VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

pomaly notebook, odstranena omiga plus

https://forum.viry.cz:443/viewtopic.php?t=142621

Stránka 1 z 1

pomaly notebook, odstranena omiga plus

Napsal: 25 led 2015 01:02
od vembloud
ahoj,
noptebook zacal byt velmi pomaly, po uplnem skenu avastem nasel 5 viru. vsechny interentove prohlizeci mely zmenenou domovskou stranku na omiga plus, omiga plus jsem odinstaloval, pocitac je porad velmi pomaly a start systemu trva velmi dlouho, stejne tak start inet. prohlizecu.
Prikladam RSIT log.
Dekuji za radu co a jak.
Dekuji

Logfile of random's system information tool 1.10 (written by random/random)
Run by Michaela at 2015-01-24 23:55:15
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 215 GB (70%) free of 308 GB
Total RAM: 3692 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:55:29, on 24.1.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Users\Michaela\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Cracked License Manager 10\lmgrd.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Cracked License Manager 10\ARCGIS.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Michaela.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKCU\..\Run: [T-Mobile Communication Centre] "C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIILE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-205 207 Series"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: ArcGIS License Manager 10 CRACKED.lnk = C:\Cracked License Manager 10\start_lic_mgr_invisible.vbs
O4 - Startup: Dropbox.lnk = Michaela\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Tor Win32 Service (tor) - Unknown owner - C:\Program Files (x86)\Tor\tor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11681 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe" -switch-3be2f036c43042cdb03588591c9325c3
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SF3
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
taskeng.exe {A4A173D9-1FB3-49B1-9257-6C783D8426A5}
C:\Windows\System32\spoolsv.exe
"C:\Windows\AsScrPro.exe"
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe"
"C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe" -service
"C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
"C:\Windows\System32\spool\drivers\x64\3\E_IATIILE.EXE" /EPT "EPLTarget\P0000000000000000" /M "XP-205 207 Series"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
taskeng.exe {2FA310BA-8581-4978-8958-37A0956ACD9F}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
taskeng.exe {A7E5E15F-73A6-4E9D-938E-616F4B31C0F4}
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Tor\tor.exe" --nt-service "-ControlPort" "9051"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\EscSvc64.exe
WLIDSvcM.exe 3544
"C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Winamp\winampa.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Users\Michaela\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
C:\Windows\system32\cmd.exe /c ""C:\Cracked License Manager 10\start_server_license.cmd" "
\??\C:\Windows\system32\conhost.exe "-11558797022058860107264295413-16911086281624869037924649231756804913-1963499984
lmgrd -z -c 37102011.dat
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
ATKOSD.exe
KBFiltr.exe
C:\Windows\SysWOW64\ACEngSvr.exe -Embedding
WDC.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
ARCGIS.exe -T localhost 11.6 -1 -c "37102011.dat" --lmgrd_start 54c3b70c
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
ngservice.exe pipeserver
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"

"C:\Users\Michaela\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-120195345-739056734-1938374901-1001Core.job - C:\Users\Michaela\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-120195345-739056734-1938374901-1001UA.job - C:\Users\Michaela\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\fj1ypd3k.default-1420976060409

prefs.js - "browser.startup.homepage" - "http://www.google.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.296 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.296 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll


C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll
npwachk.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-01-11 705448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-01-11 586968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-10-14 2278504]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-03-13 617120]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-03-13 379552]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2010-12-31 2587944]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 1331288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"T-Mobile Communication Centre"=C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe [2011-06-30 1363984]
"EPLTarget\P0000000000000000"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIILE.EXE [2011-11-02 278112]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-12-12 7394584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2012-01-29 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2010-08-20 107816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-10-17 13307496]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"=C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2011-10-19 3331312]
"ASUSWebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [2011-07-29 737104]
"SonicMasterTray"=C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe [2010-07-10 984400]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17 5732992]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-07 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2011-06-10 2255360]
"EEventManager"=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2011-10-31 1058400]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-01-11 5227112]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2012-06-28 74752]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AsusVibeLauncher.lnk - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
FancyStart daemon.lnk - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe

C:\Users\Michaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
ArcGIS License Manager 10 CRACKED.lnk - C:\Cracked License Manager 10\start_lic_mgr_invisible.vbs
Dropbox.lnk - C:\Users\Michaela\AppData\Roaming\Dropbox\bin\Dropbox.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2015-01-24 14:55:32 ----A---- C:\Windows\SYSWOW64\subinacl.exe
2015-01-24 14:55:28 ----D---- C:\Program Files\Common Files\Microsoft
2015-01-24 14:55:28 ----D---- C:\Program Files\Adware-Removal-Tool
2015-01-24 13:29:52 ----D---- C:\rsit
2015-01-24 13:29:52 ----D---- C:\Program Files\trend micro
2015-01-24 09:22:59 ----D---- C:\Users\Michaela\AppData\Roaming\Apple Computer
2015-01-24 09:13:17 ----D---- C:\Program Files\CCleaner
2015-01-23 19:45:17 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-01-15 14:15:11 ----A---- C:\Windows\system32\profsvc.dll
2015-01-15 14:15:08 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-01-15 14:15:04 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2015-01-15 14:15:04 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-15 14:15:03 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2015-01-15 14:14:56 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2015-01-15 14:14:39 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-01-15 14:14:36 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-01-15 14:14:34 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-01-15 14:14:31 ----A---- C:\Windows\system32\srcore.dll
2015-01-15 14:14:29 ----A---- C:\Windows\system32\srclient.dll
2015-01-15 14:14:29 ----A---- C:\Windows\system32\rstrui.exe
2015-01-15 14:14:27 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-01-11 14:16:08 ----D---- C:\Users\Michaela\AppData\Roaming\QuickScan
2015-01-11 14:09:15 ----D---- C:\Program Files (x86)\Adobe
2015-01-11 14:07:53 ----D---- C:\Program Files (x86)\Zrychleni Pocitace
2015-01-11 12:55:07 ----D---- C:\Windows\SYSWOW64\vbox
2015-01-11 12:55:07 ----D---- C:\Windows\system32\vbox
2015-01-11 12:44:12 ----D---- C:\Program Files (x86)\Google
2015-01-11 12:29:57 ----D---- C:\ProgramData\Malwarebytes
2015-01-11 11:29:00 ----D---- C:\Users\Michaela\AppData\Roaming\AVAST Software
2015-01-11 11:27:32 ----A---- C:\Windows\system32\drivers\aswStm.sys
2015-01-11 11:27:31 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2015-01-11 11:27:31 ----A---- C:\Windows\system32\drivers\aswSP.sys
2015-01-11 11:27:30 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2015-01-11 11:27:29 ----A---- C:\Windows\system32\drivers\aswmonflt.sys
2015-01-11 11:27:28 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2015-01-11 11:27:27 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2015-01-11 11:27:25 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2015-01-11 11:27:23 ----A---- C:\Windows\system32\aswBoot.exe
2015-01-11 11:27:11 ----A---- C:\Windows\avastSS.scr
2015-01-11 11:23:29 ----D---- C:\Program Files\AVAST Software
2015-01-11 11:21:12 ----D---- C:\ProgramData\AVAST Software
2015-01-10 10:38:09 ----A---- C:\autoexec.bat
2015-01-10 10:37:28 ----D---- C:\Users\Michaela\AppData\Roaming\Enigma Software Group
2015-01-10 10:37:09 ----D---- C:\sh4ldr
2015-01-10 10:35:48 ----A---- C:\Windows\system32\drivers\EsgScanner.sys
2015-01-10 10:35:33 ----D---- C:\Program Files\Enigma Software Group
2015-01-09 12:53:03 ----D---- C:\ProgramData\adssyo
2015-01-09 12:51:25 ----D---- C:\ProgramData\takueshop
2015-01-05 17:04:43 ----D---- C:\Program Files (x86)\Reimageplus.com
2015-01-04 14:10:09 ----D---- C:\Program Files (x86)\Supporter
2015-01-04 14:08:21 ----D---- C:\ProgramData\YoutubbEAdBBlocke
2015-01-04 14:08:07 ----D---- C:\Program Files (x86)\YoutubbEAdBBlocke
2015-01-04 14:07:07 ----D---- C:\ProgramData\85a93ac36f72f73
2015-01-04 14:06:45 ----D---- C:\Program Files (x86)\globalUpdate
2014-12-18 08:38:17 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-12-18 08:38:17 ----A---- C:\Windows\system32\ieUnatt.exe
2014-12-10 21:05:37 ----D---- C:\Windows\system32\appraiser
2014-12-10 11:58:21 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-12-10 11:58:21 ----A---- C:\Windows\system32\rrinstaller.exe
2014-12-10 11:58:21 ----A---- C:\Windows\system32\mfpmp.exe
2014-12-10 11:58:21 ----A---- C:\Windows\system32\mferror.dll
2014-12-10 11:58:20 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-12-10 11:58:20 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-12-10 11:58:20 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-12-10 11:58:20 ----A---- C:\Windows\system32\mfps.dll
2014-12-10 11:58:19 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-12-10 11:58:18 ----A---- C:\Windows\system32\mf.dll
2014-12-10 08:58:18 ----A---- C:\Windows\system32\aitstatic.exe
2014-12-10 08:58:17 ----A---- C:\Windows\system32\invagent.dll
2014-12-10 08:58:17 ----A---- C:\Windows\system32\appraiser.dll
2014-12-10 08:58:17 ----A---- C:\Windows\system32\aepic.dll
2014-12-10 08:58:17 ----A---- C:\Windows\system32\aeinv.dll
2014-12-10 08:58:16 ----A---- C:\Windows\system32\generaltel.dll
2014-12-10 08:58:15 ----A---- C:\Windows\system32\devinv.dll
2014-12-10 08:58:15 ----A---- C:\Windows\system32\aepdu.dll
2014-12-10 08:57:37 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-12-10 08:57:36 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-12-10 08:57:33 ----A---- C:\Windows\system32\drivers\tdx.sys
2014-12-10 08:57:24 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-12-10 08:57:24 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-12-10 08:57:23 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-12-10 08:57:23 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-12-10 08:57:23 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-12-10 08:57:22 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-12-10 08:57:22 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-12-10 08:57:22 ----A---- C:\Windows\system32\iernonce.dll
2014-12-10 08:57:22 ----A---- C:\Windows\system32\ie4uinit.exe
2014-12-10 08:57:21 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-12-10 08:57:21 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-12-10 08:57:21 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-12-10 08:57:21 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 08:57:20 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-12-10 08:57:18 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-12-10 08:57:18 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-12-10 08:57:18 ----A---- C:\Windows\system32\iedkcs32.dll
2014-12-10 08:57:17 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-12-10 08:57:17 ----A---- C:\Windows\system32\urlmon.dll
2014-12-10 08:57:17 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 08:57:16 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-12-10 08:57:16 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-12-10 08:57:15 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-12-10 08:57:15 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 08:57:15 ----A---- C:\Windows\system32\dxtrans.dll
2014-12-10 08:57:14 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-12-10 08:57:14 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-12-10 08:57:14 ----A---- C:\Windows\system32\msfeeds.dll
2014-12-10 08:57:13 ----A---- C:\Windows\system32\iesetup.dll
2014-12-10 08:57:13 ----A---- C:\Windows\system32\ieapfltr.dll
2014-12-10 08:57:11 ----A---- C:\Windows\system32\iertutil.dll
2014-12-10 08:57:10 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-12-10 08:57:10 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-12-10 08:57:09 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-12-10 08:57:09 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-12-10 08:57:09 ----A---- C:\Windows\system32\jsproxy.dll
2014-12-10 08:57:08 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-12-10 08:57:08 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-12-10 08:57:07 ----A---- C:\Windows\system32\ieui.dll
2014-12-10 08:57:07 ----A---- C:\Windows\system32\dxtmsft.dll
2014-12-10 08:57:06 ----A---- C:\Windows\system32\ieframe.dll
2014-12-10 08:57:05 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-12-10 08:57:05 ----A---- C:\Windows\system32\mshtmled.dll
2014-12-10 08:57:05 ----A---- C:\Windows\system32\jscript9diag.dll
2014-12-10 08:57:04 ----A---- C:\Windows\system32\vbscript.dll
2014-12-10 08:57:04 ----A---- C:\Windows\system32\jscript9.dll
2014-12-10 08:57:03 ----A---- C:\Windows\system32\wininet.dll
2014-12-10 08:57:02 ----A---- C:\Windows\system32\msrating.dll
2014-12-10 08:57:02 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-12-10 08:56:58 ----A---- C:\Windows\system32\mshtml.dll
2014-12-10 08:54:21 ----A---- C:\Windows\system32\charmap.exe
2014-12-10 08:54:20 ----A---- C:\Windows\SYSWOW64\charmap.exe
2014-12-10 08:54:17 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-12-10 08:54:17 ----A---- C:\Windows\system32\WsmSvc.dll
2014-12-10 08:54:16 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-12-10 08:54:16 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 08:54:16 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 08:54:14 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2014-12-10 08:54:14 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2014-12-10 08:54:14 ----A---- C:\Windows\system32\WsmAuto.dll
2014-12-10 08:54:13 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2014-12-10 08:54:13 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2014-12-10 08:53:57 ----A---- C:\Windows\system32\tzres.dll
2014-12-10 08:53:56 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-11-26 15:41:31 ----D---- C:\Users\Michaela\AppData\Roaming\ESRI
2014-11-26 15:11:07 ----D---- C:\Python26
2014-11-26 15:03:04 ----D---- C:\Windows\SYSWOW64\1033
2014-11-26 15:03:04 ----D---- C:\Windows\system32\1033
2014-11-26 15:03:04 ----D---- C:\Program Files\Microsoft SQL Server
2014-11-26 15:03:04 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2014-11-26 14:45:23 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2014-11-26 14:45:16 ----D---- C:\Users\Michaela\AppData\Roaming\DAEMON Tools Lite
2014-11-26 14:45:04 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2014-11-26 14:28:34 ----D---- C:\ProgramData\DAEMON Tools Lite
2014-11-26 14:24:58 ----D---- C:\ProgramData\Macrovision
2014-11-26 14:24:57 ----D---- C:\Program Files (x86)\ArcGIS
2014-11-26 14:24:42 ----D---- C:\Cracked License Manager 10
2014-11-26 07:56:08 ----D---- C:\Users\Michaela\AppData\Roaming\CyberLink
2014-11-18 19:55:07 ----A---- C:\Windows\system32\pku2u.dll
2014-11-18 19:55:07 ----A---- C:\Windows\system32\kerberos.dll
2014-11-18 19:55:06 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2014-11-18 19:55:06 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-11-18 14:56:48 ----A---- C:\Windows\SYSWOW64\FM20.DLL
2014-11-13 12:16:41 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2014-11-13 12:16:41 ----A---- C:\Windows\system32\termsrv.dll
2014-11-13 12:16:41 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-13 12:16:41 ----A---- C:\Windows\system32\adtschema.dll
2014-11-13 12:16:40 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-11-13 12:16:40 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2014-11-13 12:16:40 ----A---- C:\Windows\system32\msaudite.dll
2014-11-13 12:16:40 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-13 12:16:39 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-11-13 12:11:50 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-11-13 12:11:50 ----A---- C:\Windows\system32\msxml3.dll
2014-11-13 12:11:49 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-11-13 12:11:49 ----A---- C:\Windows\system32\msxml3r.dll
2014-11-13 12:11:48 ----A---- C:\Windows\system32\IMJP10K.DLL
2014-11-13 12:11:47 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2014-11-13 12:11:45 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-11-13 12:11:45 ----A---- C:\Windows\system32\audiosrv.dll
2014-11-13 12:11:45 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-11-13 12:11:44 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-11-13 12:11:44 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-11-13 12:11:44 ----A---- C:\Windows\system32\EncDump.dll
2014-11-13 12:11:44 ----A---- C:\Windows\system32\AudioSes.dll
2014-11-13 12:11:44 ----A---- C:\Windows\system32\AudioEng.dll
2014-11-13 12:11:36 ----A---- C:\Windows\system32\schannel.dll
2014-11-13 12:11:36 ----A---- C:\Windows\system32\ncrypt.dll
2014-11-13 12:11:35 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-11-13 12:11:35 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-11-13 12:11:34 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-11-13 12:11:34 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-11-13 12:11:34 ----A---- C:\Windows\system32\wdigest.dll
2014-11-13 12:11:34 ----A---- C:\Windows\system32\TSpkg.dll
2014-11-13 12:11:34 ----A---- C:\Windows\system32\msv1_0.dll
2014-11-13 12:11:33 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-11-13 12:11:32 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-11-13 12:11:32 ----A---- C:\Windows\system32\credssp.dll
2014-11-13 12:11:20 ----A---- C:\Windows\system32\packager.dll
2014-11-13 12:11:19 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-11-13 12:11:18 ----A---- C:\Windows\system32\win32k.sys
2014-11-13 12:11:11 ----A---- C:\Windows\system32\msi.dll
2014-11-13 12:11:10 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-11-13 12:10:36 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-11-13 12:10:36 ----A---- C:\Windows\system32\oleaut32.dll

