VIRY.CZ

Dobrý den, našel jsem zde stejné téma, na které bych potřeboval také poradit, ale je uzamčeno. Proto zakládám nové se stejným předmětem.
Hostitelské služby mi vytěžují disk téměř na 100%. Možná je někde nějaký malware.
Dle postupu z minulého tématu jsem notebook projel Malwarer a TDSkiller. Něco to našlo, dalo do karantény, ale disk jede stále dál.
Stáhl jsem si FRSTlauncher a dle návodu přikládám log. Budu moc vděčný za pomoc. Předem děkuji.


Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Irena (administrator) on I-PC on 15-03-2015 10:51:22
Running from C:\Users\Irena\Desktop
Loaded Profiles: Irena & (Available profiles: Irena & Administrator)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(SODATSW spol. s .r.o.) C:\Program Files (x86)\StartW8\bin\StartW8Service.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(SODATSW spol. s r.o.) C:\Program Files (x86)\StartW8\bin\StartW8Button.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SynptSync64.exe
(SODATSW spol. s r. o.) C:\Program Files (x86)\StartW8\bin\StartW8Menu.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
() C:\Program Files (x86)\Defender Pro\AntivirusUpdater.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.40\opera.exe
() C:\Program Files (x86)\Opera\28.0.1750.40\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.40\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.40\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.40\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.40\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.40\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.40\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.40\opera.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.40\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.40\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.40\opera.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(forum.viry.cz) C:\Users\Irena\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [22912 2012-10-01] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13219984 2012-11-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1234064 2012-10-29] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764032 2012-08-10] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-10] (Qualcomm Atheros Commnucations)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-28] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartW8Button] => C:\Program Files (x86)\StartW8\bin\StartW8Button.exe [59752 2014-12-15] (SODATSW spol. s r.o.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2343249615-88943350-3312692250-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-2343249615-88943350-3312692250-1001\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2427680 2014-12-10] (IObit)
HKU\S-1-5-21-2343249615-88943350-3312692250-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-2343249615-88943350-3312692250-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2427680 2014-12-10] (IObit)
HKU\S-1-5-21-2343249615-88943350-3312692250-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
HKU\S-1-5-21-2343249615-88943350-3312692250-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
HKU\S-1-5-21-2343249615-88943350-3312692250-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
HKU\S-1-5-21-2343249615-88943350-3312692250-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
HKU\S-1-5-21-2343249615-88943350-3312692250-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
HKU\S-1-5-21-2343249615-88943350-3312692250-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
HKU\S-1-5-21-2343249615-88943350-3312692250-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
HKU\S-1-5-21-2343249615-88943350-3312692250-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
HKU\S-1-5-21-2343249615-88943350-3312692250-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
HKU\S-1-5-21-2343249615-88943350-3312692250-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkID= ... n.com&OSP=
SearchScopes: HKLM -> DefaultScope {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTer ... DF&pc=MSE1
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTer ... DF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTer ... DF&pc=MSE1
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTer ... DF&pc=MSE1
SearchScopes: HKLM-x32 -> {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
SearchScopes: HKU\S-1-5-21-2343249615-88943350-3312692250-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?FORM=UP97DF& ... -SearchBox
SearchScopes: HKU\S-1-5-21-2343249615-88943350-3312692250-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?FORM=UP97DF& ... -SearchBox
SearchScopes: HKU\S-1-5-21-2343249615-88943350-3312692250-1001 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTer ... DF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2343249615-88943350-3312692250-1001 -> {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
SearchScopes: HKU\S-1-5-21-2343249615-88943350-3312692250-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?FORM=UP97DF& ... -SearchBox
SearchScopes: HKU\S-1-5-21-2343249615-88943350-3312692250-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?FORM=UP97DF& ... -SearchBox
SearchScopes: HKU\S-1-5-21-2343249615-88943350-3312692250-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTer ... DF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2343249615-88943350-3312692250-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-03-14] (IObit)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-10] (Qualcomm Atheros Commnucations)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-05] (Google Inc.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2013-12-20] (Adobe Systems Incorporated)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2013-12-20] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-05] (Google Inc.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2014-10-17] (IObit)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2013-12-20] (Adobe Systems Incorporated)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-05] (Google Inc.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-05] (Google Inc.)
Toolbar: HKU\S-1-5-21-2343249615-88943350-3312692250-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-05] (Google Inc.)
Toolbar: HKU\S-1-5-21-2343249615-88943350-3312692250-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-05] (Google Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-23] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-23] (Google Inc.)
FF Plugin-x32: @VideoDownloadConverter_ScriptHelper.com/Plugin -> C:\Program Files (x86)\VideoDownloadConverter\npVDCPlugin.dll No File
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2013-12-21] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2343249615-88943350-3312692250-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Irena\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2343249615-88943350-3312692250-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Irena\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-02-09]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Irena\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Irena\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-01-23]
CHR Extension: (Skype Click to Call) - C:\Users\Irena\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-03-15]
CHR Extension: (Google Wallet) - C:\Users\Irena\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-15]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2013-12-21]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
R4 AntivirusUpdateSvc; C:\Program Files (x86)\Defender Pro\AntivirusUpdater.exe [14336 2014-12-16] () [File not signed]
R3 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [30080 2012-10-01] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [31616 2012-10-01] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [37760 2012-10-01] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2631456 2014-12-10] (IObit)
R2 StartW8Service; C:\Program Files (x86)\StartW8\bin\StartW8Service.exe [620392 2014-12-15] (SODATSW spol. s .r.o.)
R3 WakeupService; C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe [42336 2012-11-16] (ASUSTek Computer Inc.)
S3 wampapache; c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe [22016 2014-05-01] (Apache Software Foundation) [File not signed]
S3 wampmysqld; c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe [10959360 2014-05-01] () [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-11-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-11-18] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-10] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ATP; C:\Windows\System32\drivers\AsusTP.sys [62848 2012-11-20] (ASUS Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [107328 2012-10-01] (Intel Corporation)
R3 DptfDevFan; C:\Windows\system32\DRIVERS\DptfDevFan.sys [42816 2012-10-01] (Intel Corporation)
R3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [64832 2012-10-01] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [96576 2012-10-01] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [229184 2012-10-01] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [363328 2012-10-01] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-15] (Malwarebytes Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-11-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-15 10:51 - 2015-03-15 10:51 - 00025324 _____ () C:\Users\Irena\Desktop\FRST.txt
2015-03-15 10:50 - 2015-03-15 10:51 - 00000000 ____D () C:\FRST
2015-03-15 10:49 - 2015-03-15 10:49 - 00112640 _____ (forum.viry.cz) C:\Users\Irena\Desktop\FRSTLauncher.exe
2015-03-15 10:45 - 2015-03-15 10:45 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-03-15 10:45 - 2015-03-15 10:45 - 00000000 _____ () C:\WINDOWS\setupact.log
2015-03-15 10:42 - 2015-03-15 10:42 - 00000000 ____D () C:\Users\Irena\AppData\Roaming\ProductData
2015-03-15 10:31 - 2015-03-15 10:31 - 02095616 _____ (Farbar) C:\Users\Irena\Desktop\FRST64.exe
2015-03-14 23:51 - 2015-03-14 23:51 - 80633856 _____ () C:\WINDOWS\system32\config\SOFTWARE.iobit
2015-03-14 23:51 - 2015-03-14 23:51 - 79896576 _____ () C:\WINDOWS\system32\config\COMPONENTS.iobit
2015-03-14 23:51 - 2015-03-14 23:51 - 00851968 _____ () C:\WINDOWS\system32\config\DEFAULT.iobit
2015-03-14 23:51 - 2015-03-14 23:51 - 00028672 _____ () C:\WINDOWS\system32\config\SECURITY.iobit
2015-03-14 23:51 - 2015-03-14 23:51 - 00028672 _____ () C:\WINDOWS\system32\config\SAM.iobit
2015-03-14 23:32 - 2015-03-14 23:32 - 00000000 ____D () C:\Users\Default\AppData\Roaming\IObit
2015-03-14 23:32 - 2015-03-14 23:32 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\IObit
2015-03-14 23:30 - 2015-03-14 23:30 - 00003166 _____ () C:\WINDOWS\System32\Tasks\ASC8_PerformanceMonitor
2015-03-14 23:30 - 2015-03-14 23:30 - 00002388 _____ () C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Irena
2015-03-14 23:30 - 2015-03-14 23:30 - 00001246 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2015-03-14 23:30 - 2015-03-14 23:30 - 00000288 _____ () C:\WINDOWS\Tasks\Uninstaller_SkipUac_Irena.job
2015-03-14 23:30 - 2015-03-14 23:30 - 00000000 ____D () C:\Users\Irena\AppData\Roaming\Apple Computer
2015-03-14 23:30 - 2015-03-14 23:30 - 00000000 ____D () C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2015-03-14 23:29 - 2015-03-15 00:05 - 00000252 _____ () C:\WINDOWS\Tasks\ASC8_SkipUac_Irena.job
2015-03-14 23:29 - 2015-03-14 23:43 - 00002199 _____ () C:\Users\Public\Desktop\Advanced SystemCare 8.lnk
2015-03-14 23:29 - 2015-03-14 23:30 - 00000000 ____D () C:\ProgramData\ProductData
2015-03-14 23:29 - 2015-03-14 23:30 - 00000000 ____D () C:\ProgramData\IObit
2015-03-14 23:29 - 2015-03-14 23:29 - 00002352 _____ () C:\WINDOWS\System32\Tasks\ASC8_SkipUac_Irena
2015-03-14 23:29 - 2015-03-14 23:29 - 00000000 ____D () C:\WINDOWS\Tasks\ImCleanDisabled
2015-03-14 23:29 - 2015-03-14 23:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2015-03-14 23:28 - 2015-03-14 23:31 - 00000000 ____D () C:\Program Files (x86)\IObit
2015-03-14 23:28 - 2015-03-14 23:30 - 00000000 ____D () C:\Users\Irena\AppData\Roaming\IObit
2015-03-14 23:27 - 2015-03-14 23:27 - 00000000 ____D () C:\Users\Irena\Downloads\Advanced SystemCare 8.0.3.621
2015-03-14 23:09 - 2015-03-14 23:09 - 00000152 _____ () C:\Users\Irena\Downloads\stahování
2015-03-14 23:03 - 2015-03-14 23:10 - 45403160 _____ () C:\Users\Irena\Downloads\Advanced SystemCare 8.0.3.621.rar
2015-03-14 19:50 - 2015-03-14 23:48 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2343249615-88943350-3312692250-1001
2015-03-14 19:46 - 2015-03-14 19:46 - 00002772 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-03-14 18:53 - 2015-03-14 18:53 - 00000599 _____ () C:\Users\Irena\Desktop\WampServer.lnk
2015-03-14 18:53 - 2015-03-14 18:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WampServer
2015-03-14 18:49 - 2015-03-14 18:55 - 00000000 ____D () C:\wamp
2015-03-14 18:46 - 2015-03-14 18:48 - 39917641 _____ (Hervé Leclerc (HeL) ) C:\Users\Irena\Downloads\wampserver2.5-Apache-2.4.9-Mysql-5.6.17-php5.5.12-32b.exe
2015-03-14 18:27 - 2015-03-14 18:27 - 00725800 _____ ( ) C:\Users\Irena\Downloads\startw8.exe
2015-03-14 18:23 - 2015-03-14 18:23 - 00000000 __SHD () C:\vseqrntn.bin
2015-03-14 18:21 - 2015-03-14 18:21 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Irena\Downloads\tdsskiller.exe
2015-03-14 18:18 - 2015-03-15 10:43 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-03-14 18:18 - 2015-03-14 18:18 - 00001116 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-14 18:18 - 2015-03-14 18:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-14 18:17 - 2015-03-14 18:18 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-14 18:17 - 2015-03-14 18:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-14 18:17 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-03-14 18:17 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-03-14 18:17 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-03-14 18:15 - 2015-03-14 18:17 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Irena\Downloads\mbam-setup-2.0.4.1028.exe
2015-03-14 17:57 - 2015-03-15 10:49 - 00000000 _____ () C:\end
2015-03-14 17:56 - 2015-03-15 10:49 - 00000000 ____D () C:\Program Files (x86)\Defender Pro
2015-03-14 17:55 - 2015-03-14 17:55 - 10995808 _____ () C:\Users\Irena\Downloads\defender_pro_free_2015.exe
2015-03-14 17:18 - 2015-03-14 17:18 - 00000000 ____D () C:\ProgramData\StartW8
2015-03-13 18:14 - 2015-03-13 18:14 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2015-03-13 18:14 - 2015-03-13 18:14 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2015-03-08 14:37 - 2015-03-08 14:37 - 00380845 _____ () C:\Users\Irena\Downloads\Sketchup Pro 2015 User Expired Downloader.zip
2015-03-06 10:57 - 2015-03-06 10:57 - 00000000 ____D () C:\Users\Irena\Desktop\Ukázky
2015-03-06 10:51 - 2015-03-06 10:51 - 00880208 _____ (Google Inc.) C:\Users\Irena\Downloads\googledrivesync (3).exe
2015-03-05 18:18 - 2015-03-05 18:18 - 11278409 _____ () C:\Users\Irena\Downloads\Reflections.themepack
2015-03-01 20:43 - 2015-03-01 20:43 - 02747055 _____ () C:\Users\Irena\Downloads\Zahradni.skp
2015-03-01 09:53 - 2015-03-01 09:53 - 00532624 _____ () C:\Users\Irena\Documents\Zahradni.skb
2015-02-28 23:58 - 2015-03-01 10:45 - 00557935 _____ () C:\Users\Irena\Documents\Zahradni.skp
2015-02-28 23:31 - 2015-02-28 23:31 - 00000778 _____ () C:\Users\Irena\Downloads\MattsSketchUpshortcuts.dat
2015-02-28 21:21 - 2015-03-01 09:42 - 00188229 _____ () C:\Users\Irena\Documents\Okno s balkonem.skp
2015-02-28 21:21 - 2015-02-28 21:21 - 00154043 _____ () C:\Users\Irena\Documents\Okno s parapetem.skp
2015-02-28 20:20 - 2015-02-28 20:20 - 00000000 ____D () C:\Users\Irena\Nová složka
2015-02-28 20:20 - 2014-12-13 22:28 - 00513488 _____ () C:\WINDOWS\SysWOW64\locale.nls
2015-02-28 20:20 - 2014-12-13 22:28 - 00513488 _____ () C:\WINDOWS\system32\locale.nls
2015-02-28 20:20 - 2014-10-29 02:27 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2015-02-28 20:20 - 2014-10-29 02:27 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2015-02-28 20:20 - 2014-10-29 02:04 - 00868352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2015-02-28 20:20 - 2014-10-29 02:04 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2015-02-28 20:14 - 2015-02-28 20:14 - 00066647 _____ () C:\Users\Irena\Downloads\RoundCorner_v2.7a.rbz
2015-02-28 19:45 - 2015-02-28 19:46 - 00000000 ____D () C:\Users\Irena\AppData\Local\LIBFREDO6_DATA_Dir
2015-02-28 19:25 - 2015-02-28 19:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chaos Group
2015-02-28 19:24 - 2015-02-28 19:24 - 00000000 ____D () C:\Program Files\WIBU-SYSTEMS
2015-02-28 19:24 - 2015-02-28 19:24 - 00000000 ____D () C:\Program Files (x86)\WIBU-SYSTEMS
2015-02-28 19:24 - 2015-02-28 19:24 - 00000000 ____D () C:\Program Files (x86)\WIBUKEY
2015-02-28 19:17 - 2015-02-28 19:33 - 00000000 ____D () C:\ProgramData\ASGVIS
2015-02-28 18:47 - 2015-02-28 18:47 - 00002180 _____ () C:\Users\Public\Desktop\Style Builder 2015.lnk
2015-02-28 18:47 - 2015-02-28 18:47 - 00002094 _____ () C:\Users\Public\Desktop\LayOut 2015.lnk
2015-02-28 18:47 - 2015-02-28 18:47 - 00002005 _____ () C:\Users\Public\Desktop\SketchUp 2015.lnk
2015-02-28 18:47 - 2015-02-28 18:47 - 00000000 ____D () C:\ProgramData\Reprise
2015-02-28 18:47 - 2015-02-28 18:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2015
2015-02-28 18:46 - 2015-02-28 18:46 - 00000000 ____D () C:\ProgramData\SketchUp
2015-02-28 18:46 - 2015-02-28 18:46 - 00000000 ____D () C:\Program Files\SketchUp
2015-02-28 18:40 - 2015-02-28 21:12 - 00828474 _____ () C:\Users\Irena\Documents\Okno.skb
2015-02-27 18:51 - 2015-02-27 18:51 - 00880208 _____ (Google Inc.) C:\Users\Irena\Downloads\googledrivesync (2).exe
2015-02-27 18:51 - 2015-02-27 18:51 - 00880208 _____ (Google Inc.) C:\Users\Irena\Downloads\googledrivesync (1).exe
2015-02-27 18:49 - 2015-02-28 21:22 - 00828786 _____ () C:\Users\Irena\Documents\Okno.skp
2015-02-23 20:31 - 2015-02-23 20:26 - 00138168 _____ () C:\Users\Irena\Documents\pokus sketchup layout.skb
2015-02-23 20:26 - 2015-02-23 20:31 - 00130477 _____ () C:\Users\Irena\Documents\pokus sketchup layout.skp
2015-02-23 20:05 - 2015-03-13 18:15 - 00002060 _____ () C:\Users\Public\Desktop\Google Slides.lnk
2015-02-23 20:05 - 2015-03-13 18:15 - 00002058 _____ () C:\Users\Public\Desktop\Google Sheets.lnk
2015-02-23 20:05 - 2015-03-13 18:15 - 00002048 _____ () C:\Users\Public\Desktop\Google Docs.lnk
2015-02-23 20:05 - 2015-03-13 18:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-02-23 20:03 - 2015-02-23 20:04 - 00880208 _____ (Google Inc.) C:\Users\Irena\Downloads\googledrivesync.exe
2015-02-19 12:19 - 2015-02-19 12:19 - 00000000 ____D () C:\Users\Irena\AppData\Roaming\Unity
2015-02-19 12:03 - 2015-02-19 12:03 - 03249480 _____ (Unity Technologies ApS) C:\Users\Irena\Downloads\UnityWebPlayer.exe
2015-02-19 12:03 - 2015-02-19 12:03 - 00000000 ____D () C:\Users\Irena\AppData\Local\Unity
2015-02-18 21:34 - 2015-02-18 21:36 - 00000000 ____D () C:\Users\Irena\Desktop\Google Sketchup Pro 2015 v15.3.331 64Bit
2015-02-18 21:31 - 2015-02-18 21:31 - 00000000 ____D () C:\Users\Irena\Downloads\Google_Sketchup_Pro_2015_v15.3_64Bit
2015-02-18 21:31 - 2015-02-18 21:31 - 00000000 ____D () C:\Users\Irena\AppData\Roaming\SketchUp
2015-02-18 21:27 - 2015-02-18 21:30 - 144464696 _____ () C:\Users\Irena\Downloads\Google_Sketchup_Pro_2015_v15.3_64Bit.zip
2015-02-17 20:15 - 2015-03-05 18:07 - 00000000 ____D () C:\Users\Irena\AppData\Roaming\Skype
2015-02-17 20:15 - 2015-02-17 20:15 - 00002747 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-02-17 20:15 - 2015-02-17 20:15 - 00000000 ____D () C:\Users\Irena\AppData\Local\Skype
2015-02-17 20:15 - 2015-02-17 20:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-02-17 20:14 - 2015-02-17 20:15 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-02-17 20:14 - 2015-02-17 20:15 - 00000000 ____D () C:\ProgramData\Skype
2015-02-17 20:13 - 2015-02-17 20:13 - 01548384 _____ (Skype Technologies S.A.) C:\Users\Irena\Downloads\SkypeSetup.exe
2015-02-17 20:05 - 2014-12-19 09:57 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-02-17 20:05 - 2014-12-19 09:25 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-02-17 20:05 - 2014-12-09 00:12 - 00391526 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-02-17 20:04 - 2015-01-19 19:42 - 01487976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-02-17 19:46 - 2015-02-17 19:52 - 00000000 ____D () C:\Program Files\CCleaner
2015-02-17 19:46 - 2015-02-17 19:46 - 00000836 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-02-17 19:46 - 2015-02-17 19:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-02-17 19:45 - 2015-02-17 19:45 - 00000000 ____D () C:\Users\Irena\Downloads\CCleaner-Professional-&-Business-Edition-v5.02.5101-(2015)(CZ,SK)
2015-02-17 19:44 - 2015-02-17 19:44 - 00001017 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2015-02-17 19:44 - 2015-02-17 19:44 - 00000000 ____D () C:\Users\Irena\AppData\Roaming\WinRAR
2015-02-17 19:44 - 2015-02-17 19:44 - 00000000 ____D () C:\Users\Irena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-02-17 19:44 - 2015-02-17 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-02-17 19:41 - 2015-02-17 19:44 - 00000000 ____D () C:\Program Files (x86)\WinRar
2015-02-17 19:40 - 2015-02-17 19:41 - 03248365 _____ () C:\Users\Irena\Downloads\setup.exe
2015-02-17 19:33 - 2015-02-17 19:34 - 05654861 _____ () C:\Users\Irena\Downloads\CCleaner-Professional-&-Business-Edition-v5.02.5101-(2015)(CZ,SK).rar
2015-02-17 19:26 - 2015-03-14 19:06 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-02-17 19:26 - 2015-03-13 18:17 - 00001059 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-02-17 19:26 - 2015-02-17 19:26 - 00001149 _____ () C:\Users\Public\Desktop\Opera.lnk
2015-02-17 19:26 - 2015-02-17 19:26 - 00000000 ____D () C:\Users\Irena\AppData\Roaming\Opera Software
2015-02-17 19:26 - 2015-02-17 19:26 - 00000000 ____D () C:\Users\Irena\AppData\Local\Opera Software
2015-02-17 18:14 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-02-17 18:14 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-02-17 18:06 - 2015-02-17 18:06 - 00001142 _____ () C:\Users\Irena\Desktop\Vítejte u registrace produktu ASUS.lnk
2015-02-16 13:10 - 2015-02-16 13:10 - 00000000 ___RD () C:\Users\Irena\SkyDrive
2015-02-16 13:10 - 2015-02-16 13:10 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2015-02-16 12:39 - 2015-01-15 23:43 - 00563504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-02-16 12:39 - 2015-01-15 23:43 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-02-16 12:39 - 2015-01-14 05:22 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-02-16 12:39 - 2015-01-14 04:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-02-16 12:39 - 2015-01-13 23:11 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-02-16 12:39 - 2015-01-13 23:04 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-02-16 12:39 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-02-16 12:39 - 2015-01-10 10:10 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-02-16 12:39 - 2015-01-10 10:10 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-02-16 12:39 - 2015-01-10 09:28 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-02-16 12:39 - 2015-01-10 08:00 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-02-16 12:39 - 2015-01-10 07:38 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-02-16 12:39 - 2014-12-09 04:45 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-02-16 12:39 - 2014-12-09 02:56 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-02-16 12:39 - 2014-10-29 03:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2015-02-16 12:39 - 2014-10-29 03:50 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2015-02-16 12:39 - 2014-10-29 03:06 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2015-02-16 12:39 - 2014-10-29 03:06 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2015-02-16 12:39 - 2014-10-29 03:02 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-02-16 12:39 - 2014-10-29 03:02 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-02-16 12:39 - 2014-10-29 02:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-02-16 12:39 - 2014-10-29 02:31 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-02-16 12:39 - 2014-10-29 02:15 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-02-16 12:39 - 2014-10-29 02:15 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-02-16 12:39 - 2014-10-29 02:14 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-02-16 12:39 - 2014-10-29 02:13 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-02-16 12:39 - 2014-10-29 02:13 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-02-16 12:38 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-02-16 12:38 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-02-16 12:38 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-02-16 12:38 - 2015-01-12 03:34 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-02-16 12:38 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-02-16 12:38 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-02-16 12:38 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-02-16 12:38 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-02-16 12:38 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-02-16 12:38 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-02-16 12:38 - 2015-01-12 02:58 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-02-16 12:38 - 2015-01-12 02:55 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-02-16 12:38 - 2015-01-12 02:51 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-02-16 12:38 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-02-16 12:38 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-02-16 12:38 - 2015-01-12 02:48 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-02-16 12:38 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-02-16 12:38 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-02-16 12:38 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-02-16 12:38 - 2015-01-12 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-02-16 12:38 - 2015-01-12 02:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-02-16 12:38 - 2015-01-12 02:27 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-02-16 12:38 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-02-16 12:38 - 2015-01-12 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-02-16 12:38 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-02-16 12:38 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-02-16 12:38 - 2015-01-12 02:23 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-02-16 12:38 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-02-16 12:38 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-02-16 12:38 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-02-16 12:38 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-02-16 12:38 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-02-16 12:38 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-02-16 12:36 - 2015-01-10 09:22 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-15 10:44 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-03-15 10:21 - 2014-11-18 20:47 - 01436978 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-15 10:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-03-15 00:05 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-14 23:48 - 2013-01-07 20:24 - 00000000 ____D () C:\ProgramData\USBChargerPlus
2015-03-14 23:48 - 2013-01-07 19:55 - 00000000 ____D () C:\ProgramData\Qualcomm Atheros
2015-03-14 23:43 - 2014-11-18 20:04 - 00000000 ___DC () C:\WINDOWS\Panther
2015-03-14 23:43 - 2014-06-29 19:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LiveSupport
2015-03-14 23:32 - 2014-11-18 20:18 - 00000000 ____D () C:\Users\Irena
2015-03-14 19:50 - 2013-07-26 23:53 - 00000000 ____D () C:\ProgramData\TuneUp Software
2015-03-14 18:58 - 2014-06-29 19:20 - 00000000 ____D () C:\Program Files (x86)\Adblocker
2015-03-14 18:58 - 2014-02-09 21:39 - 00000000 ____D () C:\Users\Irena\AppData\Roaming\com.flash.WidgetBrowser
2015-03-14 18:30 - 2013-04-14 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartW8
2015-03-14 18:00 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-03-14 17:22 - 2013-04-14 20:54 - 00000000 ____D () C:\Users\Irena\AppData\Local\Adobe
2015-03-14 17:19 - 2013-04-13 16:41 - 00000500 _____ () C:\Users\Irena\AppData\Roaming\sp_data.sys
2015-03-12 22:04 - 2014-11-18 21:02 - 00000000 ___RD () C:\Users\Irena\OneDrive
2015-03-12 22:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-03-03 14:17 - 2013-07-27 15:05 - 00295552 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-02-28 18:44 - 2014-09-24 17:23 - 01745984 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-28 18:44 - 2014-09-24 16:39 - 00747350 _____ () C:\WINDOWS\system32\perfh005.dat
2015-02-28 18:44 - 2014-09-24 16:39 - 00154554 _____ () C:\WINDOWS\system32\perfc005.dat
2015-02-23 20:05 - 2013-04-14 11:58 - 00000000 ____D () C:\Users\Irena\AppData\Local\Google
2015-02-23 20:05 - 2013-04-14 11:58 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-19 11:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-02-18 20:33 - 2013-04-14 20:36 - 00000000 ____D () C:\Users\Irena\AppData\Roaming\DAEMON Tools Lite
2015-02-18 20:32 - 2013-04-19 11:12 - 00000000 ____D () C:\Users\Irena\AppData\Local\CrashDumps
2015-02-18 12:51 - 2013-07-21 08:52 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-02-18 12:41 - 2013-04-15 09:45 - 116773704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-02-17 11:43 - 2013-08-22 15:44 - 00485232 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-02-16 13:30 - 2014-06-29 19:36 - 00000000 ____D () C:\ProgramData\TEMP
2015-02-16 13:24 - 2013-04-14 21:04 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-16 12:45 - 2014-12-13 21:48 - 00007149 _____ () C:\WINDOWS\system32\ScanResults.xml
2015-02-16 12:41 - 2014-12-13 21:43 - 00000464 _____ () C:\WINDOWS\system32\ScannerSettings
2015-02-16 12:33 - 2014-01-07 21:17 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2015-02-16 12:30 - 2013-02-11 19:22 - 00000000 ____D () C:\Users\Irena\AppData\Local\Packages

==================== Files in the root of some directories =======

2014-06-29 19:21 - 2014-08-23 23:12 - 0000212 _____ () C:\Users\Irena\AppData\Roaming\LiveSupport.exe_log.txt
2014-06-29 19:21 - 2014-06-29 19:21 - 0000092 _____ () C:\Users\Irena\AppData\Roaming\regsvr32.exe_log.txt
2013-04-13 16:41 - 2015-03-14 17:19 - 0000500 _____ () C:\Users\Irena\AppData\Roaming\sp_data.sys
2012-11-23 14:06 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2012-11-23 14:06 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2012-11-23 14:06 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\WINDOWS\Tasks\ASC8_SkipUac_Irena.job => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Irena.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Irena\Desktop" je 402 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Zdravim

Odinstalujte Advanced SystemCare a nasledne i vse od IOBit - jsou to cinske smejdy a spise jen skodi nez jsou uzitkem. Hledaji nesmyslne a neexistujici problemy, databazi haveti ukradli jine renomovane spolecnosti

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Po spusteni probehne stazeni databaze
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Děkuji moc za velmi rychlou radu.
Software od IOBit jsem stáhl teprve včera, protože jsem hledal něco na čištění. Ale to zatížení to dělalo i předtím.
Každopádně po projetí výše zmíněným programem a po restartu vyběhl log, který přikládám a disk se zdá, že se na chvíli uklidnil. Ale po pár minutách a spuštění prohlížeče se znovu vytížil a zůstává vytížený.

