VIRY.CZ

Prosím o kontrolu logu. Po spuštění ovládacích panelů mi to zahlásí Průzkumník přestal pracovat.. restart...

Logfile of random's system information tool 1.10 (written by random/random)
Run by Vera at 2015-01-15 10:18:17
Microsoft Windows 7 Starter Service Pack 1
System drive C: has 84 GB (29%) free of 292 GB
Total RAM: 2036 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:18:31, on 15.1.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Launch Manager\LMworker.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\Browny02\Brother\BrStMonW.exe
C:\Program Files\ControlCenter4\BrCtrlCntr.exe
C:\Windows\Samsung\PanelMgr\SSMMgr.exe
C:\Program Files\SmarThru Office\BackUpSvr.exe
C:\Program Files\SmarThru Office\LegacyLauncher.exe
C:\Windows\twain_32\Samsung\SCX4x24\Scan2Pc.exe
C:\CPP\CppKalkulacky\CppCalcServer.exe
C:\Program Files\ControlCenter4\BrCcUxSys.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\EgisTec IPS\EgisUpdate.exe
C:\Windows\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Vera\Desktop\Zrušit-pokusy\RSIT.exe
C:\Program Files\trend micro\Vera.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sus.cpp.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [GfxServiceInstall] C:\Windows\system32\GfxCUIServiceInstall.vbs
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKLM\..\Run: [STO Backup Service] C:\Program Files\SmarThru Office\BackUpSvr.exe
O4 - HKLM\..\Run: [STO Launcher Service] C:\Program Files\SmarThru Office\LegacyLauncher.exe /run
O4 - HKLM\..\Run: [4x24 Scan2PC] "C:\Windows\Twain_32\Samsung\SCX4x24\Scan2pc.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Startup: CPP - CalcServer.lnk = C:\CPP\CppKalkulacky\CppCalcServer.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Capture Selection - C:\Program Files\SmarThru Office\WebCapture.dll2.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Save as HTML - C:\Program Files\SmarThru Office\WebCapture.dll1.htm
O8 - Extra context menu item: Save Selected Text - C:\Program Files\SmarThru Office\WebCapture.dll.htm
O8 - Extra context menu item: Web Capture - C:\Program Files\SmarThru Office\WebCapture.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (no file)
O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Web Capture - {7BDBFB9E-FD6E-43c2-937A-5C9F33FEBE5F} - C:\Program Files\SmarThru Office\WebCapture.dll (HKCU)
O9 - Extra 'Tools' menuitem: Web Capture - {7BDBFB9E-FD6E-43c2-937A-5C9F33FEBE5F} - C:\Program Files\SmarThru Office\WebCapture.dll (HKCU)
O9 - Extra button: Capture Selection - {A36A58CC-70D5-4462-9C90-C0E9D244B230} - C:\Program Files\SmarThru Office\WebCapture.dll (HKCU)
O9 - Extra 'Tools' menuitem: Capture Selection - {A36A58CC-70D5-4462-9C90-C0E9D244B230} - C:\Program Files\SmarThru Office\WebCapture.dll (HKCU)
O9 - Extra button: Save Selected Text - {A5183750-A927-4ec3-B027-C633A2D5418C} - C:\Program Files\SmarThru Office\WebCapture.dll (HKCU)
O9 - Extra 'Tools' menuitem: Save Selected Text - {A5183750-A927-4ec3-B027-C633A2D5418C} - C:\Program Files\SmarThru Office\WebCapture.dll (HKCU)
O9 - Extra button: Save as HTML - {BDC4DF0E-D605-48d6-B4AF-CA5927A463EE} - C:\Program Files\SmarThru Office\WebCapture.dll (HKCU)
O9 - Extra 'Tools' menuitem: Save as HTML - {BDC4DF0E-D605-48d6-B4AF-CA5927A463EE} - C:\Program Files\SmarThru Office\WebCapture.dll (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files\Browny02\BrYNSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files\Launch Manager\dsiwmis.exe
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Software Inc. - C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files\WildTangent Games\App\GamesAppService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files\Acer\Registration\GREGsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 11250 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\Uninstaller_SkipUac_Administrator.job - C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe /UninstallExplorer

=========Mozilla firefox=========

ProfilePath - C:\Users\Vera\AppData\Roaming\Mozilla\Firefox\Profiles\9vgaia5l.default

prefs.js - "browser.startup.homepage" - "www.seznam.cz"

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.246 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_246.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App Presence Detector Plugin
"Path"=C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll


C:\Program Files\Mozilla Firefox\plugins\
npPDFXCviewNPPlugin.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2014-06-08 752960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-11-24 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"=C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-09-20 341360]
"Norton Online Backup"=C:\Program Files\Symantec\Norton Online Backup\NOBuClient.exe [2010-06-01 966488]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-07-06 142144]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-07-06 175936]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-07-06 168256]
"GfxServiceInstall"=C:\Windows\system32\GfxCUIServiceInstall.vbs [2012-06-27 131]
"LManager"=C:\Program Files\Launch Manager\LManager.exe [2011-07-01 1103440]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-10-08 1934632]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2012-01-10 10959464]
"Power Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2012-02-07 714120]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-01-10 5227112]
"ControlCenter4"=C:\Program Files\ControlCenter4\BrCcBoot.exe [2012-09-06 143360]
"BrStsMon00"=C:\Program Files\Browny02\Brother\BrStMonW.exe [2012-06-06 3076096]
"Samsung PanelMgr"=C:\Windows\Samsung\PanelMgr\SSMMgr.exe [2008-07-31 536576]
"STO Backup Service"=C:\Program Files\SmarThru Office\BackUpSvr.exe [2008-06-11 192512]
"STO Launcher Service"=C:\Program Files\SmarThru Office\LegacyLauncher.exe [2008-06-11 331776]
"4x24 Scan2PC"=C:\Windows\Twain_32\Samsung\SCX4x24\Scan2pc.exe [2008-09-29 495616]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2014-12-12 5489944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk]
C:\PROGRA~1\Acer\ACERVC~1\AcerVCM.exe [2011-05-12 723560]

C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
CPP - CalcServer.lnk - C:\CPP\CppKalkulacky\CppCalcServer.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-06-27 224768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-01-15 10:18:18 ----D---- C:\Program Files\trend micro
2015-01-15 10:18:17 ----D---- C:\rsit
2015-01-15 10:02:30 ----D---- C:\Program Files\CCleaner
2015-01-14 23:46:29 ----D---- C:\Program Files\Mozilla Firefox
2015-01-14 18:39:24 ----D---- C:\Users\Vera\AppData\Roaming\eCyber
2015-01-14 16:23:36 ----D---- C:\ProgramData\Kaspersky Lab Setup Files
2015-01-14 14:32:43 ----D---- C:\ProgramData\Malwarebytes
2015-01-14 13:57:13 ----A---- C:\Windows\system32\drivers\revoflt.sys
2015-01-14 13:49:43 ----HD---- C:\ProgramData\Common Files
2015-01-14 13:49:43 ----D---- C:\ProgramData\MFAData
2015-01-13 09:53:30 ----D---- C:\ProgramData\Spybot - Search & Destroy
2015-01-13 09:53:06 ----D---- C:\Program Files\Spybot - Search & Destroy 2
2015-01-13 09:45:30 ----A---- C:\Windows\system32\FNTCACHE.DAT
2015-01-12 23:36:23 ----D---- C:\Users\Vera\AppData\Roaming\FTWeak
2015-01-12 22:22:58 ----D---- C:\Users\Vera\AppData\Roaming\Hiteksquad
2015-01-12 22:22:38 ----D---- C:\Program Files\Ratchet
2015-01-12 21:45:17 ----D---- C:\Users\Vera\AppData\Roaming\Geek Uninstaller
2015-01-12 21:25:24 ----D---- C:\Program Files\DLLSuite
2015-01-12 19:11:57 ----D---- C:\ProgramData\VS Revo Group
2015-01-12 17:09:48 ----D---- C:\Program Files\Google
2015-01-11 22:51:57 ----N---- C:\bootsqm.dat
2015-01-06 11:27:40 ----D---- C:\Users\Vera\AppData\Roaming\Foxit Software
2015-01-06 11:25:30 ----D---- C:\Program Files\Foxit Software
2015-01-06 09:10:42 ----A---- C:\Windows\system32\pdfcmon.dll
2015-01-06 09:10:38 ----D---- C:\Program Files\PDFCreator
2014-12-18 10:46:12 ----A---- C:\Windows\system32\ieUnatt.exe