======List of files/folders modified in the last 3 months======

2015-01-24 23:55:29 ----D---- C:\Windows\Prefetch
2015-01-24 22:02:57 ----D---- C:\Windows\Temp
2015-01-24 22:02:57 ----D---- C:\Windows\SysWOW64
2015-01-24 22:02:54 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-01-24 16:27:14 ----D---- C:\Windows\system32\config
2015-01-24 16:18:42 ----D---- C:\Windows\System32
2015-01-24 16:16:40 ----D---- C:\Windows\system32\wdi
2015-01-24 16:16:24 ----D---- C:\Users\Michaela\AppData\Roaming\Dropbox
2015-01-24 16:15:22 ----HD---- C:\ASUS.DAT
2015-01-24 16:13:50 ----D---- C:\Windows
2015-01-24 16:09:25 ----HD---- C:\ProgramData
2015-01-24 16:08:51 ----D---- C:\Windows\system32\drivers\etc
2015-01-24 15:40:23 ----D---- C:\Windows\inf
2015-01-24 14:55:28 ----RD---- C:\Program Files
2015-01-24 14:55:28 ----D---- C:\Program Files\Common Files
2015-01-24 14:40:32 ----A---- C:\Windows\system32\AutoRunFilter.ini
2015-01-24 14:39:38 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-24 10:52:45 ----SHD---- C:\System Volume Information
2015-01-24 09:22:58 ----D---- C:\Windows\system32\Tasks
2015-01-24 09:18:34 ----D---- C:\Windows\Panther
2015-01-24 09:18:34 ----D---- C:\Windows\ModemLogs
2015-01-24 09:18:33 ----D---- C:\Windows\Logs
2015-01-24 09:08:00 ----RD---- C:\Program Files (x86)
2015-01-24 09:08:00 ----D---- C:\Windows\system32\drivers
2015-01-24 09:04:08 ----SHD---- C:\Windows\Installer
2015-01-19 17:04:59 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-01-19 15:12:20 ----D---- C:\Windows\debug
2015-01-15 16:23:06 ----D---- C:\Windows\winsxs
2015-01-15 15:54:24 ----D---- C:\Windows\system32\MRT
2015-01-15 15:40:22 ----A---- C:\Windows\system32\MRT.exe
2015-01-15 14:12:10 ----D---- C:\Windows\system32\catroot
2015-01-15 14:12:09 ----D---- C:\Windows\system32\catroot2
2015-01-13 12:12:45 ----D---- C:\Windows\Tasks
2015-01-11 14:30:00 ----A---- C:\Windows\system32\ServiceFilter.ini
2015-01-11 14:10:13 ----SD---- C:\Users\Michaela\AppData\Roaming\Microsoft
2015-01-11 14:09:25 ----D---- C:\ProgramData\Adobe
2015-01-11 14:09:15 ----D---- C:\Program Files (x86)\Common Files
2015-01-11 12:07:09 ----D---- C:\Users\Michaela\AppData\Roaming\IObit
2015-01-05 17:18:39 ----A---- C:\Windows\win.ini
2015-01-05 16:52:12 ----D---- C:\ProgramData\Nokia
2015-01-04 14:06:27 ----HD---- C:\Windows\system32\GroupPolicy
2015-01-04 14:06:27 ----D---- C:\Windows\SYSWOW64\GroupPolicy
2015-01-04 14:05:49 ----RD---- C:\Users
2014-12-31 12:14:31 ----N---- C:\Windows\system32\MpSigStub.exe
2014-12-26 10:24:14 ----A---- C:\Windows\SYSWOW64\acovcnt.exe
2014-12-25 11:42:18 ----D---- C:\Users\Michaela\AppData\Roaming\vlc
2014-12-13 10:58:58 ----D---- C:\Windows\rescache
2014-12-13 09:19:55 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-12-13 09:19:55 ----D---- C:\Windows\system32\cs-CZ
2014-12-10 21:05:39 ----SD---- C:\Windows\system32\CompatTel
2014-12-10 21:05:39 ----D---- C:\Windows\AppCompat
2014-12-10 21:05:36 ----SD---- C:\ProgramData\Microsoft
2014-12-10 21:05:31 ----D---- C:\Program Files\Internet Explorer
2014-12-10 21:05:29 ----D---- C:\Windows\SYSWOW64\en-US
2014-12-10 21:05:26 ----D---- C:\Windows\PolicyDefinitions
2014-12-10 21:05:25 ----D---- C:\Windows\system32\en-US
2014-12-10 21:05:23 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-10 12:20:44 ----D---- C:\ProgramData\Microsoft Help
2014-12-01 23:05:38 ----D---- C:\Program Files (x86)\IObit
2014-12-01 22:56:26 ----D---- C:\ProgramData\IObit
2014-11-26 15:39:58 ----RSD---- C:\Windows\assembly
2014-11-26 15:39:26 ----D---- C:\ProgramData\FLEXnet
2014-11-26 15:11:02 ----RSD---- C:\Windows\Fonts
2014-11-26 14:58:30 ----D---- C:\Windows\Minidump
2014-11-26 14:50:51 ----D---- C:\Users\Michaela\AppData\Roaming\Winamp
2014-11-26 14:46:15 ----D---- C:\Windows\system32\DriverStore
2014-11-14 13:41:47 ----D---- C:\Windows\Microsoft.NET

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2010-11-04 75904]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2010-11-04 38016]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-01-11 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-01-11 267632]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 269008]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-01-11 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-01-11 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-01-11 436624]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-05-26 17536]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-11-26 283064]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-01-11 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-01-11 87912]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-01-11 116728]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 125584]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-01-11 271752]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-07-14 9978880]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-07-13 309248]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-03-13 36000]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-03-07 2228736]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-06-06 231440]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-03-13 298656]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-03-13 28832]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-03-13 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-03-13 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-03-13 154272]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-03-13 280224]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-10-19 80384]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-12-31 138024]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2011-01-30 86016]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-10-18 2957544]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-03-04 436840]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2010-11-29 44672]
S1 matrzpxl;matrzpxl; \??\C:\Windows\system32\drivers\matrzpxl.sys []
S1 vdlxjbmd;vdlxjbmd; \??\C:\Windows\system32\drivers\vdlxjbmd.sys []
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 EsgScanner;EsgScanner; C:\Windows\system32\DRIVERS\EsgScanner.sys [2015-01-10 22704]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 117248]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2011-05-13 48488]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2011-02-25 98816]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-06-11 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-06-11 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-27 26112]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2013-03-02 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2011-01-18 250984]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-03-02 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2013-03-02 30208]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-06-11 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-06-11 9216]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2011-01-25 379520]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-07-13 204288]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-14 361984]
R2 ameisvc;Web'n'walk Manager mobile equipment installation service; C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [2011-06-24 123120]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-03-13 138400]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-03-13 74912]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-01-11 50344]
R2 EpsonBidirectionalService;EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [2006-12-19 94208]
R2 EpsonScanSvc;Epson Scanner Service; C:\Windows\system32\EscSvc64.exe [2011-12-12 135824]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 23784]
R2 tor;Tor Win32 Service; C:\Program Files (x86)\Tor\tor.exe [2013-08-23 3233806]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-01-11 4012248]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 368624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-11 107912]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-24 267440]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-11-26 867080]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-05-13 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-11 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-01-23 114800]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-10-03 725400]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-07-01 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Re: pomaly notebook, odstranena omiga plus

Napsal: 25 led 2015 08:14
od vyosek
Zdravim :)

:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Po spusteni probehne stazeni databaze
  • Kliknete na Scan a nasledne Clean
  • Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
:arrow: Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do okna vlozte skript nize

  • Kód: Vybrat vše

    autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
  • Nasledne kliknete na Run Script
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Re: pomaly notebook, odstranena omiga plus

Napsal: 25 led 2015 14:46
od vembloud
zdravim,
a prikladam logy, diky moc:

# AdwCleaner v4.109 - Report created 25/01/2015 at 10:26:54
# Updated 24/01/2015 by Xplode
# Database : 2015-01-24.4 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Michaela - MICHAELA-PC
# Running from : C:\Users\Michaela\Desktop\adwcleaner_4.109.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Found : C:\Program Files (x86)\globalUpdate
Folder Found : C:\Program Files (x86)\supporter
Folder Found : C:\Program Files (x86)\YoutubbEAdBBlocke
Folder Found : C:\Program Files (x86)\YoutubbEAdBBlocke
Folder Found : C:\Program Files (x86)\Zrychleni Pocitace
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\YoutubbEAdBBlocke
Folder Found : C:\ProgramData\YoutubbEAdBBlocke
Folder Found : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kmmkgmibhlbkfjgonpjnealdafgcinje
Folder Found : C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kmmkgmibhlbkfjgonpjnealdafgcinje
Folder Found : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmmkgmibhlbkfjgonpjnealdafgcinje
Folder Found : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Found : C:\Users\Administrator\AppData\Local\torch
Folder Found : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kmmkgmibhlbkfjgonpjnealdafgcinje
Folder Found : C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kmmkgmibhlbkfjgonpjnealdafgcinje
Folder Found : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmmkgmibhlbkfjgonpjnealdafgcinje
Folder Found : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Found : C:\Users\Guest\AppData\Local\torch
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kmmkgmibhlbkfjgonpjnealdafgcinje
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kmmkgmibhlbkfjgonpjnealdafgcinje
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmmkgmibhlbkfjgonpjnealdafgcinje
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Found : C:\Users\Michaela\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kmmkgmibhlbkfjgonpjnealdafgcinje
Folder Found : C:\Users\Michaela\AppData\Local\CrossBrowser
Folder Found : C:\Users\Michaela\AppData\Local\globalUpdate
Folder Found : C:\Users\Michaela\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kmmkgmibhlbkfjgonpjnealdafgcinje
Folder Found : C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmmkgmibhlbkfjgonpjnealdafgcinje
Folder Found : C:\Users\Michaela\AppData\Local\Chromatic Browser
Folder Found : C:\Users\Michaela\AppData\Local\torch
Folder Found : C:\Users\Michaela\AppData\Roaming\Updater
Folder Found : C:\Windows\SysWOW64\dfrg

***** [ Scheduled Tasks ] *****

Task Found : BitGuard
Task Found : LaunchSignup
Task Found : Price-Horse Updater
Task Found : Price-Horse
Task Found : CPU Grid Computing

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\5d2dbd0e135bd47
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Found : HKCU\Software\filescout
Key Found : HKCU\Software\GlobalUpdate
Key Found : HKCU\Software\Optimizer Pro
Key Found : [x64] HKCU\Software\filescout
Key Found : [x64] HKCU\Software\GlobalUpdate
Key Found : [x64] HKCU\Software\Optimizer Pro
Key Found : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Key Found : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Found : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Found : HKLM\SOFTWARE\5d2dbd0e135bd47
Key Found : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Key Found : HKLM\SOFTWARE\SupDp
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v35.0 (x86 cs)


-\\ Google Chrome v39.0.2171.95


-\\ Comodo Dragon v


-\\ Chrome Canary v


*************************

AdwCleaner[R0].txt - [4825 octets] - [25/01/2015 10:26:54]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [4885 octets] ##########


# AdwCleaner v4.109 - Report created 25/01/2015 at 11:47:09
# Updated 24/01/2015 by Xplode
# Database : 2015-01-24.4 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Michaela - MICHAELA-PC
# Running from : C:\Users\Michaela\Desktop\adwcleaner_4.109.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\YoutubbEAdBBlocke
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\supporter
Folder Deleted : C:\Program Files (x86)\Zrychleni Pocitace
Folder Deleted : C:\Program Files (x86)\YoutubbEAdBBlocke
Folder Deleted : C:\Windows\SysWOW64\dfrg
Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\Michaela\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Michaela\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Michaela\AppData\Local\torch
Folder Deleted : C:\Users\Michaela\AppData\Local\CrossBrowser
Folder Deleted : C:\Users\Michaela\AppData\Roaming\Updater
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmmkgmibhlbkfjgonpjnealdafgcinje
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmmkgmibhlbkfjgonpjnealdafgcinje
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmmkgmibhlbkfjgonpjnealdafgcinje
Folder Deleted : C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmmkgmibhlbkfjgonpjnealdafgcinje
Folder Deleted : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kmmkgmibhlbkfjgonpjnealdafgcinje
Folder Deleted : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kmmkgmibhlbkfjgonpjnealdafgcinje
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kmmkgmibhlbkfjgonpjnealdafgcinje
Folder Deleted : C:\Users\Michaela\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kmmkgmibhlbkfjgonpjnealdafgcinje
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kmmkgmibhlbkfjgonpjnealdafgcinje
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kmmkgmibhlbkfjgonpjnealdafgcinje
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kmmkgmibhlbkfjgonpjnealdafgcinje
Folder Deleted : C:\Users\Michaela\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kmmkgmibhlbkfjgonpjnealdafgcinje

***** [ Scheduled Tasks ] *****

Task Deleted : BitGuard
Task Deleted : LaunchSignup
Task Deleted : Price-Horse Updater
Task Deleted : Price-Horse
Task Deleted : CPU Grid Computing

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKCU\Software\5d2dbd0e135bd47
Key Deleted : HKLM\SOFTWARE\5d2dbd0e135bd47
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKCU\Software\filescout
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v35.0 (x86 cs)


-\\ Google Chrome v39.0.2171.95


-\\ Comodo Dragon v


-\\ Chrome Canary v


*************************

AdwCleaner[R0].txt - [4985 octets] - [25/01/2015 10:26:54]
AdwCleaner[S0].txt - [4764 octets] - [25/01/2015 11:47:09]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4824 octets] ##########

nevim jestli toto je log, kgtery jsem mel poslat ze Zoeku? kdyz jsme prisel pocitac byl vypnuty a toto je soubor restore.txt z adresare Zoek_backup

restore;|C_PROGRA~3_85a93ac36f72f73|C:\PROGRA~3\85a93ac36f72f73
restore;|C_PROGRA~2_Reimageplus.com|C:\PROGRA~2\Reimageplus.com
restore;|C_PROGRA~3_takueshop|C:\PROGRA~3\takueshop
restore;|C_Users_Michaela_AppData_Local_avgchrome|C:\Users\Michaela\AppData\Local\avgchrome
restore;|C_Users_Michaela_AppData_LocalLow_ADSRemoval|C:\Users\Michaela\AppData\LocalLow\ADSRemoval
restore;|C_Windows_SysNative_config_systemprofile_Searches|C:\Windows\SysNative\config\systemprofile\Searches
restore;|C_windows_SysNative_GroupPolicy_Machine|C:\windows\SysNative\GroupPolicy\Machine
restore;|C_windows_SysNative_GroupPolicy_User|C:\windows\SysNative\GroupPolicy\User
restore;|C_Windows_SysWow64_searchplugins|C:\Windows\SysWow64\searchplugins
restore;|C_Windows_SysWow64_Extensions|C:\Windows\SysWow64\Extensions
restore;|C_windows_SysNative_GroupPolicy_GPT.INI.vir|C:\windows\SysNative\GroupPolicy\GPT.INI
restore;|C_Windows_Syswow64_GroupPolicy_gpt.ini.vir|C:\Windows\Syswow64\GroupPolicy\gpt.ini

Re: pomaly notebook, odstranena omiga plus

Napsal: 25 led 2015 14:50
od vyosek
Log ze zoeku by mel byt c:\zoek_resuls.log

Re: pomaly notebook, odstranena omiga plus

Napsal: 25 led 2015 16:26
od vembloud
Zdravím,
přikládám log ze Zoeku, poprvé se pravděpodobně nedokončil.


Zoek.exe v5.0.0.0 Updated 18-01-2015
Tool run by Michaela on ne 25.01.2015 at 15:01:47,52.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Michaela\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2015-01-25-122601.log 27544 bytes

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\Users\Administrator\AppData\Local\Comodo deleted successfully
C:\Users\Administrator\AppData\Local\Google deleted successfully
C:\Users\Guest\AppData\Local\Comodo deleted successfully
C:\Users\Guest\AppData\Local\Google deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google deleted successfully
C:\Users\Michaela\AppData\Local\Comodo deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\fj1ypd3k.default-1420976060409\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.cz/");

Added to C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\fj1ypd3k.default-1420976060409\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\fj1ypd3k.default-1420976060409
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [11.01.2015 11:27]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\fj1ypd3k.default-1420976060409
0FC325593893749364EC4A733E7D9100 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll - Shockwave Flash
2EE9DCAE1D70ABF4D058688DE35F8221 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.16
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System


==== Chromium Look ======================

Google Chrome Version: 39.0.2171.95 (Possible outdated, latest Stable version: 39.0.2171.99)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[11.01.2015 11:26]

Docs - Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Start Page Redirect Cache"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Start Page Redirect Cache"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page Redirect Cache"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page Redirect Cache"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} Google Url="http://www.google.com/search?q={searchT ... utEncoding?}"

==== Reset Google Chrome ======================

C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Michaela\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Michaela\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Michaela\AppData\Local\Mozilla\Firefox\Profiles\fj1ypd3k.default-1420976060409\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=22 folders=10 959019 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Michaela\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Michaela\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ne 25.01.2015 at 16:21:56,46 ======================

Re: pomaly notebook, odstranena omiga plus

Napsal: 27 led 2015 21:06
od vyosek
Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