EDIT: tak po dalších pár minutách se disk znovu uklidnil a je vytížený tak na 20%, což už je snesitelné. Dá se s notebookem pracovat. Dá se z toho logu vyčíst, kde mohla být chyba?

# AdwCleaner v4.112 - Logfile created 15/03/2015 at 11:33:11
# Updated 09/03/2015 by Xplode
# Database : 2015-03-05.1 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Irena - I-PC
# Running from : C:\Users\Irena\Desktop\adwcleaner_4.112.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Wideblue installer
Folder Deleted : C:\ProgramData\ALllCHeeapPrricce
Folder Deleted : C:\ProgramData\ALlSaAvera
Folder Deleted : C:\ProgramData\NeTToCouppon
Folder Deleted : C:\ProgramData\9073f97c3de62911
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LiveSupport
Folder Deleted : C:\Program Files (x86)\VideoDownloadConverter
Folder Deleted : C:\Program Files (x86)\Adblocker
Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\Irena\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Irena\AppData\Local\iac
Folder Deleted : C:\Users\Irena\AppData\Local\torch
Folder Deleted : C:\Users\Irena\AppData\Local\VideoDownloadConverter_4z
Folder Deleted : C:\Users\Irena\AppData\LocalLow\iac
Folder Deleted : C:\Users\Irena\AppData\Roaming\com.flash.WidgetBrowser
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jchbdlfhkajbimhbmmaokjkaeegeplmf
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\jchbdlfhkajbimhbmmaokjkaeegeplmf
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\jchbdlfhkajbimhbmmaokjkaeegeplmf
Folder Deleted : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jchbdlfhkajbimhbmmaokjkaeegeplmf
Folder Deleted : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jchbdlfhkajbimhbmmaokjkaeegeplmf
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jchbdlfhkajbimhbmmaokjkaeegeplmf
Folder Deleted : C:\Users\Irena\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jchbdlfhkajbimhbmmaokjkaeegeplmf
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jchbdlfhkajbimhbmmaokjkaeegeplmf
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jchbdlfhkajbimhbmmaokjkaeegeplmf
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jchbdlfhkajbimhbmmaokjkaeegeplmf
Folder Deleted : C:\Users\Irena\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jchbdlfhkajbimhbmmaokjkaeegeplmf
File Deleted : C:\END
File Deleted : C:\WINDOWS\Reimage.ini
File Deleted : C:\Users\Irena\AppData\Roaming\LiveSupport.exe_log.txt
File Deleted : C:\Users\Irena\AppData\Roaming\regsvr32.exe_log.txt

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.DynamicBarButton
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ToolbarProtector
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ToolbarProtector.1
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@VideoDownloadConverter_ScriptHelper.com/Plugin
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3719959C-1CCD-4FA7-8EBB-7D9DED86FCCB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{84B7B98F-E018-4DBB-AB4C-4DDD3DFCB5FB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ED345812-2722-4DCA-9976-D01832DB44EE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D9083CE-8758-4704-BA57-3C891D7452BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A86782D8-7B41-452F-A217-1854F72DBA54}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{71144427-1368-4D18-8DC9-2AE3CC4C4F83}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ED345812-2722-4DCA-9976-D01832DB44EE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D6F0AC3-0C2E-4E07-8FDA-11268AB51211}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D9083CE-8758-4704-BA57-3C891D7452BD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9083CE-8758-4704-BA57-3C891D7452BD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CA021789-C8CD-4676-BC40-90077A19D5CD}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF6E4B1C-DBDE-457E-9CEF-AB8ECAC8A5E8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}
Key Deleted : HKCU\Software\LiveSupport
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\Reimage
Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\SOFTWARE\VideoDownloadConverter
Key Deleted : [x64] HKLM\SOFTWARE\Reimage

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Google Chrome v41.0.2272.89


-\\ Comodo Dragon v


-\\ Opera v28.0.1750.40


-\\ Chrome Canary v


*************************

AdwCleaner[R0].txt - [9649 bytes] - [15/03/2015 11:30:16]
AdwCleaner[S0].txt - [9275 bytes] - [15/03/2015 11:33:11]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9334 bytes] ##########

IOBIt dejte do pryc, tim nic nevycistite

Mohly to byt prace systemu, ale jeste to procistime

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  resethosts;
  emptyclsid;
  IEdefaults;
  FFdefaults;
  CHRdefaults;
  emptyIEcache;
  emptyFFcache;
  emptyCHRcache;
  emptyalltemp;
  emptyflash;
  emptyjava;
  emptyrecycle.bin;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Takže se zdá, že všechny tyto kroky pomohly.
Disk se po pár minutách uklidní.
Myslíte, že za to mohl nějaký malware (či jiná havěť) nebo nějaká služba spouštěná na pozadí?

Zoek.exe v5.0.0.0 Updated 13-March-2015
Tool run by Irena on ne 15.03.2015 at 13:05:30,25.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Irena\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

15.3.2015 13:06:10 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\VideoLAN deleted successfully
C:\PROGRA~3\FolderView deleted successfully
C:\PROGRA~3\Qualcomm Atheros deleted successfully
C:\PROGRA~3\USBChargerPlus deleted successfully
C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} deleted successfully
C:\PROGRA~3\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted successfully
C:\Users\Irena\AppData\Local\CrashDumps deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2343249615-88943350-3312692250-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} deleted successfully
HKEY_USERS\S-1-5-21-2343249615-88943350-3312692250-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2343249615-88943350-3312692250-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} deleted successfully
HKEY_USERS\S-1-5-21-2343249615-88943350-3312692250-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{48586425-6BB7-4F51-8DC6-38C88E3EBB58} deleted successfully
HKEY_USERS\S-1-5-21-2343249615-88943350-3312692250-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{C547C6C2-561B-4169-A2A5-20BA771CA93B} deleted successfully
HKEY_USERS\S-1-5-21-2343249615-88943350-3312692250-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_USERS\S-1-5-21-2343249615-88943350-3312692250-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{5887C2CF-035E-CAA4-8515-69B58516EF47} deleted successfully
HKEY_USERS\S-1-5-21-2343249615-88943350-3312692250-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{BDE4CE93-02BF-0D9C-4931-63EC726307C5} deleted successfully
HKEY_USERS\S-1-5-21-2343249615-88943350-3312692250-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{C4E41903-860B-BD8D-AAD1-2F84E4ACE221} deleted successfully
HKEY_USERS\S-1-5-21-2343249615-88943350-3312692250-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{DC17CE41-8D7E-18E4-66C6-5A98821FBBB7} deleted successfully
HKEY_USERS\S-1-5-21-2343249615-88943350-3312692250-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\VideoLAN not found
C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} not found
C:\PROGRA~3\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} not found
C:\Users\Irena\AppData\LocalLow\{16283FC6-8B71-BE9B-0679-144F0DFBEEC4} deleted
C:\Users\Irena\AppData\LocalLow\{30C2CDA3-A913-02DD-4882-959D64A5E741} deleted
C:\Users\Irena\AppData\LocalLow\{5887C2CF-035E-CAA4-8515-69B58516EF47} deleted
C:\Users\Irena\AppData\LocalLow\{A52970C9-C89C-7107-0A24-BDA15164D552} deleted
C:\Users\Irena\AppData\LocalLow\{BDE4CE93-02BF-0D9C-4931-63EC726307C5} deleted
C:\Users\Irena\AppData\LocalLow\{C4E41903-860B-BD8D-AAD1-2F84E4ACE221} deleted
C:\Users\Irena\AppData\LocalLow\{DC17CE41-8D7E-18E4-66C6-5A98821FBBB7} deleted
C:\Users\Irena\AppData\Local\Packages\windows_ie_ac_001\AC\{16283FC6-8B71-BE9B-0679-144F0DFBEEC4} deleted
C:\Users\Irena\AppData\Local\Packages\windows_ie_ac_001\AC\{30C2CDA3-A913-02DD-4882-959D64A5E741} deleted
C:\Users\Irena\AppData\Local\Packages\windows_ie_ac_001\AC\{5887C2CF-035E-CAA4-8515-69B58516EF47} deleted
C:\Users\Irena\AppData\Local\Packages\windows_ie_ac_001\AC\{A52970C9-C89C-7107-0A24-BDA15164D552} deleted
C:\Users\Irena\AppData\Local\Packages\windows_ie_ac_001\AC\{BDE4CE93-02BF-0D9C-4931-63EC726307C5} deleted
C:\Users\Irena\AppData\Local\Packages\windows_ie_ac_001\AC\{C4E41903-860B-BD8D-AAD1-2F84E4ACE221} deleted
C:\Users\Irena\AppData\Local\Packages\windows_ie_ac_001\AC\{DC17CE41-8D7E-18E4-66C6-5A98821FBBB7} deleted
C:\Users\Irena\AppData\Roaming\ProductData deleted
C:\PROGRA~3\SetStretch.VBS deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\InstallMate deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"web2pdfextension@web2pdf.adobedotcom"="C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn" [28.07.2014 13:55]

==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Administrator\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\Guest\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\Guest\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Guest\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\Irena\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Irena\AppData\Local\Comodo\Dragon deleted

==== Chromium Look ======================

Google Chrome Version: 41.0.2272.89 (Up to date, latest Stable version: 41.0.2272.89)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx[21.12.2013 07:04]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14.07.2014 18:22]

Skype Click to Call - Irena\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/?pc=MSE1"
"Search Bar"="http://www.bing.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.msn.com/?pc=MSE1"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... IA_csCZ531"
{80c554b9-c7f8-4a21-9471-06d606da78a2} Bing Url="http://www.bing.com/search?q={searchTer ... DF&pc=MSE1"

==== Reset Google Chrome ======================

C:\Users\Irena\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully
C:\Users\Irena\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\Irena\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully
C:\Users\Irena\AppData\Roaming\Opera Software\Opera Stable\Web Data will be reset at reboot

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\6c2c0a73-85e5-4660-93b1-ee1e6ca5e8d6 deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Irena\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Irena\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Irena\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Irena\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Irena\AppData\Local\Opera Software\Opera Stable\Cache will be emptied at reboot
C:\Users\Irena\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=28 folders=20 3869347 bytes)

==== Empty Temp Folders ======================

C:\Users\Administrator\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Irena\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Irena\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Irena\AppData\Roaming\Opera Software\Opera Stable\Web Data" not found
"C:\Users\Irena\AppData\Local\Opera Software\Opera Stable\Cache\data_0" deleted
"C:\Users\Irena\AppData\Local\Opera Software\Opera Stable\Cache\data_1" deleted
"C:\Users\Irena\AppData\Local\Opera Software\Opera Stable\Cache\data_2" deleted
"C:\Users\Irena\AppData\Local\Opera Software\Opera Stable\Cache\data_3" deleted
"C:\Users\Irena\AppData\Local\Opera Software\Opera Stable\Cache\index" deleted
"C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on ne 15.03.2015 at 13:30:37,49 ======================

Haveti tam bylo taky dost

Dejte prosim FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100 a docistime

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Irena (administrator) on I-PC on 15-03-2015 15:14:03
Running from C:\Users\Irena\Desktop
Loaded Profiles: Irena (Available profiles: Irena & Administrator)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(SODATSW spol. s .r.o.) C:\Program Files (x86)\StartW8\bin\StartW8Service.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(SODATSW spol. s r.o.) C:\Program Files (x86)\StartW8\bin\StartW8Button.exe
(SODATSW spol. s r. o.) C:\Program Files (x86)\StartW8\bin\StartW8Menu.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.40\opera.exe
() C:\Program Files (x86)\Opera\28.0.1750.40\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.40\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.40\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.40\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.40\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.40\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.40\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.40\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.40\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.40\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.40\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\28.0.1750.40\opera.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe
(forum.viry.cz) C:\Users\Irena\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [22912 2012-10-01] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13219984 2012-11-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1234064 2012-10-29] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764032 2012-08-10] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-10] (Qualcomm Atheros Commnucations)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-28] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartW8Button] => C:\Program Files (x86)\StartW8\bin\StartW8Button.exe [59752 2014-12-15] (SODATSW spol. s r.o.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2343249615-88943350-3312692250-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
HKU\S-1-5-21-2343249615-88943350-3312692250-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
HKU\S-1-5-21-2343249615-88943350-3312692250-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTer ... DF&pc=MSE1
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTer ... DF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2343249615-88943350-3312692250-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2343249615-88943350-3312692250-1001 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTer ... DF&pc=MSE1
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-05] (Google Inc.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2013-12-20] (Adobe Systems Incorporated)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2013-12-20] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-05] (Google Inc.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2013-12-20] (Adobe Systems Incorporated)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-05] (Google Inc.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-05] (Google Inc.)
Toolbar: HKU\S-1-5-21-2343249615-88943350-3312692250-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-05] (Google Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-23] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-23] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2013-12-21] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2343249615-88943350-3312692250-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Irena\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-02-09]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Irena\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Irena\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-01-23]
CHR Extension: (Skype Click to Call) - C:\Users\Irena\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-03-15]
CHR Extension: (Google Wallet) - C:\Users\Irena\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-15]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2013-12-21]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [30080 2012-10-01] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [31616 2012-10-01] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [37760 2012-10-01] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2631456 2014-12-10] (IObit)
R2 StartW8Service; C:\Program Files (x86)\StartW8\bin\StartW8Service.exe [620392 2014-12-15] (SODATSW spol. s .r.o.)
S3 WakeupService; C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe [42336 2012-11-16] (ASUSTek Computer Inc.)
S3 wampapache; c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe [22016 2014-05-01] (Apache Software Foundation) [File not signed]
S3 wampmysqld; c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe [10959360 2014-05-01] () [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-11-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-11-18] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-10] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ATP; C:\Windows\System32\drivers\AsusTP.sys [62848 2012-11-20] (ASUS Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [107328 2012-10-01] (Intel Corporation)
R3 DptfDevFan; C:\Windows\system32\DRIVERS\DptfDevFan.sys [42816 2012-10-01] (Intel Corporation)
R3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [64832 2012-10-01] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [96576 2012-10-01] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [229184 2012-10-01] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [363328 2012-10-01] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-15] (Malwarebytes Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-11-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-15 15:14 - 2015-03-15 15:14 - 00018855 _____ () C:\Users\Irena\Desktop\FRST.txt
2015-03-15 13:51 - 2015-03-15 13:51 - 00000000 ____D () C:\Users\Irena\AppData\Roaming\ProductData
2015-03-15 13:21 - 2015-03-15 13:05 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2015-03-15 13:06 - 2015-03-15 13:30 - 00012544 _____ () C:\zoek-results.log
2015-03-15 13:05 - 2015-03-15 13:23 - 00000000 ____D () C:\zoek_backup
2015-03-15 13:04 - 2015-03-15 13:04 - 01305600 _____ () C:\Users\Irena\Desktop\zoek.exe
2015-03-15 11:48 - 2015-03-15 11:48 - 00009478 _____ () C:\Users\Irena\Desktop\AdwCleaner[S0].txt
2015-03-15 11:37 - 2015-03-15 13:23 - 00001764 _____ () C:\WINDOWS\PFRO.log
2015-03-15 11:28 - 2015-03-15 11:58 - 00000000 ____D () C:\AdwCleaner
2015-03-15 11:24 - 2015-03-15 11:24 - 02171392 _____ () C:\Users\Irena\Desktop\adwcleaner_4.112.exe
2015-03-15 10:50 - 2015-03-15 15:14 - 00000000 ____D () C:\FRST
2015-03-15 10:49 - 2015-03-15 10:49 - 00112640 _____ (forum.viry.cz) C:\Users\Irena\Desktop\FRSTLauncher.exe
2015-03-15 10:45 - 2015-03-15 13:23 - 00000231 _____ () C:\WINDOWS\setupact.log
2015-03-15 10:45 - 2015-03-15 10:45 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-03-15 10:31 - 2015-03-15 10:31 - 02095616 _____ (Farbar) C:\Users\Irena\Desktop\FRST64.exe
2015-03-14 23:51 - 2015-03-14 23:51 - 80633856 _____ () C:\WINDOWS\system32\config\SOFTWARE.iobit
2015-03-14 23:51 - 2015-03-14 23:51 - 79896576 _____ () C:\WINDOWS\system32\config\COMPONENTS.iobit
2015-03-14 23:51 - 2015-03-14 23:51 - 00851968 _____ () C:\WINDOWS\system32\config\DEFAULT.iobit
2015-03-14 23:51 - 2015-03-14 23:51 - 00028672 _____ () C:\WINDOWS\system32\config\SECURITY.iobit
2015-03-14 23:51 - 2015-03-14 23:51 - 00028672 _____ () C:\WINDOWS\system32\config\SAM.iobit
2015-03-14 23:32 - 2015-03-14 23:32 - 00000000 ____D () C:\Users\Default\AppData\Roaming\IObit
2015-03-14 23:32 - 2015-03-14 23:32 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\IObit
2015-03-14 23:30 - 2015-03-14 23:30 - 00000000 ____D () C:\Users\Irena\AppData\Roaming\Apple Computer
2015-03-14 23:29 - 2015-03-15 11:57 - 00000000 ____D () C:\ProgramData\IObit
2015-03-14 23:29 - 2015-03-14 23:29 - 00000000 ____D () C:\WINDOWS\Tasks\ImCleanDisabled
2015-03-14 23:28 - 2015-03-15 11:57 - 00000000 ____D () C:\Users\Irena\AppData\Roaming\IObit
2015-03-14 23:28 - 2015-03-15 11:37 - 00000000 ____D () C:\Program Files (x86)\IObit
2015-03-14 23:27 - 2015-03-14 23:27 - 00000000 ____D () C:\Users\Irena\Downloads\Advanced SystemCare 8.0.3.621
2015-03-14 23:09 - 2015-03-14 23:09 - 00000152 _____ () C:\Users\Irena\Downloads\stahování
2015-03-14 23:03 - 2015-03-14 23:10 - 45403160 _____ () C:\Users\Irena\Downloads\Advanced SystemCare 8.0.3.621.rar
2015-03-14 19:50 - 2015-03-15 13:55 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2343249615-88943350-3312692250-1001
2015-03-14 19:46 - 2015-03-14 19:46 - 00002772 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-03-14 18:53 - 2015-03-14 18:53 - 00000599 _____ () C:\Users\Irena\Desktop\WampServer.lnk
2015-03-14 18:53 - 2015-03-14 18:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WampServer
2015-03-14 18:49 - 2015-03-14 18:55 - 00000000 ____D () C:\wamp
2015-03-14 18:46 - 2015-03-14 18:48 - 39917641 _____ (Hervé Leclerc (HeL) ) C:\Users\Irena\Downloads\wampserver2.5-Apache-2.4.9-Mysql-5.6.17-php5.5.12-32b.exe
2015-03-14 18:27 - 2015-03-14 18:27 - 00725800 _____ ( ) C:\Users\Irena\Downloads\startw8.exe
2015-03-14 18:23 - 2015-03-14 18:23 - 00000000 __SHD () C:\vseqrntn.bin
2015-03-14 18:21 - 2015-03-14 18:21 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Irena\Downloads\tdsskiller.exe
2015-03-14 18:18 - 2015-03-15 10:43 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-03-14 18:18 - 2015-03-14 18:18 - 00001116 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-14 18:18 - 2015-03-14 18:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-14 18:17 - 2015-03-14 18:18 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-14 18:17 - 2015-03-14 18:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-14 18:17 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-03-14 18:17 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-03-14 18:17 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-03-14 18:15 - 2015-03-14 18:17 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Irena\Downloads\mbam-setup-2.0.4.1028.exe
2015-03-14 17:56 - 2015-03-15 10:49 - 00000000 ____D () C:\Program Files (x86)\Defender Pro
2015-03-14 17:55 - 2015-03-14 17:55 - 10995808 _____ () C:\Users\Irena\Downloads\defender_pro_free_2015.exe
2015-03-14 17:18 - 2015-03-14 17:18 - 00000000 ____D () C:\ProgramData\StartW8
2015-03-13 18:14 - 2015-03-13 18:14 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2015-03-13 18:14 - 2015-03-13 18:14 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2015-03-08 14:37 - 2015-03-08 14:37 - 00380845 _____ () C:\Users\Irena\Downloads\Sketchup Pro 2015 User Expired Downloader.zip
2015-03-06 10:57 - 2015-03-06 10:57 - 00000000 ____D () C:\Users\Irena\Desktop\Ukázky
2015-03-06 10:51 - 2015-03-06 10:51 - 00880208 _____ (Google Inc.) C:\Users\Irena\Downloads\googledrivesync (3).exe
2015-03-05 18:18 - 2015-03-05 18:18 - 11278409 _____ () C:\Users\Irena\Downloads\Reflections.themepack
2015-03-01 20:43 - 2015-03-01 20:43 - 02747055 _____ () C:\Users\Irena\Downloads\Zahradni.skp
2015-03-01 09:53 - 2015-03-01 09:53 - 00532624 _____ () C:\Users\Irena\Documents\Zahradni.skb
2015-02-28 23:58 - 2015-03-01 10:45 - 00557935 _____ () C:\Users\Irena\Documents\Zahradni.skp
2015-02-28 23:31 - 2015-02-28 23:31 - 00000778 _____ () C:\Users\Irena\Downloads\MattsSketchUpshortcuts.dat
2015-02-28 21:21 - 2015-03-01 09:42 - 00188229 _____ () C:\Users\Irena\Documents\Okno s balkonem.skp
2015-02-28 21:21 - 2015-02-28 21:21 - 00154043 _____ () C:\Users\Irena\Documents\Okno s parapetem.skp
2015-02-28 20:20 - 2015-02-28 20:20 - 00000000 ____D () C:\Users\Irena\Nová složka
2015-02-28 20:20 - 2014-12-13 22:28 - 00513488 _____ () C:\WINDOWS\SysWOW64\locale.nls
2015-02-28 20:20 - 2014-12-13 22:28 - 00513488 _____ () C:\WINDOWS\system32\locale.nls
2015-02-28 20:20 - 2014-10-29 02:27 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2015-02-28 20:20 - 2014-10-29 02:27 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2015-02-28 20:20 - 2014-10-29 02:04 - 00868352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2015-02-28 20:20 - 2014-10-29 02:04 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2015-02-28 20:14 - 2015-02-28 20:14 - 00066647 _____ () C:\Users\Irena\Downloads\RoundCorner_v2.7a.rbz
2015-02-28 19:45 - 2015-02-28 19:46 - 00000000 ____D () C:\Users\Irena\AppData\Local\LIBFREDO6_DATA_Dir
2015-02-28 19:25 - 2015-02-28 19:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chaos Group
2015-02-28 19:24 - 2015-02-28 19:24 - 00000000 ____D () C:\Program Files\WIBU-SYSTEMS
2015-02-28 19:24 - 2015-02-28 19:24 - 00000000 ____D () C:\Program Files (x86)\WIBU-SYSTEMS
2015-02-28 19:24 - 2015-02-28 19:24 - 00000000 ____D () C:\Program Files (x86)\WIBUKEY
2015-02-28 19:17 - 2015-02-28 19:33 - 00000000 ____D () C:\ProgramData\ASGVIS
2015-02-28 18:47 - 2015-02-28 18:47 - 00002180 _____ () C:\Users\Public\Desktop\Style Builder 2015.lnk
2015-02-28 18:47 - 2015-02-28 18:47 - 00002094 _____ () C:\Users\Public\Desktop\LayOut 2015.lnk
2015-02-28 18:47 - 2015-02-28 18:47 - 00002005 _____ () C:\Users\Public\Desktop\SketchUp 2015.lnk
2015-02-28 18:47 - 2015-02-28 18:47 - 00000000 ____D () C:\ProgramData\Reprise
2015-02-28 18:47 - 2015-02-28 18:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2015
2015-02-28 18:46 - 2015-02-28 18:46 - 00000000 ____D () C:\ProgramData\SketchUp
2015-02-28 18:46 - 2015-02-28 18:46 - 00000000 ____D () C:\Program Files\SketchUp
2015-02-28 18:40 - 2015-02-28 21:12 - 00828474 _____ () C:\Users\Irena\Documents\Okno.skb
2015-02-27 18:51 - 2015-02-27 18:51 - 00880208 _____ (Google Inc.) C:\Users\Irena\Downloads\googledrivesync (2).exe
2015-02-27 18:51 - 2015-02-27 18:51 - 00880208 _____ (Google Inc.) C:\Users\Irena\Downloads\googledrivesync (1).exe
2015-02-27 18:49 - 2015-02-28 21:22 - 00828786 _____ () C:\Users\Irena\Documents\Okno.skp
2015-02-23 20:31 - 2015-02-23 20:26 - 00138168 _____ () C:\Users\Irena\Documents\pokus sketchup layout.skb
2015-02-23 20:26 - 2015-02-23 20:31 - 00130477 _____ () C:\Users\Irena\Documents\pokus sketchup layout.skp
2015-02-23 20:05 - 2015-03-13 18:15 - 00002060 _____ () C:\Users\Public\Desktop\Google Slides.lnk
2015-02-23 20:05 - 2015-03-13 18:15 - 00002058 _____ () C:\Users\Public\Desktop\Google Sheets.lnk
2015-02-23 20:05 - 2015-03-13 18:15 - 00002048 _____ () C:\Users\Public\Desktop\Google Docs.lnk
2015-02-23 20:05 - 2015-03-13 18:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-02-23 20:03 - 2015-02-23 20:04 - 00880208 _____ (Google Inc.) C:\Users\Irena\Downloads\googledrivesync.exe
2015-02-19 12:19 - 2015-02-19 12:19 - 00000000 ____D () C:\Users\Irena\AppData\Roaming\Unity
2015-02-19 12:03 - 2015-02-19 12:03 - 03249480 _____ (Unity Technologies ApS) C:\Users\Irena\Downloads\UnityWebPlayer.exe
2015-02-19 12:03 - 2015-02-19 12:03 - 00000000 ____D () C:\Users\Irena\AppData\Local\Unity
2015-02-18 21:34 - 2015-02-18 21:36 - 00000000 ____D () C:\Users\Irena\Desktop\Google Sketchup Pro 2015 v15.3.331 64Bit
2015-02-18 21:31 - 2015-02-18 21:31 - 00000000 ____D () C:\Users\Irena\Downloads\Google_Sketchup_Pro_2015_v15.3_64Bit
2015-02-18 21:31 - 2015-02-18 21:31 - 00000000 ____D () C:\Users\Irena\AppData\Roaming\SketchUp
2015-02-18 21:27 - 2015-02-18 21:30 - 144464696 _____ () C:\Users\Irena\Downloads\Google_Sketchup_Pro_2015_v15.3_64Bit.zip
2015-02-17 20:15 - 2015-03-05 18:07 - 00000000 ____D () C:\Users\Irena\AppData\Roaming\Skype
2015-02-17 20:15 - 2015-02-17 20:15 - 00002747 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-02-17 20:15 - 2015-02-17 20:15 - 00000000 ____D () C:\Users\Irena\AppData\Local\Skype
2015-02-17 20:15 - 2015-02-17 20:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-02-17 20:14 - 2015-02-17 20:15 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-02-17 20:14 - 2015-02-17 20:15 - 00000000 ____D () C:\ProgramData\Skype
2015-02-17 20:13 - 2015-02-17 20:13 - 01548384 _____ (Skype Technologies S.A.) C:\Users\Irena\Downloads\SkypeSetup.exe
2015-02-17 20:05 - 2014-12-19 09:57 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-02-17 20:05 - 2014-12-19 09:25 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-02-17 20:05 - 2014-12-09 00:12 - 00391526 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-02-17 20:04 - 2015-01-19 19:42 - 01487976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-02-17 19:46 - 2015-02-17 19:52 - 00000000 ____D () C:\Program Files\CCleaner
2015-02-17 19:46 - 2015-02-17 19:46 - 00000836 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-02-17 19:46 - 2015-02-17 19:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-02-17 19:45 - 2015-02-17 19:45 - 00000000 ____D () C:\Users\Irena\Downloads\CCleaner-Professional-&-Business-Edition-v5.02.5101-(2015)(CZ,SK)
2015-02-17 19:44 - 2015-02-17 19:44 - 00001017 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2015-02-17 19:44 - 2015-02-17 19:44 - 00000000 ____D () C:\Users\Irena\AppData\Roaming\WinRAR
2015-02-17 19:44 - 2015-02-17 19:44 - 00000000 ____D () C:\Users\Irena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-02-17 19:44 - 2015-02-17 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-02-17 19:41 - 2015-02-17 19:44 - 00000000 ____D () C:\Program Files (x86)\WinRar
2015-02-17 19:40 - 2015-02-17 19:41 - 03248365 _____ () C:\Users\Irena\Downloads\setup.exe
2015-02-17 19:33 - 2015-02-17 19:34 - 05654861 _____ () C:\Users\Irena\Downloads\CCleaner-Professional-&-Business-Edition-v5.02.5101-(2015)(CZ,SK).rar
2015-02-17 19:26 - 2015-03-14 19:06 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-02-17 19:26 - 2015-03-13 18:17 - 00001059 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-02-17 19:26 - 2015-02-17 19:26 - 00001149 _____ () C:\Users\Public\Desktop\Opera.lnk
2015-02-17 19:26 - 2015-02-17 19:26 - 00000000 ____D () C:\Users\Irena\AppData\Roaming\Opera Software
2015-02-17 19:26 - 2015-02-17 19:26 - 00000000 ____D () C:\Users\Irena\AppData\Local\Opera Software
2015-02-17 18:14 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-02-17 18:14 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-02-17 18:06 - 2015-02-17 18:06 - 00001142 _____ () C:\Users\Irena\Desktop\Vítejte u registrace produktu ASUS.lnk
2015-02-16 13:10 - 2015-02-16 13:10 - 00000000 ___RD () C:\Users\Irena\SkyDrive
2015-02-16 13:10 - 2015-02-16 13:10 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2015-02-16 12:39 - 2015-01-15 23:43 - 00563504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-02-16 12:39 - 2015-01-15 23:43 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-02-16 12:39 - 2015-01-14 05:22 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-02-16 12:39 - 2015-01-14 04:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-02-16 12:39 - 2015-01-13 23:11 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-02-16 12:39 - 2015-01-13 23:04 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-02-16 12:39 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-02-16 12:39 - 2015-01-10 10:10 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-02-16 12:39 - 2015-01-10 10:10 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-02-16 12:39 - 2015-01-10 09:28 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-02-16 12:39 - 2015-01-10 08:00 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-02-16 12:39 - 2015-01-10 07:38 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-02-16 12:39 - 2014-12-09 04:45 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-02-16 12:39 - 2014-12-09 02:56 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-02-16 12:39 - 2014-10-29 03:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2015-02-16 12:39 - 2014-10-29 03:50 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2015-02-16 12:39 - 2014-10-29 03:06 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2015-02-16 12:39 - 2014-10-29 03:06 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2015-02-16 12:39 - 2014-10-29 03:02 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-02-16 12:39 - 2014-10-29 03:02 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-02-16 12:39 - 2014-10-29 02:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-02-16 12:39 - 2014-10-29 02:31 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-02-16 12:39 - 2014-10-29 02:15 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-02-16 12:39 - 2014-10-29 02:15 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-02-16 12:39 - 2014-10-29 02:14 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-02-16 12:39 - 2014-10-29 02:13 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-02-16 12:39 - 2014-10-29 02:13 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-02-16 12:38 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-02-16 12:38 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-02-16 12:38 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-02-16 12:38 - 2015-01-12 03:34 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-02-16 12:38 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-02-16 12:38 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-02-16 12:38 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-02-16 12:38 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-02-16 12:38 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-02-16 12:38 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-02-16 12:38 - 2015-01-12 02:58 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-02-16 12:38 - 2015-01-12 02:55 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-02-16 12:38 - 2015-01-12 02:51 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-02-16 12:38 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-02-16 12:38 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-02-16 12:38 - 2015-01-12 02:48 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-02-16 12:38 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-02-16 12:38 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-02-16 12:38 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-02-16 12:38 - 2015-01-12 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-02-16 12:38 - 2015-01-12 02:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-02-16 12:38 - 2015-01-12 02:27 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-02-16 12:38 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-02-16 12:38 - 2015-01-12 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-02-16 12:38 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-02-16 12:38 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-02-16 12:38 - 2015-01-12 02:23 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-02-16 12:38 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-02-16 12:38 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-02-16 12:38 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-02-16 12:38 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-02-16 12:38 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-02-16 12:38 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-02-16 12:36 - 2015-01-10 09:22 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-15 15:13 - 2014-11-18 20:47 - 02092360 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-15 14:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-03-15 13:23 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-15 13:23 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-03-15 13:19 - 2014-06-29 19:20 - 00000000 ____D () C:\Users\Irena\AppData\Local\Comodo
2015-03-15 13:19 - 2014-06-29 19:20 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2015-03-15 13:19 - 2014-06-29 19:20 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2015-03-15 13:19 - 2014-06-29 19:20 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2015-03-15 13:19 - 2014-06-29 19:20 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2015-03-15 13:19 - 2014-06-29 19:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2015-03-15 13:19 - 2014-06-29 19:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2015-03-15 13:19 - 2013-04-14 11:58 - 00000000 ____D () C:\Users\Irena\AppData\Local\Google
2015-03-15 11:36 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-03-15 11:23 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-03-14 23:43 - 2014-11-18 20:04 - 00000000 ___DC () C:\WINDOWS\Panther
2015-03-14 23:32 - 2014-11-18 20:18 - 00000000 ____D () C:\Users\Irena
2015-03-14 19:50 - 2013-07-26 23:53 - 00000000 ____D () C:\ProgramData\TuneUp Software
2015-03-14 18:30 - 2013-04-14 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartW8
2015-03-14 17:22 - 2013-04-14 20:54 - 00000000 ____D () C:\Users\Irena\AppData\Local\Adobe
2015-03-14 17:19 - 2013-04-13 16:41 - 00000500 _____ () C:\Users\Irena\AppData\Roaming\sp_data.sys
2015-03-12 22:04 - 2014-11-18 21:02 - 00000000 ___RD () C:\Users\Irena\OneDrive
2015-03-03 14:17 - 2013-07-27 15:05 - 00295552 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-02-28 18:44 - 2014-09-24 17:23 - 01745984 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-28 18:44 - 2014-09-24 16:39 - 00747350 _____ () C:\WINDOWS\system32\perfh005.dat
2015-02-28 18:44 - 2014-09-24 16:39 - 00154554 _____ () C:\WINDOWS\system32\perfc005.dat
2015-02-23 20:05 - 2013-04-14 11:58 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-19 11:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-02-18 20:33 - 2013-04-14 20:36 - 00000000 ____D () C:\Users\Irena\AppData\Roaming\DAEMON Tools Lite
2015-02-18 12:51 - 2013-07-21 08:52 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-02-18 12:41 - 2013-04-15 09:45 - 116773704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-02-17 11:43 - 2013-08-22 15:44 - 00485232 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-02-16 13:30 - 2014-06-29 19:36 - 00000000 ____D () C:\ProgramData\TEMP
2015-02-16 13:24 - 2013-04-14 21:04 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-16 12:45 - 2014-12-13 21:48 - 00007149 _____ () C:\WINDOWS\system32\ScanResults.xml
2015-02-16 12:41 - 2014-12-13 21:43 - 00000464 _____ () C:\WINDOWS\system32\ScannerSettings
2015-02-16 12:30 - 2013-02-11 19:22 - 00000000 ____D () C:\Users\Irena\AppData\Local\Packages

==================== Files in the root of some directories =======

2013-04-13 16:41 - 2015-03-14 17:19 - 0000500 _____ () C:\Users\Irena\AppData\Roaming\sp_data.sys
2012-11-23 14:06 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2012-11-23 14:06 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-15 11:32




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:129.82 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:258.15 GB) (Free:257.7 GB) NTFS

Available physical RAM: 2656.5 MB
Total physical RAM: 3981.6 MB
Percentage of memory in use: 33%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 465.8 GB) (Disk ID: 1FEB4A9B)

==================== Scheduled Tasks (whitelisted) ==================


==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\Users\Irena\OneDrive:ms-properties

==================== Security Center ==================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Irena\Desktop" je 406 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
  ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
  ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
  ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
  ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
  ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
  ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
  
  HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
  HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
  HKU\S-1-5-21-2343249615-88943350-3312692250-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
  HKU\S-1-5-21-2343249615-88943350-3312692250-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
  SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
  SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
  SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-21-2343249615-88943350-3312692250-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
  SearchScopes: HKU\S-1-5-21-2343249615-88943350-3312692250-1001 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
  BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll No File
  Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
  Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
  FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
  CHR Extension: (Skype Click to Call) - C:\Users\Irena\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-03-15]
  CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
  
  R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
  R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
  R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2631456 2014-12-10] (IObit)
  
  C:\Program Files (x86)\Skype\Toolbars
  C:\Program Files (x86)\IObit
  2015-03-15 15:14 - 2015-03-15 15:14 - 00018855 _____ () C:\Users\Irena\Desktop\FRST.txt
  2015-03-15 13:21 - 2015-03-15 13:05 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
  2015-03-15 13:06 - 2015-03-15 13:30 - 00012544 _____ () C:\zoek-results.log
  2015-03-15 13:05 - 2015-03-15 13:23 - 00000000 ____D () C:\zoek_backup
  2015-03-15 13:04 - 2015-03-15 13:04 - 01305600 _____ () C:\Users\Irena\Desktop\zoek.exe
  2015-03-15 11:48 - 2015-03-15 11:48 - 00009478 _____ () C:\Users\Irena\Desktop\AdwCleaner[S0].txt
  2015-03-15 11:37 - 2015-03-15 13:23 - 00001764 _____ () C:\WINDOWS\PFRO.log
  2015-03-15 11:28 - 2015-03-15 11:58 - 00000000 ____D () C:\AdwCleaner
  2015-03-15 11:24 - 2015-03-15 11:24 - 02171392 _____ () C:\Users\Irena\Desktop\adwcleaner_4.112.exe
  2015-03-15 10:49 - 2015-03-15 10:49 - 00112640 _____ (forum.viry.cz) C:\Users\Irena\Desktop\FRSTLauncher.exe
  2015-03-15 10:45 - 2015-03-15 13:23 - 00000231 _____ () C:\WINDOWS\setupact.log
  2015-03-15 10:45 - 2015-03-15 10:45 - 00000000 _____ () C:\WINDOWS\setuperr.log
  2015-03-15 10:31 - 2015-03-15 10:31 - 02095616 _____ (Farbar) C:\Users\Irena\Desktop\FRST64.exe
  2015-03-14 23:51 - 2015-03-14 23:51 - 80633856 _____ () C:\WINDOWS\system32\config\SOFTWARE.iobit
  2015-03-14 23:51 - 2015-03-14 23:51 - 79896576 _____ () C:\WINDOWS\system32\config\COMPONENTS.iobit
  2015-03-14 23:51 - 2015-03-14 23:51 - 00851968 _____ () C:\WINDOWS\system32\config\DEFAULT.iobit
  2015-03-14 23:51 - 2015-03-14 23:51 - 00028672 _____ () C:\WINDOWS\system32\config\SECURITY.iobit
  2015-03-14 23:51 - 2015-03-14 23:51 - 00028672 _____ () C:\WINDOWS\system32\config\SAM.iobit
  2015-03-14 23:32 - 2015-03-14 23:32 - 00000000 ____D () C:\Users\Default\AppData\Roaming\IObit
  2015-03-14 23:32 - 2015-03-14 23:32 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\IObit
  2015-03-14 23:29 - 2015-03-15 11:57 - 00000000 ____D () C:\ProgramData\IObit
  2015-03-14 23:29 - 2015-03-14 23:29 - 00000000 ____D () C:\WINDOWS\Tasks\ImCleanDisabled
  2015-03-14 23:28 - 2015-03-15 11:57 - 00000000 ____D () C:\Users\Irena\AppData\Roaming\IObit
  2015-03-14 23:28 - 2015-03-15 11:37 - 00000000 ____D () C:\Program Files (x86)\IObit
  2015-03-14 23:27 - 2015-03-14 23:27 - 00000000 ____D () C:\Users\Irena\Downloads\Advanced SystemCare 8.0.3.621
  2015-03-14 23:03 - 2015-03-14 23:10 - 45403160 _____ () C:\Users\Irena\Downloads\Advanced SystemCare 8.0.3.621.rar
  2015-03-14 19:50 - 2015-03-15 13:55 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2343249615-88943350-3312692250-1001
  2015-03-14 18:21 - 2015-03-14 18:21 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Irena\Downloads\tdsskiller.exe
  2015-03-14 17:56 - 2015-03-15 10:49 - 00000000 ____D () C:\Program Files (x86)\Defender Pro
  2015-03-14 17:55 - 2015-03-14 17:55 - 10995808 _____ () C:\Users\Irena\Downloads\defender_pro_free_2015.exe
  
  AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
  AlternateDataStreams: C:\ProgramData\TEMP:373E1720
  
  Hosts:
  EmptyTemp:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by Irena at 2015-03-15 19:47:05 Run:1
Running from C:\Users\Irena\Desktop
Loaded Profiles: Irena (Available profiles: Irena & Administrator)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
HKU\S-1-5-21-2343249615-88943350-3312692250-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
HKU\S-1-5-21-2343249615-88943350-3312692250-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTer ... DF&pc=MSE1
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTer ... DF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2343249615-88943350-3312692250-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2343249615-88943350-3312692250-1001 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTer ... DF&pc=MSE1
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
CHR Extension: (Skype Click to Call) - C:\Users\Irena\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-03-15]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2631456 2014-12-10] (IObit)

C:\Program Files (x86)\Skype\Toolbars
C:\Program Files (x86)\IObit
2015-03-15 15:14 - 2015-03-15 15:14 - 00018855 _____ () C:\Users\Irena\Desktop\FRST.txt
2015-03-15 13:21 - 2015-03-15 13:05 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2015-03-15 13:06 - 2015-03-15 13:30 - 00012544 _____ () C:\zoek-results.log
2015-03-15 13:05 - 2015-03-15 13:23 - 00000000 ____D () C:\zoek_backup
2015-03-15 13:04 - 2015-03-15 13:04 - 01305600 _____ () C:\Users\Irena\Desktop\zoek.exe
2015-03-15 11:48 - 2015-03-15 11:48 - 00009478 _____ () C:\Users\Irena\Desktop\AdwCleaner[S0].txt
2015-03-15 11:37 - 2015-03-15 13:23 - 00001764 _____ () C:\WINDOWS\PFRO.log
2015-03-15 11:28 - 2015-03-15 11:58 - 00000000 ____D () C:\AdwCleaner
2015-03-15 11:24 - 2015-03-15 11:24 - 02171392 _____ () C:\Users\Irena\Desktop\adwcleaner_4.112.exe
2015-03-15 10:49 - 2015-03-15 10:49 - 00112640 _____ (forum.viry.cz) C:\Users\Irena\Desktop\FRSTLauncher.exe
2015-03-15 10:45 - 2015-03-15 13:23 - 00000231 _____ () C:\WINDOWS\setupact.log
2015-03-15 10:45 - 2015-03-15 10:45 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-03-15 10:31 - 2015-03-15 10:31 - 02095616 _____ (Farbar) C:\Users\Irena\Desktop\FRST64.exe
2015-03-14 23:51 - 2015-03-14 23:51 - 80633856 _____ () C:\WINDOWS\system32\config\SOFTWARE.iobit
2015-03-14 23:51 - 2015-03-14 23:51 - 79896576 _____ () C:\WINDOWS\system32\config\COMPONENTS.iobit
2015-03-14 23:51 - 2015-03-14 23:51 - 00851968 _____ () C:\WINDOWS\system32\config\DEFAULT.iobit
2015-03-14 23:51 - 2015-03-14 23:51 - 00028672 _____ () C:\WINDOWS\system32\config\SECURITY.iobit
2015-03-14 23:51 - 2015-03-14 23:51 - 00028672 _____ () C:\WINDOWS\system32\config\SAM.iobit
2015-03-14 23:32 - 2015-03-14 23:32 - 00000000 ____D () C:\Users\Default\AppData\Roaming\IObit
2015-03-14 23:32 - 2015-03-14 23:32 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\IObit
2015-03-14 23:29 - 2015-03-15 11:57 - 00000000 ____D () C:\ProgramData\IObit
2015-03-14 23:29 - 2015-03-14 23:29 - 00000000 ____D () C:\WINDOWS\Tasks\ImCleanDisabled
2015-03-14 23:28 - 2015-03-15 11:57 - 00000000 ____D () C:\Users\Irena\AppData\Roaming\IObit
2015-03-14 23:28 - 2015-03-15 11:37 - 00000000 ____D () C:\Program Files (x86)\IObit
2015-03-14 23:27 - 2015-03-14 23:27 - 00000000 ____D () C:\Users\Irena\Downloads\Advanced SystemCare 8.0.3.621
2015-03-14 23:03 - 2015-03-14 23:10 - 45403160 _____ () C:\Users\Irena\Downloads\Advanced SystemCare 8.0.3.621.rar
2015-03-14 19:50 - 2015-03-15 13:55 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2343249615-88943350-3312692250-1001
2015-03-14 18:21 - 2015-03-14 18:21 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Irena\Downloads\tdsskiller.exe
2015-03-14 17:56 - 2015-03-15 10:49 - 00000000 ____D () C:\Program Files (x86)\Defender Pro
2015-03-14 17:55 - 2015-03-14 17:55 - 10995808 _____ () C:\Users\Irena\Downloads\defender_pro_free_2015.exe

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
AlternateDataStreams: C:\ProgramData\TEMP:373E1720

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => Key deleted successfully.
HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => Key deleted successfully.
HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => Key deleted successfully.
HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Key deleted successfully.
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => Key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => Key not found.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-2343249615-88943350-3312692250-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-2343249615-88943350-3312692250-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2}" => Key deleted successfully.
HKCR\CLSID\{80c554b9-c7f8-4a21-9471-06d606da78a2} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{80c554b9-c7f8-4a21-9471-06d606da78a2} => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-2343249615-88943350-3312692250-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => Key deleted successfully.
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => Key not found.
"HKU\S-1-5-21-2343249615-88943350-3312692250-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2}" => Key deleted successfully.
HKCR\CLSID\{80c554b9-c7f8-4a21-9471-06d606da78a2} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}" => Key deleted successfully.
"HKCR\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}" => Key deleted successfully.
"HKCR\PROTOCOLS\Handler\skypec2c" => Key deleted successfully.
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => Key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\msktbird@mcafee.com => value deleted successfully.
C:\Users\Irena\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => Key deleted successfully.
C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx => Moved successfully.
c2cautoupdatesvc => Service deleted successfully.
c2cpnrsvc => Service deleted successfully.
LiveUpdateSvc => Service deleted successfully.
C:\Program Files (x86)\Skype\Toolbars => Moved successfully.
C:\Program Files (x86)\IObit => Moved successfully.
C:\Users\Irena\Desktop\FRST.txt => Moved successfully.
C:\WINDOWS\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Irena\Desktop\zoek.exe => Moved successfully.
C:\Users\Irena\Desktop\AdwCleaner[S0].txt => Moved successfully.
C:\WINDOWS\PFRO.log => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Irena\Desktop\adwcleaner_4.112.exe => Moved successfully.
C:\Users\Irena\Desktop\FRSTLauncher.exe => Moved successfully.
C:\WINDOWS\setupact.log => Moved successfully.
C:\WINDOWS\setuperr.log => Moved successfully.
C:\Users\Irena\Desktop\FRST64.exe => Moved successfully.
C:\WINDOWS\system32\config\SOFTWARE.iobit => Moved successfully.
C:\WINDOWS\system32\config\COMPONENTS.iobit => Moved successfully.
C:\WINDOWS\system32\config\DEFAULT.iobit => Moved successfully.
C:\WINDOWS\system32\config\SECURITY.iobit => Moved successfully.
C:\WINDOWS\system32\config\SAM.iobit => Moved successfully.
C:\Users\Default\AppData\Roaming\IObit => Moved successfully.
"C:\Users\Default User\AppData\Roaming\IObit" => File/Directory not found.
C:\ProgramData\IObit => Moved successfully.
C:\WINDOWS\Tasks\ImCleanDisabled => Moved successfully.
C:\Users\Irena\AppData\Roaming\IObit => Moved successfully.
"C:\Program Files (x86)\IObit" => File/Directory not found.
C:\Users\Irena\Downloads\Advanced SystemCare 8.0.3.621 => Moved successfully.
C:\Users\Irena\Downloads\Advanced SystemCare 8.0.3.621.rar => Moved successfully.
C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2343249615-88943350-3312692250-1001 => Moved successfully.
C:\Users\Irena\Downloads\tdsskiller.exe => Moved successfully.
C:\Program Files (x86)\Defender Pro => Moved successfully.
C:\Users\Irena\Downloads\defender_pro_free_2015.exe => Moved successfully.
C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`26hfm" ADS removed successfully.
C:\ProgramData\TEMP => ":373E1720" ADS removed successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 30.9 MB temporary data.


The system needed a reboot.

==== End of Fixlog 19:47:39 ====

Tak jeste uklidime

DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remote disinfection tools
• Kliknete na Run

Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standard
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

Děkuji, zatím se zdá, že to pomohlo.
Hezký den

Nemate zac, rad jsem pomohl Zase nekdy


A na zaklade Pravidla o zamykani temat