======List of files/folders modified in the last 1 month======

2015-01-15 10:18:21 ----D---- C:\Windows\Temp
2015-01-15 10:18:18 ----D---- C:\Program Files
2015-01-15 10:04:15 ----D---- C:\Windows\inf
2015-01-15 10:04:14 ----D---- C:\Windows\SoftwareDistribution
2015-01-15 10:04:14 ----D---- C:\Windows
2015-01-15 10:02:57 ----D---- C:\Windows\system32\config
2015-01-15 10:02:35 ----D---- C:\Windows\system32\Tasks
2015-01-15 09:57:26 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-01-15 09:57:24 ----D---- C:\Program Files\Mozilla Firefox.bak
2015-01-14 18:40:39 ----D---- C:\Windows\System32
2015-01-14 18:40:39 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-01-14 17:23:02 ----SD---- C:\ProgramData\Microsoft
2015-01-14 16:23:36 ----HD---- C:\ProgramData
2015-01-14 16:21:35 ----D---- C:\Windows\Tasks
2015-01-14 16:20:57 ----SHD---- C:\System Volume Information
2015-01-14 15:44:54 ----D---- C:\Windows\system32\drivers
2015-01-14 13:57:10 ----D---- C:\Program Files\VS Revo Group
2015-01-14 13:27:09 ----A---- C:\Windows\wininit.ini
2015-01-13 09:45:46 ----D---- C:\Windows\debug
2015-01-13 09:22:23 ----RHD---- C:\MSOCache
2015-01-13 09:21:50 ----D---- C:\Windows\system32\catroot2
2015-01-13 09:21:50 ----D---- C:\Windows\Panther
2015-01-13 09:21:50 ----D---- C:\Windows\Logs
2015-01-13 09:21:50 ----D---- C:\Windows\Downloaded Program Files
2015-01-13 09:12:41 ----D---- C:\Windows\winsxs
2015-01-12 21:46:00 ----SD---- C:\Users\Vera\AppData\Roaming\Microsoft
2015-01-12 19:06:32 ----D---- C:\Program Files\Microsoft Office
2015-01-12 17:09:40 ----D---- C:\Windows\Prefetch
2015-01-10 13:18:25 ----D---- C:\ProgramData\ProductData
2015-01-08 16:51:05 ----D---- C:\Einstein
2015-01-06 04:36:02 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-11-24 49944]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-11-24 206248]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-06 354840]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-11-24 81768]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-24 787800]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-11-24 423784]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2012-07-18 21600]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2012-07-18 16936]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2012-07-18 62240]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-11-24 24184]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-11-24 70384]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-11-24 91496]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2007-12-11 5120]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2011-10-27 4268096]
R3 igddim32;igddim32; C:\Windows\system32\DRIVERS\igddim32.sys [2012-06-27 1349120]
R3 igdkmd32;igdkmd32; C:\Windows\system32\DRIVERS\igdkmd32.sys [2012-06-27 435200]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2012-01-10 3932584]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-06-09 278528]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-05-30 254056]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-09-29 490088]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 9216]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-10-08 1314736]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [2007-12-11 41984]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-11-24 50344]
R2 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\SeaPort.EXE [2011-05-12 249648]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files\Launch Manager\dsiwmis.exe [2011-07-01 353360]
R2 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2012-02-07 738688]
R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service; C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [2014-10-28 244448]
R2 GREGService;GREGService; C:\Program Files\Acer\Registration\GREGsvc.exe [2012-02-29 28264]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
R2 IconMan_R;IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-07 1755136]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-02-07 255376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 NOBU;Norton Online Backup; C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe [2010-06-01 2057560]
R2 RS_Service;Raw Socket Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640]
R3 BrYNSvc;BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [2012-06-05 266240]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-01-12 116648]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2014-06-08 2175264]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10 267440]
S3 BBSvc;Bing Bar Update Service; C:\Program Files\Microsoft\BingBar\BBSvc.EXE [2011-06-07 191752]
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424]
S3 GamesAppService;GamesAppService; C:\Program Files\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-01-12 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 102912]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-01-14 114800]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-29 1713536]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 51040]

-----------------EOF-----------------

Zdravim

Od kdy tento problem pozorujete? Co jste napr. instaloval nez problemy zacaly?

Byly tam na zkoušku Office 2007, ty přestaly fungovat a pak už se ten problém začal objevovat i u ovládacích panelů. Office jsem odinstaloval přes RevoUninstaller Pro... ničím jiným to nešlo.

Moznym zpusobem reseni se nabizi vraceni bodu obnoveni, kdy system jeste korektne fungoval. V nouzovem rezimu - Start -> spustit -> rstrui.exe a vyberte starsi bod obnoveni.

Bohužel takový bod obnovy není k dispozici... jsou pouze body obnovení z doby kdy už se problém vyskytoval

Dobre, pocitac nejprve vycistime.

Odinstalujte vse od IObitu a Spybot - Search & Destroy.

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/

• ukoncete vsechny programy
• kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
• kliknete na Scan, pote na Clean
• po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

Log:
# AdwCleaner v4.107 - Report created 15/01/2015 at 19:27:49
# Updated 07/01/2015 by Xplode
# Database : 2015-01-13.2 [Live]
# Operating System : Windows 7 Starter Service Pack 1 (32 bits)
# Username : Vera - VERA-PC
# Running from : C:\Users\Vera\Desktop\adwcleaner_4.107.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Vera\AppData\Roaming\eCyber

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v35.0 (x86 cs)


-\\ Google Chrome v39.0.2171.95


*************************

AdwCleaner[R1].txt - [835 octets] - [15/01/2015 19:22:48]
AdwCleaner[S1].txt - [759 octets] - [15/01/2015 19:27:49]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [818 octets] ##########

• Stahnete Crystal Disk Info (CDI) http://sourceforge.jp/frs/redir.php?m=j ... o6_2_2.zip
• archiv extrahujte a spustte vyextrahovany soubor DiskInfo.exe
• ve spustenem programu kliknete nahore na Upravy -> Kopirovat (log mate nyni zkopirovany ve schrance)
• log vlozte do dalsi odpovedi (Ctrl + V)

Dejte novy log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

DiskInfo:

----------------------------------------------------------------------------
CrystalDiskInfo 6.2.2 (C) 2008-2014 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Starter SP1 [6.1 Build 7601] (x86)
Date : 2015/01/15 19:38:49

-- Controller Map ----------------------------------------------------------
+ Intel(R) NM10 Express Chipset [ATA]
- ST320LM001 HN-M320MBB

-- Disk List ---------------------------------------------------------------
(1) ST320LM001 HN-M320MBB : 320,0 GB [0/0/0, pd1] - st

----------------------------------------------------------------------------
(1) ST320LM001 HN-M320MBB
----------------------------------------------------------------------------
Model : ST320LM001 HN-M320MBB
Firmware : 2AR10001
Serial Number : S2UPJ9AC710891
Disk Size : 320,0 GB (8,4/137,4/320,0/320,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 6
Transfer Mode : SATA/300 | SATA/300
Power On Hours : 4990 hod.
Power On Count : 4545 krát
Temperature : 32 C (89 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : FE80h [ON]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 000000000001 Počet chyb čtení
02 252 252 __0 000000000000 Průchodnost disku
03 _92 _86 _25 0000000009CA Čas na roztočení ploten
04 _85 _85 __0 000000003BBE Počet spuštění/zastavení
05 252 252 _10 000000000000 Počet přemapovaných sektorů
07 252 252 _51 000000000000 Počet chybných hledání
08 252 252 _15 000000000000 Čas potřebný na vyhledání
09 100 100 __0 00000000137E Hodin v činnosti
0A 252 252 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _96 _96 __0 0000000011C1 Počet cyklů zapnutí zařízení
BF 100 100 __0 0000000000E4 Počet udalostí zaznamenaných otřesovým senzorem
C0 252 252 __0 000000000000 Počet vypnutí disku
C2 _64 _57 __0 002C000C0020 Teplota
C3 100 100 __0 000000000000 Počet oprav chybného čtení
C4 252 252 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 252 252 __0 000000000000 Počet podezřelých sektorů
C6 252 252 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 __0 000000000289 Počet chyb při zápisu sektorů
DF 100 100 __0 00000000009C Zatížení budiče magnetických hlav způsobené opakovanými úkony
E1 _93 _93 __0 000000011AA8 Počet cyklů načítání/vymazání

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 5332 5550 4A39 4143 3731 3038 3931 2020 2020 2020
020: 0000 4000 0004 3241 5231 3030 3031 5354 3332 304C
030: 4D30 3031 2048 4E2D 4D33 3230 4D42 4220 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1F06 0004 004C 004C
080: 01FF 0028 746B 7F69 6123 7469 BE49 6123 407F 0028
090: 0028 0080 FFFE 0000 FE80 0000 0000 0000 0000 0000
100: EAB0 2542 0000 0000 0000 0000 6003 0000 5000 4CF2
110: 0812 DAC5 0000 0000 0000 0000 0000 0100 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003F 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 103F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0400 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 D3A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 64 64 01 00 00 00 00 00 00 02 26
010: 00 FC FC 00 00 00 00 00 00 00 03 23 00 5C 56 CA
020: 09 00 00 00 00 00 04 32 00 55 55 BE 3B 00 00 00
030: 00 00 05 33 00 FC FC 00 00 00 00 00 00 00 07 2E
040: 00 FC FC 00 00 00 00 00 00 00 08 24 00 FC FC 00
050: 00 00 00 00 00 00 09 32 00 64 64 7E 13 00 00 00
060: 00 00 0A 32 00 FC FC 00 00 00 00 00 00 00 0C 32
070: 00 60 60 C1 11 00 00 00 00 00 BF 22 00 64 64 E4
080: 00 00 00 00 00 00 C0 22 00 FC FC 00 00 00 00 00
090: 00 00 C2 02 00 40 39 20 00 0C 00 2C 00 00 C3 3A
0A0: 00 64 64 00 00 00 00 00 00 00 C4 32 00 FC FC 00
0B0: 00 00 00 00 00 00 C5 32 00 FC FC 00 00 00 00 00
0C0: 00 00 C6 30 00 FC FC 00 00 00 00 00 00 00 C7 36
0D0: 00 C8 C8 00 00 00 00 00 00 00 C8 2A 00 64 64 89
0E0: 02 00 00 00 00 00 DF 32 00 64 64 9C 00 00 00 00
0F0: 00 00 E1 32 00 5D 5D A8 1A 01 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 74 13 00 5B
170: 03 00 01 00 02 53 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 9C

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 00 00 00 00 00 00 00 00 00 00 02 00
010: 00 00 00 00 00 00 00 00 00 00 03 19 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 0A 00 00 00 00 00 00 00 00 00 00 07 33
040: 00 00 00 00 00 00 00 00 00 00 08 0F 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 33 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
080: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C3 00
0A0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0B0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0C0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
0D0: 00 00 00 00 00 00 00 00 00 00 C8 00 00 00 00 00
0E0: 00 00 00 00 00 00 DF 00 00 00 00 00 00 00 00 00
0F0: 00 00 E1 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 46

FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-01-2015
Ran by Vera (administrator) on VERA-PC on 15-01-2015 19:43:18
Running from C:\Users\Vera\Desktop
Loaded Profiles: Vera (Available profiles: Vera)
Platform: Microsoft Windows 7 Starter Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Dritek System Inc.) C:\Program Files\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LMutilps32.exe
(Foxit Software Inc.) C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Acer Incorporated) C:\Program Files\Acer\Registration\GREGsvc.exe
(Realsil Microelectronics Inc.) C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Symantec Corporation) C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer VCM\RS_Service.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Brother Industries, Ltd.) C:\Program Files\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files\ControlCenter4\BrCtrlCntr.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
() C:\Program Files\SmarThru Office\BackUpSvr.exe
() C:\Program Files\SmarThru Office\LegacyLauncher.exe
() C:\Windows\twain_32\Samsung\SCX4x24\Scan2Pc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Pražská softwarová s.r.o.) C:\CPP\CppKalkulacky\CppCalcServer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Brother Industries, Ltd.) C:\Program Files\ControlCenter4\BrCcUxSys.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Brother Industries, Ltd.) C:\Program Files\Browny02\BrYNSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\Vera\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SuiteTray] => C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM\...\Run: [Norton Online Backup] => C:\Program Files\Symantec\Norton Online Backup\NOBuClient.exe [966488 2010-06-01] (Symantec Corporation)
HKLM\...\Run: [GfxServiceInstall] => C:\Windows\system32\GfxCUIServiceInstall.vbs [131 2012-06-27] ()
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1934632 2010-10-08] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10959464 2012-01-10] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [714120 2012-02-07] (Acer Incorporated)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-10] (AVAST Software)
HKLM\...\Run: [ControlCenter4] => C:\Program Files\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM\...\Run: [BrStsMon00] => C:\Program Files\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [536576 2008-07-31] ()
HKLM\...\Run: [STO Backup Service] => C:\Program Files\SmarThru Office\BackUpSvr.exe [192512 2008-06-11] ()
HKLM\...\Run: [STO Launcher Service] => C:\Program Files\SmarThru Office\LegacyLauncher.exe [331776 2008-06-11] ()
HKLM\...\Run: [4x24 Scan2PC] => C:\Windows\Twain_32\Samsung\SCX4x24\Scan2pc.exe [495616 2008-09-29] ()
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-428363639-2987571098-4238844215-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5489944 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-428363639-2987571098-4238844215-1000\...\MountPoints2: {b01bfd97-0550-11e4-a4e6-089e013fb089} - D:\Startme.exe
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
Startup: C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CPP - CalcServer.lnk
ShortcutTarget: CPP - CalcServer.lnk -> C:\CPP\CppKalkulacky\CppCalcServer.exe (Pražská softwarová s.r.o.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-428363639-2987571098-4238844215-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-428363639-2987571098-4238844215-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://sus.cpp.cz/
HKU\S-1-5-21-428363639-2987571098-4238844215-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Vera\AppData\Roaming\Mozilla\Firefox\Profiles\9vgaia5l.default
FF Homepage: http://www.seznam.cz
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKU\S-1-5-21-428363639-2987571098-4238844215-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-07]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-12]
CHR Extension: (Avast Online Security) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-12]
CHR Extension: (Peněženka Google) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-12]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-24]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-24] (AVAST Software)
R3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
S3 EgisTec Ticket Service; C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe [173424 2011-06-21] (Egis Technology Inc. )
R2 ePowerSvc; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [738688 2012-02-07] (Acer Incorporated)
R2 FoxitCloudUpdateService; C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244448 2014-10-28] (Foxit Software Inc.)
R2 GREGService; C:\Program Files\Acer\Registration\GREGsvc.exe [28264 2012-02-29] (Acer Incorporated)
R2 IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1755136 2011-03-07] (Realsil Microelectronics Inc.) [File not signed]
R2 Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [255376 2012-02-07] (Acer Incorporated)
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 NOBU; C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe [2057560 2010-06-01] (Symantec Corporation)
R2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-11-24] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2014-11-24] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-11-24] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-11-24] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2014-11-24] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2014-11-24] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [91496 2014-11-24] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2014-11-24] ()
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [41984 2007-12-11] (Samsung Electronics Co., Ltd.) [File not signed]
R1 mwlPSDFilter; C:\Windows\System32\DRIVERS\mwlPSDFilter.sys [21600 2012-07-18] (Egis Technology Inc.)
R1 mwlPSDNServ; C:\Windows\System32\DRIVERS\mwlPSDNServ.sys [16936 2012-07-18] (Egis Technology Inc.)
R1 mwlPSDVDisk; C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys [62240 2012-07-18] (Egis Technology Inc.)
R3 RSPCIESTOR; C:\Windows\System32\DRIVERS\RtsPStor.sys [254056 2011-05-30] (Realtek Semiconductor Corp.)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-15 19:43 - 2015-01-15 19:44 - 00014659 _____ () C:\Users\Vera\Desktop\FRST.txt
2015-01-15 19:43 - 2015-01-15 19:43 - 00000000 ____D () C:\FRST
2015-01-15 19:42 - 2015-01-15 19:42 - 01116672 _____ (Farbar) C:\Users\Vera\Desktop\FRST.exe
2015-01-15 19:42 - 2015-01-15 19:42 - 00112640 _____ (forum.viry.cz) C:\Users\Vera\Desktop\FRSTLauncher.exe
2015-01-15 19:22 - 2015-01-15 19:27 - 00000000 ____D () C:\AdwCleaner
2015-01-15 19:22 - 2015-01-15 19:22 - 02191360 _____ () C:\Users\Vera\Desktop\adwcleaner_4.107.exe
2015-01-15 18:31 - 2015-01-15 19:34 - 00067719 _____ () C:\Windows\WindowsUpdate.log
2015-01-15 18:28 - 2015-01-15 19:28 - 00001112 _____ () C:\Windows\PFRO.log
2015-01-15 18:28 - 2015-01-15 19:28 - 00000112 _____ () C:\Windows\setupact.log
2015-01-15 18:28 - 2015-01-15 18:28 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-15 10:18 - 2015-01-15 10:18 - 00000000 ____D () C:\rsit
2015-01-15 10:18 - 2015-01-15 10:18 - 00000000 ____D () C:\Program Files\trend micro
2015-01-15 10:02 - 2015-01-15 10:02 - 00000929 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-01-15 10:02 - 2015-01-15 10:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-01-15 10:02 - 2015-01-15 10:02 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-14 23:46 - 2015-01-14 23:46 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-01-14 18:39 - 2015-01-14 18:40 - 01188880 _____ (Elex do Brasil Participações Ltda) C:\Users\Vera\Downloads\yet_another_cleaner_sk_147739 (1).exe
2015-01-14 18:38 - 2015-01-14 18:39 - 01188880 _____ (Elex do Brasil Participações Ltda) C:\Users\Vera\Downloads\yet_another_cleaner_sk_147739.exe
2015-01-14 16:23 - 2015-01-14 16:24 - 00000000 ____D () C:\ProgramData\Kaspersky Lab Setup Files
2015-01-14 14:32 - 2015-01-14 14:32 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-14 13:57 - 2015-01-14 13:57 - 00001194 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2015-01-14 13:57 - 2015-01-14 13:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2015-01-14 13:57 - 2009-12-30 10:21 - 00027192 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2015-01-14 13:49 - 2015-01-14 13:49 - 00000000 ____D () C:\Users\Vera\AppData\Local\MFAData
2015-01-14 13:49 - 2015-01-14 13:49 - 00000000 ____D () C:\Users\Vera\AppData\Local\Avg2015
2015-01-14 13:49 - 2015-01-14 13:49 - 00000000 ____D () C:\ProgramData\MFAData
2015-01-14 13:38 - 2015-01-15 19:42 - 00000000 ____D () C:\Users\Vera\Desktop\Zrušit-pokusy
2015-01-13 18:34 - 2015-01-13 18:34 - 00104493 _____ () C:\Users\Vera\Desktop\AAMK_FORM_2015.xlsm
2015-01-13 09:53 - 2015-01-14 14:15 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2015-01-13 09:53 - 2015-01-14 13:27 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-01-13 09:46 - 2015-01-13 09:46 - 00108888 _____ () C:\Users\Vera\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-13 09:45 - 2015-01-13 09:45 - 00406192 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-13 09:12 - 2015-01-13 09:12 - 02475456 _____ (WiseCleaner.com ) C:\Users\Vera\Downloads\WDCFree.exe
2015-01-13 09:12 - 2015-01-13 09:12 - 02138744 _____ (WiseCleaner.com ) C:\Users\Vera\Downloads\WRCFree.exe
2015-01-12 23:36 - 2015-01-12 23:42 - 00000000 ____D () C:\Users\Vera\AppData\Roaming\FTWeak
2015-01-12 22:22 - 2015-01-12 22:35 - 00000000 ____D () C:\Users\Vera\AppData\Roaming\Hiteksquad
2015-01-12 22:22 - 2015-01-12 22:35 - 00000000 ____D () C:\Program Files\Ratchet
2015-01-12 22:22 - 2015-01-12 22:22 - 00000000 ____D () C:\Users\Vera\AppData\Local\Licenses
2015-01-12 21:25 - 2015-01-12 21:25 - 00000000 ____D () C:\Program Files\DLLSuite
2015-01-12 19:12 - 2015-01-12 19:12 - 00000000 ____D () C:\Users\Vera\AppData\Local\VS Revo Group
2015-01-12 19:11 - 2015-01-12 19:11 - 00000000 ____D () C:\ProgramData\VS Revo Group
2015-01-12 17:13 - 2015-01-12 17:13 - 00002165 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-12 17:13 - 2015-01-12 17:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-12 17:09 - 2015-01-15 19:35 - 00000932 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-12 17:09 - 2015-01-15 17:26 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-12 17:09 - 2015-01-12 17:14 - 00000000 ____D () C:\Users\Vera\AppData\Local\Google
2015-01-12 17:09 - 2015-01-12 17:14 - 00000000 ____D () C:\Program Files\Google
2015-01-12 14:02 - 2015-01-12 14:02 - 00109568 _____ () C:\Users\Vera\Desktop\PS_ODZAM_O_214.xls
2015-01-11 22:51 - 2015-01-11 22:51 - 00003736 ____N () C:\bootsqm.dat
2015-01-11 22:28 - 2015-01-11 22:28 - 00000000 ____D () C:\Users\Vera\Documents\úvěrové smlouvy
2015-01-11 21:53 - 2015-01-12 17:00 - 00000000 ____D () C:\Users\Vera\Desktop\Nová složka
2015-01-08 17:43 - 2015-01-09 00:57 - 00000000 ____D () C:\Users\Vera\Desktop\Formulare M
2015-01-08 13:25 - 2015-01-08 13:25 - 00000000 ____D () C:\Users\Vera\AppData\Local\{E4A8033C-602D-4D4D-97F4-D7F3A021A20A}
2015-01-06 11:27 - 2015-01-08 13:30 - 00000000 ____D () C:\Users\Vera\AppData\Roaming\Foxit Software
2015-01-06 11:26 - 2015-01-06 11:26 - 00002055 _____ () C:\Users\Public\Desktop\Foxit Reader.lnk
2015-01-06 11:26 - 2015-01-06 11:26 - 00000000 ____D () C:\Users\Public\Foxit Software
2015-01-06 11:26 - 2015-01-06 11:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2015-01-06 11:25 - 2015-01-06 11:25 - 00000000 ____D () C:\Program Files\Foxit Software
2015-01-06 09:13 - 2015-01-12 02:16 - 00000000 ____D () C:\Users\Vera\AppData\Local\PDFCreator
2015-01-06 09:10 - 2015-01-13 09:38 - 00000000 ____D () C:\Program Files\PDFCreator
2015-01-06 09:10 - 2015-01-13 09:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2015-01-06 09:10 - 2015-01-06 09:10 - 00000953 _____ () C:\Users\Public\Desktop\PDFCreator.lnk
2015-01-06 09:10 - 2014-12-16 20:01 - 00098488 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
2015-01-06 09:07 - 2015-01-06 09:08 - 00000000 _____ () C:\Users\Vera\Desktop\PDFCreator-2_0_1-setup.exe
2015-01-05 19:10 - 2015-01-05 19:10 - 00001436 _____ () C:\Users\Vera\Documents\Zerzánová Nabidka_2015_01_05_19_10.bsf
2015-01-05 18:19 - 2015-01-05 18:19 - 00001440 _____ () C:\Users\Vera\Documents\jANECKÝ Nabidka_2015_01_05_18_19.bsf
2014-12-18 17:57 - 2014-12-18 17:57 - 00000000 ____D () C:\Users\Vera\AppData\Local\{3CE9EB97-1BF1-420D-B562-61457D8976E9}
2014-12-18 17:56 - 2014-12-18 17:57 - 00000000 ____D () C:\Users\Vera\AppData\Local\{C00ADB71-E461-4AA8-B765-2A4F76146032}
2014-12-18 17:56 - 2014-12-18 17:56 - 00000000 ____D () C:\Users\Vera\AppData\Local\{E646BBCC-8797-4B47-A18E-53E4833938FC}
2014-12-18 17:56 - 2014-12-18 17:56 - 00000000 ____D () C:\Users\Vera\AppData\Local\{CBE4691A-03E6-4363-BCD1-62C43FE50737}
2014-12-18 15:39 - 2014-12-18 15:39 - 00001439 _____ () C:\Users\Vera\Documents\Hubinka j- stNabidka_2014_12_18_15_38.bsf
2014-12-18 13:12 - 2014-12-18 13:12 - 27309568 _____ () C:\Users\Vera\Documents\IŽP_Evoluce_20121221 UNI.xls
2014-12-18 10:46 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-16 01:49 - 2015-01-08 16:14 - 00000000 ____D () C:\Users\Vera\Documents\2014_12_15
2014-12-16 01:49 - 2014-12-16 01:49 - 00000000 ____D () C:\Users\Vera\Documents\2014_12_09

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-15 19:36 - 2009-07-14 05:34 - 00016160 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-15 19:36 - 2009-07-14 05:34 - 00016160 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-15 19:35 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-15 19:34 - 2009-07-14 05:53 - 00031274 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-15 19:29 - 2012-07-18 09:26 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-15 18:28 - 2014-06-06 23:36 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-01-15 12:23 - 2012-07-18 09:26 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-01-15 12:23 - 2012-07-18 09:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-01-14 18:40 - 2010-11-20 22:01 - 01582262 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-14 13:57 - 2014-06-07 21:40 - 00000000 ____D () C:\Program Files\VS Revo Group
2015-01-14 13:27 - 2014-06-29 16:12 - 00000240 _____ () C:\Windows\wininit.ini
2015-01-13 09:22 - 2014-06-06 23:46 - 00000000 __RHD () C:\MSOCache
2015-01-13 09:21 - 2007-07-12 02:49 - 00000000 ____D () C:\Windows\Panther
2015-01-12 19:06 - 2014-06-06 23:46 - 00000000 ____D () C:\Program Files\Microsoft Office
2015-01-11 22:25 - 2014-06-07 07:44 - 00000000 ___RD () C:\Users\Vera\výpisy
2015-01-11 22:00 - 2014-06-07 07:44 - 00000000 ____D () C:\Users\Vera\Záznamy z jednání, ZK
2015-01-10 13:18 - 2014-06-08 09:50 - 00000000 ____D () C:\ProgramData\ProductData
2015-01-08 16:51 - 2014-06-26 16:02 - 00000000 ____D () C:\Einstein
2015-01-08 16:50 - 2014-12-02 13:45 - 00000610 _____ () C:\Users\Vera\Desktop\Einstein.lnk
2015-01-08 16:50 - 2014-06-26 16:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wüstenrot
2015-01-08 16:14 - 2014-06-07 06:24 - 00000000 ____D () C:\Users\Vera\Documents\Platby
2015-01-08 14:12 - 2014-06-07 06:37 - 00000000 ___RD () C:\Users\Vera\Desktop\Moje
2015-01-06 11:26 - 2009-07-14 03:37 - 00000000 ___RD () C:\Users\Public
2015-01-06 04:36 - 2014-06-06 23:51 - 00249488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-18 17:55 - 2014-06-07 11:35 - 00000000 ____D () C:\Users\Vera\Documents\Scan

Some content of TEMP:
====================
C:\Users\Vera\AppData\Local\Temp\Quarantine.exe
C:\Users\Vera\AppData\Local\Temp\sqlite3.dll


Some zero byte size files/folders:
==========================
C:\Windows\System32\IMJP10K.DLL

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Vera\Desktop" je 755 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk
C:\PROGRA~1\Acer\ACERVC~1\AcerVCM.exe


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Addition:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-01-2015
Ran by Vera at 2015-01-15 19:45:18
Running from C:\Users\Vera\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acer Crystal Eye Webcam (HKLM\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2904.00 - CyberLink Corp.)
Acer Crystal Eye Webcam (Version: 1.5.2904.00 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3010 - Acer Incorporated)
Acer eRecovery Management (HKLM\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3507 - Acer Incorporated)
Acer Games (HKLM\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Acer Registration (HKLM\...\Acer Registration) (Version: 1.04.3506 - Acer Incorporated)
Acer ScreenSaver (HKLM\...\Acer Screensaver) (Version: 20.12.0110.1025 - Acer Incorporated)
Acer VCM (HKLM\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3501 - Acer Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Akhra: The Treasures (Version: 2.2.0.98 - WildTangent) Hidden
Alice's Magical Mahjong (Version: 2.2.0.98 - WildTangent) Hidden
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.0.2208 - AVAST Software)
Bejeweled 3 (Version: 2.2.0.98 - WildTangent) Hidden
Bing Bar (HKLM\...\{C28D96C0-6A90-459E-A077-A6706F4EC0FC}) (Version: 7.0.765.0 - Microsoft Corporation)
Brother MFL-Pro Suite DCP-7065DN (HKLM\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Diego's Ultimate Rescue (Version: 2.2.0.95 - WildTangent) Hidden
Einstein - program pro poradce (HKLM\...\{6D5FC9F5-42C3-4758-9A72-0E63FDC77DD9}_is1) (Version: v3.31 - Wüstenrot, životní pojišťovna, a.s.)
Evernote v. 4.5.2 (HKLM\...\{F77EF646-19EB-11E1-9A9E-984BE15F174E}) (Version: 4.5.2.5866 - Evernote Corp.)
Final Drive: Nitro (Version: 2.2.0.95 - WildTangent) Hidden
Fooz Kids (HKLM\...\FoozKids) (Version: 3.1.2 - FUHU, Inc.)
Fooz Kids (Version: 3.1.2 - FUHU, Inc.) Hidden
Fooz Kids Platform (HKLM\...\{8D68CE08-9A14-4B7B-9857-3C646A2F34C7}) (Version: 2.1 - FUHU, Inc.)
Fotogalerija Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Foxit Cloud (HKLM\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 2.3.25.1124 - Foxit Software Inc.)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 7.0.6.1126 - Foxit Software Inc.)
Galeria de Fotografias do Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Chuzzle Deluxe (Version: 2.2.0.95 - WildTangent) Hidden
Identity Card (HKLM\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Insaniquarium Deluxe (Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.14.8.1083 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM\...\LManager) (Version: 5.1.7 - Acer Inc.)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 35.0 (x86 cs) (HKLM\...\Mozilla Firefox 35.0 (x86 cs)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Farm Life (Version: 2.2.0.97 - WildTangent) Hidden
My Kingdom for the Princess 3 (Version: 2.2.0.98 - WildTangent) Hidden
MyWinLocker 4 (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.19 - Egis Technology Inc.)
MyWinLocker Suite (Version: 4.0.14.19 - Egis Technology Inc.) Hidden
newsXpresso (HKLM\...\InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.)
newsXpresso (Version: 1.0.0.40 - esobi Inc.) Hidden
Norton Online Backup (HKLM\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.0.1 - pdfforge)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.207.0 - Tracker Software Products Ltd)
Poczta usługi Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Readiris Pro 10 (HKLM\...\{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}) (Version: - )
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6549 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.83 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.1.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.2 - VS Revo Group, Ltd.)
Running Sheep (Version: 2.2.0.98 - WildTangent) Hidden
Samsung SCX-4x24 Series (HKLM\...\Samsung SCX-4x24 Series) (Version: - Samsung Electronics CO.,LTD)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skip-Bo - Castaway Caper (Version: 2.2.0.95 - WildTangent) Hidden
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Slingo Deluxe (Version: 2.2.0.95 - WildTangent) Hidden
SmarThru Office (HKLM\...\{9BC1E722-AE07-46A3-B7A6-556DBE18E22A}) (Version: 2.0 - Samsung)
Super Granny 6 (Version: 2.2.0.97 - WildTangent) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.18.0 - Synaptics Incorporated)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.51a - Ghisler Software GmbH)
Update Installer for WildTangent Games App (Version: - WildTangent) Hidden
Wedding Dash (Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM\...\Acer Welcome Center) (Version: 1.02.3507 - Acer Incorporated)
WildTangent Games App (Acer Games) (Version: 4.0.5.32 - WildTangent) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
Συλλογή φωτογραφιών του Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

12-01-2015 17:30:22 IObit Uninstaller restore point
12-01-2015 17:41:27 Installed Microsoft Office Home and Student 2007
12-01-2015 18:01:57 Installed Microsoft Office Home and Student 2007
12-01-2015 19:13:20 Revo Uninstaller Pro's restore point - SUPERAntiSpyware
12-01-2015 19:16:15 Revo Uninstaller Pro's restore point - Microsoft Office Enterprise 2007
12-01-2015 19:17:22 Revo Uninstaller Pro's restore point - Microsoft Office Enterprise 2007
12-01-2015 19:28:53 Installed Microsoft Office Home and Student 2007
12-01-2015 19:38:34 Revo Uninstaller Pro's restore point - SUPERAntiSpyware
12-01-2015 20:49:45 Revo Uninstaller Pro's restore point - Microsoft Office File Validation Add-In
12-01-2015 20:54:53 Revo Uninstaller Pro's restore point - Microsoft Office Enterprise 2007
12-01-2015 20:58:44 Installed Microsoft Office Home and Student 2007
12-01-2015 21:58:02 Installed Microsoft Office Enterprise 2007
12-01-2015 22:00:04 Installed Microsoft Office Home and Student 2007
12-01-2015 22:15:13 Installed Microsoft Office Enterprise 2007
12-01-2015 22:34:28 Revo Uninstaller Pro's restore point - Macro PC Cleaner 7
12-01-2015 22:36:53 Revo Uninstaller Pro's restore point - SmarThru Office PC Fax
12-01-2015 22:39:46 Installed Microsoft Office Enterprise 2007
12-01-2015 22:53:13 Installed Microsoft Office Enterprise 2007
12-01-2015 22:59:00 Revo Uninstaller Pro's restore point - SUPERAntiSpyware
12-01-2015 23:43:45 Installed Microsoft Office Home and Student 2007
13-01-2015 06:51:09 Installed Microsoft Office Home and Student 2007
13-01-2015 06:55:47 Installed Microsoft Office Home and Student 2007
14-01-2015 13:58:03 Revo Uninstaller Pro's restore point - Wise Disk Cleaner 8.39
14-01-2015 14:02:05 Revo Uninstaller Pro's restore point - Wise Registry Cleaner 8.31
14-01-2015 14:02:51 Revo Uninstaller Pro's restore point - Wise Registry Cleaner 8.31
14-01-2015 16:20:48 Revo Uninstaller Pro's restore point - SUPERAntiSpyware

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {3273913D-7986-467F-8FE9-C588DE39F563} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2011-03-29] (Egis Technology Inc.)
Task: {42E510C4-A95A-4192-B242-E5613E341CE2} - System32\Tasks\Games\UpdateCheck_S-1-5-21-428363639-2987571098-4238844215-1000
Task: {56E22FBB-3E2B-400E-BB20-254379F93275} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-15] (Adobe Systems Incorporated)
Task: {6558A2D2-F823-4659-A3F1-91E0E260336D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {65AFA19C-34B7-4F6E-8461-0C02ED1DF81A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {69FA6A5D-3736-485F-8919-F8F4378E6761} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [2012-02-07] (Acer Incorporated)
Task: {8126F62D-CFF5-4C42-8013-3FCA229CEB84} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-24] (AVAST Software)
Task: {9FAC742D-2F40-42CA-877C-FF8FA564D942} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-29] (Egis Technology Inc.)
Task: {A2E8E03C-BAAF-4A3B-9624-350694D94DE0} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {A67CECD8-EEAC-4A0E-B8EF-4FC99C634254} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-01-12] (Google Inc.)
Task: {DB385C5C-154C-4561-9CF1-BC9A4AAB14F5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {DDA77212-83CC-49D2-AFE1-A1C384261E6A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: {E3D8F776-54F3-4021-A4BE-597467C636FC} - System32\Tasks\{8FED101B-2479-496F-889A-854F0C7E1DFD} => pcalua.exe -a "C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe" -d "C:\Program Files\VS Revo Group\Revo Uninstaller Pro"
Task: {E906D73C-B39D-406E-9FA5-817C542AC365} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-01-12] (Google Inc.)
Task: {EADA2A89-989E-4B09-B82A-B478CE5D0066} - System32\Tasks\{6AFBF52F-8FD5-4A49-B373-7222BA3BB0FB} => pcalua.exe -a "D:\PC\Microsoft Office 2007 CZ full\setup.exe" -d "D:\PC\Microsoft Office 2007 CZ full"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

Velikost plochy by nemela presahovat 200 MB. Snizuje se pak start i samotny chod celeho PC.

Vypnete trvale Windows Defender - http://windows.microsoft.com/cs-cz/wind ... =windows-7

Odinstalujte Spybot - Search & Destroy

• Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
• ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
• znovu spustte FRST a kliknete na Fix
• po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi

  Kód: Vybrat vše

  Start
  CloseProcesses:
  HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
  HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
  HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
  HKU\S-1-5-21-428363639-2987571098-4238844215-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5489944 2014-12-12] (Piriform Ltd)
  HKU\S-1-5-21-428363639-2987571098-4238844215-1000\...\MountPoints2: {b01bfd97-0550-11e4-a4e6-089e013fb089} - D:\Startme.exe
  HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
  
  HKU\S-1-5-21-428363639-2987571098-4238844215-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
  SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
  
  2015-01-15 19:43 - 2015-01-15 19:44 - 00014659 _____ () C:\Users\Vera\Desktop\FRST.txt
  2015-01-15 19:42 - 2015-01-15 19:42 - 00112640 _____ (forum.viry.cz) C:\Users\Vera\Desktop\FRSTLauncher.exe
  2015-01-15 19:22 - 2015-01-15 19:27 - 00000000 ____D () C:\AdwCleaner
  2015-01-15 19:22 - 2015-01-15 19:22 - 02191360 _____ () C:\Users\Vera\Desktop\adwcleaner_4.107.exe
  2015-01-15 10:18 - 2015-01-15 10:18 - 00000000 ____D () C:\rsit
  2015-01-15 10:18 - 2015-01-15 10:18 - 00000000 ____D () C:\Program Files\trend micro
  2015-01-14 18:39 - 2015-01-14 18:40 - 01188880 _____ (Elex do Brasil Participações Ltda) C:\Users\Vera\Downloads\yet_another_cleaner_sk_147739 (1).exe
  2015-01-14 18:38 - 2015-01-14 18:39 - 01188880 _____ (Elex do Brasil Participações Ltda) C:\Users\Vera\Downloads\yet_another_cleaner_sk_147739.exe
  2015-01-13 09:53 - 2015-01-14 14:15 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
  2015-01-13 09:53 - 2015-01-14 13:27 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
  
  Task: {65AFA19C-34B7-4F6E-8461-0C02ED1DF81A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
  Task: {A2E8E03C-BAAF-4A3B-9624-350694D94DE0} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe
  Task: {DB385C5C-154C-4561-9CF1-BC9A4AAB14F5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
  Task: {DDA77212-83CC-49D2-AFE1-A1C384261E6A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
  Task: {EADA2A89-989E-4B09-B82A-B478CE5D0066} - System32\Tasks\{6AFBF52F-8FD5-4A49-B373-7222BA3BB0FB} => pcalua.exe -a "D:\PC\Microsoft Office 2007 CZ full\setup.exe" -d "D:\PC\Microsoft Office 2007 CZ full"
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  Hosts:
  EmptyTemp:
  End
  

Plocha - je potřeba něco s velikostí udělat ?
Spybot - nevím,kde by se dal odinstalovat... když dám vyhledat, tak nic není nalezeno.

FixLog:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 15-01-2015
Ran by Vera at 2015-01-15 20:54:30 Run:1
Running from C:\Users\Vera\Desktop
Loaded Profiles: Vera (Available profiles: Vera)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-428363639-2987571098-4238844215-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5489944 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-428363639-2987571098-4238844215-1000\...\MountPoints2: {b01bfd97-0550-11e4-a4e6-089e013fb089} - D:\Startme.exe
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}

HKU\S-1-5-21-428363639-2987571098-4238844215-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

2015-01-15 19:43 - 2015-01-15 19:44 - 00014659 _____ () C:\Users\Vera\Desktop\FRST.txt
2015-01-15 19:42 - 2015-01-15 19:42 - 00112640 _____ (forum.viry.cz) C:\Users\Vera\Desktop\FRSTLauncher.exe
2015-01-15 19:22 - 2015-01-15 19:27 - 00000000 ____D () C:\AdwCleaner
2015-01-15 19:22 - 2015-01-15 19:22 - 02191360 _____ () C:\Users\Vera\Desktop\adwcleaner_4.107.exe
2015-01-15 10:18 - 2015-01-15 10:18 - 00000000 ____D () C:\rsit
2015-01-15 10:18 - 2015-01-15 10:18 - 00000000 ____D () C:\Program Files\trend micro
2015-01-14 18:39 - 2015-01-14 18:40 - 01188880 _____ (Elex do Brasil Participaçoes Ltda) C:\Users\Vera\Downloads\yet_another_cleaner_sk_147739 (1).exe
2015-01-14 18:38 - 2015-01-14 18:39 - 01188880 _____ (Elex do Brasil Participaçoes Ltda) C:\Users\Vera\Downloads\yet_another_cleaner_sk_147739.exe
2015-01-13 09:53 - 2015-01-14 14:15 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2015-01-13 09:53 - 2015-01-14 13:27 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy

Task: {65AFA19C-34B7-4F6E-8461-0C02ED1DF81A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {A2E8E03C-BAAF-4A3B-9624-350694D94DE0} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {DB385C5C-154C-4561-9CF1-BC9A4AAB14F5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {DDA77212-83CC-49D2-AFE1-A1C384261E6A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: {EADA2A89-989E-4B09-B82A-B478CE5D0066} - System32\Tasks\{6AFBF52F-8FD5-4A49-B373-7222BA3BB0FB} => pcalua.exe -a "D:\PC\Microsoft Office 2007 CZ full\setup.exe" -d "D:\PC\Microsoft Office 2007 CZ full"
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\LManager => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\IsMyWinLockerReboot => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\IsMyWinLockerReboot => value deleted successfully.
HKU\S-1-5-21-428363639-2987571098-4238844215-1000\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value deleted successfully.
"HKU\S-1-5-21-428363639-2987571098-4238844215-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b01bfd97-0550-11e4-a4e6-089e013fb089}" => Key deleted successfully.
HKCR\CLSID\{b01bfd97-0550-11e4-a4e6-089e013fb089} => Key not found.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\IsMyWinLockerReboot => value deleted successfully.
"HKU\S-1-5-21-428363639-2987571098-4238844215-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
MBAMSwissArmy => Service deleted successfully.
C:\Users\Vera\Desktop\FRST.txt => Moved successfully.
C:\Users\Vera\Desktop\FRSTLauncher.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Vera\Desktop\adwcleaner_4.107.exe => Moved successfully.
C:\rsit => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\Users\Vera\Downloads\yet_another_cleaner_sk_147739 (1).exe => Moved successfully.
C:\Users\Vera\Downloads\yet_another_cleaner_sk_147739.exe => Moved successfully.
C:\Program Files\Spybot - Search & Destroy 2 => Moved successfully.
C:\ProgramData\Spybot - Search & Destroy => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{65AFA19C-34B7-4F6E-8461-0C02ED1DF81A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65AFA19C-34B7-4F6E-8461-0C02ED1DF81A}" => Key deleted successfully.
C:\Windows\System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking\Spybot - Search and Destroy\Check for updates" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A2E8E03C-BAAF-4A3B-9624-350694D94DE0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A2E8E03C-BAAF-4A3B-9624-350694D94DE0}" => Key deleted successfully.
C:\Windows\System32\Tasks\Uninstaller_SkipUac_Administrator => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Uninstaller_SkipUac_Administrator" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DB385C5C-154C-4561-9CF1-BC9A4AAB14F5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DB385C5C-154C-4561-9CF1-BC9A4AAB14F5}" => Key deleted successfully.
C:\Windows\System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking\Spybot - Search and Destroy\Refresh immunization" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DDA77212-83CC-49D2-AFE1-A1C384261E6A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DDA77212-83CC-49D2-AFE1-A1C384261E6A}" => Key deleted successfully.
C:\Windows\System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking\Spybot - Search and Destroy\Scan the system" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EADA2A89-989E-4B09-B82A-B478CE5D0066}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EADA2A89-989E-4B09-B82A-B478CE5D0066}" => Key deleted successfully.
C:\Windows\System32\Tasks\{6AFBF52F-8FD5-4A49-B373-7222BA3BB0FB} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6AFBF52F-8FD5-4A49-B373-7222BA3BB0FB}" => Key deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 433.3 MB temporary data.


The system needed a reboot.

==== End of Fixlog 20:54:45 ====

Plocha - doporucuji velke soubory z plochy premistit napr. do Dokumentu a na plochu dat jen zastupce.

Ovladaci panely jiz jdou spustit? Jakou vyhazuji chybovou hlasku?

Ovládací panely jdou spustit... pak kliknu na Odinstalovat Programy nebo i jen na Programy a vyskočí hláška Průzkumník přestal pracovat .. Restartování průzkumník microsoft

Ulozte na plochu rkill.exe, ukoncete vsechny aplikace a spustte - kdyby ho havet blokovala, pouzijte alternativni odkaz

• http://download.bleepingcomputer.com/grinler/rkill.exe
• http://download.bleepingcomputer.com/grinler/rkill.com
• obsah logu vytvoreneho take na plose (rkill.txt) zaslete v pristi odpovedi
• nerestartujte ted pocitac jinak prijdete o ucinek rkillu

POZOR - TATO UTILITA MA VELKOU SCHOPNOST MAZAT - NESPOUSTEJTE JI BEZ DOPORUCENI RADCE
Ulozte na plochu ComboFix.exe - http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete antiviry a vsechny real-time ochrany
• spustte ComboFix jako spravce (lepe pod uctem s administratorskym opravnenim)
• s licencnimi podminkami souhlaste - Ano
• pokud je nabidnuta instalace konzoly pro zotaveni, souhlaste
• v prubehu skenovani nechte PC v klidu - nic nespoustejte a do okna CombFixu neklikejte
• vysledek skenu naleznete v C:\ComboFix.txt, jehoz obsah mi zkopirujte do pristi odpovedi.

Log z Rkill:

Rkill 2.7.0 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/15/2015 09:32:31 PM in x86 mode.
Windows Version: Windows 7 Starter Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\Samsung\PanelMgr\SSMMgr.exe (PID: 3716) [WD-HEUR]
* C:\Windows\twain_32\Samsung\SCX4x24\Scan2Pc.exe (PID: 3748) [WD-HEUR]

2 proccesses terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

* Windows Update (wuauserv) is not Running.
Startup Type set to: Automatic (Delayed Start)

* SensrSvc [Missing Service]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 01/15/2015 09:34:37 PM
Execution time: 0 hours(s), 2 minute(s), and 5 seconds(s)

Log z ComboFix:

ComboFix 15-01-08.01 - Vera 15.01.2015 21:41:50.1.4 - x86
Microsoft Windows 7 Starter 6.1.7601.1.1250.420.1029.18.2036.1078 [GMT 1:00]
Spuštěný z: c:\users\Vera\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-12-15 do 2015-01-15 )))))))))))))))))))))))))))))))
.
.
2015-01-15 21:00 . 2015-01-15 21:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-01-15 18:43 . 2015-01-15 19:54 -------- d-----w- C:\FRST
2015-01-15 09:02 . 2015-01-15 09:02 -------- d-----w- c:\program files\CCleaner
2015-01-14 15:23 . 2015-01-14 15:24 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2015-01-14 13:32 . 2015-01-14 13:32 -------- d-----w- c:\programdata\Malwarebytes
2015-01-14 12:57 . 2009-12-30 09:21 27192 ----a-w- c:\windows\system32\drivers\revoflt.sys
2015-01-14 12:49 . 2015-01-14 12:49 -------- d-----w- c:\programdata\MFAData
2015-01-14 12:49 . 2015-01-14 12:49 -------- d--h--w- c:\programdata\Common Files
2015-01-14 12:49 . 2015-01-14 12:49 -------- d-----w- c:\users\Vera\AppData\Local\MFAData
2015-01-14 12:49 . 2015-01-14 12:49 -------- d-----w- c:\users\Vera\AppData\Local\Avg2015
2015-01-12 22:36 . 2015-01-12 22:42 -------- d-----w- c:\users\Vera\AppData\Roaming\FTWeak
2015-01-12 21:22 . 2015-01-12 21:22 -------- d-----w- c:\users\Vera\AppData\Local\Licenses
2015-01-12 21:22 . 2015-01-12 21:35 -------- d-----w- c:\users\Vera\AppData\Roaming\Hiteksquad
2015-01-12 21:22 . 2015-01-12 21:35 -------- d-----w- c:\program files\Ratchet
2015-01-12 20:45 . 2015-01-12 20:46 -------- d-----w- c:\users\Vera\AppData\Roaming\Geek Uninstaller
2015-01-12 20:25 . 2015-01-12 20:25 -------- d-----w- c:\program files\DLLSuite
2015-01-12 19:18 . 2015-01-12 20:11 -------- d-----w- c:\users\Vera\AppData\Local\ElevatedDiagnostics
2015-01-12 18:12 . 2015-01-12 18:12 -------- d-----w- c:\users\Vera\AppData\Local\VS Revo Group
2015-01-12 18:11 . 2015-01-12 18:11 -------- d-----w- c:\programdata\VS Revo Group
2015-01-12 16:09 . 2015-01-12 16:14 -------- d-----w- c:\users\Vera\AppData\Local\Google
2015-01-12 16:09 . 2015-01-12 16:14 -------- d-----w- c:\program files\Google
2015-01-11 01:31 . 2014-12-02 11:01 9054624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A2CA34E6-F393-40CA-A760-C5289FBA3FA8}\mpengine.dll
2015-01-06 10:27 . 2015-01-08 12:30 -------- d-----w- c:\users\Vera\AppData\Roaming\Foxit Software
2015-01-06 10:26 . 2015-01-06 10:26 -------- d-----w- c:\users\Public\Foxit Software
2015-01-06 10:25 . 2015-01-06 10:25 -------- d-----w- c:\program files\Foxit Software
2015-01-06 08:13 . 2015-01-12 01:16 -------- d-----w- c:\users\Vera\AppData\Local\PDFCreator
2015-01-06 08:10 . 2014-12-16 19:01 98488 ----a-w- c:\windows\system32\pdfcmon.dll
2015-01-06 08:10 . 2015-01-13 08:38 -------- d-----w- c:\program files\PDFCreator
2014-12-18 09:46 . 2014-12-13 03:33 115712 ----a-w- c:\windows\system32\ieUnatt.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-01-15 11:23 . 2012-07-18 08:26 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-01-15 11:23 . 2012-07-18 08:26 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-01-06 03:36 . 2014-06-06 22:51 249488 ------w- c:\windows\system32\MpSigStub.exe
2014-12-04 04:38 . 2014-12-11 09:45 337920 ----a-w- c:\windows\system32\generaltel.dll
2014-12-04 04:38 . 2014-12-11 09:45 610304 ----a-w- c:\windows\system32\invagent.dll
2014-12-04 04:38 . 2014-12-11 09:45 315392 ----a-w- c:\windows\system32\devinv.dll
2014-12-04 04:38 . 2014-12-11 09:45 728576 ----a-w- c:\windows\system32\appraiser.dll
2014-12-04 04:38 . 2014-12-11 09:45 159744 ----a-w- c:\windows\system32\aepic.dll
2014-12-04 04:38 . 2014-12-11 09:45 202752 ----a-w- c:\windows\system32\aepdu.dll
2014-12-04 04:34 . 2014-12-11 09:45 873984 ----a-w- c:\windows\system32\aeinv.dll
2014-12-01 23:28 . 2014-12-11 09:45 1160872 ----a-w- c:\windows\system32\aitstatic.exe
2014-11-23 23:20 . 2014-06-06 23:15 787800 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-11-23 23:20 . 2014-06-06 23:15 423784 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-11-23 23:19 . 2014-06-06 23:15 91496 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-11-23 23:19 . 2014-06-06 23:15 206248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-11-23 23:19 . 2014-06-06 23:15 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-11-23 23:19 . 2014-06-06 23:15 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-11-23 23:19 . 2014-06-06 23:15 81768 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-11-23 23:19 . 2014-06-06 23:15 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-11-23 23:19 . 2014-11-23 23:19 291352 ----a-w- c:\windows\system32\aswBoot.exe
2014-11-23 23:19 . 2014-11-23 23:19 43152 ----a-w- c:\windows\avastSS.scr
2014-11-22 02:20 . 2014-12-11 09:43 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-11-22 02:20 . 2014-12-11 09:44 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-11-22 02:07 . 2014-12-11 09:44 501248 ----a-w- c:\windows\system32\vbscript.dll
2014-11-22 02:07 . 2014-12-11 09:42 62464 ----a-w- c:\windows\system32\iesetup.dll
2014-11-22 02:06 . 2014-12-11 09:44 47616 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-11-22 02:05 . 2014-12-11 09:44 64000 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-11-22 01:55 . 2014-12-11 09:44 102912 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-11-22 01:54 . 2014-12-11 09:44 620032 ----a-w- c:\windows\system32\jscript9diag.dll
2014-11-22 01:48 . 2014-12-11 09:44 667648 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-11-22 01:40 . 2014-12-11 09:44 60416 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-22 01:29 . 2014-12-11 09:43 4299264 ----a-w- c:\windows\system32\jscript9.dll
2014-11-22 01:22 . 2014-12-11 09:43 2052096 ----a-w- c:\windows\system32\inetcpl.cpl
2014-11-22 01:21 . 2014-12-11 09:44 1155072 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-11-22 01:00 . 2014-12-11 09:44 1888256 ----a-w- c:\windows\system32\wininet.dll
2014-11-18 13:56 . 2014-11-18 13:56 1202848 ----a-w- c:\windows\system32\FM20.DLL
2014-11-11 02:44 . 2014-12-11 09:45 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-11-11 02:44 . 2014-11-19 09:22 186880 ----a-w- c:\windows\system32\pku2u.dll
2014-11-11 02:44 . 2014-11-19 09:22 550912 ----a-w- c:\windows\system32\kerberos.dll
2014-11-11 01:32 . 2014-12-11 09:45 74752 ----a-w- c:\windows\system32\drivers\tdx.sys
2014-11-08 02:45 . 2014-12-11 09:40 2048 ----a-w- c:\windows\system32\tzres.dll
2014-10-30 01:45 . 2014-12-11 09:37 155136 ----a-w- c:\windows\system32\charmap.exe
2014-10-25 01:32 . 2014-11-13 00:45 67584 ----a-w- c:\windows\system32\packager.dll
2014-10-18 01:33 . 2014-11-13 00:46 571904 ----a-w- c:\windows\system32\oleaut32.dll
2014-10-18 01:33 . 2014-12-14 02:32 3209728 ----a-w- c:\windows\system32\mf.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-11-23 23:19 723976 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"="c:\program files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-09-20 341360]
"Norton Online Backup"="c:\program files\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 966488]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-07-06 142144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-07-06 175936]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-07-06 168256]
"GfxServiceInstall"="c:\windows\system32\GfxCUIServiceInstall.vbs" [2012-06-27 131]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-10-08 1934632]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2012-01-10 10959464]
"Power Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2012-02-07 714120]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-01-10 5227112]
"ControlCenter4"="c:\program files\ControlCenter4\BrCcBoot.exe" [2012-09-06 143360]
"BrStsMon00"="c:\program files\Browny02\Brother\BrStMonW.exe" [2012-06-06 3076096]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2008-07-31 536576]
"STO Backup Service"="c:\program files\SmarThru Office\BackUpSvr.exe" [2008-06-11 192512]
"STO Launcher Service"="c:\program files\SmarThru Office\LegacyLauncher.exe" [2008-06-11 331776]
"4x24 Scan2PC"="c:\windows\Twain_32\Samsung\SCX4x24\Scan2pc.exe" [2008-09-28 495616]
.
c:\users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CPP - CalcServer.lnk - c:\cpp\CppKalkulacky\CppCalcServer.exe [2014-6-7 1014272]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk
backup=c:\windows\pss\Acer VCM.lnk.CommonStartup
backupExtension=.CommonStartup
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-10-23 172192]
R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-06-07 191752]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424]
R3 GamesAppService;GamesAppService;c:\program files\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-11-22 102912]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-11-23 787800]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2014-11-23 423784]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2012-07-18 21600]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2012-07-18 16936]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2012-07-18 62240]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-11-23 24184]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-11-23 70384]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2014-11-23 91496]
S2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [2011-05-12 249648]
S2 DsiWMIService;Dritek WMI Service;c:\program files\Launch Manager\dsiwmis.exe [2011-07-01 353360]
S2 ePowerSvc;ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2012-02-07 738688]
S2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;c:\program files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [2014-10-28 244448]
S2 GREGService;GREGService;c:\program files\Acer\Registration\GREGsvc.exe [2012-02-29 28264]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
S2 IconMan_R;IconMan_R;c:\program files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-07 1755136]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2012-02-07 255376]
S2 NOBU;Norton Online Backup;c:\program files\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [2010-01-29 260640]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2007-12-11 5120]
S3 BrYNSvc;BrYNSvc;c:\program files\Browny02\BrYNSvc.exe [2012-06-05 266240]
S3 igddim32;igddim32;c:\windows\system32\DRIVERS\igddim32.sys [2012-06-27 1349120]
S3 igdkmd32;igdkmd32;c:\windows\system32\DRIVERS\igdkmd32.sys [2012-06-27 435200]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-06-09 278528]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2011-05-30 254056]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-09-29 490088]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-01-12 16:13 1087816 ----a-w- c:\program files\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-01-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-18 11:23]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://sus.cpp.cz/
IE: Capture Selection - c:\program files\SmarThru Office\WebCapture.dll2.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: Save as HTML - c:\program files\SmarThru Office\WebCapture.dll1.htm
IE: Save Selected Text - c:\program files\SmarThru Office\WebCapture.dll.htm
IE: Web Capture - c:\program files\SmarThru Office\WebCapture.dll
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Vera\AppData\Roaming\Mozilla\Firefox\Profiles\9vgaia5l.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_16_0_0_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_16_0_0_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(3984)
c:\program files\Acer\Acer ePower Management\SysHook.dll
.
Celkový čas: 2015-01-15 22:06:14
ComboFix-quarantined-files.txt 2015-01-15 21:06
.
Před spuštěním: Volných bajtů: 87 770 296 320
Po spuštění: Volných bajtů: 87 416 115 200
.
- - End Of File - - 89DAB75C6AAB0AA08CD402AB9346978A
A36C5E4F47E84449FF07ED3517B43A31