Re: pomaly notebook, odstranena omiga plus

Napsal: 28 led 2015 22:57
od vembloud
Dobrý večer,
posílám log

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01
Ran by Michaela (administrator) on MICHAELA-PC on 28-01-2015 22:46:35
Running from C:\Users\Michaela\Desktop
Loaded Profiles: Michaela (Available profiles: Michaela)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIILE.EXE
(Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Dropbox, Inc.) C:\Users\Michaela\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(Acresso Software Inc.) C:\Cracked License Manager 10\lmgrd.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
() C:\Program Files (x86)\Tor\tor.exe
() C:\Cracked License Manager 10\ARCGIS.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Gemfor s.r.o.) C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\Michaela\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2278504 2011-10-14] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [617120 2011-03-13] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-03-13] (Atheros Commnucations)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2587944 2010-12-31] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2011-10-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [737104 2011-07-29] (ecareme)
HKLM-x32\...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe [984400 2010-07-10] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2255360 2011-06-10] (ASUS)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058400 2011-10-31] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-26] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.)
HKU\S-1-5-21-120195345-739056734-1938374901-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIILE.EXE [278112 2011-11-02] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-120195345-739056734-1938374901-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-120195345-739056734-1938374901-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-120195345-739056734-1938374901-1001\...\MountPoints2: {65729d10-2db6-11e2-a95e-9cb70d1a893b} - F:\Autorun.exe
HKU\S-1-5-21-120195345-739056734-1938374901-1001\...\MountPoints2: {65729d22-2db6-11e2-a95e-9cb70d1a893b} - F:\Autorun.exe
HKU\S-1-5-21-120195345-739056734-1938374901-1001\...\MountPoints2: {89f1078c-a436-11e2-9104-9cb70d1a893b} - F:\Autorun.exe
HKU\S-1-5-21-120195345-739056734-1938374901-1001\...\MountPoints2: {b182b2bf-bbed-11e2-916b-9cb70d1a893b} - F:\Autorun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe ()
Startup: C:\Users\Michaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ArcGIS License Manager 10 CRACKED.lnk
ShortcutTarget: ArcGIS License Manager 10 CRACKED.lnk -> C:\Cracked License Manager 10\start_lic_mgr_invisible.vbs ()
Startup: C:\Users\Michaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Michaela\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
StartMenuInternet: IEXPLORE.EXE - C:\program files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-120195345-739056734-1938374901-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\fj1ypd3k.default-1420976060409
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-120195345-739056734-1938374901-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Michaela\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll No File
FF Plugin HKU\S-1-5-21-120195345-739056734-1938374901-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Michaela\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-11]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://google.com/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-24]
CHR Extension: (Docs) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-24]
CHR Extension: (Disk Google) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-24]
CHR Extension: (YouTube) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-24]
CHR Extension: (Vyhledávání Google) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-24]
CHR Extension: (Tabulky Google) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-28]
CHR Extension: (Peněženka Google) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR Extension: (Gmail) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-24]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-07-14] (Advanced Micro Devices, Inc.) [File not signed]
R2 ameisvc; C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [123120 2011-06-24] (Gemfor s.r.o.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-03-13] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-13] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-11] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-01-11] (Avast Software)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-08-23] () [File not signed] <==== ATTENTION
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-11] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [87912 2015-01-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-11] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-11] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-11] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-11-26] (Disc Soft Ltd)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-01-10] ()
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-01-11] (Avast Software)
S1 matrzpxl; \??\C:\Windows\system32\drivers\matrzpxl.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S1 vdlxjbmd; \??\C:\Windows\system32\drivers\vdlxjbmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-28 22:46 - 2015-01-28 22:47 - 00018561 _____ () C:\Users\Michaela\Desktop\FRST.txt
2015-01-28 22:46 - 2015-01-28 22:46 - 00000000 ____D () C:\FRST
2015-01-28 22:44 - 2015-01-28 22:44 - 00112640 _____ (forum.viry.cz) C:\Users\Michaela\Desktop\FRSTLauncher.exe
2015-01-28 22:39 - 2015-01-28 22:39 - 00000197 _____ () C:\Windows\system32\2015-01-28-21-39-20.070-AvastVBoxSVC.exe-5136.log
2015-01-28 22:37 - 2015-01-28 22:37 - 00000000 ___RD () C:\Users\Michaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-01-27 22:43 - 2015-01-27 22:43 - 02129920 _____ (Farbar) C:\Users\Michaela\Desktop\FRST64.exe
2015-01-27 03:10 - 2015-01-27 03:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-27 00:10 - 2015-01-27 00:10 - 00000000 ____D () C:\ProgramData\redistpart
2015-01-27 00:10 - 2015-01-27 00:10 - 00000000 ____D () C:\ProgramData\launcher
2015-01-27 00:10 - 2015-01-27 00:10 - 00000000 ____D () C:\ProgramData\explauncher
2015-01-27 00:08 - 2015-01-27 00:08 - 00002345 _____ () C:\Users\Public\Desktop\Paragon Partition Manager™ 14 Free.lnk
2015-01-27 00:08 - 2015-01-27 00:08 - 00000000 ____D () C:\Windows\pss
2015-01-27 00:08 - 2015-01-27 00:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paragon Partition Manager™ 14 Free
2015-01-27 00:07 - 2015-01-27 00:07 - 00000000 ____D () C:\Program Files\Paragon Software
2015-01-27 00:06 - 2015-01-27 00:06 - 00000000 ____D () C:\Users\Michaela\AppData\Local\Downloaded Installations
2015-01-26 23:58 - 2015-01-26 23:58 - 00001726 _____ () C:\Users\Public\Desktop\Defraggler.lnk
2015-01-26 23:58 - 2015-01-26 23:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2015-01-26 23:58 - 2015-01-26 23:58 - 00000000 ____D () C:\Program Files\Defraggler
2015-01-26 23:56 - 2015-01-26 23:57 - 04362512 _____ (Piriform Ltd) C:\Users\Michaela\Downloads\dfsetup218.exe
2015-01-26 23:51 - 2015-01-27 00:00 - 53091632 _____ (Paragon Software ) C:\Users\Michaela\Downloads\pm14free_x64_eng.exe
2015-01-26 22:43 - 2015-01-26 22:43 - 00000197 _____ () C:\Windows\system32\2015-01-26-21-43-04.095-AvastVBoxSVC.exe-5788.log
2015-01-25 16:23 - 2015-01-25 16:23 - 00000197 _____ () C:\Windows\system32\2015-01-25-15-23-50.049-AvastVBoxSVC.exe-3696.log
2015-01-25 16:16 - 2015-01-25 15:01 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-01-25 15:03 - 2015-01-25 13:26 - 00027544 _____ () C:\zoek-results2015-01-25-122601.log
2015-01-25 14:59 - 2015-01-25 14:59 - 00000197 _____ () C:\Windows\system32\2015-01-25-13-59-51.047-AvastVBoxSVC.exe-5148.log
2015-01-25 14:40 - 2015-01-25 14:40 - 00000197 _____ () C:\Windows\system32\2015-01-25-13-40-08.061-AvastVBoxSVC.exe-6804.log
2015-01-25 11:56 - 2015-01-25 16:21 - 00008768 _____ () C:\zoek-results.log
2015-01-25 11:52 - 2015-01-25 11:52 - 00000197 _____ () C:\Windows\system32\2015-01-25-10-52-53.067-AvastVBoxSVC.exe-5208.log
2015-01-25 11:51 - 2015-01-25 13:12 - 00000000 ____D () C:\zoek_backup
2015-01-25 11:50 - 2015-01-25 11:51 - 00004912 _____ () C:\Users\Michaela\Desktop\AdwCleaner[S0].txt
2015-01-25 11:49 - 2015-01-25 16:21 - 00001214 _____ () C:\Windows\PFRO.log
2015-01-25 10:26 - 2015-01-25 11:47 - 00000000 ____D () C:\AdwCleaner
2015-01-25 10:23 - 2015-01-25 10:24 - 02194432 _____ () C:\Users\Michaela\Desktop\adwcleaner_4.109.exe
2015-01-25 10:15 - 2015-01-25 10:16 - 01295360 _____ () C:\Users\Michaela\Desktop\zoek.exe
2015-01-25 10:15 - 2015-01-25 10:15 - 00000181 _____ () C:\Users\Michaela\Desktop\script zoek.txt
2015-01-25 10:10 - 2015-01-25 10:10 - 00000197 _____ () C:\Windows\system32\2015-01-25-09-10-03.020-AvastVBoxSVC.exe-5776.log
2015-01-24 16:18 - 2015-01-24 16:18 - 00000197 _____ () C:\Windows\system32\2015-01-24-15-18-42.030-AvastVBoxSVC.exe-5872.log
2015-01-24 16:13 - 2015-01-28 22:36 - 00002026 _____ () C:\Windows\setupact.log
2015-01-24 16:13 - 2015-01-24 16:13 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-24 14:55 - 2015-01-24 14:55 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
2015-01-24 14:55 - 2015-01-24 14:55 - 00000000 ____D () C:\Program Files\Adware-Removal-Tool
2015-01-24 14:53 - 2015-01-24 14:55 - 00001150 _____ () C:\Users\Michaela\Documents\cc_20150124_145303.reg
2015-01-24 14:47 - 2015-01-24 14:48 - 00753184 _____ () C:\Users\Michaela\Downloads\Adware-Removal-Tool-v3.9.1.exe
2015-01-24 14:45 - 2015-01-24 14:45 - 00000197 _____ () C:\Windows\system32\2015-01-24-13-45-23.081-AvastVBoxSVC.exe-768.log
2015-01-24 13:29 - 2015-01-24 23:55 - 00000000 ____D () C:\Program Files\trend micro
2015-01-24 13:29 - 2015-01-24 13:36 - 00000000 ____D () C:\rsit
2015-01-24 13:14 - 2015-01-24 13:14 - 00000247 _____ () C:\Windows\system32\2015-01-24-12-14-47.017-aswFe.exe-856.log
2015-01-24 13:06 - 2015-01-24 13:14 - 00000247 _____ () C:\Windows\system32\2015-01-24-12-06-49.006-aswFe.exe-4252.log
2015-01-24 13:06 - 2015-01-24 13:06 - 00000197 _____ () C:\Windows\system32\2015-01-24-12-06-43.001-AvastVBoxSVC.exe-6056.log
2015-01-24 09:26 - 2015-01-24 09:26 - 00065958 _____ () C:\Users\Michaela\Documents\duplicate.txt
2015-01-24 09:22 - 2015-01-24 09:22 - 00035752 _____ () C:\Users\Michaela\Documents\cc_20150124_092205.reg
2015-01-24 09:22 - 2015-01-24 09:22 - 00000000 ____D () C:\Users\Michaela\AppData\Roaming\Apple Computer
2015-01-24 09:13 - 2015-01-24 09:13 - 00002778 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-01-24 09:13 - 2015-01-24 09:13 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-01-24 09:13 - 2015-01-24 09:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-01-24 09:13 - 2015-01-24 09:13 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-24 08:59 - 2015-01-24 08:59 - 00000197 _____ () C:\Windows\system32\2015-01-24-07-59-21.074-AvastVBoxSVC.exe-3608.log
2015-01-23 20:56 - 2015-01-23 20:58 - 05609115 _____ (Swearware) C:\Users\Michaela\Downloads\ComboFix.exe
2015-01-23 20:52 - 2015-01-23 20:52 - 01222144 _____ () C:\Users\Michaela\Downloads\RSITx64.exe
2015-01-23 20:50 - 2015-01-23 20:51 - 05317104 _____ (Piriform Ltd) C:\Users\Michaela\Downloads\ccsetup501.exe
2015-01-23 19:06 - 2015-01-23 19:06 - 00000197 _____ () C:\Windows\system32\2015-01-23-18-06-11.053-AvastVBoxSVC.exe-6076.log
2015-01-19 16:59 - 2015-01-19 16:59 - 00000197 _____ () C:\Windows\system32\2015-01-19-15-59-11.070-AvastVBoxSVC.exe-5100.log
2015-01-19 15:19 - 2015-01-19 15:19 - 00000197 _____ () C:\Windows\system32\2015-01-19-14-19-19.064-AvastVBoxSVC.exe-7032.log
2015-01-19 12:38 - 2015-01-19 12:38 - 00000197 _____ () C:\Windows\system32\2015-01-19-11-38-01.044-AvastVBoxSVC.exe-3212.log
2015-01-17 21:36 - 2015-01-17 21:36 - 00000197 _____ () C:\Windows\system32\2015-01-17-20-36-38.079-AvastVBoxSVC.exe-5880.log
2015-01-15 16:27 - 2015-01-15 16:27 - 00000197 _____ () C:\Windows\system32\2015-01-15-15-27-07.001-AvastVBoxSVC.exe-5140.log
2015-01-15 14:15 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-15 14:15 - 2014-12-11 18:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-15 14:15 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-15 14:15 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-15 14:15 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-15 14:14 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-15 14:14 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-15 14:14 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-15 14:14 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-15 14:14 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-15 14:14 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-15 14:14 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-15 14:14 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-15 13:36 - 2015-01-15 13:36 - 00000197 _____ () C:\Windows\system32\2015-01-15-12-36-42.068-AvastVBoxSVC.exe-3664.log
2015-01-13 13:14 - 2015-01-13 13:14 - 00000247 _____ () C:\Windows\system32\2015-01-13-12-14-04.048-aswFe.exe-2820.log
2015-01-13 12:23 - 2015-01-13 13:13 - 00000247 _____ () C:\Windows\system32\2015-01-13-11-23-25.008-aswFe.exe-6660.log
2015-01-13 12:22 - 2015-01-13 12:22 - 00000197 _____ () C:\Windows\system32\2015-01-13-11-22-30.057-AvastVBoxSVC.exe-3120.log
2015-01-13 12:03 - 2015-01-13 12:03 - 00000247 _____ () C:\Windows\system32\2015-01-13-11-03-39.073-aswFe.exe-6976.log
2015-01-13 12:03 - 2015-01-13 12:03 - 00000197 _____ () C:\Windows\system32\2015-01-13-11-03-19.069-AvastVBoxSVC.exe-1096.log
2015-01-11 14:35 - 2015-01-11 14:35 - 00000247 _____ () C:\Windows\system32\2015-01-11-13-35-16.038-aswFe.exe-6628.log
2015-01-11 14:34 - 2015-01-11 14:34 - 00000197 _____ () C:\Windows\system32\2015-01-11-13-34-36.005-AvastVBoxSVC.exe-3688.log
2015-01-11 14:17 - 2015-01-11 14:17 - 00000247 _____ () C:\Windows\system32\2015-01-11-13-17-16.071-aswFe.exe-3252.log
2015-01-11 14:16 - 2015-01-11 14:16 - 00000197 _____ () C:\Windows\system32\2015-01-11-13-16-32.041-AvastVBoxSVC.exe-3360.log
2015-01-11 14:16 - 2015-01-11 14:16 - 00000000 ____D () C:\Users\Michaela\AppData\Roaming\QuickScan
2015-01-11 14:09 - 2015-01-23 20:40 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-01-11 14:09 - 2015-01-11 14:09 - 00002021 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2015-01-11 14:09 - 2015-01-11 14:09 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-01-11 14:05 - 2015-01-11 14:06 - 06875896 _____ (Speedchecker Limited ) C:\Users\Michaela\Downloads\zrychlenipocitace_7c8d99894aac49a1bff6c550ccda5c51_.exe
2015-01-11 13:48 - 2015-01-11 13:48 - 00000247 _____ () C:\Windows\system32\2015-01-11-12-48-25.006-aswFe.exe-7888.log
2015-01-11 13:47 - 2015-01-11 13:47 - 00000197 _____ () C:\Windows\system32\2015-01-11-12-47-43.071-AvastVBoxSVC.exe-4856.log
2015-01-11 12:55 - 2015-01-11 12:56 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2015-01-11 12:55 - 2015-01-11 12:56 - 00000000 ____D () C:\Windows\system32\vbox
2015-01-11 12:46 - 2015-01-11 12:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-11 12:44 - 2015-01-28 22:37 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-11 12:44 - 2015-01-28 21:49 - 00000956 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-11 12:44 - 2015-01-11 12:46 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-11 12:44 - 2015-01-11 12:44 - 00003952 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-01-11 12:44 - 2015-01-11 12:44 - 00003700 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-11 12:43 - 2015-01-11 12:43 - 00880784 _____ (Google Inc.) C:\Users\Michaela\Downloads\ChromeSetup.exe
2015-01-11 12:34 - 2015-01-11 12:34 - 00000000 ____D () C:\Users\Michaela\Desktop\Původní data aplikace Firefox
2015-01-11 12:29 - 2015-01-11 12:29 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-11 12:27 - 2015-01-11 12:28 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Michaela\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-11 11:29 - 2015-01-11 11:29 - 00000000 ____D () C:\Users\Michaela\AppData\Roaming\AVAST Software
2015-01-11 11:28 - 2015-01-11 11:28 - 00001966 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-01-11 11:28 - 2015-01-11 11:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-01-11 11:27 - 2015-01-28 22:39 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-11 11:27 - 2015-01-11 11:28 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-01-11 11:27 - 2015-01-11 11:28 - 00087912 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2015-01-11 11:27 - 2015-01-11 11:27 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-01-11 11:27 - 2015-01-11 11:27 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-01-11 11:27 - 2015-01-11 11:27 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-01-11 11:27 - 2015-01-11 11:27 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-01-11 11:27 - 2015-01-11 11:27 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-01-11 11:27 - 2015-01-11 11:27 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-01-11 11:27 - 2015-01-11 11:27 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-01-11 11:27 - 2015-01-11 11:27 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-01-11 11:23 - 2015-01-11 11:23 - 00000000 ____D () C:\Program Files\AVAST Software
2015-01-11 11:21 - 2015-01-11 11:23 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-01-11 11:20 - 2015-01-11 11:20 - 05006864 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup_online.exe
2015-01-11 11:20 - 2015-01-11 11:20 - 05006864 _____ (AVAST Software) C:\Users\Michaela\Downloads\avast_free_antivirus_setup_online.exe
2015-01-10 10:38 - 2015-01-10 10:38 - 00000000 _____ () C:\autoexec.bat
2015-01-10 10:37 - 2015-01-10 10:37 - 00000000 ____D () C:\Users\Michaela\AppData\Roaming\Enigma Software Group
2015-01-10 10:37 - 2015-01-10 10:37 - 00000000 ____D () C:\sh4ldr
2015-01-10 10:35 - 2015-01-10 10:35 - 03044736 _____ (Enigma Software Group USA, LLC.) C:\Users\Michaela\Downloads\sh-remover.exe
2015-01-10 10:35 - 2015-01-10 10:35 - 00022704 _____ () C:\Windows\system32\Drivers\EsgScanner.sys
2015-01-10 10:35 - 2015-01-10 10:35 - 00000000 ____D () C:\Program Files\Enigma Software Group
2015-01-09 12:53 - 2015-01-11 13:46 - 00000000 ____D () C:\ProgramData\adssyo
2015-01-05 16:40 - 2015-01-05 16:40 - 00003166 _____ () C:\Windows\System32\Tasks\{5B016344-7336-4016-99D4-72F80A80E4D0}
2015-01-04 14:06 - 2015-01-25 14:38 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2015-01-04 14:05 - 2015-01-04 14:05 - 00000000 ____D () C:\Users\HomeGroupUser$
2015-01-04 14:05 - 2015-01-04 14:05 - 00000000 ____D () C:\Users\Guest
2015-01-04 14:05 - 2015-01-04 14:05 - 00000000 ____D () C:\Users\Administrator

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-28 22:46 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-28 22:46 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-28 22:43 - 2012-01-29 00:28 - 01384408 _____ () C:\Windows\WindowsUpdate.log
2015-01-28 22:39 - 2013-10-08 17:33 - 00000000 ___RD () C:\Users\Michaela\Dropbox
2015-01-28 22:39 - 2012-06-30 18:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-28 22:38 - 2013-10-08 17:29 - 00000000 ____D () C:\Users\Michaela\AppData\Roaming\Dropbox
2015-01-28 22:37 - 2012-06-30 18:24 - 00000974 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-120195345-739056734-1938374901-1001UA.job
2015-01-28 22:37 - 2012-06-30 18:10 - 00000000 ___HD () C:\ASUS.DAT
2015-01-28 22:36 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-28 22:19 - 2012-06-30 18:32 - 00001912 _____ () C:\Windows\epplauncher.mif
2015-01-28 22:02 - 2014-07-06 08:06 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-28 12:37 - 2012-06-30 18:24 - 00000922 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-120195345-739056734-1938374901-1001Core.job
2015-01-27 00:11 - 2011-02-19 06:36 - 00680528 _____ () C:\Windows\system32\perfh005.dat
2015-01-27 00:11 - 2011-02-19 06:36 - 00145496 _____ () C:\Windows\system32\perfc005.dat
2015-01-27 00:11 - 2009-07-14 06:13 - 01615314 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-26 19:05 - 2011-10-19 23:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2015-01-26 19:05 - 2011-10-19 23:59 - 00000000 ____D () C:\Program Files (x86)\ASUS
2015-01-25 16:21 - 2012-06-30 18:11 - 00045056 _____ () C:\Windows\SysWOW64\acovcnt.exe
2015-01-25 13:25 - 2012-06-30 18:24 - 00000000 ____D () C:\Users\Michaela\AppData\Local\Google
2015-01-25 13:12 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-01-25 13:12 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2015-01-24 22:02 - 2014-07-06 08:06 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-24 22:02 - 2014-07-06 08:06 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-24 22:02 - 2014-07-06 08:06 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-24 14:55 - 2012-06-30 18:11 - 00001395 _____ () C:\Users\Michaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-24 14:40 - 2012-01-29 00:49 - 00002476 _____ () C:\Windows\system32\AutoRunFilter.ini
2015-01-24 09:22 - 2012-07-03 10:37 - 00000000 ____D () C:\Users\Michaela\Documents\filmečky
2015-01-24 09:18 - 2009-07-29 07:03 - 00000000 ____D () C:\Windows\Panther
2015-01-23 20:42 - 2013-05-03 12:45 - 00201728 ___SH () C:\Users\Michaela\Documents\Thumbs.db
2015-01-19 17:26 - 2014-11-26 15:41 - 00000000 ____D () C:\Users\Michaela\Documents\ArcGIS
2015-01-19 17:12 - 2012-06-30 18:10 - 00000000 ____D () C:\Users\Michaela
2015-01-19 13:38 - 2012-06-30 18:12 - 00000000 ____D () C:\Users\Michaela\Documents\Bluetooth Folder
2015-01-15 15:54 - 2013-07-25 08:30 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-15 15:40 - 2012-07-01 12:16 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-11 14:30 - 2012-01-29 00:49 - 00001628 _____ () C:\Windows\system32\ServiceFilter.ini
2015-01-11 14:09 - 2012-06-30 19:47 - 00000000 ____D () C:\ProgramData\Adobe
2015-01-11 12:07 - 2013-01-02 20:31 - 00000000 ____D () C:\Users\Michaela\AppData\Roaming\IObit
2015-01-07 11:26 - 2014-10-20 11:43 - 00548864 ___SH () C:\Users\Michaela\Desktop\Thumbs.db
2015-01-05 17:18 - 2009-07-14 03:34 - 00000505 _____ () C:\Windows\win.ini
2015-01-05 16:52 - 2012-09-21 13:20 - 00000000 ____D () C:\ProgramData\Nokia
2014-12-31 12:14 - 2012-06-30 18:36 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2013-04-08 00:53 - 2013-04-08 00:53 - 0007604 _____ () C:\Users\Michaela\AppData\Local\Resmon.ResmonCfg
2011-10-20 00:00 - 2010-10-06 17:45 - 0131984 _____ () C:\ProgramData\FullRemove.exe
2012-01-29 00:56 - 2012-01-29 00:57 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2012-01-29 00:52 - 2012-01-29 00:55 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-01-29 00:52 - 2012-01-29 00:52 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Some content of TEMP:
====================
C:\Users\Michaela\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpblkkyu.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-120195345-739056734-1938374901-1001Core.job => C:\Users\Michaela\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-120195345-739056734-1938374901-1001UA.job => C:\Users\Michaela\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Michaela\Desktop" je 60 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector
C:\Windows\AsScrPro.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\T-Mobile Communication Centre
"C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Michaela^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^V��ezy obrazovky a spu�t�n� aplikace OneNote 2007.lnk
C:\PROGRA~2\MICROS~1\Office12\ONENOTEM.EXE /tsr [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: pomaly notebook, odstranena omiga plus

Napsal: 28 led 2015 23:00
od vembloud
tady je ještě log z addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2015 01
Ran by Michaela at 2015-01-28 22:48:44
Running from C:\Users\Michaela\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Messenger“ (x32 Version: 15.4.3538.0513 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
AMD Catalyst Install Manager (HKLM\...\{EC591B58-07C2-1BF3-C2DB-7CBA363B7A08}) (Version: 3.0.838.0 - Advanced Micro Devices, Inc.)
ArcGIS Desktop 10 (HKLM-x32\...\ArcGIS Desktop 10) (Version: 10.0.2414 - Environmental Systems Research Institute, Inc.)
ArcGIS Desktop 10 (x32 Version: 10.0.2414 - Environmental Systems Research Institute, Inc.) Hidden
ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.1.0 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.27 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.50 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0011 - ASUS)
ASUS Sonic Focus (HKLM-x32\...\{B0002707-4F7E-4745-88A7-852DA8A88635}) (Version: 1.0.0.5 - Synopsys )
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0036 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.21 - asus)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.108.222 - eCareme Technologies, Inc.)
ASUS_Screensaver (HKLM-x32\...\ASUS_Screensaver) (Version: - )
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.10.168 - ASUSTEK)
Atheros Client Installation Program (HKLM-x32\...\{D3694B69-6F8C-42D3-8A0A-EB2AB528C02C}) (Version: 7.0 - Atheros)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0010 - ASUS)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.65 - Atheros Communications)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (HKLM-x32\...\{260E3D78-94E6-47EC-8E29-46301572BB1E}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2926 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1126 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Download Navigator (HKLM-x32\...\{E728441A-7820-4B1C-87C9-DE7BE37B2953}) (Version: 1.1.0 - SEIKO EPSON CORPORATION)
Dropbox (HKU\S-1-5-21-120195345-739056734-1938374901-1001\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Epson Easy Photo Print 2 (HKLM-x32\...\{30E01116-5666-4807-8EF1-D80E9FF16717}) (Version: 2.3.2.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Event Manager (HKLM-x32\...\{BECE9CCD-83F6-4BAA-9B26-227DF7D2E932}) (Version: 3.01.0000 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
ETDWare PS/2-X64 8.0.5.1_WHQL (HKLM\...\Elantech) (Version: 8.0.5.1 - ELAN Microelectronic Corp.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.9 - ASUS)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.93 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Huawei Drivers (HKLM-x32\...\{C82D8932-EB28-4da6-9582-33D515D46F04}) (Version: 4.22.19.00 - )
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kontrola Windows Live Mesh ActiveX za daljinske veze (HKLM-x32\...\{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}) (Version: 15.4.5722.2 - Microsoft Corporation)
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 cs)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Nokia Connectivity Cable Driver (HKLM-x32\...\{0906982B-A432-4C06-8F01-C01BE1143779}) (Version: 7.1.92.0 - Nokia)
Odinstalace tiskárny EPSON XP-205 207 Series (HKLM\...\EPSON XP-205 207 Series) (Version: - SEIKO EPSON Corporation)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Paragon Partition Manager™ 14 Free (HKLM\...\{47E5588F-C3A0-11DE-9857-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PC Connectivity Solution (HKLM-x32\...\{BA77F9D2-CD35-41EB-9BC9-769879DFF8A6}) (Version: 12.0.48.0 - Nokia)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Příručka pro síť EPSON XP-205 207 Series (HKLM-x32\...\EPSON XP-205 207 Series Netg) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.42.304.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6482 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Uživatelská příručka EPSON XP-205 207 Series (HKLM-x32\...\EPSON XP-205 207 Series Useg) (Version: - )
VLC media player 2.0.4 (HKLM-x32\...\VLC media player) (Version: 2.0.4 - VideoLAN)
Web'n'walk Manager (HKLM-x32\...\T-Mobile Communication Centre) (Version: 2011-06-30 - Gemfor s.r.o.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-120195345-739056734-1938374901-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{8150221C-8F7E-4997-AD4E-AFDEE7F4B410}) (Version: 3.0.21 - ASUS)
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-120195345-739056734-1938374901-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Michaela\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-120195345-739056734-1938374901-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michaela\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-120195345-739056734-1938374901-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michaela\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-120195345-739056734-1938374901-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michaela\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-120195345-739056734-1938374901-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michaela\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-120195345-739056734-1938374901-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michaela\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-120195345-739056734-1938374901-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michaela\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-120195345-739056734-1938374901-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michaela\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-120195345-739056734-1938374901-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michaela\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points =========================

23-01-2015 20:35:08 Windows Update
24-01-2015 09:01:58 Odebráno: „Windows Live Mesh ActiveX“ nuotolinių ryšių valdiklis
25-01-2015 11:56:50 zoek.exe restore point
26-01-2015 19:03:36 Odebráno: ActiveX контрола на Windows Live Mesh за отдалечени връзки
26-01-2015 19:04:55 Removed ASUS Live Update
26-01-2015 19:06:49 Odebráno: Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
26-01-2015 19:07:35 Odebráno: Windows Live Mesh ActiveX-i juhtelement kaugühendustele
26-01-2015 19:08:35 Odebráno: Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem
26-01-2015 19:09:34 Uklonjen Windows Live Mesh ActiveX kontrola za daljinske veze
26-01-2015 19:11:29 Odebráno: Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
26-01-2015 22:43:29 Odebráno: Kontrola Windows Live Mesh ActiveX za daljinske veze
27-01-2015 00:06:36 Installed Paragon Partition Manager™ 14 Free.
27-01-2015 22:52:40 Windows Update
28-01-2015 03:00:11 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-01-25 15:03 - 2015-01-25 15:03 - 00000840 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0ABBF4ED-51DE-4487-A3BC-540C169D8733} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {1E236A99-55C2-4B18-9B3C-23A4BA988FFE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {21204ABE-51CD-4B0D-A629-0DBBECDD14D5} - System32\Tasks\{5B016344-7336-4016-99D4-72F80A80E4D0} => pcalua.exe -a C:\Users\Michaela\AppData\Roaming\omiga-plus\UninstallManager.exe -c -ptid=tugs <==== ATTENTION
Task: {4016061D-DC97-41D8-B900-D981C6195C38} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-11] (Google Inc.)
Task: {58366C09-8F88-4692-B38D-D743548B70D8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-120195345-739056734-1938374901-1001Core => C:\Users\Michaela\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {5F987A77-066F-4427-A766-FFF9155FE0ED} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-11] (AVAST Software)
Task: {655C7B9D-FC57-4693-BEC2-45F369064C36} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2011-11-16] (ASUS)
Task: {6E7929E9-D963-4245-BBCC-B436D346248D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-24] (Adobe Systems Incorporated)
Task: {7316FBE4-5BD5-4A85-9BD2-4F4819571514} - System32\Tasks\Driver Booster SkipUAC (Michaela) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {854DCB40-7A24-4A6A-9183-5BCA94D39A09} - System32\Tasks\{B69E4068-A8A7-4E34-A95B-E21FC8BADD15} => pcalua.exe -a C:\Users\Michaela\Downloads\hijackthis.exe -d C:\Users\Michaela\Downloads
Task: {87DFAA94-FA9C-404B-B0BC-CC24F1DE5D45} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {BB299741-5B78-456F-A647-0FABE3087FED} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {CFC0D908-704A-4ECC-ADC4-8AB9A9D87EAE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-120195345-739056734-1938374901-1001UA => C:\Users\Michaela\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {DB9C3EC9-C5E1-4FE5-9FF9-A19CA2BE0077} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-11] (Google Inc.)
Task: {E48CFBA9-8244-456C-9B9B-1A8594A51B80} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15] (ASUS)
Task: {FC04C81A-5612-46D1-9BB7-DD85523B6AE7} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2011-11-23] (ASUS)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-120195345-739056734-1938374901-1001Core.job => C:\Users\Michaela\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-120195345-739056734-1938374901-1001UA.job => C:\Users\Michaela\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

Re: pomaly notebook, odstranena omiga plus

Napsal: 02 úno 2015 16:48
od vyosek
:arrow: Tvorba fixlistu pro FRST
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.)
HKU\S-1-5-21-120195345-739056734-1938374901-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-120195345-739056734-1938374901-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-120195345-739056734-1938374901-1001\...\MountPoints2: {65729d10-2db6-11e2-a95e-9cb70d1a893b} - F:\Autorun.exe
HKU\S-1-5-21-120195345-739056734-1938374901-1001\...\MountPoints2: {65729d22-2db6-11e2-a95e-9cb70d1a893b} - F:\Autorun.exe
HKU\S-1-5-21-120195345-739056734-1938374901-1001\...\MountPoints2: {89f1078c-a436-11e2-9104-9cb70d1a893b} - F:\Autorun.exe
HKU\S-1-5-21-120195345-739056734-1938374901-1001\...\MountPoints2: {b182b2bf-bbed-11e2-916b-9cb70d1a893b} - F:\Autorun.exe
Startup: C:\Users\Michaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ArcGIS License Manager 10 CRACKED.lnk
ShortcutTarget: ArcGIS License Manager 10 CRACKED.lnk -> C:\Cracked License Manager 10\start_lic_mgr_invisible.vbs ()

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

R2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-08-23] () [File not signed] <==== ATTENTION
S1 matrzpxl; \??\C:\Windows\system32\drivers\matrzpxl.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S1 vdlxjbmd; \??\C:\Windows\system32\drivers\vdlxjbmd.sys [X]

C:\Program Files (x86)\Tor
2015-01-28 22:46 - 2015-01-28 22:47 - 00018561 _____ () C:\Users\Michaela\Desktop\FRST.txt
2015-01-28 22:44 - 2015-01-28 22:44 - 00112640 _____ (forum.viry.cz) C:\Users\Michaela\Desktop\FRSTLauncher.exe
2015-01-28 22:39 - 2015-01-28 22:39 - 00000197 _____ () C:\Windows\system32\2015-01-28-21-39-20.070-AvastVBoxSVC.exe-5136.log
2015-01-26 23:56 - 2015-01-26 23:57 - 04362512 _____ (Piriform Ltd) C:\Users\Michaela\Downloads\dfsetup218.exe
2015-01-26 23:51 - 2015-01-27 00:00 - 53091632 _____ (Paragon Software ) C:\Users\Michaela\Downloads\pm14free_x64_eng.exe
2015-01-26 22:43 - 2015-01-26 22:43 - 00000197 _____ () C:\Windows\system32\2015-01-26-21-43-04.095-AvastVBoxSVC.exe-5788.log
2015-01-25 16:23 - 2015-01-25 16:23 - 00000197 _____ () C:\Windows\system32\2015-01-25-15-23-50.049-AvastVBoxSVC.exe-3696.log
2015-01-25 16:16 - 2015-01-25 15:01 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-01-25 15:03 - 2015-01-25 13:26 - 00027544 _____ () C:\zoek-results2015-01-25-122601.log
2015-01-25 14:59 - 2015-01-25 14:59 - 00000197 _____ () C:\Windows\system32\2015-01-25-13-59-51.047-AvastVBoxSVC.exe-5148.log
2015-01-25 14:40 - 2015-01-25 14:40 - 00000197 _____ () C:\Windows\system32\2015-01-25-13-40-08.061-AvastVBoxSVC.exe-6804.log
2015-01-25 11:56 - 2015-01-25 16:21 - 00008768 _____ () C:\zoek-results.log
2015-01-25 11:52 - 2015-01-25 11:52 - 00000197 _____ () C:\Windows\system32\2015-01-25-10-52-53.067-AvastVBoxSVC.exe-5208.log
2015-01-25 11:51 - 2015-01-25 13:12 - 00000000 ____D () C:\zoek_backup
2015-01-25 11:50 - 2015-01-25 11:51 - 00004912 _____ () C:\Users\Michaela\Desktop\AdwCleaner[S0].txt
2015-01-25 11:49 - 2015-01-25 16:21 - 00001214 _____ () C:\Windows\PFRO.log
2015-01-25 10:26 - 2015-01-25 11:47 - 00000000 ____D () C:\AdwCleaner
2015-01-25 10:23 - 2015-01-25 10:24 - 02194432 _____ () C:\Users\Michaela\Desktop\adwcleaner_4.109.exe
2015-01-25 10:15 - 2015-01-25 10:16 - 01295360 _____ () C:\Users\Michaela\Desktop\zoek.exe
2015-01-25 10:15 - 2015-01-25 10:15 - 00000181 _____ () C:\Users\Michaela\Desktop\script zoek.txt
2015-01-25 10:10 - 2015-01-25 10:10 - 00000197 _____ () C:\Windows\system32\2015-01-25-09-10-03.020-AvastVBoxSVC.exe-5776.log
2015-01-24 16:18 - 2015-01-24 16:18 - 00000197 _____ () C:\Windows\system32\2015-01-24-15-18-42.030-AvastVBoxSVC.exe-5872.log
2015-01-24 16:13 - 2015-01-28 22:36 - 00002026 _____ () C:\Windows\setupact.log
2015-01-24 16:13 - 2015-01-24 16:13 - 00000000 _____ () C:\Windows\setuperr.log)
2015-01-24 14:55 - 2015-01-24 14:55 - 00000000 ____D () C:\Program Files\Adware-Removal-Tool
2015-01-24 14:53 - 2015-01-24 14:55 - 00001150 _____ () C:\Users\Michaela\Documents\cc_20150124_145303.reg
2015-01-24 14:47 - 2015-01-24 14:48 - 00753184 _____ () C:\Users\Michaela\Downloads\Adware-Removal-Tool-v3.9.1.exe
2015-01-24 14:45 - 2015-01-24 14:45 - 00000197 _____ () C:\Windows\system32\2015-01-24-13-45-23.081-AvastVBoxSVC.exe-768.log
2015-01-24 13:29 - 2015-01-24 23:55 - 00000000 ____D () C:\Program Files\trend micro
2015-01-24 13:29 - 2015-01-24 13:36 - 00000000 ____D () C:\rsit
2015-01-24 13:14 - 2015-01-24 13:14 - 00000247 _____ () C:\Windows\system32\2015-01-24-12-14-47.017-aswFe.exe-856.log
2015-01-24 13:06 - 2015-01-24 13:14 - 00000247 _____ () C:\Windows\system32\2015-01-24-12-06-49.006-aswFe.exe-4252.log
2015-01-24 13:06 - 2015-01-24 13:06 - 00000197 _____ () C:\Windows\system32\2015-01-24-12-06-43.001-AvastVBoxSVC.exe-6056.log
2015-01-24 08:59 - 2015-01-24 08:59 - 00000197 _____ () C:\Windows\system32\2015-01-24-07-59-21.074-AvastVBoxSVC.exe-3608.log
2015-01-23 20:56 - 2015-01-23 20:58 - 05609115 _____ (Swearware) C:\Users\Michaela\Downloads\ComboFix.exe
2015-01-23 20:50 - 2015-01-23 20:51 - 05317104 _____ (Piriform Ltd) C:\Users\Michaela\Downloads\ccsetup501.exe
2015-01-23 19:06 - 2015-01-23 19:06 - 00000197 _____ () C:\Windows\system32\2015-01-23-18-06-11.053-AvastVBoxSVC.exe-6076.log
2015-01-19 16:59 - 2015-01-19 16:59 - 00000197 _____ () C:\Windows\system32\2015-01-19-15-59-11.070-AvastVBoxSVC.exe-5100.log
2015-01-19 15:19 - 2015-01-19 15:19 - 00000197 _____ () C:\Windows\system32\2015-01-19-14-19-19.064-AvastVBoxSVC.exe-7032.log
2015-01-19 12:38 - 2015-01-19 12:38 - 00000197 _____ () C:\Windows\system32\2015-01-19-11-38-01.044-AvastVBoxSVC.exe-3212.log
2015-01-17 21:36 - 2015-01-17 21:36 - 00000197 _____ () C:\Windows\system32\2015-01-17-20-36-38.079-AvastVBoxSVC.exe-5880.log
2015-01-15 16:27 - 2015-01-15 16:27 - 00000197 _____ () C:\Windows\system32\2015-01-15-15-27-07.001-AvastVBoxSVC.exe-5140.log
2015-01-15 13:36 - 2015-01-15 13:36 - 00000197 _____ () C:\Windows\system32\2015-01-15-12-36-42.068-AvastVBoxSVC.exe-3664.log
2015-01-13 13:14 - 2015-01-13 13:14 - 00000247 _____ () C:\Windows\system32\2015-01-13-12-14-04.048-aswFe.exe-2820.log
2015-01-13 12:23 - 2015-01-13 13:13 - 00000247 _____ () C:\Windows\system32\2015-01-13-11-23-25.008-aswFe.exe-6660.log
2015-01-13 12:22 - 2015-01-13 12:22 - 00000197 _____ () C:\Windows\system32\2015-01-13-11-22-30.057-AvastVBoxSVC.exe-3120.log
2015-01-13 12:03 - 2015-01-13 12:03 - 00000247 _____ () C:\Windows\system32\2015-01-13-11-03-39.073-aswFe.exe-6976.log
2015-01-13 12:03 - 2015-01-13 12:03 - 00000197 _____ () C:\Windows\system32\2015-01-13-11-03-19.069-AvastVBoxSVC.exe-1096.log
2015-01-11 14:35 - 2015-01-11 14:35 - 00000247 _____ () C:\Windows\system32\2015-01-11-13-35-16.038-aswFe.exe-6628.log
2015-01-11 14:34 - 2015-01-11 14:34 - 00000197 _____ () C:\Windows\system32\2015-01-11-13-34-36.005-AvastVBoxSVC.exe-3688.log
2015-01-11 14:17 - 2015-01-11 14:17 - 00000247 _____ () C:\Windows\system32\2015-01-11-13-17-16.071-aswFe.exe-3252.log
2015-01-11 14:16 - 2015-01-11 14:16 - 00000197 _____ () C:\Windows\system32\2015-01-11-13-16-32.041-AvastVBoxSVC.exe-3360.log
2015-01-11 14:05 - 2015-01-11 14:06 - 06875896 _____ (Speedchecker Limited ) C:\Users\Michaela\Downloads\zrychlenipocitace_7c8d99894aac49a1bff6c550ccda5c51_.exe
2015-01-11 13:48 - 2015-01-11 13:48 - 00000247 _____ () C:\Windows\system32\2015-01-11-12-48-25.006-aswFe.exe-7888.log
2015-01-11 13:47 - 2015-01-11 13:47 - 00000197 _____ () C:\Windows\system32\2015-01-11-12-47-43.071-AvastVBoxSVC.exe-4856.log
2015-01-11 11:20 - 2015-01-11 11:20 - 05006864 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup_online.exe
2015-01-11 11:20 - 2015-01-11 11:20 - 05006864 _____ (AVAST Software) C:\Users\Michaela\Downloads\avast_free_antivirus_setup_online.exe
2015-01-10 10:37 - 2015-01-10 10:37 - 00000000 ____D () C:\Users\Michaela\AppData\Roaming\Enigma Software Group
2015-01-10 10:37 - 2015-01-10 10:37 - 00000000 ____D () C:\sh4ldr
2015-01-10 10:35 - 2015-01-10 10:35 - 03044736 _____ (Enigma Software Group USA, LLC.) C:\Users\Michaela\Downloads\sh-remover.exe
2015-01-10 10:35 - 2015-01-10 10:35 - 00022704 _____ () C:\Windows\system32\Drivers\EsgScanner.sys
2015-01-10 10:35 - 2015-01-10 10:35 - 00000000 ____D () C:\Program Files\Enigma Software Group

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-120195345-739056734-1938374901-1001Core.job => C:\Users\Michaela\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-120195345-739056734-1938374901-1001UA.job => C:\Users\Michaela\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {0ABBF4ED-51DE-4487-A3BC-540C169D8733} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {21204ABE-51CD-4B0D-A629-0DBBECDD14D5} - System32\Tasks\{5B016344-7336-4016-99D4-72F80A80E4D0} => pcalua.exe -a C:\Users\Michaela\AppData\Roaming\omiga-plus\UninstallManager.exe -c -ptid=tugs <==== ATTENTION
Task: {BB299741-5B78-456F-A647-0FABE3087FED} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION

Hosts:
EmptyTemp:
Reboot:
End
  • Ulozte vytvoreny TXT jako fixlist.txt
  • Presunte vytvoreny fixlist vedle FRST
:arrow: Spustte znovu FRST.exe
  • Kliknete na Fix
  • Probehne oprava a vytvori log Fixlog.txt
:arrow: Restart PC a dejte mi sem fixlog.txt

Re: pomaly notebook, odstranena omiga plus

Napsal: 02 úno 2015 23:43
od vembloud
Dobrý večer, posílám fixlog

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-02-2015
Ran by Michaela at 2015-02-02 23:23:02 Run:1
Running from C:\Users\Michaela\Desktop
Loaded Profiles: Michaela (Available profiles: Michaela)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.)
HKU\S-1-5-21-120195345-739056734-1938374901-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-120195345-739056734-1938374901-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-120195345-739056734-1938374901-1001\...\MountPoints2: {65729d10-2db6-11e2-a95e-9cb70d1a893b} - F:\Autorun.exe
HKU\S-1-5-21-120195345-739056734-1938374901-1001\...\MountPoints2: {65729d22-2db6-11e2-a95e-9cb70d1a893b} - F:\Autorun.exe
HKU\S-1-5-21-120195345-739056734-1938374901-1001\...\MountPoints2: {89f1078c-a436-11e2-9104-9cb70d1a893b} - F:\Autorun.exe
HKU\S-1-5-21-120195345-739056734-1938374901-1001\...\MountPoints2: {b182b2bf-bbed-11e2-916b-9cb70d1a893b} - F:\Autorun.exe
Startup: C:\Users\Michaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ArcGIS License Manager 10 CRACKED.lnk
ShortcutTarget: ArcGIS License Manager 10 CRACKED.lnk -> C:\Cracked License Manager 10\start_lic_mgr_invisible.vbs ()

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

R2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-08-23] () [File not signed] <==== ATTENTION
S1 matrzpxl; \??\C:\Windows\system32\drivers\matrzpxl.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S1 vdlxjbmd; \??\C:\Windows\system32\drivers\vdlxjbmd.sys [X]

C:\Program Files (x86)\Tor
2015-01-28 22:46 - 2015-01-28 22:47 - 00018561 _____ () C:\Users\Michaela\Desktop\FRST.txt
2015-01-28 22:44 - 2015-01-28 22:44 - 00112640 _____ (forum.viry.cz) C:\Users\Michaela\Desktop\FRSTLauncher.exe
2015-01-28 22:39 - 2015-01-28 22:39 - 00000197 _____ () C:\Windows\system32\2015-01-28-21-39-20.070-AvastVBoxSVC.exe-5136.log
2015-01-26 23:56 - 2015-01-26 23:57 - 04362512 _____ (Piriform Ltd) C:\Users\Michaela\Downloads\dfsetup218.exe
2015-01-26 23:51 - 2015-01-27 00:00 - 53091632 _____ (Paragon Software ) C:\Users\Michaela\Downloads\pm14free_x64_eng.exe
2015-01-26 22:43 - 2015-01-26 22:43 - 00000197 _____ () C:\Windows\system32\2015-01-26-21-43-04.095-AvastVBoxSVC.exe-5788.log
2015-01-25 16:23 - 2015-01-25 16:23 - 00000197 _____ () C:\Windows\system32\2015-01-25-15-23-50.049-AvastVBoxSVC.exe-3696.log
2015-01-25 16:16 - 2015-01-25 15:01 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-01-25 15:03 - 2015-01-25 13:26 - 00027544 _____ () C:\zoek-results2015-01-25-122601.log
2015-01-25 14:59 - 2015-01-25 14:59 - 00000197 _____ () C:\Windows\system32\2015-01-25-13-59-51.047-AvastVBoxSVC.exe-5148.log
2015-01-25 14:40 - 2015-01-25 14:40 - 00000197 _____ () C:\Windows\system32\2015-01-25-13-40-08.061-AvastVBoxSVC.exe-6804.log
2015-01-25 11:56 - 2015-01-25 16:21 - 00008768 _____ () C:\zoek-results.log
2015-01-25 11:52 - 2015-01-25 11:52 - 00000197 _____ () C:\Windows\system32\2015-01-25-10-52-53.067-AvastVBoxSVC.exe-5208.log
2015-01-25 11:51 - 2015-01-25 13:12 - 00000000 ____D () C:\zoek_backup
2015-01-25 11:50 - 2015-01-25 11:51 - 00004912 _____ () C:\Users\Michaela\Desktop\AdwCleaner[S0].txt
2015-01-25 11:49 - 2015-01-25 16:21 - 00001214 _____ () C:\Windows\PFRO.log
2015-01-25 10:26 - 2015-01-25 11:47 - 00000000 ____D () C:\AdwCleaner
2015-01-25 10:23 - 2015-01-25 10:24 - 02194432 _____ () C:\Users\Michaela\Desktop\adwcleaner_4.109.exe
2015-01-25 10:15 - 2015-01-25 10:16 - 01295360 _____ () C:\Users\Michaela\Desktop\zoek.exe
2015-01-25 10:15 - 2015-01-25 10:15 - 00000181 _____ () C:\Users\Michaela\Desktop\script zoek.txt
2015-01-25 10:10 - 2015-01-25 10:10 - 00000197 _____ () C:\Windows\system32\2015-01-25-09-10-03.020-AvastVBoxSVC.exe-5776.log
2015-01-24 16:18 - 2015-01-24 16:18 - 00000197 _____ () C:\Windows\system32\2015-01-24-15-18-42.030-AvastVBoxSVC.exe-5872.log
2015-01-24 16:13 - 2015-01-28 22:36 - 00002026 _____ () C:\Windows\setupact.log
2015-01-24 16:13 - 2015-01-24 16:13 - 00000000 _____ () C:\Windows\setuperr.log)
2015-01-24 14:55 - 2015-01-24 14:55 - 00000000 ____D () C:\Program Files\Adware-Removal-Tool
2015-01-24 14:53 - 2015-01-24 14:55 - 00001150 _____ () C:\Users\Michaela\Documents\cc_20150124_145303.reg
2015-01-24 14:47 - 2015-01-24 14:48 - 00753184 _____ () C:\Users\Michaela\Downloads\Adware-Removal-Tool-v3.9.1.exe
2015-01-24 14:45 - 2015-01-24 14:45 - 00000197 _____ () C:\Windows\system32\2015-01-24-13-45-23.081-AvastVBoxSVC.exe-768.log
2015-01-24 13:29 - 2015-01-24 23:55 - 00000000 ____D () C:\Program Files\trend micro
2015-01-24 13:29 - 2015-01-24 13:36 - 00000000 ____D () C:\rsit
2015-01-24 13:14 - 2015-01-24 13:14 - 00000247 _____ () C:\Windows\system32\2015-01-24-12-14-47.017-aswFe.exe-856.log
2015-01-24 13:06 - 2015-01-24 13:14 - 00000247 _____ () C:\Windows\system32\2015-01-24-12-06-49.006-aswFe.exe-4252.log
2015-01-24 13:06 - 2015-01-24 13:06 - 00000197 _____ () C:\Windows\system32\2015-01-24-12-06-43.001-AvastVBoxSVC.exe-6056.log
2015-01-24 08:59 - 2015-01-24 08:59 - 00000197 _____ () C:\Windows\system32\2015-01-24-07-59-21.074-AvastVBoxSVC.exe-3608.log
2015-01-23 20:56 - 2015-01-23 20:58 - 05609115 _____ (Swearware) C:\Users\Michaela\Downloads\ComboFix.exe
2015-01-23 20:50 - 2015-01-23 20:51 - 05317104 _____ (Piriform Ltd) C:\Users\Michaela\Downloads\ccsetup501.exe
2015-01-23 19:06 - 2015-01-23 19:06 - 00000197 _____ () C:\Windows\system32\2015-01-23-18-06-11.053-AvastVBoxSVC.exe-6076.log
2015-01-19 16:59 - 2015-01-19 16:59 - 00000197 _____ () C:\Windows\system32\2015-01-19-15-59-11.070-AvastVBoxSVC.exe-5100.log
2015-01-19 15:19 - 2015-01-19 15:19 - 00000197 _____ () C:\Windows\system32\2015-01-19-14-19-19.064-AvastVBoxSVC.exe-7032.log
2015-01-19 12:38 - 2015-01-19 12:38 - 00000197 _____ () C:\Windows\system32\2015-01-19-11-38-01.044-AvastVBoxSVC.exe-3212.log
2015-01-17 21:36 - 2015-01-17 21:36 - 00000197 _____ () C:\Windows\system32\2015-01-17-20-36-38.079-AvastVBoxSVC.exe-5880.log
2015-01-15 16:27 - 2015-01-15 16:27 - 00000197 _____ () C:\Windows\system32\2015-01-15-15-27-07.001-AvastVBoxSVC.exe-5140.log
2015-01-15 13:36 - 2015-01-15 13:36 - 00000197 _____ () C:\Windows\system32\2015-01-15-12-36-42.068-AvastVBoxSVC.exe-3664.log
2015-01-13 13:14 - 2015-01-13 13:14 - 00000247 _____ () C:\Windows\system32\2015-01-13-12-14-04.048-aswFe.exe-2820.log
2015-01-13 12:23 - 2015-01-13 13:13 - 00000247 _____ () C:\Windows\system32\2015-01-13-11-23-25.008-aswFe.exe-6660.log
2015-01-13 12:22 - 2015-01-13 12:22 - 00000197 _____ () C:\Windows\system32\2015-01-13-11-22-30.057-AvastVBoxSVC.exe-3120.log
2015-01-13 12:03 - 2015-01-13 12:03 - 00000247 _____ () C:\Windows\system32\2015-01-13-11-03-39.073-aswFe.exe-6976.log
2015-01-13 12:03 - 2015-01-13 12:03 - 00000197 _____ () C:\Windows\system32\2015-01-13-11-03-19.069-AvastVBoxSVC.exe-1096.log
2015-01-11 14:35 - 2015-01-11 14:35 - 00000247 _____ () C:\Windows\system32\2015-01-11-13-35-16.038-aswFe.exe-6628.log
2015-01-11 14:34 - 2015-01-11 14:34 - 00000197 _____ () C:\Windows\system32\2015-01-11-13-34-36.005-AvastVBoxSVC.exe-3688.log
2015-01-11 14:17 - 2015-01-11 14:17 - 00000247 _____ () C:\Windows\system32\2015-01-11-13-17-16.071-aswFe.exe-3252.log
2015-01-11 14:16 - 2015-01-11 14:16 - 00000197 _____ () C:\Windows\system32\2015-01-11-13-16-32.041-AvastVBoxSVC.exe-3360.log
2015-01-11 14:05 - 2015-01-11 14:06 - 06875896 _____ (Speedchecker Limited ) C:\Users\Michaela\Downloads\zrychlenipocitace_7c8d99894aac49a1bff6c550ccda5c51_.exe
2015-01-11 13:48 - 2015-01-11 13:48 - 00000247 _____ () C:\Windows\system32\2015-01-11-12-48-25.006-aswFe.exe-7888.log
2015-01-11 13:47 - 2015-01-11 13:47 - 00000197 _____ () C:\Windows\system32\2015-01-11-12-47-43.071-AvastVBoxSVC.exe-4856.log
2015-01-11 11:20 - 2015-01-11 11:20 - 05006864 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup_online.exe
2015-01-11 11:20 - 2015-01-11 11:20 - 05006864 _____ (AVAST Software) C:\Users\Michaela\Downloads\avast_free_antivirus_setup_online.exe
2015-01-10 10:37 - 2015-01-10 10:37 - 00000000 ____D () C:\Users\Michaela\AppData\Roaming\Enigma Software Group
2015-01-10 10:37 - 2015-01-10 10:37 - 00000000 ____D () C:\sh4ldr
2015-01-10 10:35 - 2015-01-10 10:35 - 03044736 _____ (Enigma Software Group USA, LLC.) C:\Users\Michaela\Downloads\sh-remover.exe
2015-01-10 10:35 - 2015-01-10 10:35 - 00022704 _____ () C:\Windows\system32\Drivers\EsgScanner.sys
2015-01-10 10:35 - 2015-01-10 10:35 - 00000000 ____D () C:\Program Files\Enigma Software Group

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-120195345-739056734-1938374901-1001Core.job => C:\Users\Michaela\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-120195345-739056734-1938374901-1001UA.job => C:\Users\Michaela\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {0ABBF4ED-51DE-4487-A3BC-540C169D8733} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {21204ABE-51CD-4B0D-A629-0DBBECDD14D5} - System32\Tasks\{5B016344-7336-4016-99D4-72F80A80E4D0} => pcalua.exe -a C:\Users\Michaela\AppData\Roaming\omiga-plus\UninstallManager.exe -c -ptid=tugs <==== ATTENTION
Task: {BB299741-5B78-456F-A647-0FABE3087FED} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\WinampAgent => value deleted successfully.
HKU\S-1-5-21-120195345-739056734-1938374901-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-120195345-739056734-1938374901-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value deleted successfully.
"HKU\S-1-5-21-120195345-739056734-1938374901-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{65729d10-2db6-11e2-a95e-9cb70d1a893b}" => Key deleted successfully.
HKCR\CLSID\{65729d10-2db6-11e2-a95e-9cb70d1a893b} => Key not found.
"HKU\S-1-5-21-120195345-739056734-1938374901-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{65729d22-2db6-11e2-a95e-9cb70d1a893b}" => Key deleted successfully.
HKCR\CLSID\{65729d22-2db6-11e2-a95e-9cb70d1a893b} => Key not found.
"HKU\S-1-5-21-120195345-739056734-1938374901-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{89f1078c-a436-11e2-9104-9cb70d1a893b}" => Key deleted successfully.
HKCR\CLSID\{89f1078c-a436-11e2-9104-9cb70d1a893b} => Key not found.
"HKU\S-1-5-21-120195345-739056734-1938374901-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b182b2bf-bbed-11e2-916b-9cb70d1a893b}" => Key deleted successfully.
HKCR\CLSID\{b182b2bf-bbed-11e2-916b-9cb70d1a893b} => Key not found.
C:\Users\Michaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ArcGIS License Manager 10 CRACKED.lnk => Moved successfully.
C:\Cracked License Manager 10\start_lic_mgr_invisible.vbs => Moved successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
tor => Service deleted successfully.
matrzpxl => Service deleted successfully.
MBAMSwissArmy => Service deleted successfully.
vdlxjbmd => Service deleted successfully.
C:\Program Files (x86)\Tor => Moved successfully.
C:\Users\Michaela\Desktop\FRST.txt => Moved successfully.
"C:\Users\Michaela\Desktop\FRSTLauncher.exe" => File/Directory not found.
C:\Windows\system32\2015-01-28-21-39-20.070-AvastVBoxSVC.exe-5136.log => Moved successfully.
C:\Users\Michaela\Downloads\dfsetup218.exe => Moved successfully.
C:\Users\Michaela\Downloads\pm14free_x64_eng.exe => Moved successfully.
C:\Windows\system32\2015-01-26-21-43-04.095-AvastVBoxSVC.exe-5788.log => Moved successfully.
C:\Windows\system32\2015-01-25-15-23-50.049-AvastVBoxSVC.exe-3696.log => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results2015-01-25-122601.log => Moved successfully.
C:\Windows\system32\2015-01-25-13-59-51.047-AvastVBoxSVC.exe-5148.log => Moved successfully.
C:\Windows\system32\2015-01-25-13-40-08.061-AvastVBoxSVC.exe-6804.log => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\Windows\system32\2015-01-25-10-52-53.067-AvastVBoxSVC.exe-5208.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Michaela\Desktop\AdwCleaner[S0].txt => Moved successfully.
C:\Windows\PFRO.log => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Michaela\Desktop\adwcleaner_4.109.exe => Moved successfully.
C:\Users\Michaela\Desktop\zoek.exe => Moved successfully.
C:\Users\Michaela\Desktop\script zoek.txt => Moved successfully.
C:\Windows\system32\2015-01-25-09-10-03.020-AvastVBoxSVC.exe-5776.log => Moved successfully.
C:\Windows\system32\2015-01-24-15-18-42.030-AvastVBoxSVC.exe-5872.log => Moved successfully.
C:\Windows\setupact.log => Moved successfully.
"C:\Windows\setuperr.log)" => File/Directory not found.
C:\Program Files\Adware-Removal-Tool => Moved successfully.
C:\Users\Michaela\Documents\cc_20150124_145303.reg => Moved successfully.
C:\Users\Michaela\Downloads\Adware-Removal-Tool-v3.9.1.exe => Moved successfully.
C:\Windows\system32\2015-01-24-13-45-23.081-AvastVBoxSVC.exe-768.log => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\rsit => Moved successfully.
C:\Windows\system32\2015-01-24-12-14-47.017-aswFe.exe-856.log => Moved successfully.
C:\Windows\system32\2015-01-24-12-06-49.006-aswFe.exe-4252.log => Moved successfully.
C:\Windows\system32\2015-01-24-12-06-43.001-AvastVBoxSVC.exe-6056.log => Moved successfully.
C:\Windows\system32\2015-01-24-07-59-21.074-AvastVBoxSVC.exe-3608.log => Moved successfully.
C:\Users\Michaela\Downloads\ComboFix.exe => Moved successfully.
C:\Users\Michaela\Downloads\ccsetup501.exe => Moved successfully.
C:\Windows\system32\2015-01-23-18-06-11.053-AvastVBoxSVC.exe-6076.log => Moved successfully.
C:\Windows\system32\2015-01-19-15-59-11.070-AvastVBoxSVC.exe-5100.log => Moved successfully.
C:\Windows\system32\2015-01-19-14-19-19.064-AvastVBoxSVC.exe-7032.log => Moved successfully.
C:\Windows\system32\2015-01-19-11-38-01.044-AvastVBoxSVC.exe-3212.log => Moved successfully.
C:\Windows\system32\2015-01-17-20-36-38.079-AvastVBoxSVC.exe-5880.log => Moved successfully.
C:\Windows\system32\2015-01-15-15-27-07.001-AvastVBoxSVC.exe-5140.log => Moved successfully.
C:\Windows\system32\2015-01-15-12-36-42.068-AvastVBoxSVC.exe-3664.log => Moved successfully.
C:\Windows\system32\2015-01-13-12-14-04.048-aswFe.exe-2820.log => Moved successfully.
C:\Windows\system32\2015-01-13-11-23-25.008-aswFe.exe-6660.log => Moved successfully.
C:\Windows\system32\2015-01-13-11-22-30.057-AvastVBoxSVC.exe-3120.log => Moved successfully.
C:\Windows\system32\2015-01-13-11-03-39.073-aswFe.exe-6976.log => Moved successfully.
C:\Windows\system32\2015-01-13-11-03-19.069-AvastVBoxSVC.exe-1096.log => Moved successfully.
C:\Windows\system32\2015-01-11-13-35-16.038-aswFe.exe-6628.log => Moved successfully.
C:\Windows\system32\2015-01-11-13-34-36.005-AvastVBoxSVC.exe-3688.log => Moved successfully.
C:\Windows\system32\2015-01-11-13-17-16.071-aswFe.exe-3252.log => Moved successfully.
C:\Windows\system32\2015-01-11-13-16-32.041-AvastVBoxSVC.exe-3360.log => Moved successfully.
C:\Users\Michaela\Downloads\zrychlenipocitace_7c8d99894aac49a1bff6c550ccda5c51_.exe => Moved successfully.
C:\Windows\system32\2015-01-11-12-48-25.006-aswFe.exe-7888.log => Moved successfully.
C:\Windows\system32\2015-01-11-12-47-43.071-AvastVBoxSVC.exe-4856.log => Moved successfully.
C:\Users\Public\Desktop\avast_free_antivirus_setup_online.exe => Moved successfully.
C:\Users\Michaela\Downloads\avast_free_antivirus_setup_online.exe => Moved successfully.
C:\Users\Michaela\AppData\Roaming\Enigma Software Group => Moved successfully.
C:\sh4ldr => Moved successfully.
C:\Users\Michaela\Downloads\sh-remover.exe => Moved successfully.
C:\Windows\system32\Drivers\EsgScanner.sys => Moved successfully.
C:\Program Files\Enigma Software Group => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-120195345-739056734-1938374901-1001Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-120195345-739056734-1938374901-1001UA.job => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{0ABBF4ED-51DE-4487-A3BC-540C169D8733}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0ABBF4ED-51DE-4487-A3BC-540C169D8733}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeFlashPlayerUpdate 2" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{21204ABE-51CD-4B0D-A629-0DBBECDD14D5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{21204ABE-51CD-4B0D-A629-0DBBECDD14D5}" => Key deleted successfully.
C:\Windows\System32\Tasks\{5B016344-7336-4016-99D4-72F80A80E4D0} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5B016344-7336-4016-99D4-72F80A80E4D0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BB299741-5B78-456F-A647-0FABE3087FED}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB299741-5B78-456F-A647-0FABE3087FED}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeFlashPlayerUpdate" => Key deleted successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 115.4 MB temporary data.


The system needed a reboot.

==== End of Fixlog 23:26:29 ====

Re: pomaly notebook, odstranena omiga plus

Napsal: 03 úno 2015 09:17
od vyosek
Tak jeste uklidime :James008:

:arrow: DelFix https://toolslib.net/downloads/finish/2/
  • Stahnete a spustte
  • Ponechte zatrzitkou pouze u volby Remote disinfection tools
  • Kliknete na Run
:arrow: Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standard
Panel čistič
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za tyden

:arrow: A pokud nejsou problemy ci dotazy, je to z me strany vse :|
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz