Users\Radek\AppData\Local\Temp\lib3404350906281681713.dll
C:\Users\Radek\AppData\Local\Temp\lib342916077777002388.dll
C:\Users\Radek\AppData\Local\Temp\lib3448664047509116834.dll
C:\Users\Radek\AppData\Local\Temp\lib3472686405091759337.dll
C:\Users\Radek\AppData\Local\Temp\lib3606750240868410104.dll
C:\Users\Radek\AppData\Local\Temp\lib3678687816216826761.dll
C:\Users\Radek\AppData\Local\Temp\lib3730805045036453609.dll
C:\Users\Radek\AppData\Local\Temp\lib3791850332411837212.dll
C:\Users\Radek\AppData\Local\Temp\lib3834887251082495696.dll
C:\Users\Radek\AppData\Local\Temp\lib3926014776850414834.dll
C:\Users\Radek\AppData\Local\Temp\lib4102142012120497185.dll
C:\Users\Radek\AppData\Local\Temp\lib4120518272160856046.dll
C:\Users\Radek\AppData\Local\Temp\lib4162842770142184699.dll
C:\Users\Radek\AppData\Local\Temp\lib421128635191345215.dll
C:\Users\Radek\AppData\Local\Temp\lib4222569191281323047.dll
C:\Users\Radek\AppData\Local\Temp\lib4334774657495377236.dll
C:\Users\Radek\AppData\Local\Temp\lib4433612471146647322.dll
C:\Users\Radek\AppData\Local\Temp\lib4462464232397694486.dll
C:\Users\Radek\AppData\Local\Temp\lib453089556612643534.dll
C:\Users\Radek\AppData\Local\Temp\lib4580444606801523270.dll
C:\Users\Radek\AppData\Local\Temp\lib4624106997196823399.dll
C:\Users\Radek\AppData\Local\Temp\lib4642804967946516683.dll
C:\Users\Radek\AppData\Local\Temp\lib4645361476275990447.dll
C:\Users\Radek\AppData\Local\Temp\lib4781968662576175155.dll
C:\Users\Radek\AppData\Local\Temp\lib4873562842415658586.dll
C:\Users\Radek\AppData\Local\Temp\lib4960653248112095284.dll
C:\Users\Radek\AppData\Local\Temp\lib5095769429150932.dll
C:\Users\Radek\AppData\Local\Temp\lib5206197930492647870.dll
C:\Users\Radek\AppData\Local\Temp\lib5272968371466325171.dll
C:\Users\Radek\AppData\Local\Temp\lib5369522554528727634.dll
C:\Users\Radek\AppData\Local\Temp\lib5441896862538026298.dll
C:\Users\Radek\AppData\Local\Temp\lib5446136318800150220.dll
C:\Users\Radek\AppData\Local\Temp\lib5538855331993777416.dll
C:\Users\Radek\AppData\Local\Temp\lib5583299660752877612.dll
C:\Users\Radek\AppData\Local\Temp\lib5700804383546180068.dll
C:\Users\Radek\AppData\Local\Temp\lib5888217179006402978.dll
C:\Users\Radek\AppData\Local\Temp\lib600704204822109688.dll
C:\Users\Radek\AppData\Local\Temp\lib6023289842563016725.dll
C:\Users\Radek\AppData\Local\Temp\lib6045385251455088785.dll
C:\Users\Radek\AppData\Local\Temp\lib6047133121852315012.dll
C:\Users\Radek\AppData\Local\Temp\lib6140071492337992269.dll
C:\Users\Radek\AppData\Local\Temp\lib6202362784727441209.dll
C:\Users\Radek\AppData\Local\Temp\lib6205990776823047108.dll
C:\Users\Radek\AppData\Local\Temp\lib6252313703759470544.dll
C:\Users\Radek\AppData\Local\Temp\lib6321334071206067138.dll
C:\Users\Radek\AppData\Local\Temp\lib6338033483120595192.dll
C:\Users\Radek\AppData\Local\Temp\lib6433011377593441569.dll
C:\Users\Radek\AppData\Local\Temp\lib6497889948049773781.dll
C:\Users\Radek\AppData\Local\Temp\lib6508804002223309055.dll
C:\Users\Radek\AppData\Local\Temp\lib6598207672113524890.dll
C:\Users\Radek\AppData\Local\Temp\lib6643378507434958708.dll
C:\Users\Radek\AppData\Local\Temp\lib66581122730462620.dll
C:\Users\Radek\AppData\Local\Temp\lib6666376372137076755.dll
C:\Users\Radek\AppData\Local\Temp\lib6682672042353701609.dll
C:\Users\Radek\AppData\Local\Temp\lib6729929206294522409.dll
C:\Users\Radek\AppData\Local\Temp\lib6809722991082368468.dll
C:\Users\Radek\AppData\Local\Temp\lib693185723576455736.dll
C:\Users\Radek\AppData\Local\Temp\lib700189070951475017.dll
C:\Users\Radek\AppData\Local\Temp\lib7098070217266693999.dll
C:\Users\Radek\AppData\Local\Temp\lib7113507569518333564.dll
C:\Users\Radek\AppData\Local\Temp\lib7169643273131011941.dll
C:\Users\Radek\AppData\Local\Temp\lib7312175258985448537.dll
C:\Users\Radek\AppData\Local\Temp\lib7347197691935782998.dll
C:\Users\Radek\AppData\Local\Temp\lib7354129848340325294.dll
C:\Users\Radek\AppData\Local\Temp\lib7360039004022655720.dll
C:\Users\Radek\AppData\Local\Temp\lib7468644112167770977.dll
C:\Users\Radek\AppData\Local\Temp\lib7477756606412475095.dll
C:\Users\Radek\AppData\Local\Temp\lib7544118536061963714.dll
C:\Users\Radek\AppData\Local\Temp\lib7599669844717512678.dll
C:\Users\Radek\AppData\Local\Temp\lib7600785152117842159.dll
C:\Users\Radek\AppData\Local\Temp\lib7682838265464075846.dll
C:\Users\Radek\AppData\Local\Temp\lib8028686291716222750.dll
C:\Users\Radek\AppData\Local\Temp\lib8118768526405776151.dll
C:\Users\Radek\AppData\Local\Temp\lib8157178682832873286.dll
C:\Users\Radek\AppData\Local\Temp\lib8186000805082083320.dll
C:\Users\Radek\AppData\Local\Temp\lib8220977666487662402.dll
C:\Users\Radek\AppData\Local\Temp\lib8308994824978105756.dll
C:\Users\Radek\AppData\Local\Temp\lib8331410784288319489.dll
C:\Users\Radek\AppData\Local\Temp\lib8414664584398191736.dll
C:\Users\Radek\AppData\Local\Temp\lib8420381622652421017.dll
C:\Users\Radek\AppData\Local\Temp\lib8420594934637159879.dll
C:\Users\Radek\AppData\Local\Temp\lib8481568525097169663.dll
C:\Users\Radek\AppData\Local\Temp\lib8505479275590903961.dll
C:\Users\Radek\AppData\Local\Temp\lib852449747260317024.dll
C:\Users\Radek\AppData\Local\Temp\lib8576661266167521268.dll
C:\Users\Radek\AppData\Local\Temp\lib8730967167505132379.dll
C:\Users\Radek\AppData\Local\Temp\lib8741865926074208532.dll
C:\Users\Radek\AppData\Local\Temp\lib8756178751312449581.dll
C:\Users\Radek\AppData\Local\Temp\lib880613199300681236.dll
C:\Users\Radek\AppData\Local\Temp\lib8974045456886502173.dll
C:\Users\Radek\AppData\Local\Temp\lib8999000328240824065.dll
C:\Users\Radek\AppData\Local\Temp\lib9004529985823420513.dll
C:\Users\Radek\AppData\Local\Temp\lib9169885113482816998.dll
C:\Users\Radek\AppData\Local\Temp\vlc-2.1.5-win32.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-08 14:06

==================== End Of Log ============================

Dále jsem chtěl podotknout, že jsem chtěl poslat log z RSIT, ale hlásilo mi to chybu. Zkoušel jsem ho i smazat a znovu stáhnout, ale výsledek byl pořád stejný. PRINT SCREEN z chyby posílám do příloh.


Děkuji za pomoc.

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Po spusteni probehne stazeni databaze
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  resethosts;
  emptyclsid;
  IEdefaults;
  FFdefaults;
  CHRdefaults;
  emptyIEcache;
  emptyFFcache;
  emptyCHRcache;
  emptyalltemp;
  emptyflash;
  emptyjava;
  emptyrecycle.bin;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Log z AdwCleaneru:

# AdwCleaner v4.107 - Report created 13/01/2015 at 00:56:15
# Updated 07/01/2015 by Xplode
# Database : 2015-01-12.3 [Live]
# Operating System : Windows 8.1 Service Pack 1 (64 bits)
# Username : Radek - RADEK
# Running from : C:\Programy\adwcleaner_4.107.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : WindowsMangerProtect

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\SupTab
Folder Deleted : C:\Program Files (x86)\TotalPlusHD-3.1V19.11
Folder Deleted : C:\Users\Radek\AppData\Local\cool_mirage
Folder Deleted : C:\Users\Radek\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Radek\AppData\Local\PackageAware
Folder Deleted : C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb
Folder Deleted : C:\Users\Radek\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cdihkdldaicijakhchgojcokhpamkibi
Folder Deleted : C:\Users\Radek\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ljefoakgfhcoeobgicjgejglnpfpemgb
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\mystartsearch.xml
File Deleted : C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\85ha3ezc.default\searchplugins\yahoo_ff.xml
File Deleted : C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ljefoakgfhcoeobgicjgejglnpfpemgb_0.localstorage

***** [ Scheduled Tasks ] *****

Task Deleted : 13a2e05a-e330-433c-9cf4-62c08fe08ae2-1
Task Deleted : 13a2e05a-e330-433c-9cf4-62c08fe08ae2-11
Task Deleted : 13a2e05a-e330-433c-9cf4-62c08fe08ae2-3
Task Deleted : 13a2e05a-e330-433c-9cf4-62c08fe08ae2-5
Task Deleted : 13a2e05a-e330-433c-9cf4-62c08fe08ae2-5_user
Task Deleted : 13a2e05a-e330-433c-9cf4-62c08fe08ae2-6
Task Deleted : 13a2e05a-e330-433c-9cf4-62c08fe08ae2-7
Task Deleted : 9c0e5e03-d7fd-4878-8fce-638dcb008680

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Public\Desktop\Opera.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Radek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Radek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKCU\Software\Mozilla\Extends
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622322285}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644324485}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4d5b73b9-1433-4559-a0d7-83d3a6bc54ee}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ce478854-68d4-455c-95d2-9d060a43b238}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622322285}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4d5b73b9-1433-4559-a0d7-83d3a6bc54ee}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ce478854-68d4-455c-95d2-9d060a43b238}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\TotalPlusHD-3.1V19.11
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\mystartsearchSoftware
Key Deleted : HKLM\SOFTWARE\TotalPlusHD-3.1V19.11
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17416

Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v34.0.5 (x86 cs)

[85ha3ezc.default\prefs.js] - Line Deleted : user_pref("extensions.a6cfae8cc4676442fa78d9dcdfbd4ea874e76d4af1994bacom63285.63285.internaldb.__ICM_LITE__blacklist_domain.value", "%7B%22SLIDERS%22%3A%5B%226pm.com%22%2C%22amazon.co.uk%22%2C%22amazo[...]
[85ha3ezc.default\prefs.js] - Line Deleted : user_pref("extensions.a6cfae8cc4676442fa78d9dcdfbd4ea874e76d4af1994bacom63285.63285.internaldb.__ICM_LITE__fifty_test_rules.value", "%7B%22DE%22%3A%7B%22ALL%22%3A%5B%22anastasiadate.com%22%2C%22option[...]
[85ha3ezc.default\prefs.js] - Line Deleted : user_pref("extensions.a6cfae8cc4676442fa78d9dcdfbd4ea874e76d4af1994bacom63285.63285.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%[...]
[85ha3ezc.default\prefs.js] - Line Deleted : user_pref("extensions.crossrider.bic", "149ca06240bff9d900b12a6dab7080c1");
[85ha3ezc.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
[85ha3ezc.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);

-\\ Google Chrome v39.0.2171.95

[C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
[C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
[C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
[C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}

-\\ Comodo Dragon v

[C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
[C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
[C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
[C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}

*************************

AdwCleaner[R3].txt - [12372 octets] - [13/01/2015 00:50:16]
AdwCleaner[S1].txt - [12896 octets] - [13/01/2015 00:56:15]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [12957 octets] ##########




Log z ZOEK:


Zoek.exe v5.0.0.0 Updated 09-January-2015
Tool run by Radek on Łt 13. 01. 2015 at 2:17:19,55.
Microsoft Windows 8.1 6.3.9600 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Radek\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

13. 1. 2015 2:20:37 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\b4c4e031-88e3-4a1b-9959-080491bc883d deleted successfully
C:\PROGRA~2\Desktop Lighter deleted successfully
C:\PROGRA~2\Nokia deleted successfully
C:\PROGRA~2\Seznam.cz deleted successfully
C:\PROGRA~3\Nokia deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\Users\Radek\AppData\Roaming\Nokia Suite deleted successfully
C:\Users\Radek\AppData\Local\CrashDumps deleted successfully
C:\Users\Radek\AppData\Local\GameSpy deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\SearchScopes\{F4C995CC-29D3-49A6-9C11-46F6A83392CB} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11685EBC-2135-43E5-89C0-16E99332DE} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{13376FAA-7016-4846-BE85-F4A812CD556} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{14F9992-F274-462D-93D5-5BA1B19A45F1} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{161CDE28-4183-4600-A60-3F2BF71F3D11} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1AED0F7B-42B2-434B-83F9-6849CFD9B54} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1BDFFEF8-CBF-4FC1-9DC-89797CB17AC3} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1BFF04C5-879E-426A-B1C4-8C21459FB119} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1D82D72A-C802-4290-B175-FD7BCCC161DE} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1DED5A9B-E7A2-4705-8FD6-AE4296D3876} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{205FB0EE-7888-4A18-A9ED-28397E94B0FD} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{215DFB96-2196-44DD-9660-FE301870674} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2279A4FC-295C-4B38-91A8-D6767C4CFCEF} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{22D8D85A-BF9F-46EC-92A0-A6F3C6D23291} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{23A07BF2-23C9-4680-9DCA-4DF1BBC8D9EA} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{23D0EEBE-84DD-4888-BBBC-E138C040C419} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{25A22C99-1D64-428B-B191-2093A8ECDFEE} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29B224DA-B49E-4FE1-BD1-AA8E9C64ABD8} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2ABE4796-293B-40D1-B427-2C585C7790E3} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2AF5B52D-4B70-422A-8540-BC4D1D15CCAC} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2ECDC6F6-DBED-412C-9A7-F6EF9DC4B996} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2F2E0D3F-A999-4820-B858-BC5C5D7FAB3B} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3299999F-D592-4574-B09A-E38847169527} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{35790866-85FA-40AC-9C10-21D8924D2736} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{358BF36D-8274-41C8-863A-E593C8FA65E5} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{35B1D080-6482-4C1D-8EB2-76C67624F299} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{35CE30A-3A7D-4F68-987F-E6C61124DA42} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{36210368-114A-459C-A423-5336B97125E} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37041AA8-6CDE-4A1E-B831-2A6A874C73B6} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3809A3FB-ABED-4E5E-8A17-C0579FDD7C} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3AA1C6AF-4D3D-4761-B731-8761DE89ED4E} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3AFB161-4948-421D-A429-0F946DCDC60} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3B681F85-A0B4-4944-83BD-D54188666B7C} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3BE57E04-CE45-4F78-B08-71E7AD9A564} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{425DE298-EB88-4ED2-99B9-77363D99613} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4266D09A-3ADD-469A-8934-A64BDB5123FA} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4282C860-761C-4BE8-9745-D5796E66731} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{45C57DFF-5DC0-4D64-A9B3-DFAC34C07563} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{468223C-C258-4123-8393-7D817C70FE3} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49EAB116-42B0-4EDB-AA6F-1AFFB45B224A} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4d5b73b9-1433-4559-a0d7-83d3a6bc54ee} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4E4A0C86-CF93-489E-A046-95BEBD6190C} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4E5A8793-CF89-41C7-961E-BF48A1BE968} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FD84697-D369-40C2-86DE-CFFFE68AED0} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{50264DC0-9E9B-479B-B416-E7BCF17B6352} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{508D0AF6-9CB4-44DD-9EA8-E9B886EF11C6} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{50BDBB82-7504-4807-BA3F-1083A166A37} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{50C941B-6828-4E9D-8162-2CF47755D9B0} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{537CD92F-603A-46F7-BC13-66F6B3348CD7} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{54365D0B-D972-4C08-B1DC-D9FD8F78913B} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5635DA93-6AC4-49E7-9545-85C7B1734841} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{569C5D4B-F757-4B58-8859-52CCD1B5652F} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{56B5D242-620D-4EB9-983-1FF5B2152FAC} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{57B48D1F-A20D-4142-A4A4-A0A8C8C03736} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{57BBD662-19E-4317-84FC-59DFA1E616F4} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{595107B2-A210-4972-9C32-86C68FA0F081} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5D98FCA-9EFB-4DE5-B460-2490C1F8B55} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5EA8848B-B038-4ED3-8C5B-B187E375F2BD} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AA363-7F65-4D24-8CEE-B21F3029FBA9} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{63EBA20C-89B1-4371-808D-9C778907276} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{641ED58D-3040-411D-8655-5FCBE52981E3} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6604E924-9AF7-4EF8-96D3-72EEE4767D3} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{699DAB4-A898-4AA3-B192-D19CC5A9E6FF} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6B2D8411-CFFF-4327-A042-32FB94C924DA} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6F36CA2C-5005-430D-99BD-AAE1453A566} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70BEA17B-32A6-4D33-B531-82D910EB5CD5} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{71C6B3BE-6A23-4003-A6CE-5E23F0CC487} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7216B3A1-622B-40BD-876F-C66E895F15C3} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74270529-9751-4610-82C9-2A1E3313C412} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{748CD16C-87CE-4843-B8DF-1A8BC0E467D8} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{76D08FA-F5B2-480D-809B-592F4EC473E} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{77472024-8DB2-4CA7-A38B-5BEE2437DBAA} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{77D5C88A-EFEC-42B6-91BC-103EF5E69744} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{791DBA83-FD1E-47D4-98EF-21193BC1B1} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7CC44CE0-600C-4292-8436-3EE3FB7AF394} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7D38D721-8D83-4F18-8444-E4C6D8961777} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80FC4EE2-7E15-4FEC-9D50-EC7BA055535} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8586C052-D368-4F04-978A-A73F8B58547} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{858E1EC5-17E2-4F9A-A6E4-CBD010EB437D} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85CFE13E-953-4B6E-81A9-7F313C41A8E} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87CF81B8-8673-4C93-98FA-CC6721F8850} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{891FB0A1-F202-40C4-9BBE-73F54F1E2D2} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8A2A6A0D-FD3E-4C53-A4BA-B53FF1F88AB} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8A6C217E-B08E-4508-A17F-332BE77C1972} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8B64C3EB-53DD-4254-9F1D-43D0192DD038} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E4EB18E-AB38-40CF-BBCE-A17E1D22F48} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E8FAD94-DC53-4668-A5E8-1EC9CEBFD4C1} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{92EFE127-900B-4AB6-9163-B1117968FFAA} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{932D1B02-2538-4BA7-823-7119FE3F731} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{96103AD2-BAE2-4A8E-B989-CFA8CEFDD975} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9A508F0E-CEA1-4977-929E-F110197F183A} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9B0F07A2-17D6-439B-BABB-B83D40369CD} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9BB0E88F-7467-4A88-99D3-EDAA4A673EF4} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CD0DEAE-6B2B-41F2-97E6-45B4C7AC7FB} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9D1859C2-A9D-41D8-B92-EB66237E91B} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A0C59AA-6B1B-48B3-9B83-41AF904EC0D9} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A324E450-1EEE-4566-B520-C786C38642CB} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A4871D06-44FD-4357-9FE5-6E43D636105B} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5B2A596-7FC0-4333-B539-3FD97A463A4} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5D8B6F8-EC5D-4090-BAC9-414778D8C98} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A795519-16DF-42E0-9DCE-2057A9FC2178} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A7987D6A-4588-4776-BE42-76FBF8ECE20} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A79EFF54-1680-4B76-BC96-EC2893F44A5B} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A8BB533F-83BF-4902-AA28-8D712AF3F1} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AA7A15B3-69C2-49EE-999E-ECFB9293C457} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AB1628A6-CA5F-4839-817E-6DF5E414CCAB} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD05F768-205A-4395-9BD7-915EF73D6A28} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFA6229F-99BA-4ABE-8867-BC6AC5669B5} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B03B684D-4123-4732-8519-FA642E60E87} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B1941363-6AD2-4C65-89A0-5BDC6D792C7} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B213C412-81AC-4FB9-BF67-1FE7F1D0F8FE} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B27A799C-B7E4-47FA-83FD-69436A9C0BE} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2D9D241-944D-453B-82AE-5CF7A42F42B7} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B30CAB2F-3EE5-44EC-B310-1A381E42818D} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B4B2D88F-A7B3-4E09-A42D-B727AABCD28A} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B5100359-6C89-48CF-87FA-EFB99AFFDA9} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B63C3A9D-6E14-41FC-9B2A-CA8BF2CF7285} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B661E5A4-C03F-4C41-A6C9-188D36E9A76} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B693BAAB-5145-4B4B-8FE8-66C647FEB0D7} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B6ED4FCB-5DFC-4CE3-AA8E-AC5D4536469} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B97EF524-7983-442D-94E3-F5E13280} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAE0FD3-A595-437E-8CA3-DE26CE7C162} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BB98EAE-1D77-48F7-ABA2-82AA63BC295} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BC579D5F-93DA-470D-9DAA-8C5629D5BA50} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BE73A521-289-417D-8660-D7613EF8B5A5} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BE789B-8567-4A09-A3BC-721A6C67107B} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BF00659E-FDD9-49B1-B52B-F664A575AE46} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C31603A9-16B4-463E-8B72-74392544205} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C435F805-3F68-4FE6-B15-D7681AA584F1} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C696A073-D136-4E7C-B8D-B3B5AF3DBC6B} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C6BFFD7B-5492-4F02-B010-974C45BACD23} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8D95F1E-E8B5-474D-A493-6AC04FC685B2} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C968C9C7-D0C6-4717-A839-9484614340} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C9EE4239-591E-4D99-BE59-5BD6527E707F} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CA2CE165-9879-47D9-8389-E09A7445CA41} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CC8946E8-23C4-409A-8A30-4DCB287BC532} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CD5CD9F-C5AB-490B-843F-E895604BB163} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ce478854-68d4-455c-95d2-9d060a43b238} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CF8FFC17-F930-4FA0-971C-E5653D2F775A} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D0A862-68A6-4B8A-8AB7-82B6E2599657} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D0B65556-B9DD-4705-95EC-8EEEBCCBB9B} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D30CC8FB-FD87-477D-A88-79CF5E1763CD} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D3B5177D-BBB-483C-AFDD-9AEB7C97B436} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D3D9D00F-12D1-4E71-A2DB-B3C2B1BF56B4} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D46F481B-139E-4ECB-BA57-FD90AFBF87E} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D5ABE177-E672-440D-BA4C-1FEC59B3A56D} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D87477FE-E123-45C1-AB25-A053F728F365} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D8A81930-44B2-4CA9-8EAB-D9993649417} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DAA35E4C-4A8D-4FE5-96CA-9DD932A8DA13} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E2DA0C77-481-484D-871A-E8695FE9A6E} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E2F50BA2-B876-4A1F-9BEE-A941E4C3AEDF} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E778CA06-CFB0-4089-95C1-548355601B6A} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EA8E8BBE-2F09-4696-ADBD-4624E2C822B} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EBBB3A13-BB51-41A0-883-CE934CA8CDC3} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EDF9134C-2933-427A-AB6B-67F2D4EBFDC} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EFE0C3BC-61FB-4CCC-8989-14F312126158} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F099B1BE-8F2A-4FD2-8D31-8722F047FD9} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F1A1C8A9-A3E7-4466-A3CB-CC9D1A10C385} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F2CBC1B4-9790-48DB-9AAD-4318B51ACB5D} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F41F7854-8226-4E03-A814-7BFDC4DB46C} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F8BC582D-4E30-4CE7-8C80-71681CFF5BF8} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9DB29C1-6191-4189-A292-9EB3F8A7DAA7} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FA0B04D1-F283-472C-AC85-8FD9D6502F57} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FA81100-39A8-4D01-A996-FE587F67864} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FDFCDDD8-84BE-4E6D-AFA9-AF4350728A87} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE1D1B27-5D5D-4F33-991B-337FB9618AF} deleted successfully
HKEY_USERS\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFBBF8DA-E77A-4BCF-9C14-78DADB04FB8} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611321185} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611321185} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\85ha3ezc.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.google.com/");
user_pref("browser.search.defaulturl", "https://www.google.com/search");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "https://www.google.com/search");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\85ha3ezc.default\prefs.js:

ProfilePath: C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\85ha3ezc.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_201513.01._1112_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Opera\shell\open\command]
@="C:\\Program Files\\Opera x64\\Opera.exe"

==== Deleting Files \ Folders ======================

C:\Users\Radek\AppData\Local\9005 deleted
C:\PROGRA~2\Pro Evolution Soccer 2015 deleted
C:\PROGRA~3\Package Cache deleted
C:\WINDOWS\SysNative\config\systemprofile\Searches deleted
C:\Users\Radek\Desktop\iLividSetup-r484-n-bf.exe deleted
C:\Users\Radek\AppData\Roaming\PMWABXQ.exe deleted
C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\85ha3ezc.default\extensions\6cfae8cc4676442fa78d9dcdf@bd4ea874e76d4af1994ba.com deleted
"C:\Users\Radek\AppData\Roaming\VKTWNT" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [08. 01. 2015 13:05]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\85ha3ezc.default
- Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
- Undetermined - wrc@avast.com
- Undetermined - 6cfae8cc4676442fa78d9dcdf@bd4ea874e76d4af1994ba.com
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\85ha3ezc.default
424899266BA430CCE5DDB6C1B4BE1B99 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll - Shockwave Flash


==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Administrator\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\ASPNET\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\ASPNET\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\ASPNET\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\Guest\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\Guest\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Guest\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\Radek\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Radek\AppData\Local\Comodo\Dragon deleted

==== Chromium Look ======================

Google Chrome Version: 39.0.2171.95 (Up to date, latest Stable version: 39.0.2171.95)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[08. 01. 2015 13:05]

Avast Online Security - Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
pdnfnkhpgegpcingjbfihlkjeighnddk - Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnfnkhpgegpcingjbfihlkjeighnddk

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/?trackid=sp-006"
"Search Page"="https://www.google.com/search?q={searchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/?trackid=sp-006"
"Search Page"="https://www.google.com/search?q={searchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/?trackid=sp-006"
"Search Page"="https://www.google.com/search?q={searchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{56F4771B-3762-4650-8E5B-E1AA508098B8} Bing Url="http://www.bing.com/search?q={searchTer ... &pc=MAARJS"
{EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} Google Url="https://www.google.com/search?q={searchTerms}"

==== Reset Google Chrome ======================

C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Radek\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Radek\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Radek\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Radek\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Radek\AppData\Local\Mozilla\Firefox\Profiles\85ha3ezc.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=488 folders=211 9209482134 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Radek\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Radek\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on Łt 13. 01. 2015 at 11:31:15,97 ======================

Poprosim o novy log z FRST

FRST:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-01-2015 02
Ran by Radek (administrator) on RADEK on 13-01-2015 12:05:37
Running from C:\Programy
Loaded Profile: Radek (Available profiles: Radek)
Platform: Windows 8.1 Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13267016 2013-01-29] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1276488 2013-01-18] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-09] (AVAST Software)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707496 2014-08-15] (Cisco Systems, Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-01-28] ( (Qualcomm Atheros Commnucations))
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2255875871-1199464176-1346690243-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2255875871-1199464176-1346690243-1002\...\MountPoints2: {2200ecc2-23a7-11e4-beb9-a4db303d954e} - "E:\Welcome\Welcome.exe"
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2255875871-1199464176-1346690243-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2255875871-1199464176-1346690243-1002 -> {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = https://www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\85ha3ezc.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\85ha3ezc.default\searchplugins\google-avast.xml
FF Extension: Adblock Plus - C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\85ha3ezc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-27]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-06]

Chrome:
=======
CHR Profile: C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast Online Security) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-11-19]
CHR Extension: (Peněženka Google) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-25]
CHR Extension: (pdnfnkhpgegpcingjbfihlkjeighnddk) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnfnkhpgegpcingjbfihlkjeighnddk [2014-11-24]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-08]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227456 2013-01-28] (Qualcomm Atheros Commnucations)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-08] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-01-08] (Avast Software)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-20] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2013-10-09] (Dritek System INC.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-08] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-01-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-08] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-08] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-08] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-08] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-08] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-08] ()
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-28] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-08-14] (Disc Soft Ltd)
S3 MarvinBus; C:\Windows\System32\drivers\MarvinBus64.sys [261120 2005-09-23] (Pinnacle Systems GmbH) [File not signed]
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-10-09] (Dritek System Inc.)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-01-08] (Avast Software)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52080 2013-10-10] (Cisco Systems, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-13 11:31 - 2015-01-13 11:33 - 00000197 _____ () C:\WINDOWS\system32\2015-01-13-10-31-55.080-AvastVBoxSVC.exe-1620.log
2015-01-13 11:27 - 2015-01-13 02:17 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2015-01-13 02:19 - 2015-01-13 11:31 - 00042280 _____ () C:\zoek-results.log
2015-01-13 02:11 - 2015-01-13 02:11 - 00000247 _____ () C:\WINDOWS\system32\2015-01-13-01-11-53.025-aswFe.exe-10812.log
2015-01-13 01:59 - 2015-01-13 02:11 - 00000247 _____ () C:\WINDOWS\system32\2015-01-13-00-59-21.054-aswFe.exe-10528.log
2015-01-13 01:59 - 2015-01-13 01:59 - 00000197 _____ () C:\WINDOWS\system32\2015-01-13-00-59-13.090-AvastVBoxSVC.exe-3792.log
2015-01-13 01:27 - 2015-01-13 11:17 - 00000000 ____D () C:\zoek_backup
2015-01-13 00:58 - 2015-01-13 11:28 - 00001642 _____ () C:\WINDOWS\PFRO.log
2015-01-13 00:49 - 2015-01-13 01:20 - 00000000 ____D () C:\AdwCleaner
2015-01-13 00:48 - 2015-01-13 00:49 - 01295360 _____ () C:\Users\Radek\Desktop\zoek.exe
2015-01-12 22:39 - 2015-01-12 22:39 - 00010040 _____ () C:\Users\Radek\Desktop\Addition.zip
2015-01-12 22:37 - 2015-01-12 22:37 - 00037292 _____ () C:\Users\Radek\Desktop\Addition.txt
2015-01-12 22:25 - 2015-01-13 11:17 - 00085245 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-12 22:11 - 2015-01-13 12:05 - 00000000 ____D () C:\FRST
2015-01-12 22:11 - 2015-01-12 22:11 - 00000000 ____D () C:\rsit
2015-01-12 21:44 - 2015-01-12 22:42 - 00000000 ____D () C:\Program Files\trend micro
2015-01-08 23:14 - 2015-01-08 23:14 - 00000039 _____ () C:\Users\Radek\Desktop\masti.txt
2015-01-08 13:40 - 2015-01-08 13:40 - 00000247 _____ () C:\WINDOWS\system32\2015-01-08-12-40-37.095-aswFe.exe-5248.log
2015-01-08 13:31 - 2015-01-08 13:40 - 00000247 _____ () C:\WINDOWS\system32\2015-01-08-12-31-25.055-aswFe.exe-6120.log
2015-01-08 13:31 - 2015-01-08 13:31 - 00000197 _____ () C:\WINDOWS\system32\2015-01-08-12-31-20.022-AvastVBoxSVC.exe-6044.log
2015-01-08 13:14 - 2015-01-08 13:14 - 00000000 ____D () C:\WINDOWS\SysWOW64\vbox
2015-01-08 13:14 - 2015-01-08 13:14 - 00000000 ____D () C:\WINDOWS\system32\vbox
2015-01-08 13:06 - 2015-01-08 13:06 - 00001944 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-01-08 13:06 - 2015-01-08 13:05 - 00364512 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-01-08 13:05 - 2015-01-08 13:05 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-01-07 13:33 - 2015-01-07 13:33 - 00000027 _____ () C:\Users\Radek\saga_gui.ini
2014-12-28 13:21 - 2014-12-28 13:21 - 00003886 _____ () C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2014-12-25 01:31 - 2014-12-28 13:21 - 00000000 ____D () C:\Program Files (x86)\McAfee Security Scan
2014-12-18 20:18 - 2014-12-18 20:18 - 00001444 _____ () C:\Users\Radek\Desktop\hotov_grid.sbn
2014-12-18 20:18 - 2014-12-18 20:18 - 00000948 _____ () C:\Users\Radek\Desktop\hotov.sbn
2014-12-18 20:18 - 2014-12-18 20:18 - 00000212 _____ () C:\Users\Radek\Desktop\hotov.sbx
2014-12-18 20:18 - 2014-12-18 20:18 - 00000132 _____ () C:\Users\Radek\Desktop\hotov_grid.sbx
2014-12-18 13:25 - 2014-12-18 13:25 - 00204316 _____ () C:\Users\Radek\Desktop\hotov_grid.shp
2014-12-18 13:25 - 2014-12-18 13:25 - 00002803 _____ () C:\Users\Radek\Desktop\hotov_grid.dbf
2014-12-18 13:25 - 2014-12-18 13:25 - 00001388 _____ () C:\Users\Radek\Desktop\hotov_grid.shx
2014-12-18 13:24 - 2014-12-18 13:24 - 12464716 _____ () C:\Users\Radek\Desktop\hotov.shp
2014-12-18 13:24 - 2014-12-18 13:24 - 00075984 _____ () C:\Users\Radek\Desktop\hotov.dbf
2014-12-18 13:24 - 2014-12-18 13:24 - 00000716 _____ () C:\Users\Radek\Desktop\hotov.shx
2014-12-18 13:02 - 2014-12-18 13:02 - 00629851 _____ () C:\Users\Radek\Desktop\km.pptx
2014-12-18 11:59 - 2014-12-18 11:59 - 12044076 _____ () C:\Users\Radek\Desktop\podil_vysteh_proc.shp
2014-12-18 11:59 - 2014-12-18 11:59 - 00047738 _____ () C:\Users\Radek\Desktop\podil_vysteh_proc.dbf
2014-12-18 11:59 - 2014-12-18 11:59 - 00039899 _____ () C:\Users\Radek\Desktop\podil_vysteh_proc.shp.xml
2014-12-18 11:59 - 2014-12-18 11:59 - 00000948 _____ () C:\Users\Radek\Desktop\podil_vysteh_proc.sbn
2014-12-18 11:59 - 2014-12-18 11:59 - 00000716 _____ () C:\Users\Radek\Desktop\podil_vysteh_proc.shx
2014-12-18 11:59 - 2014-12-18 11:59 - 00000573 _____ () C:\Users\Radek\Desktop\podil_vysteh_proc.prj
2014-12-18 11:59 - 2014-12-18 11:59 - 00000212 _____ () C:\Users\Radek\Desktop\podil_vysteh_proc.sbx
2014-12-18 11:36 - 2014-12-18 12:51 - 00629851 _____ () C:\Users\Radek\Desktop\Kreativní mapa.pptx
2014-12-18 10:20 - 2014-12-18 10:20 - 00000876 _____ () C:\Users\Radek\Desktop\vysledek.txt
2014-12-18 01:35 - 2014-12-18 01:35 - 00000000 __SHD () C:\Users\Radek\AppData\Local\EmieBrowserModeList
2014-12-17 00:15 - 2014-12-17 00:15 - 00000000 ____D () C:\Users\Radek\Desktop\ScapeToad-v11
2014-12-14 02:00 - 2014-12-14 02:00 - 00000000 ____D () C:\Users\Radek\AppData\Roaming\Stellarium
2014-12-14 02:00 - 2014-12-14 02:00 - 00000000 ____D () C:\Users\Radek\AppData\Local\stellarium
2014-12-14 01:54 - 2014-12-14 01:58 - 00001696 _____ () C:\Users\Public\Desktop\Stellarium.lnk
2014-12-14 01:54 - 2014-12-14 01:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellarium
2014-12-14 01:54 - 2014-12-14 01:58 - 00000000 ____D () C:\Program Files\Stellarium

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-13 12:05 - 2014-01-07 03:59 - 00000000 ____D () C:\Programy
2015-01-13 12:04 - 2014-11-11 21:04 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-13 12:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-13 11:54 - 2014-11-12 23:49 - 00000972 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-13 11:36 - 2014-01-06 15:52 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2255875871-1199464176-1346690243-1002
2015-01-13 11:32 - 2014-04-11 11:35 - 00000000 ___RD () C:\Users\Radek\OneDrive
2015-01-13 11:32 - 2014-01-06 14:40 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-01-13 11:29 - 2014-11-12 23:49 - 00000968 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-13 11:28 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-13 11:20 - 2014-04-11 13:43 - 00000000 ____D () C:\Users\Radek\AppData\Local\Comodo
2015-01-13 11:20 - 2014-04-11 13:43 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2015-01-13 11:20 - 2014-04-11 13:43 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2015-01-13 11:20 - 2014-04-11 13:43 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2015-01-13 11:20 - 2014-04-11 13:43 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2015-01-13 11:20 - 2014-04-11 13:43 - 00000000 ____D () C:\Users\ASPNET\AppData\Local\Google
2015-01-13 11:20 - 2014-04-11 13:43 - 00000000 ____D () C:\Users\ASPNET\AppData\Local\Comodo
2015-01-13 11:20 - 2014-04-11 13:43 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2015-01-13 11:20 - 2014-04-11 13:43 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2015-01-13 11:20 - 2014-01-21 02:22 - 00000000 ____D () C:\Users\Radek\AppData\Local\Google
2015-01-13 10:59 - 2014-03-02 17:45 - 00003958 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C14F67F8-2F2F-47EE-AE71-94F39D10661E}
2015-01-13 02:10 - 2014-01-06 22:02 - 04752896 ___SH () C:\Users\Radek\Desktop\Thumbs.db
2015-01-13 00:57 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-13 00:56 - 2014-02-25 11:31 - 00001314 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-13 00:56 - 2014-02-25 11:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-13 00:56 - 2014-01-08 00:38 - 00000788 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-01-13 00:56 - 2014-01-08 00:38 - 00000776 _____ () C:\Users\Public\Desktop\Opera.lnk
2015-01-12 21:54 - 2014-11-06 13:26 - 00000000 ____D () C:\Users\Radek\AppData\Roaming\inkscape
2015-01-12 21:54 - 2014-08-14 21:26 - 00000000 ____D () C:\Users\Radek\AppData\Roaming\DAEMON Tools Lite
2015-01-12 21:53 - 2014-03-12 09:04 - 00000000 ____D () C:\WINDOWS\Minidump
2015-01-12 14:54 - 2014-03-04 16:45 - 00000000 ____D () C:\Users\Radek\AppData\Local\Deployment
2015-01-11 12:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-09 23:44 - 2014-01-13 23:04 - 00000000 ____D () C:\Hudba
2015-01-09 08:10 - 2014-05-15 19:55 - 01771646 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-09 08:10 - 2013-11-14 13:24 - 00748236 _____ () C:\WINDOWS\system32\perfh005.dat
2015-01-09 08:10 - 2013-11-14 13:24 - 00156200 _____ () C:\WINDOWS\system32\perfc005.dat
2015-01-09 08:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-01-08 13:07 - 2014-02-25 18:22 - 00000000 ____D () C:\Users\Radek
2015-01-08 13:06 - 2014-01-06 14:40 - 01050432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-01-08 13:06 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-01-08 13:05 - 2014-06-07 15:21 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-01-08 13:05 - 2014-01-07 21:23 - 00116728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2015-01-08 13:05 - 2014-01-06 14:40 - 00436624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-01-08 13:05 - 2014-01-06 14:40 - 00267632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-01-08 13:05 - 2014-01-06 14:40 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-01-08 13:05 - 2014-01-06 14:40 - 00083280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-01-08 13:05 - 2014-01-06 14:40 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-01-07 12:07 - 2014-01-24 13:59 - 00000000 ____D () C:\Users\Radek\AppData\Roaming\vlc
2015-01-05 01:24 - 2014-01-06 13:31 - 00000000 ____D () C:\Users\Radek\AppData\Roaming\uTorrent
2015-01-01 14:37 - 2014-02-18 12:20 - 00000000 ____D () C:\Filmy
2014-12-27 21:02 - 2014-01-25 20:23 - 00000000 ____D () C:\Users\Radek\AppData\Roaming\Audacity
2014-12-25 01:33 - 2014-08-25 21:55 - 00000000 ____D () C:\Users\Radek\AppData\Local\Adobe
2014-12-25 01:31 - 2014-01-06 13:50 - 00003802 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-12-24 12:26 - 2014-01-07 03:26 - 00000000 ____D () C:\Users\Radek\AppData\Roaming\Atheros
2014-12-23 22:16 - 2014-02-25 18:50 - 00000000 ____D () C:\Users\Radek\Documents\Bluetooth Folder
2014-12-21 17:07 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-14 23:43 - 2014-01-10 13:26 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-08 14:06

==================== End Of Log ============================







Addition:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-01-2015 02
Ran by Radek at 2015-01-13 12:07:09
Running from C:\Programy
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3011 - Acer Incorporated)
Acer Instant Update Service (HKLM\...\{81C6F800-A69B-4E70-9DC0-74732F8B00E7}) (Version: 1.00.3015 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3013 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2021 - Acer Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Agilian 11.0 (HKLM\...\1106-5897-7327-6550) (Version: 11.0 - Visual Paradigm International Ltd.)
Akamai NetSession Interface (HKU\S-1-5-21-2255875871-1199464176-1346690243-1002\...\Akamai) (Version: - Akamai Technologies, Inc)
Aktualizace NVIDIA 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
ArcGIS 10.2 for Desktop (HKLM-x32\...\ArcGIS 10.2 for Desktop) (Version: 10.2.3348 - Environmental Systems Research Institute, Inc.)
ArcGIS 10.2 for Desktop (x32 Version: 10.2.3348 - Environmental Systems Research Institute, Inc.) Hidden
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 2.9.4272 - DsNET Corp)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
CamStudio version 2.7 (HKLM-x32\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7 - CamStudio Open Source)
CASE Studio 2 ver. (HKLM-x32\...\CASE Studio 2_is1) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05182 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05182 - Cisco Systems, Inc.) Hidden
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.2012 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.2016 - Acer Incorporated)
Crysis 3 v1.0.0.1 (HKLM-x32\...\Crysis 3_is1) (Version: - )
Crysis(R) (HKLM-x32\...\{000E79B7-E725-4F01-870A-C12942B7F8E4}) (Version: 1.00.0000 - Electronic Arts)
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3729_45993 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{32136776-FE3F-453D-80DA-CDD993BDB2A3}) (Version: 11.1.20810.00 - Microsoft Corporation)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
GRASS 6.4 (HKLM-x32\...\GRASS 6.4.2) (Version: 6.4.2-2 - GRASS Development Team)
GRASS 6.4 (HKLM-x32\...\GRASS GIS 6.4.3) (Version: 6.4.3-1 - GRASS Development Team)
IBM SPSS Statistics 20 (HKLM\...\{2AF8017B-E503-408F-AACE-8A335452CAD2}) (Version: 20.0.0.0 - IBM Corp)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated)
IDRISI Selva (HKLM-x32\...\IDRISI Selva) (Version: 17.00 - Clark Labs / Clark University)
IDRISI Selva (x32 Version: 17.00 - Clark Labs / Clark University) Hidden
Inkscape 0.48.5 (HKLM-x32\...\Inkscape) (Version: 0.48.5 - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.10 - Acer Inc.)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20828.01) (HKLM-x32\...\{4F2B8233-35EE-4197-8C3B-EACCBF712029}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20828.01) (HKLM-x32\...\{FAE0523E-08A4-4717-8E8E-6EC6F32CBE88}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio Express 2012 for Windows Desktop - ENU (HKLM-x32\...\{e0efdce9-a486-4676-8aa5-65bb08cbf34c}) (Version: 11.0.50727.42 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 34.0.5 (x86 cs) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 cs)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.02.2008 - Acer)
Opera 12.16 (HKLM\...\Opera 12.16.1860) (Version: 12.16.1860 - Opera Software ASA)
Ovládací panel NVIDIA 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Prerequisites for SSDT (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
Pro Evolution Soccer 2014 - World Challenge (HKLM-x32\...\Pro Evolution Soccer 2014 - World Challenge_is1) (Version: - )
Pro Evolution Soccer 2015 (HKLM-x32\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNQ==_is1) (Version: 1 - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
PyScripter 2.5.3 (HKLM\...\PyScripter_is1) (Version: 2.5.3 - PyScripter)
PyScripter 2.5.3 (HKLM-x32\...\PyScripter_is1) (Version: 2.5.3 - PyScripter)
Python 2.7 GDAL-2.0.0 (HKLM-x32\...\{5158F64E-C216-46CA-A2F9-30D879B35B9A}) (Version: 2.0.0 - Frank Warmerdam)
Python 2.7.8 (HKLM-x32\...\{61121B12-88BD-4261-A6EE-AB32610A56DD}) (Version: 2.7.8150 - Python Software Foundation)
Python 3.4.2 (HKLM-x32\...\{2583CDBA-8A53-4622-BB67-1D163714C1B4}) (Version: 3.4.16349 - Python Software Foundation)
QGIS Brighton 2.6.0 Brighton (HKLM\...\QGIS Brighton) (Version: - QGIS Development Team)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.220 - Qualcomm Atheros Communications)
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Qualcomm Atheros Communications Inc.)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.41 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6833 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.28124 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
SketchUp 2013 (HKLM-x32\...\{B75BC01B-4586-43F8-9349-D250DB98F26F}) (Version: 13.0.4812 - Trimble Navigation Limited)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Stellarium 0.13.1 (HKLM\...\Stellarium_is1) (Version: 0.13.1 - Stellarium team)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.50 - Ghisler Software GmbH)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
Watch_Dogs (HKLM-x32\...\{9L5FE86L-0D8I-4HJ7-HKY5-DRTKE3G6QG2X}_is1) (Version: 1.00 - Ubisoft)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

21-12-2014 14:25:52 Naplánovaný kontrolní bod
29-12-2014 23:24:38 Naplánovaný kontrolní bod
08-01-2015 13:01:56 avast! antivirus system restore point
13-01-2015 02:19:20 zoek.exe restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2015-01-13 02:21 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {02E50C23-581B-403B-B4B6-81BA729409D5} - System32\Tasks\Dolby Selector => C:\Dolby PCEE4\pcee4.exe [2012-09-01] (Dolby Laboratories Inc.)
Task: {1773032E-A4A6-4E80-A571-8A3596478BDC} - System32\Tasks\{08C3329E-3665-4AC0-9B20-34E670341463} => pcalua.exe -a C:\Users\Radek\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=amt <==== ATTENTION
Task: {183076AF-5ED3-4154-ADED-FDE7B2C977A7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-10] (Microsoft Corporation)
Task: {301B63A4-947A-497F-903D-19286451DDFF} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-08] (AVAST Software)
Task: {334A6EEC-FF1B-45D5-8147-6C4115C044DF} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {34B5F279-7DA5-4330-87BD-89D99E9ECCBA} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2013-02-08] ()
Task: {35AB068A-60B1-4F7F-848C-7E37C6E048BD} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2013-02-08] (CyberLink)
Task: {5E66031B-732C-4AB0-A177-C59FAA52770A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-21] (Google Inc.)
Task: {7DACDA7C-1B2E-43B0-B746-B838ABBA92FB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-25] (Adobe Systems Incorporated)
Task: {8771902B-EF5C-4C7B-BE7C-7D53674F6CF5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {9041D4C6-EA1C-470E-9C87-017F7DF5C4E5} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-03-15] (Acer Incorporated)
Task: {B11AE671-38D8-4EF0-A447-5980E3F31E71} - System32\Tasks\{9955EF7E-BFDB-4826-A543-4B67ED41A765} => pcalua.exe -a "C:\FIFA 2010 WC\Fifa.World.Cup.2006-RELOADED\AutoRun.exe" -d "C:\FIFA 2010 WC\Fifa.World.Cup.2006-RELOADED"
Task: {D73A92E8-A318-4B20-9403-31B30CEAAD85} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-21] (Google Inc.)
Task: {D94CFF4C-A713-4825-9F9E-09DA961ED5B8} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: {D9B313DA-8103-4F47-A417-147527C4920C} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2013-02-08] ()
Task: {F445B4EE-FF5C-412F-B093-3A387E8AF118} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-08-15 14:36 - 2014-07-02 21:48 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-08-15 14:38 - 2014-07-02 19:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-10-09 18:50 - 2013-02-21 06:58 - 00111176 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-01-08 13:05 - 2015-01-08 13:05 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2015-01-08 13:05 - 2015-01-08 13:05 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2013-02-08 22:24 - 2013-02-08 22:24 - 00025672 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
2013-02-08 22:24 - 2013-02-08 22:24 - 00044616 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
2013-01-28 22:45 - 2013-01-28 22:45 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-01-28 22:42 - 2013-01-28 22:42 - 00084992 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-01-28 22:47 - 2013-01-28 22:47 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2013-04-18 04:39 - 2012-10-23 04:37 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-08-15 19:25 - 2014-08-15 19:25 - 00063400 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2015-01-12 20:43 - 2015-01-12 20:43 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15011201\algo.dll
2015-01-08 13:05 - 2015-01-08 13:05 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2015-01-13 11:33 - 2015-01-13 11:33 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15011300\algo.dll
2013-10-09 18:23 - 2012-06-25 03:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-01-08 13:05 - 2015-01-08 13:05 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Radek\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Radek\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2255875871-1199464176-1346690243-1002\...\StartupApproved\Run: => "EADM"

========================= Accounts: ==========================

Administrator (S-1-5-21-2255875871-1199464176-1346690243-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2255875871-1199464176-1346690243-1006 - Limited - Enabled)
Guest (S-1-5-21-2255875871-1199464176-1346690243-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2255875871-1199464176-1346690243-1008 - Limited - Enabled)
Radek (S-1-5-21-2255875871-1199464176-1346690243-1002 - Administrator - Enabled) => C:\Users\Radek

==================== Faulty Device Manager Devices =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Android
Description: Android
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/13/2015 11:43:43 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RADEK)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (01/13/2015 11:43:43 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RADEK)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (01/13/2015 11:43:43 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RADEK)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (01/13/2015 11:43:43 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RADEK)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (01/13/2015 11:43:43 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RADEK)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (01/13/2015 11:43:43 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RADEK)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (01/13/2015 11:33:48 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RADEK)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (01/13/2015 11:33:42 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RADEK)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (01/13/2015 11:33:42 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RADEK)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (01/13/2015 11:33:42 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RADEK)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.


System errors:
=============
Error: (01/13/2015 11:43:40 AM) (Source: DCOM) (EventID: 10010) (User: RADEK)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca

Error: (01/13/2015 11:43:40 AM) (Source: DCOM) (EventID: 10010) (User: RADEK)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca

Error: (01/13/2015 11:43:39 AM) (Source: DCOM) (EventID: 10010) (User: RADEK)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca

Error: (01/13/2015 11:43:39 AM) (Source: DCOM) (EventID: 10010) (User: RADEK)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca

Error: (01/13/2015 11:43:38 AM) (Source: DCOM) (EventID: 10010) (User: RADEK)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca

Error: (01/13/2015 11:43:38 AM) (Source: DCOM) (EventID: 10010) (User: RADEK)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca

Error: (01/13/2015 11:33:43 AM) (Source: DCOM) (EventID: 10010) (User: RADEK)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca

Error: (01/13/2015 11:33:38 AM) (Source: DCOM) (EventID: 10010) (User: RADEK)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca

Error: (01/13/2015 11:33:37 AM) (Source: DCOM) (EventID: 10010) (User: RADEK)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca

Error: (01/13/2015 11:33:37 AM) (Source: DCOM) (EventID: 10010) (User: RADEK)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca


Microsoft Office Sessions:
=========================
Error: (01/13/2015 11:43:43 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RADEK)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (01/13/2015 11:43:43 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RADEK)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (01/13/2015 11:43:43 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RADEK)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (01/13/2015 11:43:43 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RADEK)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (01/13/2015 11:43:43 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RADEK)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (01/13/2015 11:43:43 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RADEK)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (01/13/2015 11:33:48 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RADEK)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (01/13/2015 11:33:42 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RADEK)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (01/13/2015 11:33:42 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RADEK)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (01/13/2015 11:33:42 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RADEK)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Percentage of memory in use: 34%
Total physical RAM: 3914.27 MB
Available physical RAM: 2553.61 MB
Total Pagefile: 7882.27 MB
Available Pagefile: 6405.99 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:909.36 GB) (Free:398.99 GB) NTFS
Drive e: (20091011_160148) (CDROM) (Total:2.89 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: BF6038DE)

Partition: GPT Partition Type.

==================== End Of Log ============================

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  HKLM-x32\...\Run: [LManager] => [X]
  HKLM\...\Policies\Explorer: [NoControlPanel] 0
  HKU\S-1-5-21-2255875871-1199464176-1346690243-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
  HKU\S-1-5-21-2255875871-1199464176-1346690243-1002\...\MountPoints2: {2200ecc2-23a7-11e4-beb9-a4db303d954e} - "E:\Welcome\Welcome.exe" 
  
  SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  
  2015-01-13 11:31 - 2015-01-13 11:33 - 00000197 _____ () C:\WINDOWS\system32\2015-01-13-10-31-55.080-AvastVBoxSVC.exe-1620.log
  2015-01-13 11:27 - 2015-01-13 02:17 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
  2015-01-13 02:19 - 2015-01-13 11:31 - 00042280 _____ () C:\zoek-results.log
  2015-01-13 02:11 - 2015-01-13 02:11 - 00000247 _____ () C:\WINDOWS\system32\2015-01-13-01-11-53.025-aswFe.exe-10812.log
  2015-01-13 01:59 - 2015-01-13 02:11 - 00000247 _____ () C:\WINDOWS\system32\2015-01-13-00-59-21.054-aswFe.exe-10528.log
  2015-01-13 01:59 - 2015-01-13 01:59 - 00000197 _____ () C:\WINDOWS\system32\2015-01-13-00-59-13.090-AvastVBoxSVC.exe-3792.log
  2015-01-13 01:27 - 2015-01-13 11:17 - 00000000 ____D () C:\zoek_backup
  2015-01-13 00:58 - 2015-01-13 11:28 - 00001642 _____ () C:\WINDOWS\PFRO.log
  2015-01-13 00:49 - 2015-01-13 01:20 - 00000000 ____D () C:\AdwCleaner
  2015-01-13 00:48 - 2015-01-13 00:49 - 01295360 _____ () C:\Users\Radek\Desktop\zoek.exe
  2015-01-12 22:39 - 2015-01-12 22:39 - 00010040 _____ () C:\Users\Radek\Desktop\Addition.zip
  2015-01-12 22:37 - 2015-01-12 22:37 - 00037292 _____ () C:\Users\Radek\Desktop\Addition.txt
  2015-01-12 22:11 - 2015-01-12 22:11 - 00000000 ____D () C:\rsit
  2015-01-12 21:44 - 2015-01-12 22:42 - 00000000 ____D () C:\Program Files\trend micro
  2015-01-08 23:14 - 2015-01-08 23:14 - 00000039 _____ () C:\Users\Radek\Desktop\masti.txt
  2015-01-08 13:40 - 2015-01-08 13:40 - 00000247 _____ () C:\WINDOWS\system32\2015-01-08-12-40-37.095-aswFe.exe-5248.log
  2015-01-08 13:31 - 2015-01-08 13:40 - 00000247 _____ () C:\WINDOWS\system32\2015-01-08-12-31-25.055-aswFe.exe-6120.log
  2015-01-08 13:31 - 2015-01-08 13:31 - 00000197 _____ () C:\WINDOWS\system32\2015-01-08-12-31-20.022-AvastVBoxSVC.exe-6044.log
  2014-12-25 01:31 - 2014-12-28 13:21 - 00000000 ____D () C:\Program Files (x86)\McAfee Security Scan
  
  Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
  Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  
  Hosts:
  EmptyTemp:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

fixlog.txt:


Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-01-2015 02
Ran by Radek at 2015-01-14 00:21:56 Run:1
Running from C:\Programy
Loaded Profile: Radek (Available profiles: Radek)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [LManager] => [X]
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2255875871-1199464176-1346690243-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2255875871-1199464176-1346690243-1002\...\MountPoints2: {2200ecc2-23a7-11e4-beb9-a4db303d954e} - "E:\Welcome\Welcome.exe"

SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

2015-01-13 11:31 - 2015-01-13 11:33 - 00000197 _____ () C:\WINDOWS\system32\2015-01-13-10-31-55.080-AvastVBoxSVC.exe-1620.log
2015-01-13 11:27 - 2015-01-13 02:17 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2015-01-13 02:19 - 2015-01-13 11:31 - 00042280 _____ () C:\zoek-results.log
2015-01-13 02:11 - 2015-01-13 02:11 - 00000247 _____ () C:\WINDOWS\system32\2015-01-13-01-11-53.025-aswFe.exe-10812.log
2015-01-13 01:59 - 2015-01-13 02:11 - 00000247 _____ () C:\WINDOWS\system32\2015-01-13-00-59-21.054-aswFe.exe-10528.log
2015-01-13 01:59 - 2015-01-13 01:59 - 00000197 _____ () C:\WINDOWS\system32\2015-01-13-00-59-13.090-AvastVBoxSVC.exe-3792.log
2015-01-13 01:27 - 2015-01-13 11:17 - 00000000 ____D () C:\zoek_backup
2015-01-13 00:58 - 2015-01-13 11:28 - 00001642 _____ () C:\WINDOWS\PFRO.log
2015-01-13 00:49 - 2015-01-13 01:20 - 00000000 ____D () C:\AdwCleaner
2015-01-13 00:48 - 2015-01-13 00:49 - 01295360 _____ () C:\Users\Radek\Desktop\zoek.exe
2015-01-12 22:39 - 2015-01-12 22:39 - 00010040 _____ () C:\Users\Radek\Desktop\Addition.zip
2015-01-12 22:37 - 2015-01-12 22:37 - 00037292 _____ () C:\Users\Radek\Desktop\Addition.txt
2015-01-12 22:11 - 2015-01-12 22:11 - 00000000 ____D () C:\rsit
2015-01-12 21:44 - 2015-01-12 22:42 - 00000000 ____D () C:\Program Files\trend micro
2015-01-08 23:14 - 2015-01-08 23:14 - 00000039 _____ () C:\Users\Radek\Desktop\masti.txt
2015-01-08 13:40 - 2015-01-08 13:40 - 00000247 _____ () C:\WINDOWS\system32\2015-01-08-12-40-37.095-aswFe.exe-5248.log
2015-01-08 13:31 - 2015-01-08 13:40 - 00000247 _____ () C:\WINDOWS\system32\2015-01-08-12-31-25.055-aswFe.exe-6120.log
2015-01-08 13:31 - 2015-01-08 13:31 - 00000197 _____ () C:\WINDOWS\system32\2015-01-08-12-31-20.022-AvastVBoxSVC.exe-6044.log
2014-12-25 01:31 - 2014-12-28 13:21 - 00000000 ____D () C:\Program Files (x86)\McAfee Security Scan

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\LManager => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value deleted successfully.
HKU\S-1-5-21-2255875871-1199464176-1346690243-1002\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
"HKU\S-1-5-21-2255875871-1199464176-1346690243-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2200ecc2-23a7-11e4-beb9-a4db303d954e}" => Key deleted successfully.
HKCR\CLSID\{2200ecc2-23a7-11e4-beb9-a4db303d954e} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key Deleted successfully.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
Could not move "C:\WINDOWS\system32\2015-01-13-10-31-55.080-AvastVBoxSVC.exe-1620.log" => Scheduled to move on reboot.
C:\WINDOWS\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\WINDOWS\system32\2015-01-13-01-11-53.025-aswFe.exe-10812.log => Moved successfully.
C:\WINDOWS\system32\2015-01-13-00-59-21.054-aswFe.exe-10528.log => Moved successfully.
C:\WINDOWS\system32\2015-01-13-00-59-13.090-AvastVBoxSVC.exe-3792.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\WINDOWS\PFRO.log => Moved successfully.
C:\AdwCleaner => Moved successfully.
"C:\Users\Radek\Desktop\zoek.exe" => File/Directory not found.
"C:\Users\Radek\Desktop\Addition.zip" => File/Directory not found.
"C:\Users\Radek\Desktop\Addition.txt" => File/Directory not found.
C:\rsit => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
"C:\Users\Radek\Desktop\masti.txt" => File/Directory not found.
C:\WINDOWS\system32\2015-01-08-12-40-37.095-aswFe.exe-5248.log => Moved successfully.
C:\WINDOWS\system32\2015-01-08-12-31-25.055-aswFe.exe-6120.log => Moved successfully.
C:\WINDOWS\system32\2015-01-08-12-31-20.022-AvastVBoxSVC.exe-6044.log => Moved successfully.
C:\Program Files (x86)\McAfee Security Scan => Moved successfully.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 1.9 GB temporary data.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-01-14 00:26:46)<=

C:\WINDOWS\system32\2015-01-13-10-31-55.080-AvastVBoxSVC.exe-1620.log => Is moved successfully.

==== End of Fixlog 00:26:46 ====

Jak se chova notebook??

Už je to mnohem lepší, děkuji

Tak jeste uklidime

DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remote disinfection tools
• Kliknete na Run

Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standard
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse