VIRY.CZ

Dobrý den, kamarádka mě požádala, abych jí zkontroloval notebook. Prý ho má zpomalený přibližně rok a teď je to horší a při prohlížení webových stránek jí vyskakovali reklami. Takto mi problém popsala. Provedl jsem rychlý sken v MBAM a našlo to přes 500 hrozeb. (bohužel, log jsem zapoměl uložit). Odinstaloval jsem všechny toolbary a nepotřebný programy, mezi nima AVG antivirus a MCAfee, vyčistil tempy a v CCleaneru vyčistil registery, Dodatečně provedl full scan v MBAM. Nevím jak moc se notebook zrychlil, jestli se zrychlil, protože nevím jak by měl být rychlej, ale vzhledem k HW mi přijde v pořádku.

Adware je pryč, ale nejsem si jistej jestli i ten Downloader.
Je tu dobrá duše, která by rychle zkontrolovala, zda v něm nezůstala nějaká havěť?
Děkuju moc,
log z RSIT zde:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Karel at 2015-02-09 17:37:44
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 309 GB (72%) free of 432 GB
Total RAM: 3691 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:37:53, on 9.2.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\QuickTime\qttask.exe
C:\Program Files (x86)\Zrychleni Pocitace\PCSUNotifier.exe
E:\HBCD\HBCDMenu.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Karel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [PCSpeedUp] C:\Program Files (x86)\Zrychleni Pocitace\PCSUNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PC Speed Up Service (PCSUService) - Unknown owner - C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7845 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs

"C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe"
C:\windows\system32\svchost.exe -k NetworkService
atieclxx
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
taskeng.exe {13A11B01-621F-4C7F-A4E8-497DF77D590D}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
taskeng.exe {656DC0B0-5FB3-47B8-90AC-9FE04B669EDA}
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime
"C:\Program Files (x86)\Zrychleni Pocitace\PCSUNotifier.exe" /pcm
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\windows\system32\taskmgr.exe" /4
C:\windows\system32\wbem\wmiprvse.exe
"E:\HBCD\HBCDMenu.exe"
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 3812
C:\windows\system32\msiexec.exe /V
C:\windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Users\Karel\Desktop\RSITx64.exe"
"c:\program files\windows defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey C2D0959F-B60C-2A67-182C-5AE6489573DD -Reinvoke
C:\windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\PC SpeedUp Service Deactivator.job - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe /dev0 /idle

=========Mozilla firefox=========

ProfilePath - C:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\ty36nwv7.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.5.1]
"Description"=
"Path"=C:\windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-03-21 6270336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-07-05 453544]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-03-21 4502400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-07-05 157616]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"PCSpeedUp"=C:\Program Files (x86)\Zrychleni Pocitace\PCSUNotifier.exe [2014-11-27 338888]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-09-12 959176]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\skype.exe]
"Debugger=""C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe" /debugexe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\skypec2cautoupdatesvc.exe]
"Debugger=""C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe" /debugexe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\skypec2cpnrsvc.exe]
"Debugger=""C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe" /debugexe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-02-09 17:37:45 ----D---- C:\Program Files\trend micro
2015-02-09 17:37:44 ----D---- C:\rsit
2015-02-09 17:29:50 ----D---- C:\Program Files (x86)\Adobe
2015-02-09 17:29:16 ----SHD---- C:\Config.Msi
2015-02-09 17:23:22 ----A---- C:\windows\system32\FNTCACHE.DAT
2015-02-09 17:23:15 ----D---- C:\windows\Prefetch
2015-02-09 15:08:08 ----D---- C:\Program Files (x86)\LG Electronics
2015-02-09 14:59:08 ----SHD---- C:\$RECYCLE.BIN
2015-02-09 12:08:23 ----D---- C:\Users\Karel\AppData\Roaming\Malwarebytes
2015-01-28 20:16:40 ----D---- C:\Users\Karel\AppData\Roaming\Origin
2015-01-28 20:14:11 ----D---- C:\ProgramData\Origin
2015-01-28 20:05:47 ----D---- C:\Games
2015-01-22 22:41:30 ----D---- C:\Users\Karel\AppData\Roaming\BSplayer Pro
2015-01-22 22:41:30 ----D---- C:\Users\Karel\AppData\Roaming\BSplayer
2015-01-22 22:41:29 ----D---- C:\Program Files (x86)\Webteh
2015-01-22 22:38:22 ----D---- C:\Users\Karel\AppData\Roaming\Infigo
2015-01-22 21:49:37 ----A---- C:\windows\system32\drivers\mrxdav.sys
2015-01-21 17:21:14 ----A---- C:\windows\system32\TSWbPrxy.exe
2015-01-21 17:21:12 ----A---- C:\windows\system32\profsvc.dll
2015-01-21 17:21:09 ----A---- C:\windows\SYSWOW64\nlaapi.dll
2015-01-21 17:21:09 ----A---- C:\windows\SYSWOW64\ncsi.dll
2015-01-21 17:21:09 ----A---- C:\windows\system32\nlasvc.dll
2015-01-21 17:21:00 ----A---- C:\windows\system32\ntoskrnl.exe
2015-01-21 17:20:58 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2015-01-21 17:20:57 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2015-01-21 17:20:55 ----A---- C:\windows\SYSWOW64\srclient.dll
2015-01-21 17:20:55 ----A---- C:\windows\system32\srcore.dll
2015-01-21 17:20:55 ----A---- C:\windows\system32\srclient.dll
2015-01-21 17:20:55 ----A---- C:\windows\system32\rstrui.exe

======List of files/folders modified in the last 1 month======

2015-02-09 17:37:46 ----D---- C:\windows\Temp
2015-02-09 17:37:45 ----RD---- C:\Program Files
2015-02-09 17:33:05 ----SHD---- C:\windows\Installer
2015-02-09 17:32:24 ----D---- C:\Program Files (x86)\Internet Explorer
2015-02-09 17:32:05 ----D---- C:\windows\System32
2015-02-09 17:32:05 ----D---- C:\windows\inf
2015-02-09 17:32:05 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-02-09 17:31:27 ----D---- C:\windows\SysWOW64
2015-02-09 17:30:29 ----D---- C:\windows\system32\config
2015-02-09 17:29:52 ----D---- C:\ProgramData\Adobe
2015-02-09 17:29:50 ----RD---- C:\Program Files (x86)
2015-02-09 17:29:50 ----D---- C:\Program Files (x86)\Common Files
2015-02-09 17:27:32 ----D---- C:\windows\SoftwareDistribution
2015-02-09 17:24:37 ----D---- C:\Program Files (x86)\Zrychleni Pocitace
2015-02-09 17:24:06 ----D---- C:\windows\system32\spool
2015-02-09 17:23:49 ----D---- C:\Windows
2015-02-09 17:22:00 ----D---- C:\windows\SYSWOW64\drivers
2015-02-09 16:28:02 ----D---- C:\windows\system32\Tasks
2015-02-09 16:28:01 ----D---- C:\windows\Tasks
2015-02-09 16:28:01 ----D---- C:\windows\SYSWOW64\wbem
2015-02-09 16:00:03 ----D---- C:\windows\system32\LogFiles
2015-02-09 15:59:24 ----D---- C:\ProgramData\Malwarebytes
2015-02-09 15:09:55 ----SD---- C:\Users\Karel\AppData\Roaming\Microsoft
2015-02-09 15:09:50 ----SD---- C:\ProgramData\Microsoft
2015-02-09 15:09:19 ----D---- C:\windows\system32\drivers
2015-02-09 15:08:26 ----D---- C:\windows\system32\DriverStore
2015-02-09 15:06:19 ----SHD---- C:\System Volume Information
2015-02-09 14:58:57 ----D---- C:\Users\Karel\AppData\Roaming\Macromedia
2015-02-09 14:58:56 ----D---- C:\windows\security
2015-02-09 14:58:56 ----D---- C:\windows\Logs
2015-02-09 14:58:53 ----D---- C:\windows\PCHEALTH
2015-02-09 14:56:21 ----D---- C:\windows\SYSWOW64\LogFiles
2015-02-09 14:56:17 ----D---- C:\windows\Panther
2015-02-09 14:56:17 ----D---- C:\windows\debug
2015-02-09 14:50:58 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-02-09 14:44:04 ----HD---- C:\ProgramData
2015-02-09 14:44:04 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-09 14:43:57 ----D---- C:\ProgramData\MFAData
2015-02-09 14:27:34 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-02-09 14:27:11 ----D---- C:\ProgramData\Tarma Installer
2015-02-09 14:22:39 ----D---- C:\Program Files (x86)\Windows Live
2015-02-09 14:19:30 ----D---- C:\Users\Karel\AppData\Roaming\Seznam.cz
2015-02-09 14:18:52 ----D---- C:\Program Files (x86)\Seznam.cz
2015-02-09 14:15:34 ----D---- C:\Program Files (x86)\Microsoft
2015-02-09 14:12:32 ----D---- C:\Program Files (x86)\Google
2015-02-09 12:23:42 ----D---- C:\Program Files (x86)\VideoPlayerV3
2015-02-09 12:23:42 ----D---- C:\Program Files (x86)\tuvaro
2015-02-09 12:23:42 ----D---- C:\Program Files (x86)\MediaWatchV1
2015-02-09 12:23:41 ----D---- C:\Program Files (x86)\MediaViewV1
2015-02-09 12:23:41 ----D---- C:\Program Files (x86)\MediaViewerV1
2015-02-09 12:23:40 ----D---- C:\Program Files (x86)\MediaPlayerV1
2015-02-09 12:23:39 ----D---- C:\Users\Karel\AppData\Roaming\Systweak
2015-02-02 19:09:16 ----D---- C:\Users\Karel\AppData\Roaming\SoftGrid Client
2015-01-23 11:37:34 ----D---- C:\windows\winsxs
2015-01-22 22:52:37 ----D---- C:\windows\system32\MRT
2015-01-22 22:52:26 ----A---- C:\windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\windows\system32\DRIVERS\amd_sata.sys [2010-05-14 73856]
R0 amd_xata;amd_xata; C:\windows\system32\DRIVERS\amd_xata.sys [2010-05-14 28800]
R0 fbfmon;fbfmon; C:\windows\system32\drivers\fbfmon.sys [2012-01-13 57952]
R0 LHDmgr;LHDmgr; C:\windows\System32\DRIVERS\LhdX64.sys [2012-01-13 39008]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 BPntDrv;BPntDrv; C:\windows\system32\drivers\BPntDrv.sys [2012-01-13 13408]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys [2012-01-13 29792]
R3 amdiox64;AMD IO Driver; C:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2011-08-09 9360896]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2011-08-09 309760]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2010-11-24 2673664]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys [2011-01-29 31088]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT64.sys [2011-03-10 1581184]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C62x64.sys [2010-06-25 76912]
R3 Sftfs;Sftfs; C:\windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2010-09-03 1392688]
R3 usbfilter;AMD USB Filter Driver; C:\windows\system32\DRIVERS\usbfilter.sys [2010-11-28 44672]
R3 vm331avs;Digital Camera 1; C:\windows\System32\Drivers\vm331avs.sys [2010-10-21 228224]
R3 vmuvcflt;Vimicro USB Camera Filter; C:\windows\System32\Drivers\vmuvcflt.sys [2010-08-16 8320]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\windows\system32\DRIVERS\lgandnetdiag64.sys [2012-07-03 29184]
S3 ANDNetModem;LGE AndroidNet USB Modem; C:\windows\system32\DRIVERS\lgandnetmodem64.sys [2012-07-03 36352]
S3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter; C:\windows\system32\DRIVERS\lgandnetndis64.sys [2012-07-04 93184]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-09-29 80384]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys []
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
S3 wsvd;wsvd; C:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2011-08-09 204288]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 PCSUService;PC Speed Up Service; C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe [2014-11-27 437704]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-07-02 5037888]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-04-11 1390720]
S2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-04-11 1764992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23 107912]
S3 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-08-10 365568]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23 107912]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-02-09 114800]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-06-20 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

Zdravim

Odinstalujte Skype Click to Call

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )

ukoncete vsechny programy
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Scan, pote na Clean
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

# AdwCleaner v4.110 - Logfile created 09/02/2015 at 18:59:57
# Updated 05/02/2015 by Xplode
# Database : 2015-02-08.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Karel - KAREL-PC
# Running from : C:\Users\Karel\Desktop\adwcleaner_4.110.exe
# Option : Cleaning

***** [ Services ] *****

Service Deleted : pcsuservice

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zrychleni Pocitace
Folder Deleted : C:\Program Files (x86)\AVG Security Toolbar
Folder Deleted : C:\Program Files (x86)\MediaPlayerV1
Folder Deleted : C:\Program Files (x86)\MediaViewerV1
Folder Deleted : C:\Program Files (x86)\MediaViewV1
Folder Deleted : C:\Program Files (x86)\MediaWatchV1
Folder Deleted : C:\Program Files (x86)\tuvaro
Folder Deleted : C:\Program Files (x86)\VideoPlayerV3
Folder Deleted : C:\Program Files (x86)\Zrychleni Pocitace
Folder Deleted : C:\Users\Karel\AppData\Local\genienext
Folder Deleted : C:\Users\Karel\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp
Folder Deleted : C:\Users\Karel\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Karel\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Karel\AppData\LocalLow\tuvaro
Folder Deleted : C:\Users\Karel\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Karel\AppData\Roaming\Infigo
Folder Deleted : C:\Users\Karel\Documents\PCSpeedUp
File Deleted : C:\Users\Karel\daemonprocess.txt
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml

***** [ Scheduled tasks ] *****

Task Deleted : PC SpeedUp Service Deactivator

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [pcspeedup]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Activities\Search\ask.com
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B89F5C49-51DB-4974-AB5A-E25901AA339C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E9B5B0D2-D08A-49FC-8B5C-159B60BAA268}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{462862BE-9A5C-49A5-9CBD-A649EAC63645}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0113A098-06EA-4776-A011-D75590778F1E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BEAA0C04-ED15-4C17-800B-28716025A4E4}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{462862BE-9A5C-49A5-9CBD-A649EAC63645}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\599E1BE071DE4CFBA74729C5E87A0CB0
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{555D649F-3A08-41EF-8866-9993086B5F6B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7CE8B538-959F-421D-8D72-C0093FB7921A}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\Speedchecker Limited
Key Deleted : HKCU\Software\systweak
Key Deleted : HKLM\SOFTWARE\BetterSurf
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\MediaPlayerV1
Key Deleted : HKLM\SOFTWARE\MediaViewerV1
Key Deleted : HKLM\SOFTWARE\MediaViewV1
Key Deleted : HKLM\SOFTWARE\MediaWatchV1
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Webexp Enhanced
Key Deleted : HKLM\SOFTWARE\WebexpEnhancedV1
Key Deleted : HKLM\SOFTWARE\Video Player
Key Deleted : HKLM\SOFTWARE\VideoPlayerV3
Key Deleted : HKLM\SOFTWARE\Better-Surf
Key Deleted : [x64] HKLM\SOFTWARE\Speedchecker Limited
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

-\\ Mozilla Firefox v35.0 (x86 cs)

-\\ Google Chrome v40.0.2214.111

[C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://tuvaro.com/ws/?source=9e9471a2&tbp=url&toolbarid=base&u=7ef852d0000000000000beb70d2c47d6&q={searchTerms}
[C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10002&barid={5C1EAE0F-D045-11E1-87D8-DC0EA17C6825}
[C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://isearch.avg.com/search?cid={92CEA4C6-010B-444D-AAB4-06CDF246F45E}&mid=a6300733eb3847d09b210d47e79881d6-07c8503e7d07c81cfa8802e3d820371e473fc455&lang=cs&ds=AVG&pr=fr&d=2012-06-13 09:29:48&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}

*************************

AdwCleaner[R0].txt - [9154 bytes] - [09/02/2015 18:54:46]
AdwCleaner[S0].txt - [8734 bytes] - [09/02/2015 18:59:57]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8793 bytes] ##########

OK, z nejhorsiho jsme venku. Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-02-2015
Ran by Karel (administrator) on KAREL-PC on 09-02-2015 19:16:34
Running from C:\Users\Karel\Desktop
Loaded Profiles: Karel (Available profiles: Karel)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
Failed to access process -> firefox.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(forum.viry.cz) C:\Users\Karel\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKU\S-1-5-21-3607746728-1860219812-1177887649-1001\...\MountPoints2: {104135ff-cbe7-11e1-87d8-dc0ea17c6825} - E:\iStudio.exe
HKU\S-1-5-21-3607746728-1860219812-1177887649-1001\...\MountPoints2: {3ce8ce34-7998-11e2-bffe-dc0ea17c6825} - F:\LGAutoRun.exe
HKU\S-1-5-21-3607746728-1860219812-1177887649-1001\...\MountPoints2: {8f206aad-656b-11e3-adc9-dc0ea17c6825} - C:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Common_Handset_USB_Driver.exe
HKU\S-1-5-21-3607746728-1860219812-1177887649-1001\...\MountPoints2: {ac4f8bff-b061-11e4-8207-9cb70d2c47d6} - F:\LGAutoRun.exe
IFEO\skype.exe: [Debugger] "C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\skypec2cautoupdatesvc.exe: [Debugger] "C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\skypec2cpnrsvc.exe: [Debugger] "C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe" /debugexe
ShellIconOverlayIdentifiers: [VeriFace Enc] -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\windows\system32\IcnOvrly.dll ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3607746728-1860219812-1177887649-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=LENN
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3607746728-1860219812-1177887649-1001 -> {E0C46688-AD8E-4359-B6C8-958E82B22F32} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.193.123.1 10.193.123.3

FireFox:
========
FF ProfilePath: C:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\ty36nwv7.default
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.1 -> C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.5.1 -> C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3607746728-1860219812-1177887649-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Karel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: Adblock Plus - C:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\ty36nwv7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-03]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\gcswf32.dll No File
CHR Plugin: (AVG Internet Security) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\plugins/avgnpss.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR Profile: C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (AdBlock) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-03]
CHR Extension: (PenÃÂÃÂÃÂÃÂ¾enka Google) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-19]
CHR HKLM-x32\...\Chrome\Extension: [ceodnckjhbjimhelkblkehfgcopipcco] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home2949\ch\MediaWatchV1home2949.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dkcdoekmcgfpadadmnjnbaegnjcacedn] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha229\ch\MediaViewV1alpha229.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [hfmolamjccmpahhongjgolpemkckaklp] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha687\ch\WebexpEnhancedV1alpha687.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [kedkojohbbamnngnhpdejapajmpcbahc] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha769\ch\MediaViewerV1alpha769.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [olhjlahfchankipjdapaapcfeblmebbp] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta787\ch\VideoPlayerV3beta787.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [pcgmlbfjkgjfpndnaffjdjfncbbjjlhg] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha5062\ch\MediaViewV1alpha5062.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-08-10] (Advanced Micro Devices, Inc.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis64.sys [93184 2012-07-04] (LG Electronics Inc.)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [228224 2010-10-21] (Vimicro Corporation)
R3 vmuvcflt; C:\Windows\System32\Drivers\vmuvcflt.sys [8320 2010-08-16] (Vimicro Corporation)
U3 BcmSqlStartupSvc; No ImagePath
U2 CLKMSVC10_3A60B698; No ImagePath
U2 CLKMSVC10_C3B3B687; No ImagePath
U2 DriverService; No ImagePath
U2 IAStorDataMgrSvc; No ImagePath
U2 iATAgentService; No ImagePath
U2 idealife Update Service; No ImagePath
U3 IGRS; No ImagePath
U2 IviRegMgr; No ImagePath
S3 MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [X]
U2 nvUpdatusService; No ImagePath
U2 Oasis2Service; No ImagePath
U2 PCCarerService; No ImagePath
U2 ReadyComm.DirectRouter; No ImagePath
U2 RichVideo; No ImagePath
U2 RtLedService; No ImagePath
U2 SeaPort; No ImagePath
U2 SoftwareService; No ImagePath
U3 SQLWriter; No ImagePath
U2 Stereo Service; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-09 19:16 - 2015-02-09 19:17 - 00011971 _____ () C:\Users\Karel\Desktop\FRST.txt
2015-02-09 19:15 - 2015-02-09 19:16 - 00000000 ____D () C:\FRST
2015-02-09 19:14 - 2015-02-09 19:14 - 02132992 _____ (Farbar) C:\Users\Karel\Desktop\FRST64.exe
2015-02-09 19:14 - 2015-02-09 19:14 - 00112640 _____ (forum.viry.cz) C:\Users\Karel\Desktop\FRSTLauncher.exe
2015-02-09 18:54 - 2015-02-09 19:00 - 00000000 ____D () C:\AdwCleaner
2015-02-09 18:53 - 2015-02-09 18:53 - 02112512 _____ () C:\Users\Karel\Desktop\adwcleaner_4.110.exe
2015-02-09 17:37 - 2015-02-09 17:37 - 00000000 ____D () C:\rsit
2015-02-09 17:37 - 2015-02-09 17:37 - 00000000 ____D () C:\Program Files\trend micro
2015-02-09 17:30 - 2015-02-09 17:32 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-02-09 17:30 - 2015-02-09 17:30 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2015-02-09 17:29 - 2015-02-09 17:29 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-02-09 17:23 - 2015-02-09 19:01 - 00002520 _____ () C:\windows\PFRO.log
2015-02-09 17:23 - 2015-02-09 19:01 - 00000112 _____ () C:\windows\setupact.log
2015-02-09 17:23 - 2015-02-09 17:23 - 00272832 _____ () C:\windows\system32\FNTCACHE.DAT
2015-02-09 17:23 - 2015-02-09 17:23 - 00000000 _____ () C:\windows\setuperr.log
2015-02-09 15:59 - 2015-02-09 15:59 - 00060824 _____ () C:\Users\Karel\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-09 15:08 - 2015-02-09 15:08 - 00000000 ____D () C:\Program Files (x86)\LG Electronics
2015-02-09 12:08 - 2015-02-09 18:27 - 00000000 ____D () C:\Users\Karel\AppData\Roaming\Malwarebytes
2015-01-28 20:16 - 2015-02-02 19:13 - 00000000 ____D () C:\Users\Karel\AppData\Roaming\Origin
2015-01-28 20:14 - 2015-02-09 14:17 - 00000000 ____D () C:\ProgramData\Origin
2015-01-28 20:14 - 2015-02-09 14:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-01-28 20:05 - 2015-01-28 20:12 - 00000000 ____D () C:\Games
2015-01-26 18:18 - 2015-01-26 18:21 - 00908533 _____ () C:\Users\Karel\Downloads\Rachel-1---3.rar
2015-01-26 17:50 - 2015-01-26 17:50 - 03497606 _____ () C:\Users\Karel\Downloads\Kat(1).rar
2015-01-26 17:48 - 2015-01-26 17:48 - 03497606 _____ () C:\Users\Karel\Downloads\Kat.rar
2015-01-22 22:43 - 2015-01-22 22:43 - 00001132 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player FREE.lnk
2015-01-22 22:43 - 2015-01-22 22:43 - 00001126 _____ () C:\Users\Public\Desktop\BS.Player FREE.lnk
2015-01-22 22:43 - 2015-01-22 22:43 - 00000000 ____D () C:\Users\Karel\AppData\Local\Avg2015
2015-01-22 22:43 - 2015-01-22 22:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player
2015-01-22 22:41 - 2015-01-22 22:46 - 00000000 ____D () C:\Users\Karel\AppData\Roaming\BSplayer
2015-01-22 22:41 - 2015-01-22 22:41 - 00000000 ____D () C:\Users\Karel\AppData\Roaming\BSplayer Pro
2015-01-22 22:41 - 2015-01-22 22:41 - 00000000 ____D () C:\Program Files (x86)\Webteh
2015-01-22 22:40 - 2015-01-22 22:40 - 10554136 _____ () C:\Users\Karel\Desktop\bsplayer268.1077.exe
2015-01-22 22:38 - 2015-01-22 22:38 - 00000097 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2015-01-22 22:35 - 2015-01-22 22:36 - 07779368 _____ () C:\Users\Karel\Desktop\Infigo_setup.exe
2015-01-22 22:31 - 2015-01-22 22:31 - 00000000 ____D () C:\Users\Karel\AppData\Local\{D4709F6D-E0E0-4B17-9343-290F2F4E310B}
2015-01-22 21:49 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2015-01-21 17:21 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2015-01-21 17:21 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-01-21 17:21 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2015-01-21 17:21 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
2015-01-21 17:21 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncsi.dll
2015-01-21 17:21 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll
2015-01-21 17:20 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-01-21 17:20 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-01-21 17:20 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-01-21 17:20 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-01-21 17:20 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-01-21 17:20 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-09 19:08 - 2009-07-14 05:45 - 00028928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-09 19:08 - 2009-07-14 05:45 - 00028928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-09 19:06 - 2012-01-13 05:27 - 01402820 _____ () C:\windows\WindowsUpdate.log
2015-02-09 19:06 - 2012-01-12 21:06 - 00669584 _____ () C:\windows\system32\perfh005.dat
2015-02-09 19:06 - 2012-01-12 21:06 - 00141954 _____ () C:\windows\system32\perfc005.dat
2015-02-09 19:06 - 2009-07-14 06:13 - 01586242 _____ () C:\windows\system32\PerfStringBackup.INI
2015-02-09 19:02 - 2012-01-13 06:34 - 00576713 _____ () C:\windows\system32\fastboot.set
2015-02-09 19:01 - 2012-06-13 07:28 - 03141729 _____ () C:\FaceProv.log
2015-02-09 19:01 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-02-09 18:59 - 2012-06-13 07:29 - 00000000 ____D () C:\Users\Karel
2015-02-09 18:53 - 2013-02-24 20:25 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-02-09 18:47 - 2014-08-02 21:21 - 00000000 ____D () C:\Users\Karel\AppData\Roaming\QuickScan
2015-02-09 18:27 - 2014-05-02 10:52 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-09 17:29 - 2012-06-13 08:42 - 00000000 ____D () C:\ProgramData\Adobe
2015-02-09 17:24 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\spool
2015-02-09 16:28 - 2012-09-13 15:23 - 00000000 ____D () C:\Users\Karel\AppData\Local\Facebook
2015-02-09 15:09 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2015-02-09 14:58 - 2012-06-13 07:44 - 00000000 ____D () C:\Users\Karel\AppData\Roaming\Macromedia
2015-02-09 14:58 - 2012-01-13 06:26 - 00000000 ____D () C:\windows\PCHEALTH
2015-02-09 14:58 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\security
2015-02-09 14:56 - 2011-02-22 12:19 - 00000000 ____D () C:\windows\Panther
2015-02-09 14:50 - 2012-01-13 05:53 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-09 14:44 - 2014-03-01 22:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-09 14:43 - 2012-06-13 08:23 - 00000000 ____D () C:\ProgramData\MFAData
2015-02-09 14:27 - 2014-12-10 19:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-09 14:22 - 2012-01-13 06:26 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2015-02-09 14:19 - 2013-04-27 11:57 - 00000000 ____D () C:\Users\Karel\AppData\Roaming\Seznam.cz
2015-02-09 14:18 - 2013-04-27 11:58 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2015-02-09 14:12 - 2012-06-13 07:43 - 00000000 ____D () C:\Users\Karel\AppData\Local\Google
2015-02-09 14:12 - 2012-01-13 06:09 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-08 10:14 - 2012-01-13 06:09 - 00003948 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-08 10:14 - 2012-01-13 06:09 - 00003696 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-08 10:14 - 2012-01-13 06:09 - 00000952 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-08 10:14 - 2012-01-13 06:09 - 00000948 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-07 08:24 - 2012-01-13 06:09 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-02 19:22 - 2014-07-15 19:59 - 00000000 ____D () C:\Users\Karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-02-02 19:22 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-02 19:09 - 2012-09-18 21:04 - 00000000 ____D () C:\Users\Karel\AppData\Roaming\SoftGrid Client
2015-01-22 22:52 - 2014-02-18 16:14 - 113365784 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-01-22 22:52 - 2014-02-18 16:14 - 00000000 ____D () C:\windows\system32\MRT
2015-01-21 19:31 - 2014-05-03 11:52 - 00000000 ____D () C:\Users\Karel\Documents\škola

==================== Files in the root of some directories =======

2014-03-14 15:40 - 2014-06-28 11:10 - 0000000 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2014-05-03 11:39 - 2014-05-03 11:39 - 0007605 _____ () C:\Users\Karel\AppData\Local\Resmon.ResmonCfg
2015-01-22 22:38 - 2015-01-22 22:38 - 0000097 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Some content of TEMP:
====================
C:\Users\Karel\AppData\Local\Temp\Quarantine.exe
C:\Users\Karel\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-11-26 18:53

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:421.81 GB) (Free:304.82 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:26.52 GB) NTFS
Drive e: (HBCD 15.2) (CDROM) (Total:0.58 GB) (Free:0 GB) CDFS

Available physical RAM: 2719.07 MB
Total physical RAM: 3690.9 MB
Percentage of memory in use: 26%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 8DB54A87)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=421.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Karel\Desktop" je 6179 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

Jsou tam jeste zbytky po AVG - docistit pomoci oficialni utility http://www.avg.com/cz-cs/utilities . Pak nainstalujte treba avast! Free - lepsi detekce.

Velikost plochy by nemela presahovat 200 MB. Zpomaluje se pak start i samotny chod celeho PC - takze napr. velke soubory a slozky hodit do Dokumentu a na plochu dat jen odkaz v podobe zastupce.

Odinstalujte stare a zranitelne verze javy Java(TM) 7 Update 5 a JavaFX 2.1.1. Pokud javu potrebujete, pak nainstalujte novou z java.com - pozor na adware pri jeji instalaci http://forum.viry.cz/viewtopic.php?p=1374438#p1374438 . Z hlediska bezpecnosti (exploity) je lepsi ji nemit.

Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
znovu spustte FRST a kliknete na Fix

po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKU\S-1-5-21-3607746728-1860219812-1177887649-1001\...\MountPoints2: {104135ff-cbe7-11e1-87d8-dc0ea17c6825} - E:\iStudio.exe
HKU\S-1-5-21-3607746728-1860219812-1177887649-1001\...\MountPoints2: {3ce8ce34-7998-11e2-bffe-dc0ea17c6825} - F:\LGAutoRun.exe
HKU\S-1-5-21-3607746728-1860219812-1177887649-1001\...\MountPoints2: {8f206aad-656b-11e3-adc9-dc0ea17c6825} - C:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Common_Handset_USB_Driver.exe
HKU\S-1-5-21-3607746728-1860219812-1177887649-1001\...\MountPoints2: {ac4f8bff-b061-11e4-8207-9cb70d2c47d6} - F:\LGAutoRun.exe
IFEO\skype.exe: [Debugger] "C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\skypec2cautoupdatesvc.exe: [Debugger] "C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\skypec2cpnrsvc.exe: [Debugger] "C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe" /debugexe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
C:\Program Files (x86)\Zrychleni Pocitace

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3607746728-1860219812-1177887649-1001 -> {E0C46688-AD8E-4359-B6C8-958E82B22F32} URL = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
CHR HomePage: Default -> hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\gcswf32.dll No File
CHR Plugin: (AVG Internet Security) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\plugins/avgnpss.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll No File
C:\Program Files (x86)\Common Files\AVG Secure Search
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR HKLM-x32\...\Chrome\Extension: [ceodnckjhbjimhelkblkehfgcopipcco] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home2949\ch\MediaWatchV1home2949.crx [Not Found]
C:\Program Files (x86)\MediaWatchV1
CHR HKLM-x32\...\Chrome\Extension: [dkcdoekmcgfpadadmnjnbaegnjcacedn] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha229\ch\MediaViewV1alpha229.crx [Not Found]
C:\Program Files (x86)\MediaViewV1
CHR HKLM-x32\...\Chrome\Extension: [hfmolamjccmpahhongjgolpemkckaklp] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha687\ch\WebexpEnhancedV1alpha687.crx [Not Found]
C:\Program Files (x86)\WebexpEnhancedV1
CHR HKLM-x32\...\Chrome\Extension: [kedkojohbbamnngnhpdejapajmpcbahc] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha769\ch\MediaViewerV1alpha769.crx [Not Found]
C:\Program Files (x86)\MediaViewerV1
CHR HKLM-x32\...\Chrome\Extension: [olhjlahfchankipjdapaapcfeblmebbp] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta787\ch\VideoPlayerV3beta787.crx [Not Found]
C:\Program Files (x86)\VideoPlayerV3
CHR HKLM-x32\...\Chrome\Extension: [pcgmlbfjkgjfpndnaffjdjfncbbjjlhg] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha5062\ch\MediaViewV1alpha5062.crx [Not Found]
C:\Program Files (x86)\MediaViewV1

2015-02-09 19:16 - 2015-02-09 19:17 - 00011971 _____ () C:\Users\Karel\Desktop\FRST.txt
2015-02-09 19:14 - 2015-02-09 19:14 - 00112640 _____ (forum.viry.cz) C:\Users\Karel\Desktop\FRSTLauncher.exe
2015-02-09 18:54 - 2015-02-09 19:00 - 00000000 ____D () C:\AdwCleaner
2015-02-09 18:53 - 2015-02-09 18:53 - 02112512 _____ () C:\Users\Karel\Desktop\adwcleaner_4.110.exe
2015-02-09 17:37 - 2015-02-09 17:37 - 00000000 ____D () C:\rsit
2015-02-09 17:37 - 2015-02-09 17:37 - 00000000 ____D () C:\Program Files\trend micro
2015-01-22 22:40 - 2015-01-22 22:40 - 10554136 _____ () C:\Users\Karel\Desktop\bsplayer268.1077.exe

Task: {263AEA44-D10A-4D3D-A240-B8F09A7F58F6} - System32\Tasks\{5FCD1DB3-37A3-4E53-8C57-60E114E4E79D} => pcalua.exe -a "C:\Users\Karel\Desktop\DAEMON Tools Lite\InstallGadget.exe" -d "C:\Users\Karel\Desktop\DAEMON Tools Lite"
Task: {A36FF1AC-DBE1-425D-804F-F9EEFF73EC68} - System32\Tasks\{12AC107C-6765-4F3F-89BE-60552838F8EC} => pcalua.exe -a C:\Users\Karel\Desktop\Tropico-4---cestina.exe -d C:\Users\Karel\Desktop
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2015-02-09 19:15 - 2015-02-09 19:15 - 00029696 _____ () C:\Users\Karel\AppData\Local\MSGBOX.EXE

Folder: C:\Users\Karel\AppData\Local\{D4709F6D-E0E0-4B17-9343-290F2F4E310B}
CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"
Hosts:
EmptyTemp:
End

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 08-02-2015
Ran by Karel at 2015-02-09 19:49:11 Run:1
Running from C:\Users\Karel\Desktop
Loaded Profiles: Karel (Available profiles: Karel)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKU\S-1-5-21-3607746728-1860219812-1177887649-1001\...\MountPoints2: {104135ff-cbe7-11e1-87d8-dc0ea17c6825} - E:\iStudio.exe
HKU\S-1-5-21-3607746728-1860219812-1177887649-1001\...\MountPoints2: {3ce8ce34-7998-11e2-bffe-dc0ea17c6825} - F:\LGAutoRun.exe
HKU\S-1-5-21-3607746728-1860219812-1177887649-1001\...\MountPoints2: {8f206aad-656b-11e3-adc9-dc0ea17c6825} - C:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Common_Handset_USB_Driver.exe
HKU\S-1-5-21-3607746728-1860219812-1177887649-1001\...\MountPoints2: {ac4f8bff-b061-11e4-8207-9cb70d2c47d6} - F:\LGAutoRun.exe
IFEO\skype.exe: [Debugger] "C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\skypec2cautoupdatesvc.exe: [Debugger] "C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe" /debugexe
IFEO\skypec2cpnrsvc.exe: [Debugger] "C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe" /debugexe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
C:\Program Files (x86)\Zrychleni Pocitace

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3607746728-1860219812-1177887649-1001 -> {E0C46688-AD8E-4359-B6C8-958E82B22F32} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
CHR HomePage: Default -> hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\gcswf32.dll No File
CHR Plugin: (AVG Internet Security) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\plugins/avgnpss.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll No File
C:\Program Files (x86)\Common Files\AVG Secure Search
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR HKLM-x32\...\Chrome\Extension: [ceodnckjhbjimhelkblkehfgcopipcco] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home2949\ch\MediaWatchV1home2949.crx [Not Found]
C:\Program Files (x86)\MediaWatchV1
CHR HKLM-x32\...\Chrome\Extension: [dkcdoekmcgfpadadmnjnbaegnjcacedn] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha229\ch\MediaViewV1alpha229.crx [Not Found]
C:\Program Files (x86)\MediaViewV1
CHR HKLM-x32\...\Chrome\Extension: [hfmolamjccmpahhongjgolpemkckaklp] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha687\ch\WebexpEnhancedV1alpha687.crx [Not Found]
C:\Program Files (x86)\WebexpEnhancedV1
CHR HKLM-x32\...\Chrome\Extension: [kedkojohbbamnngnhpdejapajmpcbahc] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha769\ch\MediaViewerV1alpha769.crx [Not Found]
C:\Program Files (x86)\MediaViewerV1
CHR HKLM-x32\...\Chrome\Extension: [olhjlahfchankipjdapaapcfeblmebbp] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta787\ch\VideoPlayerV3beta787.crx [Not Found]
C:\Program Files (x86)\VideoPlayerV3
CHR HKLM-x32\...\Chrome\Extension: [pcgmlbfjkgjfpndnaffjdjfncbbjjlhg] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha5062\ch\MediaViewV1alpha5062.crx [Not Found]
C:\Program Files (x86)\MediaViewV1

2015-02-09 19:16 - 2015-02-09 19:17 - 00011971 _____ () C:\Users\Karel\Desktop\FRST.txt
2015-02-09 19:14 - 2015-02-09 19:14 - 00112640 _____ (forum.viry.cz) C:\Users\Karel\Desktop\FRSTLauncher.exe
2015-02-09 18:54 - 2015-02-09 19:00 - 00000000 ____D () C:\AdwCleaner
2015-02-09 18:53 - 2015-02-09 18:53 - 02112512 _____ () C:\Users\Karel\Desktop\adwcleaner_4.110.exe
2015-02-09 17:37 - 2015-02-09 17:37 - 00000000 ____D () C:\rsit
2015-02-09 17:37 - 2015-02-09 17:37 - 00000000 ____D () C:\Program Files\trend micro
2015-01-22 22:40 - 2015-01-22 22:40 - 10554136 _____ () C:\Users\Karel\Desktop\bsplayer268.1077.exe

Task: {263AEA44-D10A-4D3D-A240-B8F09A7F58F6} - System32\Tasks\{5FCD1DB3-37A3-4E53-8C57-60E114E4E79D} => pcalua.exe -a "C:\Users\Karel\Desktop\DAEMON Tools Lite\InstallGadget.exe" -d "C:\Users\Karel\Desktop\DAEMON Tools Lite"
Task: {A36FF1AC-DBE1-425D-804F-F9EEFF73EC68} - System32\Tasks\{12AC107C-6765-4F3F-89BE-60552838F8EC} => pcalua.exe -a C:\Users\Karel\Desktop\Tropico-4---cestina.exe -d C:\Users\Karel\Desktop
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2015-02-09 19:15 - 2015-02-09 19:15 - 00029696 _____ () C:\Users\Karel\AppData\Local\MSGBOX.EXE

Folder: C:\Users\Karel\AppData\Local\{D4709F6D-E0E0-4B17-9343-290F2F4E310B}
CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
"HKU\S-1-5-21-3607746728-1860219812-1177887649-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{104135ff-cbe7-11e1-87d8-dc0ea17c6825}" => Key deleted successfully.
HKCR\CLSID\{104135ff-cbe7-11e1-87d8-dc0ea17c6825} => Key not found.
"HKU\S-1-5-21-3607746728-1860219812-1177887649-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3ce8ce34-7998-11e2-bffe-dc0ea17c6825}" => Key deleted successfully.
HKCR\CLSID\{3ce8ce34-7998-11e2-bffe-dc0ea17c6825} => Key not found.
"HKU\S-1-5-21-3607746728-1860219812-1177887649-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8f206aad-656b-11e3-adc9-dc0ea17c6825}" => Key deleted successfully.
HKCR\CLSID\{8f206aad-656b-11e3-adc9-dc0ea17c6825} => Key not found.
"HKU\S-1-5-21-3607746728-1860219812-1177887649-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ac4f8bff-b061-11e4-8207-9cb70d2c47d6}" => Key deleted successfully.
HKCR\CLSID\{ac4f8bff-b061-11e4-8207-9cb70d2c47d6} => Key not found.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\skype.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\skypec2cautoupdatesvc.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\skypec2cpnrsvc.exe" => Key deleted successfully.
C:\windows\system32\GroupPolicy\Machine => Moved successfully.
C:\windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"C:\Program Files (x86)\Zrychleni Pocitace" => File/Directory not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-3607746728-1860219812-1177887649-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E0C46688-AD8E-4359-B6C8-958E82B22F32}" => Key deleted successfully.
HKCR\CLSID\{E0C46688-AD8E-4359-B6C8-958E82B22F32} => Key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
Chrome HomePage deleted successfully.
C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\ppGoogleNaClPluginChrome.dll not found.
C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\gcswf32.dll not found.
C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\plugins/avgnpss.dll not found.
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll not found.
C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll not found.
"C:\Program Files (x86)\Common Files\AVG Secure Search" => File/Directory not found.
C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll not found.
c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ceodnckjhbjimhelkblkehfgcopipcco" => Key deleted successfully.
"C:\Program Files (x86)\MediaWatchV1" => File/Directory not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dkcdoekmcgfpadadmnjnbaegnjcacedn" => Key deleted successfully.
"C:\Program Files (x86)\MediaViewV1" => File/Directory not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\hfmolamjccmpahhongjgolpemkckaklp" => Key deleted successfully.
"C:\Program Files (x86)\WebexpEnhancedV1" => File/Directory not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kedkojohbbamnngnhpdejapajmpcbahc" => Key deleted successfully.
"C:\Program Files (x86)\MediaViewerV1" => File/Directory not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\olhjlahfchankipjdapaapcfeblmebbp" => Key deleted successfully.
"C:\Program Files (x86)\VideoPlayerV3" => File/Directory not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pcgmlbfjkgjfpndnaffjdjfncbbjjlhg" => Key deleted successfully.
"C:\Program Files (x86)\MediaViewV1" => File/Directory not found.
"C:\Users\Karel\Desktop\FRST.txt" => File/Directory not found.
C:\Users\Karel\Desktop\FRSTLauncher.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Karel\Desktop\adwcleaner_4.110.exe => Moved successfully.
C:\rsit => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\Users\Karel\Desktop\bsplayer268.1077.exe => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{263AEA44-D10A-4D3D-A240-B8F09A7F58F6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{263AEA44-D10A-4D3D-A240-B8F09A7F58F6}" => Key deleted successfully.
C:\Windows\System32\Tasks\{5FCD1DB3-37A3-4E53-8C57-60E114E4E79D} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5FCD1DB3-37A3-4E53-8C57-60E114E4E79D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A36FF1AC-DBE1-425D-804F-F9EEFF73EC68}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A36FF1AC-DBE1-425D-804F-F9EEFF73EC68}" => Key deleted successfully.
C:\Windows\System32\Tasks\{12AC107C-6765-4F3F-89BE-60552838F8EC} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{12AC107C-6765-4F3F-89BE-60552838F8EC}" => Key deleted successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Users\Karel\AppData\Local\MSGBOX.EXE => Moved successfully.

========================= Folder: C:\Users\Karel\AppData\Local\{D4709F6D-E0E0-4B17-9343-290F2F4E310B} ========================

====== End of Folder: ======

========= dir "C:\PROGRA~1" =========

Svazek v jednotce C nem� ��dnou jmenovku.
S�riov� ��slo svazku je 7EF8-52D0.

V�pis adres��e C:\PROGRA~1

09.02.2015 19:49 <DIR> .
09.02.2015 19:49 <DIR> ..
13.01.2012 05:43 <DIR> ATI
13.01.2012 05:44 <DIR> ATI Technologies
14.06.2012 14:23 <DIR> CCleaner
13.06.2012 08:18 <DIR> Common Files
13.01.2012 05:49 <DIR> CONEXANT
13.01.2012 06:37 <DIR> DIFX
20.06.2012 07:21 <DIR> DVD Maker
13.06.2012 08:03 <DIR> Google
13.12.2014 13:06 <DIR> Internet Explorer
13.01.2012 06:33 <DIR> Lenovo
29.09.2011 04:37 <DIR> Microsoft Games
18.09.2012 21:02 <DIR> Microsoft Office
02.08.2014 09:44 <DIR> Microsoft Silverlight
14.07.2009 06:32 <DIR> MSBuild
14.07.2009 06:32 <DIR> Reference Assemblies
13.01.2012 05:57 <DIR> Synaptics
13.07.2013 13:07 <DIR> Windows Defender
15.07.2014 09:45 <DIR> Windows Journal
13.01.2012 06:26 <DIR> Windows Live
20.06.2012 07:22 <DIR> Windows Mail
20.10.2014 10:43 <DIR> Windows Media Player
14.07.2009 06:32 <DIR> Windows NT
20.06.2012 07:22 <DIR> Windows Photo Viewer
21.11.2010 04:31 <DIR> Windows Portable Devices
20.06.2012 07:22 <DIR> Windows Sidebar
Soubor�: 0, Bajt�: 0
Adres��: 27, Voln�ch bajt�: 326�589�435�904

========= End of CMD: =========

========= dir "C:\PROGRA~2" =========

Svazek v jednotce C nem� ��dnou jmenovku.
S�riov� ��slo svazku je 7EF8-52D0.

V�pis adres��e C:\PROGRA~2

09.02.2015 19:44 <DIR> .
09.02.2015 19:44 <DIR> ..
09.02.2015 17:29 <DIR> Adobe
24.12.2013 19:29 <DIR> Amazon
13.01.2012 05:45 <DIR> AMD APP
13.01.2012 05:55 <DIR> Atheros
13.01.2012 05:45 <DIR> ATI Technologies
09.02.2015 19:48 <DIR> Common Files
13.01.2012 06:08 <DIR> CyberLink
09.02.2015 14:12 <DIR> Google
09.02.2015 17:32 <DIR> Internet Explorer
09.02.2015 19:47 <DIR> Java
21.04.2013 14:55 <DIR> Kalypso Media
13.01.2012 06:37 <DIR> Lenovo
09.02.2015 15:08 <DIR> LG Electronics
13.06.2012 08:18 <DIR> McAfee
09.02.2015 14:15 <DIR> Microsoft
23.09.2013 17:11 <DIR> Microsoft Application Virtualization Client
18.09.2012 21:02 <DIR> Microsoft Office
02.08.2014 09:44 <DIR> Microsoft Silverlight
13.01.2012 06:28 <DIR> Microsoft SQL Server Compact Edition
21.06.2012 06:55 <DIR> Microsoft.NET
09.02.2015 14:27 <DIR> Mozilla Firefox
28.06.2014 11:10 0 Mozilla Firefoxavg-secure-search.xml
09.02.2015 14:44 <DIR> Mozilla Maintenance Service
14.07.2009 06:32 <DIR> MSBuild
12.05.2013 19:29 <DIR> MSECache
18.05.2014 14:56 <DIR> QuickTime
14.07.2009 06:32 <DIR> Reference Assemblies
17.08.2012 16:24 <DIR> Samsung
09.02.2015 14:18 <DIR> Seznam.cz
09.02.2015 18:53 <DIR> Skype
17.07.2014 11:24 <DIR> TeamViewer
14.06.2012 14:31 <DIR> The KMPlayer
13.01.2012 05:59 <DIR> USB Camera
13.01.2012 05:59 <DIR> Vimicro
22.01.2015 22:41 <DIR> Webteh
13.07.2013 13:07 <DIR> Windows Defender
09.02.2015 14:22 <DIR> Windows Live
20.06.2012 07:22 <DIR> Windows Mail
20.10.2014 10:43 <DIR> Windows Media Player
14.07.2009 06:32 <DIR> Windows NT
20.06.2012 07:22 <DIR> Windows Photo Viewer
21.11.2010 04:31 <DIR> Windows Portable Devices
20.06.2012 07:22 <DIR> Windows Sidebar
05.08.2014 20:54 <DIR> WinRAR
Soubor�: 1, Bajt�: 0
Adres��: 45, Voln�ch bajt�: 326�589�431�808

========= End of CMD: =========

========= dir "C:\PROGRA~3" =========

Svazek v jednotce C nem� ��dnou jmenovku.
S�riov� ��slo svazku je 7EF8-52D0.

V�pis adres��e C:\PROGRA~3

09.02.2015 17:29 <DIR> Adobe
13.01.2012 05:44 <DIR> AMD
18.05.2014 14:55 <DIR> Apple Computer
13.01.2012 05:55 <DIR> Atheros
13.01.2012 05:47 <DIR> ATI
27.08.2014 18:55 <DIR> Avg_Update_0814tb
07.11.2012 18:15 <DIR> CyberLink
24.04.2013 19:28 <DIR> DAEMON Tools Lite
19.06.2012 08:45 <DIR> Energy Management
09.02.2015 18:27 <DIR> Malwarebytes
01.03.2014 22:42 <DIR> McAfee
07.04.2013 12:21 <DIR> Microsoft Help
22.01.2015 22:38 97 Microsoft.SqlServer.Compact.351.32.bc
01.03.2014 22:33 <DIR> Mozilla
13.01.2012 06:34 <DIR> OneKey Recovery
09.02.2015 19:48 <DIR> Oracle
09.02.2015 14:17 <DIR> Origin
29.03.2014 14:13 <DIR> Skype
17.07.2012 10:47 <DIR> Sun
13.01.2012 06:33 <DIR> Temp
02.08.2014 19:58 <DIR> VeriFace
13.12.2012 22:41 <DIR> VirtualizedApplications
Soubor�: 1, Bajt�: 97
Adres��: 21, Voln�ch bajt�: 326�589�431�808

========= End of CMD: =========

========= dir "%localappdata%" =========

Svazek v jednotce C nem� ��dnou jmenovku.
S�riov� ��slo svazku je 7EF8-52D0.

V�pis adres��e C:\Users\Karel\AppData\Local

09.02.2015 19:49 <DIR> .
09.02.2015 19:49 <DIR> ..
01.03.2014 22:42 <DIR> Adobe
24.12.2013 19:29 <DIR> Amazon
13.06.2012 07:31 <DIR> AMD
13.06.2012 07:31 <DIR> ATI
02.12.2014 16:01 <DIR> Avg
03.01.2014 18:12 <DIR> cache
13.06.2012 07:32 <DIR> CyberLink
25.08.2014 22:45 <DIR> Diagnostics
09.02.2015 16:28 <DIR> Facebook
09.02.2015 15:59 60�824 GDIPFONTCACHEV1.DAT
09.02.2015 14:12 <DIR> Google
01.03.2014 22:43 <DIR> Macromedia
09.02.2015 14:59 <DIR> Microsoft
27.09.2013 20:25 <DIR> Microsoft Games
07.04.2013 12:21 <DIR> Microsoft Help
01.03.2014 22:34 <DIR> Mozilla
02.05.2014 10:52 <DIR> Programs
03.05.2014 11:39 7�605 Resmon.ResmonCfg
29.03.2014 14:14 <DIR> Skype
18.09.2012 21:04 <DIR> SoftGrid Client
09.02.2015 19:49 <DIR> Temp
05.09.2013 13:35 <DIR> Unity
13.03.2014 12:58 <DIR> VirtualStore
25.05.2014 14:00 <DIR> Windows Live
22.04.2013 20:18 <DIR> {1E868645-5A25-46B8-8304-A74D960A89E6}
04.02.2013 15:07 <DIR> {442170B4-BE37-4F69-B9EE-E1E146438822}
17.08.2012 16:28 <DIR> {AEEAB394-1FD8-4F1F-B88C-3DC29FC49689}
23.11.2013 14:09 <DIR> {B2910E62-A36B-47A4-99F2-998C84C00B0B}
04.02.2013 15:07 <DIR> {CD87B12A-95A6-4144-A94A-18670B5A438A}
22.01.2015 22:31 <DIR> {D4709F6D-E0E0-4B17-9343-290F2F4E310B}
17.08.2012 16:28 <DIR> {E2055574-ED2A-4386-AF17-5F5E5985C5F8}
02.04.2013 22:32 <DIR> {EC90FB1E-B5B9-4BAE-B32B-995760860666}
Soubor�: 2, Bajt�: 68�429
Adres��: 32, Voln�ch bajt�: 326�589�431�808

========= End of CMD: =========

========= dir "%appdata%" =========

Svazek v jednotce C nem� ��dnou jmenovku.
S�riov� ��slo svazku je 7EF8-52D0.

V�pis adres��e C:\Users\Karel\AppData\Roaming

09.02.2015 18:59 <DIR> .
09.02.2015 18:59 <DIR> ..
27.12.2013 14:50 <DIR> .minecraft
19.06.2012 08:20 <DIR> Adobe
13.06.2012 07:31 <DIR> ATI
22.01.2015 22:46 <DIR> BSplayer
22.01.2015 22:41 <DIR> BSplayer Pro
13.06.2012 07:32 <DIR> CyberLink
24.04.2013 19:28 <DIR> DAEMON Tools Lite
13.06.2012 07:30 <DIR> Identities
17.08.2012 16:39 <DIR> Intelli-studio
09.02.2015 14:58 <DIR> Macromedia
09.02.2015 18:27 <DIR> Malwarebytes
29.09.2011 04:37 <DIR> Media Center Programs
01.03.2014 22:34 <DIR> Mozilla
02.02.2015 19:13 <DIR> Origin
09.02.2015 18:47 <DIR> QuickScan
09.02.2015 14:19 <DIR> Seznam.cz
03.08.2014 00:47 <DIR> Skype
02.02.2015 19:09 <DIR> SoftGrid Client
18.09.2012 21:04 <DIR> TP
29.04.2013 17:45 <DIR> Tropico 4 Demo
22.07.2014 20:51 <DIR> TuneUp Software
05.09.2013 13:37 <DIR> Unity
05.03.2013 17:54 <DIR> Wargaming.net
05.08.2014 21:08 <DIR> WinRAR
Soubor�: 0, Bajt�: 0
Adres��: 26, Voln�ch bajt�: 326�589�427�712

========= End of CMD: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 162.6 MB temporary data.

The system needed a reboot.

==== End of Fixlog 19:49:51 ====

Po AVG jste uklidil a avast nainstaloval?

Ulozte na plochu MBAR - http://www.bleepingcomputer.com/downloa ... i-rootkit/

Spuste dvojklikem a extrahujte na plochu
kliknete na Next
Aktualizujte virovou databazi klikem na Update a pokracujte na Next
Vsechny 3 moznosti nechte zaskrtnute a zvolte Scan (potrva cca 15 minut)
zatrhnete vsechny nalezy a take zkontrolujte zatrzitko u Create Restore Point
kliknete na Cleanup a souhlaste s restartem - Yes
obsah logu ulozene na plose v mbar\mbar-log-2015-mm-dd (hh-mm-ss).txt vlozte do pristi odpovedi

Po AVG jsem uklidil, avast ještě nenainstaloval. Teď jdu na MBAR

Scan finished: No malware found!

žádnej malware to nenašlo, to je úspěch ne?

Presne tak. Takze jeste uklidime.

Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
Oznacte jen moznost "Remove disinfection tools"
kliknete na Run

A pokud nejsou dotazy ci jine problemy, je to ode mne vse.

To bude všechno, děkuju moc za bleskurychlou pomoc.
Pokud bydlíte v Liberci, dlužím vám pivo.
Hezký zbytek dne přeje Micheáš Rosenkreuz.

Nemate zac, rad jsem pomohl

O vikendu ve Znojme, pres tyden v Brne no a do Liberce se v nejblizsi dobe nechystam

Mejte se krasne a treba zase nekdy

VIRY.CZ

Downloader a jiná havěť

Downloader a jiná havěť

Re: Downloader a jiná havěť

Re: Downloader a jiná havěť

Re: Downloader a jiná havěť

Re: Downloader a jiná havěť

Re: Downloader a jiná havěť

Re: Downloader a jiná havěť

Re: Downloader a jiná havěť

Re: Downloader a jiná havěť

Re: Downloader a jiná havěť

Re: Downloader a jiná havěť

Re: Downloader a jiná havěť

Re: Downloader a jiná havěť