VIRY.CZ

Dobrý den

při kontrole Nortonem jsem viděl v kontrolovaných souborech jména skoro všech známých trojanů. Kontrola přes eset online scanner nic nenašla, Norton také ne. Přitom ve spojení s tím, jak se mi zpomalil ntb, vypadává wifi připojení a blbne Flashplayer bych řekl, že tam nějaká havěť bude. Můžete mi, prosím helfnout? log přikládám

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-02-2015
Ran by Iveta (administrator) on MILAAAASEK on 01-03-2015 16:50:14
Running from C:\Users\Iveta\Desktop
Loaded Profiles: Iveta & Administrator (Available profiles: Iveta & Administrator)
Platform: Windows 8.1 Pro (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.0.0.110\NS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\nacl64.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QuickAccess.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ESET) C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
() C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
Failed to access process -> explorer.exe
Failed to access process -> NS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.0.0.110\NS.exe
(forum.viry.cz) C:\Users\Iveta\Desktop\FRSTLauncher (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13657304 2013-10-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [Stronghold AntiMalware] => C:\Program Files (x86)\Stronghold AntiMalware\StrongholdAntiMalware.exe [6495144 2014-09-03] (Security Stronghold)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [133760 2013-12-24] ( (Qualcomm®Atheros®))
HKU\S-1-5-21-4033861707-2586788558-3913029225-1001\...\Run: [Pokki] => "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
HKU\S-1-5-21-4033861707-2586788558-3913029225-1001\...\Run: [GoogleChromeAutoLaunch_DD52DC0D6186026AFE712DB9D3450405] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592 2015-02-17] (Google Inc.)
HKU\S-1-5-21-4033861707-2586788558-3913029225-1001\...\RunOnce: [Application Restart #1] => C:\Users\Iveta\AppData\Local\Pokki\Engine\HostAppService.exe [7689032 2014-08-30] (Pokki)
HKU\S-1-5-21-4033861707-2586788558-3913029225-1001\...\MountPoints2: {2bcd85b7-fe2c-11e3-825f-f8a963033680} - "D:\PMCsetup.exe"
HKU\S-1-5-21-4033861707-2586788558-3913029225-1001\...\MountPoints2: {2da71d7c-35a2-11e4-8262-f8a963033680} - "D:\LGAutoRun.exe"
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp ... XXW3P44CJZ
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp ... XXW3P44CJZ
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?typ ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?typ ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp ... XXW3P44CJZ
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp ... XXW3P44CJZ
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?typ ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?typ ... earchTerms}
HKU\S-1-5-21-4033861707-2586788558-3913029225-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp ... XXW3P44CJZ
HKU\S-1-5-21-4033861707-2586788558-3913029225-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp ... XXW3P44CJZ
HKU\S-1-5-21-4033861707-2586788558-3913029225-500\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer13.msn.com/?pc=APJB
HKU\S-1-5-21-4033861707-2586788558-3913029225-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com/?pc=APJB
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?typ ... earchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?typ ... earchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?typ ... earchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?typ ... earchTerms}
SearchScopes: HKU\S-1-5-21-4033861707-2586788558-3913029225-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?typ ... earchTerms}
SearchScopes: HKU\S-1-5-21-4033861707-2586788558-3913029225-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?typ ... earchTerms}
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine64\22.0.0.110\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.0.0.110\coIEPlg.dll (Symantec Corporation)
BHO-x32: WinToFlash Suggestor -> {FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD} -> C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll (Novicorp LLC)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine64\22.0.0.110\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.0.0.110\coIEPlg.dll (Symantec Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.0.0.110\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.0.0.110\coFFPlgn [2015-03-01]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.centrum.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com/", "hxxp://istart.webssearches.com/?type=hp&ts=1410900248&from=wpc&uid=ST500LT012-1DG142_W3P44CJZXXXXW3P44CJZ"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.703\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\internal-nacl-plugin No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll No File
CHR Profile: C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-12]
CHR Extension: (WinToFlash Suggestor) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\acaoakiamfeidcmgooclgeleejkbaecf [2014-12-22]
CHR Extension: (Google Docs) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-12]
CHR Extension: (Google Drive) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-12]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2014-09-12]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2014-09-12]
CHR Extension: (YouTube) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-12]
CHR Extension: (Norton Security Toolbar) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2015-03-01]
CHR Extension: (Google Search) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-12]
CHR Extension: (No Name) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmogedkclicfickbbgiejmcifngnmifh [2014-09-16]
CHR Extension: (No Name) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdchjdobifomdmbjehggabihigjbdjmc [2014-09-16]
CHR Extension: (Google Sheets) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-12]
CHR Extension: (AdBlock) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-09-12]
CHR Extension: (No Name) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcnacamifbfpfmoinicljlebgcbhgphb [2014-09-16]
CHR Extension: (Norton Identity Safe) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-03-01]
CHR Extension: (Google Wallet) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-12]
CHR Extension: (Chrome Apps & Extensions Developer Tool) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohmmkhmmmpcnpikjeljgnaoabkaalbgc [2014-09-28]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2014-09-12]
CHR Extension: (Gmail) - C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-12]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.0.0.110\Exts\Chrome.crx [2015-03-01]
CHR HKLM-x32\...\Chrome\Extension: [acaoakiamfeidcmgooclgeleejkbaecf] - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.crx [2012-05-25]
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.0.0.110\Exts\Chrome.crx [2015-03-01]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [318592 2013-12-24] (Windows (R) Win 7 DDK provider) [File not signed]
R3 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [663592 2013-07-06] (Acer Incorporated)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
R2 LMSvc; C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate)
R2 NS; C:\Program Files (x86)\Norton Security\Engine\22.0.0.110\NS.exe [282568 2014-09-13] (Symantec Corporation)
R3 QASvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe [457768 2013-08-03] (Acer Incorporate)
R3 RMSvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe [448040 2013-08-03] (Acer Incorporate)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
S2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3881472 2013-12-12] (Qualcomm Atheros Communications, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.0.0.110\Definitions\BASHDefs\20150224.001\BHDrvx64.sys [1622744 2015-02-24] (Symantec Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-12-24] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation)
R1 ccSet_NS; C:\Windows\system32\drivers\NSx64\1600000.06E\ccSetx64.sys [165080 2014-09-09] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2015-02-28] (Symantec Corporation)
U3 EraserUtilDrv11411; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11411.sys [142640 2015-02-28] (Symantec Corporation)
S3 ESETCleanersDriver; C:\WINDOWS\system32\Drivers\ESETCleanersDriver.sys [170280 2015-03-01] (ESET)
R1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.0.0.110\Definitions\IPSDefs\20150227.003\IDSvia64.sys [669400 2015-02-27] (Symantec Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 NAVENG; C:\Program Files (x86)\Norton Security\NortonData\22.0.0.110\Definitions\VirusDefs\20150228.001\ENG64.SYS [129752 2015-02-28] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security\NortonData\22.0.0.110\Definitions\VirusDefs\20150228.001\EX64.SYS [2137304 2015-02-28] (Symantec Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R1 SMR430; C:\Windows\System32\drivers\SMR430.SYS [108216 2015-03-01] (Symantec Corporation)
R3 SRTSP; C:\Windows\system32\drivers\NSx64\1600000.06E\SRTSP64.SYS [1016024 2014-09-09] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NSx64\1600000.06E\SRTSPX64.SYS [42200 2014-09-09] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NSx64\1600000.06E\SYMDS64.SYS [490712 2014-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NSx64\1600000.06E\SYMEFA64.SYS [1151704 2014-09-09] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NSx64\1600000.06E\SymELAM.sys [23568 2014-09-09] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [102616 2015-03-01] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NSx64\1600000.06E\Ironx64.SYS [271576 2014-09-09] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NSx64\1600000.06E\SYMNETS.SYS [565464 2014-09-09] (Symantec Corporation)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [87568 2013-07-02] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S4 ehdrv; \SystemRoot\system32\DRIVERS\ehdrv.sys [X]
S3 OATool; \??\C:\Users\Administrator\AppData\Local\Temp\OAToolx64.sys [X]
S3 TDKLIB; \??\C:\Users\Administrator\AppData\Local\Temp\TdkLib64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-01 16:50 - 2015-03-01 16:52 - 00021367 _____ () C:\Users\Iveta\Desktop\FRST.txt
2015-03-01 16:49 - 2015-03-01 16:50 - 00000000 ____D () C:\FRST
2015-03-01 16:48 - 2015-03-01 16:48 - 00112640 _____ (forum.viry.cz) C:\Users\Iveta\Desktop\FRSTLauncher (1).exe
2015-03-01 16:47 - 2015-03-01 16:48 - 00112640 _____ (forum.viry.cz) C:\Users\Iveta\Downloads\FRSTLauncher (1).exe
2015-03-01 16:37 - 2015-03-01 16:36 - 02092544 _____ (Farbar) C:\Users\Iveta\Desktop\FRST64.exe
2015-03-01 16:36 - 2015-03-01 16:36 - 02092544 _____ (Farbar) C:\Users\Iveta\Downloads\FRST64.exe
2015-03-01 16:19 - 2015-03-01 16:21 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2015-03-01 15:53 - 2015-03-01 15:53 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-03-01 15:52 - 2015-03-01 15:52 - 02347384 _____ (ESET) C:\Users\Iveta\Downloads\esetsmartinstaller_csy.exe
2015-03-01 15:25 - 2015-03-01 15:26 - 00000020 _____ () C:\WINDOWS\system32\Drivers\SMR430.dat
2015-03-01 15:25 - 2015-03-01 15:25 - 00108216 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SMR430.SYS
2015-03-01 15:19 - 2015-03-01 15:19 - 00000000 ____D () C:\NPE
2015-03-01 15:17 - 2015-03-01 15:25 - 00000000 ____D () C:\Users\Iveta\AppData\Local\NPE
2015-03-01 15:11 - 2015-03-01 15:11 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Security
2015-03-01 15:06 - 2015-03-01 15:06 - 00003218 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration
2015-03-01 15:06 - 2015-03-01 15:05 - 00102616 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2015-03-01 15:06 - 2015-03-01 15:05 - 00008214 _____ () C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2015-03-01 15:05 - 2015-03-01 15:06 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2015-03-01 15:05 - 2015-03-01 15:05 - 00002465 _____ () C:\Users\Public\Desktop\Norton Security.lnk
2015-03-01 15:04 - 2015-03-01 15:05 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2015-03-01 15:04 - 2015-03-01 15:04 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NSx64
2015-03-01 15:04 - 2015-03-01 15:04 - 00000000 ____D () C:\Program Files (x86)\Norton Security
2015-03-01 14:59 - 2015-03-01 15:00 - 115363424 ____N (Symantec Corporation) C:\Users\Iveta\Downloads\NS-TW-22.0.0-CZ.exe
2015-03-01 14:53 - 2015-03-01 14:53 - 01761992 _____ (ESET) C:\Users\Iveta\Downloads\eset_nod32_antivirus_live_installer_.exe
2015-03-01 14:47 - 2015-03-01 14:47 - 00000000 ____D () C:\Users\Iveta\AppData\Roaming\Atheros
2015-03-01 14:47 - 2015-03-01 14:47 - 00000000 ____D () C:\ProgramData\Atheros
2015-03-01 14:45 - 2015-03-01 15:19 - 00001618 _____ () C:\WINDOWS\PFRO.log
2015-03-01 14:41 - 2015-03-01 14:41 - 00000000 ____D () C:\Users\Iveta\Downloads\Speclean
2015-03-01 14:39 - 2015-03-01 14:57 - 00000000 ____D () C:\ProgramData\ESET
2015-03-01 14:39 - 2015-03-01 14:57 - 00000000 ____D () C:\Program Files\ESET
2015-03-01 14:38 - 2015-03-01 14:38 - 01660616 _____ (ESET) C:\Users\Iveta\Downloads\eset_smart_security_live_installer_ (2).exe
2015-03-01 14:27 - 2015-03-01 14:29 - 00000000 ____D () C:\Program Files\Common Files\QCA_Bluetooth
2015-03-01 14:23 - 2015-03-01 14:23 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2015-03-01 14:18 - 2015-03-01 14:19 - 264126443 _____ () C:\Users\Iveta\Downloads\Wireless LAN_Atheros_10.0.0.276_W81x64W8x64_A.zip
2015-03-01 14:16 - 2015-03-01 14:16 - 12488865 _____ () C:\Users\Iveta\Downloads\Chipset_Intel_9.4.4.1005_W8x64_A.zip
2015-03-01 14:09 - 2015-03-01 14:09 - 00001070 _____ () C:\Users\Public\Desktop\KeyFinder.lnk
2015-03-01 14:09 - 2015-03-01 14:09 - 00000000 ____D () C:\Users\Iveta\AppData\Roaming\OpenCandy
2015-03-01 14:09 - 2015-03-01 14:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyFinder
2015-03-01 14:09 - 2015-03-01 14:09 - 00000000 ____D () C:\Program Files (x86)\Magical Jelly Bean
2015-03-01 14:08 - 2015-03-01 14:08 - 01178272 _____ (Magical Jelly Bean ) C:\Users\Iveta\Downloads\KeyFinderInstaller.exe
2015-03-01 13:13 - 2015-03-01 13:13 - 00397312 _____ (Gear Box Computers) C:\Users\Iveta\Downloads\ProductKeyFinder.exe
2015-03-01 13:09 - 2015-03-01 13:09 - 13146016 _____ (Disc Soft Ltd) C:\Users\Iveta\Downloads\DTLite501-0406 (3).exe
2015-03-01 13:07 - 2015-03-01 13:07 - 13146016 _____ (Disc Soft Ltd) C:\Users\Iveta\Downloads\Nepotvrzeno 732460.crdownload
2015-03-01 12:53 - 2015-03-01 12:54 - 13223208 _____ (Disc Soft Ltd) C:\Users\Iveta\Downloads\Nepotvrzeno 430734.crdownload
2015-03-01 12:51 - 2015-03-01 12:51 - 13223208 _____ (Disc Soft Ltd) C:\Users\Iveta\Downloads\Nepotvrzeno 547749.crdownload
2015-03-01 12:50 - 2015-03-01 12:50 - 13429504 _____ (Disc Soft Ltd) C:\Users\Iveta\Downloads\Nepotvrzeno 865190.crdownload
2015-02-27 14:11 - 2015-03-01 15:24 - 00003833 _____ () C:\WINDOWS\setupact.log
2015-02-27 14:11 - 2015-02-27 14:11 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-02-27 14:01 - 2015-02-27 14:50 - 00000000 ____D () C:\Users\Iveta\Desktop\fotky
2015-02-19 17:49 - 2015-02-19 18:48 - 00000000 ____D () C:\Users\Iveta\Desktop\LG
2015-02-16 21:13 - 2015-02-16 21:13 - 00000000 ____D () C:\ProgramData\Synaptics
2015-02-15 18:43 - 2015-02-15 18:44 - 00000000 ____D () C:\Users\Iveta\Downloads\Captain America Návrat prvního Avengera
2015-02-15 18:42 - 2015-02-15 18:42 - 00011764 _____ () C:\Users\Iveta\Downloads\[CzT]Captain_America_Navrat_prvniho_Avengera_Captain_America_The_Winter_Soldier_2014_CZ_.torrent
2015-02-15 18:32 - 2015-02-15 18:34 - 303522828 _____ () C:\Users\Iveta\Downloads\Myšlenky zločince S09E24.avi
2015-02-14 19:49 - 2015-02-14 20:03 - 408767616 _____ () C:\Users\Iveta\Downloads\Myšlenky zločince s09e17 ( Bat24 ).avi
2015-02-14 19:49 - 2015-02-14 20:03 - 408732848 _____ () C:\Users\Iveta\Downloads\Myšlenky zločince s09e23 ( Bat24 ).avi
2015-02-14 19:49 - 2015-02-14 20:03 - 408354480 _____ () C:\Users\Iveta\Downloads\Myšlenky zločince s09e22 ( Bat24 ).avi
2015-02-14 19:49 - 2015-02-14 20:03 - 408185330 _____ () C:\Users\Iveta\Downloads\Myšlenky zločince s09e16 ( Bat24 ).avi
2015-02-14 19:49 - 2015-02-14 20:03 - 408067126 _____ () C:\Users\Iveta\Downloads\Myšlenky zločince s09e20 ( Bat24 ).avi
2015-02-14 19:49 - 2015-02-14 20:02 - 408684776 _____ () C:\Users\Iveta\Downloads\Myšlenky zločince s09e21 ( Bat24 ).avi
2015-02-14 17:22 - 2015-02-14 17:29 - 356859198 _____ () C:\Users\Iveta\Downloads\Myšlenky zločince s09e04 ( Bat24 ).avi
2015-02-14 17:22 - 2015-02-14 17:28 - 357634220 _____ () C:\Users\Iveta\Downloads\Myšlenky-zločince-s09e03-CZ DABING.avi
2015-02-14 17:22 - 2015-02-14 17:28 - 357322180 _____ () C:\Users\Iveta\Downloads\Myšlenky zločince s09e05 ( Bat24 ).avi
2015-02-08 20:24 - 2015-02-08 20:55 - 1862787072 ____R () C:\Users\Iveta\Downloads\X-Men.Days.of.Future.Past.2014.DVDRip.XviD.AC3-EVO.avi
2015-02-08 20:22 - 2015-02-08 20:22 - 00018357 _____ () C:\Users\Iveta\Downloads\[CzT]X_Men_Budouci_minulost_X_Men_Days_of_Future_Past_2014_CZ_.torrent
2015-02-08 20:11 - 2015-02-08 20:34 - 2129481728 ____R () C:\Users\Iveta\Downloads\Gone.Girl.2014.480p.BDRip.XviD.AC3.CZ-4play.avi
2015-02-08 20:10 - 2015-02-08 20:10 - 00020999 _____ () C:\Users\Iveta\Downloads\[CzT]Zmizela_Gone_Girl_2014_CZ_.torrent
2015-02-07 18:31 - 2015-02-07 18:33 - 00000000 ____D () C:\Users\Iveta\Desktop\Nová složka (3)
2015-02-07 11:03 - 2015-02-07 11:03 - 00362880 _____ (Kaspersky Lab) C:\Users\Iveta\Downloads\setup (1).exe
2015-02-07 10:45 - 2015-02-07 10:45 - 00362880 _____ (Kaspersky Lab) C:\Users\Iveta\Downloads\setup.exe
2015-02-04 20:01 - 2015-02-04 20:01 - 00002127 _____ () C:\Users\Public\Desktop\Google Earth Pro.lnk
2015-02-04 20:01 - 2015-02-04 20:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro
2015-02-04 19:57 - 2015-02-04 19:58 - 00880784 _____ (Google Inc.) C:\Users\Iveta\Downloads\GoogleEarthProSetup.exe
2015-02-03 16:35 - 2014-04-16 00:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2015-02-03 16:35 - 2014-04-16 00:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2021-10-21 14:36 - 2014-04-13 02:27 - 00000852 _____ () C:\WINDOWS\system32\Drivers\RTKHDRC.dat
2021-10-04 08:34 - 2014-04-13 02:27 - 00000712 _____ () C:\WINDOWS\system32\Drivers\RTMICEQ0.dat
2015-03-01 16:48 - 2014-09-12 21:40 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4033861707-2586788558-3913029225-1001
2015-03-01 16:45 - 2015-01-20 18:42 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-03-01 16:19 - 2014-09-12 21:47 - 00000982 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-01 16:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-03-01 15:35 - 2014-10-14 16:15 - 01882981 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-01 15:30 - 2014-04-13 01:47 - 00739924 _____ () C:\WINDOWS\system32\perfh005.dat
2015-03-01 15:30 - 2014-04-13 01:47 - 00151610 _____ () C:\WINDOWS\system32\perfc005.dat
2015-03-01 15:30 - 2013-11-06 12:44 - 01745984 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-01 15:26 - 2014-09-15 22:10 - 00000000 __RDO () C:\Users\Iveta\OneDrive
2015-03-01 15:25 - 2015-01-20 19:07 - 00000978 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d034dc297fa4c.job
2015-03-01 15:25 - 2014-09-12 21:47 - 00000968 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-01 15:24 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-01 15:23 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-03-01 15:18 - 2013-11-07 02:47 - 00000000 ____D () C:\ProgramData\Norton
2015-03-01 15:10 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-03-01 15:05 - 2013-08-22 16:36 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2015-03-01 15:01 - 2014-09-16 21:40 - 00000000 ____D () C:\Users\HomeGroupUser$
2015-03-01 15:01 - 2014-09-16 21:40 - 00000000 ____D () C:\Users\Guest
2015-03-01 14:41 - 2014-12-14 18:26 - 00170280 _____ (ESET) C:\WINDOWS\system32\Drivers\ESETCleanersDriver.sys
2015-03-01 14:33 - 2014-04-13 02:31 - 00000000 ____D () C:\Program Files (x86)\Qualcomm Atheros
2015-03-01 13:04 - 2014-09-25 08:27 - 00000000 ____D () C:\Users\Iveta\AppData\Roaming\GHISLER
2015-02-27 19:40 - 2014-09-16 15:28 - 00000000 ____D () C:\Users\Iveta\AppData\Local\CrashDumps
2015-02-24 23:05 - 2014-09-20 18:33 - 00000000 ____D () C:\Users\Iveta\AppData\Roaming\uTorrent
2015-02-24 19:35 - 2013-08-22 16:20 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-02-21 17:05 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-02-19 18:05 - 2015-01-17 19:15 - 00000000 ____D () C:\Users\Iveta\Desktop\Nová složka (2)
2015-02-14 10:06 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-02-11 11:55 - 2014-12-31 10:31 - 00000000 ____D () C:\Users\Iveta\AppData\Roaming\PhotoScape
2015-02-05 17:13 - 2015-01-20 19:07 - 00003718 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d034dc297fa4c
2015-02-05 17:13 - 2014-09-12 21:47 - 00003954 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-04 20:00 - 2014-09-12 21:47 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-04 19:44 - 2015-01-20 18:42 - 00003802 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-02-03 16:35 - 2014-09-14 21:07 - 00000000 ____D () C:\WINDOWS\system32\MRT

==================== Files in the root of some directories =======

2014-09-12 21:52 - 2014-09-12 21:52 - 0000000 _____ () C:\Users\Iveta\AppData\Local\{0447ECB3-FC43-4893-B9BB-6A937DD30BA5}
2014-04-13 02:27 - 2014-04-13 02:27 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d034dc297fa4c.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security (Disabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Security (Disabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security (Disabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Iveta\Desktop" je 6260 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

log

# AdwCleaner v4.111 - Logfile created 01/03/2015 at 17:20:33
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [Server]
# Operating system : Windows 8.1 Pro (x64)
# Username : Iveta - MILAAAASEK
# Running from : C:\Users\Iveta\Desktop\adwcleaner_4.111.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Trusted Publisher
Folder Deleted : C:\ProgramData\GoSSaVe
Folder Deleted : C:\ProgramData\NexTCouupi
Folder Deleted : C:\ProgramData\Webbinug
Folder Deleted : C:\ProgramData\YoutubeeAdBLocKe
Folder Deleted : C:\ProgramData\9947e1404e05475c
Folder Deleted : C:\Program Files (x86)\WinToFlash Suggestor
Folder Deleted : C:\Program Files (x86)\GoSSaVe
Folder Deleted : C:\Program Files (x86)\NexTCouupi
Folder Deleted : C:\Program Files (x86)\Webbinug
Folder Deleted : C:\Program Files (x86)\YoutubeeAdBLocKe
Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\Iveta\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Iveta\AppData\Local\cool_mirage
Folder Deleted : C:\Users\Iveta\AppData\Local\torch
Folder Deleted : C:\Users\Iveta\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\acaoakiamfeidcmgooclgeleejkbaecf
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmogedkclicfickbbgiejmcifngnmifh
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmogedkclicfickbbgiejmcifngnmifh
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmogedkclicfickbbgiejmcifngnmifh
Folder Deleted : C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmogedkclicfickbbgiejmcifngnmifh
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdchjdobifomdmbjehggabihigjbdjmc
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdchjdobifomdmbjehggabihigjbdjmc
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdchjdobifomdmbjehggabihigjbdjmc
Folder Deleted : C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdchjdobifomdmbjehggabihigjbdjmc
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcnacamifbfpfmoinicljlebgcbhgphb
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcnacamifbfpfmoinicljlebgcbhgphb
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcnacamifbfpfmoinicljlebgcbhgphb
Folder Deleted : C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcnacamifbfpfmoinicljlebgcbhgphb
Folder Deleted : C:\Users\Iveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe
Folder Deleted : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dmogedkclicfickbbgiejmcifngnmifh
Folder Deleted : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dmogedkclicfickbbgiejmcifngnmifh
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dmogedkclicfickbbgiejmcifngnmifh
Folder Deleted : C:\Users\Iveta\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dmogedkclicfickbbgiejmcifngnmifh
Folder Deleted : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fdchjdobifomdmbjehggabihigjbdjmc
Folder Deleted : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fdchjdobifomdmbjehggabihigjbdjmc
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fdchjdobifomdmbjehggabihigjbdjmc
Folder Deleted : C:\Users\Iveta\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fdchjdobifomdmbjehggabihigjbdjmc
Folder Deleted : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hcnacamifbfpfmoinicljlebgcbhgphb
Folder Deleted : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hcnacamifbfpfmoinicljlebgcbhgphb
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hcnacamifbfpfmoinicljlebgcbhgphb
Folder Deleted : C:\Users\Iveta\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hcnacamifbfpfmoinicljlebgcbhgphb
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dmogedkclicfickbbgiejmcifngnmifh
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dmogedkclicfickbbgiejmcifngnmifh
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dmogedkclicfickbbgiejmcifngnmifh
Folder Deleted : C:\Users\Iveta\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dmogedkclicfickbbgiejmcifngnmifh
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fdchjdobifomdmbjehggabihigjbdjmc
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fdchjdobifomdmbjehggabihigjbdjmc
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fdchjdobifomdmbjehggabihigjbdjmc
Folder Deleted : C:\Users\Iveta\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fdchjdobifomdmbjehggabihigjbdjmc
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hcnacamifbfpfmoinicljlebgcbhgphb
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hcnacamifbfpfmoinicljlebgcbhgphb
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hcnacamifbfpfmoinicljlebgcbhgphb
Folder Deleted : C:\Users\Iveta\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hcnacamifbfpfmoinicljlebgcbhgphb

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Iveta\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\acaoakiamfeidcmgooclgeleejkbaecf
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\SMBarBroker.EXE
Key Deleted : HKLM\SOFTWARE\Classes\SMBarBroker.SMBarDealer
Key Deleted : HKLM\SOFTWARE\Classes\SMBarBroker.SMBarDealer.1
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\S-792098896
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3A188115-B81B-48F2-A958-F974C8F3F309}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{43769158-3B03-4932-8D8A-8F0F344BF024}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FC36B0BD-27F0-4CDD-8AB1-50651EFC3EFD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78CE34FD-F6D4-4866-B79C-A37268D06A04}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{80904944-C726-4C7D-A452-3FFF2A882095}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2D9B1B31-D034-4738-8F6E-40F0AFCC742C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC36B0BD-27F0-4CDD-8AB1-50651EFC3EFD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC36B0BD-27F0-4CDD-8AB1-50651EFC3EFD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{78CE34FD-F6D4-4866-B79C-A37268D06A04}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{80904944-C726-4C7D-A452-3FFF2A882095}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\Pokki
Key Deleted : HKCU\Software\AppDataLow\Software\WinToFlash Suggestor
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\SOFTWARE\webssearchesSoftware
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3D0F43D9-C1D7-733C-01F8-4A3001BF8CC3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinToFlash Suggestor

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17278

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v40.0.2214.115


-\\ Comodo Dragon v


-\\ Chrome Canary v


*************************

AdwCleaner[R0].txt - [13007 bytes] - [01/03/2015 17:16:52]
AdwCleaner[S0].txt - [11447 bytes] - [01/03/2015 17:20:33]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11507 bytes] ##########

Dejte nový log FRST.

tady je

p.s. během scanu mě dvakrát vyskočilo okno s upozorněním o odepření přístupu k poznámkovému bloku ???

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-02-2015
Ran by Iveta at 2015-03-01 18:14:37
Running from C:\Users\Iveta\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security (Disabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-4033861707-2586788558-3913029225-1001\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
Croc (HKLM-x32\...\Croc) (Version: - )
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.62.5209 - Gretech Corporation)
Google Earth Pro (HKLM-x32\...\{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8100 - Packard Bell)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3349 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1050 - Intel Corporation)
Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.10.10 - Magical Jelly Bean)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
Norton Online Backup (x32 Version: 4.5.0.9 - Symantec Corporation) Hidden
Norton Security (HKLM-x32\...\NS) (Version: 22.0.0.110 - Symantec Corporation)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2009 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.02.2009 - Acer)
Packard Bell Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8101 - Packard Bell)
Packard Bell Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8100 - Packard Bell)
Packard Bell Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.00.3000 - Packard Bell)
Packard Bell Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8100 - Packard Bell)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.314 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.25 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.27041 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.6.13 - Synaptics Incorporated)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

02-02-2015 23:17:04 Windows Update
14-02-2015 01:08:42 Naplánovaný kontrolní bod
27-02-2015 13:17:11 Naplánovaný kontrolní bod
01-03-2015 14:21:33 Installed Qualcomm Atheros WLAN and Bluetooth Client Installatio渆㗺̀耀

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1FA9C295-DE4B-414E-BD5B-B08A755C7AD8} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2014-09-20] ()
Task: {2AEA993A-11E9-40CB-AFA0-50BC3AE3C15D} - System32\Tasks\Norton Security\Norton Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.0.0.110\SymErr.exe [2014-09-08] (Symantec Corporation)
Task: {31CEE7E9-1A9E-40F3-ADE4-75DC2C69A931} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Packard Bell\Packard Bell Recovery Management\Notification\Notification.exe [2013-07-10] (Acer Incorporated)
Task: {34BA3F73-0E9F-4F44-9BED-2F2AFDD61E71} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Engine\22.0.0.110\WSCStub.exe [2014-09-13] (Symantec Corporation)
Task: {3E27AA1D-9B71-481C-A46C-4C54EB751716} - System32\Tasks\Launch Manager => C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMLauncher.exe [2013-08-03] (Acer Incorporate)
Task: {4568B6BE-B0AA-4E75-A581-ACA741C9AF7F} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe
Task: {70D96715-4CB0-4AFA-92FF-DF3FD6B62593} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)
Task: {77CFC473-FAEB-4522-8116-50683BA82DA5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-20] (Google Inc.)
Task: {7FFDF604-024D-4AD6-BDEF-0A60EEF203D0} - System32\Tasks\Power Management => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [2013-07-06] (Acer Incorporated)
Task: {890D166D-F66E-43E8-910E-268CA31E49FD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-20] (Google Inc.)
Task: {A5C737F6-9A54-4348-85A8-6FBC849A157D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {AA5F3FBB-166D-4A8A-8A92-8A11A9557548} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-28] (Synaptics Incorporated)
Task: {D641FC33-1BBA-4B48-B192-A549F70C82B6} - System32\Tasks\Quick Access => C:\Program Files\Packard Bell\Packard Bell Quick Access\QALauncher.exe [2013-08-03] (Acer Incorporate)
Task: {E3E9E33F-14D5-4151-B757-2854594367F2} - System32\Tasks\GoogleUpdateTaskMachineCore1d034dc297fa4c => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-20] (Google Inc.)
Task: {EFEE1E8D-F997-4399-A7F7-01EC8B80349A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-31] (Microsoft Corporation)
Task: {FA99A1B1-4212-44F6-9DBE-9F488697E713} - System32\Tasks\Norton Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.0.0.110\SymErr.exe [2014-09-08] (Symantec Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d034dc297fa4c.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2013-12-24 02:22 - 2013-12-24 02:22 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-12-24 02:20 - 2013-12-24 02:20 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-12-24 02:26 - 2013-12-24 02:26 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-04-13 02:52 - 2013-07-31 02:11 - 00088648 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2015-02-20 17:19 - 2015-02-17 23:44 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libglesv2.dll
2015-02-20 17:19 - 2015-02-17 23:44 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libegl.dll
2015-02-20 17:19 - 2015-02-17 23:44 - 09171272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll
2014-12-28 22:20 - 2014-12-28 22:25 - 00056320 _____ () C:\Program Files\WindowsApps\A278AB0D.OrderChaos_2.6.0.19_x86__h6adky7gbf63m\LocalPNSTask.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Iveta\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Iveta\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4033861707-2586788558-3913029225-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Iveta\Desktop\Fine-Looking-Free-HD-Wallpapers-for-your-Desktops-211.jpg
DNS Servers: 10.0.0.138

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run32: => "Stronghold AntiMalware"
HKU\S-1-5-21-4033861707-2586788558-3913029225-1001\...\StartupApproved\Run: => "Pokki"
HKU\S-1-5-21-4033861707-2586788558-3913029225-1001\...\StartupApproved\Run: => "Application Restart #1"
HKU\S-1-5-21-4033861707-2586788558-3913029225-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_DD52DC0D6186026AFE712DB9D3450405"

==================== Accounts: =============================

Administrator (S-1-5-21-4033861707-2586788558-3913029225-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-4033861707-2586788558-3913029225-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-4033861707-2586788558-3913029225-1003 - Limited - Enabled)
Iveta (S-1-5-21-4033861707-2586788558-3913029225-1001 - Administrator - Enabled) => C:\Users\Iveta

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/01/2015 05:20:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Explorer.EXE verze 6.3.9600.17284 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: a38

Čas spuštění: 01d0542b84c062c4

Čas ukončení: 4294967295

Cesta k aplikaci: C:\WINDOWS\Explorer.EXE

ID hlášení: 841273cb-c029-11e4-8277-142d271a28f6

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (03/01/2015 04:59:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program wwahost.exe verze 6.3.9600.17031 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: be8

Čas spuštění: 01d05437f3b0fb34

Čas ukončení: 4294967295

Cesta k aplikaci: C:\WINDOWS\syswow64\wwahost.exe

ID hlášení: e7aaec2f-c02b-11e4-8277-142d271a28f6

Úplný název chybujícího balíčku: Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c

ID aplikace související s chybujícím balíčkem: App

Error: (03/01/2015 04:45:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program NS.exe verze 13.0.0.49 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 9f0

Čas spuštění: 01d0542b849d0590

Čas ukončení: 316

Cesta k aplikaci: C:\Program Files (x86)\Norton Security\Engine\22.0.0.110\NS.exe

ID hlášení: f7db63ee-c029-11e4-8277-142d271a28f6

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (03/01/2015 04:44:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program wwahost.exe verze 6.3.9600.17031 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: b58

Čas spuštění: 01d05435dc221e94

Čas ukončení: 4294967295

Cesta k aplikaci: C:\WINDOWS\syswow64\wwahost.exe

ID hlášení: d07c83b9-c029-11e4-8277-142d271a28f6

Úplný název chybujícího balíčku: Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c

ID aplikace související s chybujícím balíčkem: App

Error: (03/01/2015 04:29:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program wwahost.exe verze 6.3.9600.17031 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 734

Čas spuštění: 01d05433c2c66e79

Čas ukončení: 4294967295

Cesta k aplikaci: C:\WINDOWS\syswow64\wwahost.exe

ID hlášení: b7317ff3-c027-11e4-8277-142d271a28f6

Úplný název chybujícího balíčku: Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c

ID aplikace související s chybujícím balíčkem: App

Error: (03/01/2015 04:18:23 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2 na řádku C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (03/01/2015 04:14:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program wwahost.exe verze 6.3.9600.17031 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: c98

Čas spuštění: 01d05431ab682169

Čas ukončení: 4294967295

Cesta k aplikaci: C:\WINDOWS\syswow64\wwahost.exe

ID hlášení: 9f6ab011-c025-11e4-8277-142d271a28f6

Úplný název chybujícího balíčku: Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c

ID aplikace související s chybujícím balíčkem: App

Error: (03/01/2015 04:05:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe verze 17.5.9600.20689 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 8c8

Čas spuštění: 01d054305a1ded77

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe

ID hlášení: 4f8b4065-c024-11e4-8277-142d271a28f6

Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe

ID aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1

Error: (03/01/2015 03:59:43 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MILAAAASEK)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2147023170. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (03/01/2015 03:59:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe verze 17.5.9600.20689 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: b58

Čas spuštění: 01d0542b856282f3

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe

ID hlášení: 8a14fd41-c023-11e4-8277-142d271a28f6

Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe

ID aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1


System errors:
=============
Error: (03/01/2015 05:23:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba CCDMonitorService neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (03/01/2015 05:21:17 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
%%1056

Error: (03/01/2015 05:21:11 PM) (Source: DCOM) (EventID: 10010) (User: MILAAAASEK)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}

Error: (03/01/2015 05:21:11 PM) (Source: DCOM) (EventID: 10010) (User: MILAAAASEK)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}

Error: (03/01/2015 05:21:11 PM) (Source: DCOM) (EventID: 10010) (User: MILAAAASEK)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (03/01/2015 05:21:11 PM) (Source: DCOM) (EventID: 10010) (User: MILAAAASEK)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (03/01/2015 05:21:11 PM) (Source: DCOM) (EventID: 10010) (User: MILAAAASEK)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}

Error: (03/01/2015 05:21:11 PM) (Source: DCOM) (EventID: 10010) (User: MILAAAASEK)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (03/01/2015 05:20:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Nero Update byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/01/2015 05:20:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.


Microsoft Office Sessions:
=========================
Error: (03/01/2015 05:20:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.3.9600.17284a3801d0542b84c062c44294967295C:\WINDOWS\Explorer.EXE841273cb-c029-11e4-8277-142d271a28f6

Error: (03/01/2015 04:59:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.17031be801d05437f3b0fb344294967295C:\WINDOWS\syswow64\wwahost.exee7aaec2f-c02b-11e4-8277-142d271a28f6Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5cApp

Error: (03/01/2015 04:45:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: NS.exe13.0.0.499f001d0542b849d0590316C:\Program Files (x86)\Norton Security\Engine\22.0.0.110\NS.exef7db63ee-c029-11e4-8277-142d271a28f6

Error: (03/01/2015 04:44:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.17031b5801d05435dc221e944294967295C:\WINDOWS\syswow64\wwahost.exed07c83b9-c029-11e4-8277-142d271a28f6Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5cApp

Error: (03/01/2015 04:29:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.1703173401d05433c2c66e794294967295C:\WINDOWS\syswow64\wwahost.exeb7317ff3-c027-11e4-8277-142d271a28f6Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5cApp

Error: (03/01/2015 04:18:23 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Iveta\Downloads\esetsmartinstaller_csy.exe

Error: (03/01/2015 04:14:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.17031c9801d05431ab6821694294967295C:\WINDOWS\syswow64\wwahost.exe9f6ab011-c025-11e4-8277-142d271a28f6Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5cApp

Error: (03/01/2015 04:05:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.206898c801d054305a1ded774294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe4f8b4065-c024-11e4-8277-142d271a28f6microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (03/01/2015 03:59:43 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MILAAAASEK)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147023170

Error: (03/01/2015 03:59:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20689b5801d0542b856282f34294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe8a14fd41-c023-11e4-8277-142d271a28f6microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1


==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU N2820 @ 2.13GHz
Percentage of memory in use: 32%
Total physical RAM: 3979.2 MB
Available physical RAM: 2701.86 MB
Total Pagefile: 4747.2 MB
Available Pagefile: 3309.52 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: (Packard Bell) (Fixed) (Total:448.15 GB) (Free:353.42 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 809CE65B)

Partition: GPT Partition Type.

==================== End Of Log ============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
Task: {1FA9C295-DE4B-414E-BD5B-B08A755C7AD8} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2014-09-20] ()
C:\WINDOWS\AutoKMS\AutoKMS.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d034dc297fa4c.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\Users\Iveta\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Iveta\SkyDrive:ms-properties
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

tady to je

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 29-02-2015
Ran by Iveta at 2015-03-01 18:43:53 Run:1
Running from C:\Users\Iveta\Desktop
Loaded Profiles: Iveta (Available profiles: Iveta & Administrator)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
Task: {1FA9C295-DE4B-414E-BD5B-B08A755C7AD8} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2014-09-20] ()
C:\WINDOWS\AutoKMS\AutoKMS.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d034dc297fa4c.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\Users\Iveta\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Iveta\SkyDrive:ms-properties
End
*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{1FA9C295-DE4B-414E-BD5B-B08A755C7AD8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1FA9C295-DE4B-414E-BD5B-B08A755C7AD8}" => Key deleted successfully.
C:\Windows\System32\Tasks\AutoKMS => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => Key deleted successfully.
C:\WINDOWS\AutoKMS\AutoKMS.exe => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d034dc297fa4c.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Users\Iveta\OneDrive => ":ms-properties" ADS removed successfully.
"C:\Users\Iveta\SkyDrive" => ":ms-properties" ADS not found.

==== End of Fixlog 18:43:55 ====

Vše by mělo být smazáno.

Díky.
Mám odstranit utility a případně změnit antivir? jsem stejně ve zkušební verzi, takž e není problém...

Jakub

ADW odinstlujte a FRST (a vše, co vytvořil) smažte. AV si můžete vybrat zde: http://forum.viry.cz/viewforum.php?f=29 . Nemáte zač!