VIRY.CZ

Jestli je tu někdo a mohl by se podívat, tak děkuji předem.
Log přikládám.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Arden at 2015-05-09 20:25:53
Microsoft Windows 7 Édition Starter Service Pack 1
System drive C: has 59 GB (58%) free of 102 GB
Total RAM: 1014 MB (25% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:27:53, on 09/05/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal

Running processes:
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\AsScrPro.exe
C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
C:\Program Files\AVG SafeGuard toolbar\vprot.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Cobian Backup 11\cbInterface.exe
C:\windows\system32\igfxsrvc.exe
C:\Users\Arden\AppData\Local\Viber\Viber.exe
C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\windows\system32\taskeng.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Avira\Launcher\Avira.OE.Systray.exe
C:\windows\system32\taskhost.exe
C:\Program Files\Avira\Antivirus\avgnt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\System32\dinotify.exe
C:\Users\Arden\Downloads\RSIT.exe
C:\Program Files\trend micro\Arden.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AviraBrowserSafety.BrowserSafety - {c3c77255-42c0-499f-b664-6e981a0b1647} - mscoree.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll
O3 - Toolbar: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\18.5.0.895\AVG SafeGuard toolbar_toolbar.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\windows\AsScrPro.exe
O4 - HKLM\..\Run: [HotkeyMon] AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
O4 - HKLM\..\Run: [HotkeyService] AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
O4 - HKLM\..\Run: [SuperHybridEngine] AsusSender.exe C:\Program Files\EeePC\SHE\SuperHybridEngine.exe
O4 - HKLM\..\Run: [LiveUpdate] AsusSender.exe C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto
O4 - HKLM\..\Run: [CapsHook] AsusSender.exe C:\Program Files\EeePC\CapsHook\CapsHook.exe
O4 - HKLM\..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe autorun
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [OOBESetup] C:\Program Files\asus\OOBERegBackup\OOBERegBackup.exe /restore -"C:\Program Files\asus\OOBERegBackup\OOBEReg.ini"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [Boingo Wi-Fi] "C:\Program Files\Boingo\Boingo Wi-Fi\Boingo.lnk"
O4 - HKLM\..\Run: [ASUSPRP] C:\Program Files\ASUS\APRP\APRP.EXE
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG SafeGuard toolbar\vprot.exe"
O4 - HKLM\..\Run: [EEESplendidAR] AsusSender.exe C:\Program Files\ASUS\EeeSplendid\AutoRun.exe
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Cobian Backup 11 interface] "C:\Program Files\Cobian Backup 11\cbInterface.exe" -service
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files\Avira\Launcher\Avira.OE.Systray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\Antivirus\avgnt.exe" /min
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [Viber] "C:\Users\Arden\AppData\Local\Viber\Viber.exe" StartMinimized
O4 - HKCU\..\Run: [HP Deskjet 3050A J611 series (NET)] "C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN1AM4332305PJ:NW" -scfn "HP Deskjet 3050A J611 series (NET)" -AutoStart 1
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Systeme')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files\ASUS\AsusVibe\AsusVibeLauncher.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: wubi.exe
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Avira Browser Safety - {d8f67242-b229-4065-95fa-391b077ed6ca} - mscoree.dll (file missing)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: abs - {E00957BD-D0E1-4EB9-A025-7743FDC8B27B} - mscoree.dll (file missing)
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.3.0\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\Antivirus\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\Antivirus\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\Antivirus\avwebg7.exe
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: Asus Launcher Service (AsusService) - Unknown owner - C:\Windows\System32\AsusService.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Cobian Backup 11 Stínová kopie - Requester (cbVSCService11) - CobianSoft, Luis Cobian - C:\Program Files\Cobian Backup 11\cbVSCService11.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: Cobian Backup 11 Gravity (CobianBackup11) - Luis Cobian, CobianSoft - C:\Program Files\Cobian Backup 11\cbService.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Corporation - C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: HP Network Devices Support (HPSLPSVC) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: Net Driver HPZ12 - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe
O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: Synergy - Unknown owner - C:\Program Files\Synergy\synergyd.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe
O23 - Service: vToolbarUpdater18.3.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\windows\system32\svchost.exe

--
End of file - 25308 bytes

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Arden\AppData\Roaming\Mozilla\Firefox\Profiles\uruatnd9.default

prefs.js - "browser.startup.homepage" - "http://seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.189 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.3.0\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.31.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


C:\Users\Arden\AppData\Roaming\Mozilla\Firefox\Profiles\uruatnd9.default\extensions\
abs@avira.com
jid1-4P0kohSJxU1qGg@jetpack

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2015-03-15 752960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-21 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c3c77255-42c0-499f-b664-6e981a0b1647}]
AviraBrowserSafety.BrowserSafety - C:\windows\SYSTEM32\mscoree.dll [2010-11-05 297808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-21 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG SafeGuard toolbar - C:\Program Files\AVG SafeGuard toolbar\18.5.0.895\AVG SafeGuard toolbar_toolbar.dll [2015-05-09 3514816]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]
"ASUS Screen Saver Protector"=C:\windows\AsScrPro.exe [2010-07-01 3058304]
"HotkeyMon"=AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe []
"HotkeyService"=AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotkeyService.exe []
"SuperHybridEngine"=AsusSender.exe C:\Program Files\EeePC\SHE\SuperHybridEngine.exe []
"LiveUpdate"=AsusSender.exe C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto []
"CapsHook"=AsusSender.exe C:\Program Files\EeePC\CapsHook\CapsHook.exe []
"Eee Docking"=C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [2010-06-10 414384]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-04-19 8546848]
"OOBESetup"=C:\Program Files\asus\OOBERegBackup\OOBERegBackup.exe [2009-12-11 334848]
"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
"Boingo Wi-Fi"=C:\Program Files\Boingo\Boingo Wi-Fi\Boingo.lnk [2014-06-05 2429]
"ASUSPRP"=C:\Program Files\ASUS\APRP\APRP.EXE [2010-07-01 2018032]
"vProt"=C:\Program Files\AVG SafeGuard toolbar\vprot.exe [2015-05-09 2510784]
"EEESplendidAR"=AsusSender.exe C:\Program Files\ASUS\EeeSplendid\AutoRun.exe []
"ASUSWebStorage"=C:\Program Files\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe [2012-08-03 740736]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2010-10-25 141848]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2010-10-25 173592]
"Persistence"=C:\windows\system32\igfxpers.exe [2010-10-25 150552]
"Cobian Backup 11 interface"=C:\Program Files\Cobian Backup 11\cbInterface.exe [2012-12-06 4407808]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]
"Avira Systray"=C:\Program Files\Avira\Launcher\Avira.OE.Systray.exe [2015-04-21 127792]
"avgnt"=C:\Program Files\Avira\Antivirus\avgnt.exe [2015-04-16 728312]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2014-10-23 4825880]
"Viber"=C:\Users\Arden\AppData\Local\Viber\Viber.exe [2014-10-20 936656]
"HP Deskjet 3050A J611 series (NET)"=C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2012-10-17 1837672]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AsusVibeLauncher.lnk - C:\Program Files\ASUS\AsusVibe\AsusVibeLauncher.exe
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
wubi.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\SYSTEM32\igfxdev.dll [2010-10-25 218112]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.l3codecp"=l3codecp.acm
"msacm.siren"=sirenacm.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-05-09 20:25:54 ----D---- C:\Program Files\trend micro
2015-05-09 20:25:53 ----D---- C:\rsit
2015-05-09 16:34:31 ----D---- C:\Users\Arden\AppData\Roaming\Avira
2015-05-09 16:29:37 ----A---- C:\windows\system32\drivers\ssmdrv.sys
2015-05-09 16:29:26 ----A---- C:\windows\system32\drivers\avnetflt.sys
2015-05-09 16:29:25 ----A---- C:\windows\system32\drivers\avkmgr.sys
2015-05-09 16:29:25 ----A---- C:\windows\system32\drivers\avipbb.sys
2015-05-09 16:29:25 ----A---- C:\windows\system32\drivers\avgntflt.sys
2015-05-09 16:17:34 ----D---- C:\Program Files\Avira
2015-05-09 16:17:32 ----D---- C:\ProgramData\Avira
2015-05-09 16:17:03 ----D---- C:\ProgramData\Package Cache
2015-05-05 14:58:22 ----A---- C:\windows\ETDUninst.dll
2015-05-03 21:24:53 ----D---- C:\Program Files\Mozilla Firefox
2015-04-19 00:40:08 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2015-04-19 00:40:08 ----A---- C:\windows\system32\ieetwproxystub.dll
2015-04-19 00:40:08 ----A---- C:\windows\system32\ieetwcollector.exe
2015-04-19 00:40:07 ----A---- C:\windows\system32\urlmon.dll
2015-04-19 00:40:07 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2015-04-19 00:40:07 ----A---- C:\windows\system32\iernonce.dll
2015-04-19 00:40:07 ----A---- C:\windows\system32\iedkcs32.dll
2015-04-19 00:40:07 ----A---- C:\windows\system32\ie4uinit.exe
2015-04-19 00:40:05 ----A---- C:\windows\system32\jsproxy.dll
2015-04-19 00:40:05 ----A---- C:\windows\system32\ieUnatt.exe
2015-04-19 00:40:04 ----A---- C:\windows\system32\jscript9diag.dll
2015-04-19 00:40:04 ----A---- C:\windows\system32\ieapfltr.dll
2015-04-19 00:40:04 ----A---- C:\windows\system32\dxtmsft.dll
2015-04-19 00:40:03 ----A---- C:\windows\system32\msfeeds.dll
2015-04-19 00:39:59 ----A---- C:\windows\system32\msrating.dll
2015-04-19 00:39:59 ----A---- C:\windows\system32\iesetup.dll
2015-04-19 00:39:57 ----A---- C:\windows\system32\ieetwcollectorres.dll
2015-04-19 00:39:56 ----A---- C:\windows\system32\wininet.dll
2015-04-19 00:39:53 ----A---- C:\windows\system32\dxtrans.dll
2015-04-19 00:39:52 ----A---- C:\windows\system32\ieui.dll
2015-04-19 00:39:51 ----A---- C:\windows\system32\ieframe.dll
2015-04-19 00:39:46 ----A---- C:\windows\system32\mshtmled.dll
2015-04-19 00:39:45 ----A---- C:\windows\system32\mshtmlmedia.dll
2015-04-19 00:39:44 ----A---- C:\windows\system32\MshtmlDac.dll
2015-04-19 00:39:43 ----A---- C:\windows\system32\iertutil.dll
2015-04-19 00:39:40 ----A---- C:\windows\system32\mshtml.dll
2015-04-19 00:39:37 ----A---- C:\windows\system32\vbscript.dll
2015-04-19 00:39:36 ----A---- C:\windows\system32\jscript9.dll
2015-04-19 00:29:59 ----A---- C:\windows\system32\invagent.dll
2015-04-19 00:29:59 ----A---- C:\windows\system32\generaltel.dll
2015-04-19 00:29:59 ----A---- C:\windows\system32\appraiser.dll
2015-04-19 00:29:59 ----A---- C:\windows\system32\aeinv.dll
2015-04-19 00:29:59 ----A---- C:\windows\system32\acmigration.dll
2015-04-19 00:29:58 ----A---- C:\windows\system32\devinv.dll
2015-04-19 00:29:57 ----A---- C:\windows\system32\aepic.dll
2015-04-19 00:29:57 ----A---- C:\windows\system32\aepdu.dll
2015-04-19 00:29:52 ----A---- C:\windows\system32\clfsw32.dll
2015-04-19 00:29:52 ----A---- C:\windows\system32\clfs.sys
2015-04-19 00:29:39 ----A---- C:\windows\system32\ntoskrnl.exe
2015-04-19 00:29:39 ----A---- C:\windows\system32\ntdll.dll
2015-04-19 00:29:36 ----A---- C:\windows\system32\ntkrnlpa.exe
2015-04-19 00:29:35 ----A---- C:\windows\system32\schannel.dll
2015-04-19 00:29:35 ----A---- C:\windows\system32\lsasrv.dll
2015-04-19 00:29:35 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2015-04-19 00:29:34 ----A---- C:\windows\system32\srcore.dll
2015-04-19 00:29:33 ----A---- C:\windows\system32\wdigest.dll
2015-04-19 00:29:33 ----A---- C:\windows\system32\TSpkg.dll
2015-04-19 00:29:33 ----A---- C:\windows\system32\smss.exe
2015-04-19 00:29:33 ----A---- C:\windows\system32\rstrui.exe
2015-04-19 00:29:33 ----A---- C:\windows\system32\ncrypt.dll
2015-04-19 00:29:33 ----A---- C:\windows\system32\msv1_0.dll
2015-04-19 00:29:33 ----A---- C:\windows\system32\kerberos.dll
2015-04-19 00:29:33 ----A---- C:\windows\system32\drivers\ksecdd.sys
2015-04-19 00:29:33 ----A---- C:\windows\system32\auditpol.exe
2015-04-19 00:29:32 ----A---- C:\windows\system32\sspisrv.dll
2015-04-19 00:29:32 ----A---- C:\windows\system32\sspicli.dll
2015-04-19 00:29:32 ----A---- C:\windows\system32\srclient.dll
2015-04-19 00:29:32 ----A---- C:\windows\system32\secur32.dll
2015-04-19 00:29:32 ----A---- C:\windows\system32\lsass.exe
2015-04-19 00:29:32 ----A---- C:\windows\system32\csrsrv.dll
2015-04-19 00:29:32 ----A---- C:\windows\system32\credssp.dll
2015-04-19 00:29:31 ----A---- C:\windows\system32\msaudite.dll
2015-04-19 00:29:31 ----A---- C:\windows\system32\apisetschema.dll
2015-04-19 00:29:31 ----A---- C:\windows\system32\adtschema.dll
2015-04-19 00:29:30 ----A---- C:\windows\system32\msobjs.dll
2015-04-19 00:28:09 ----A---- C:\windows\system32\gdi32.dll
2015-04-19 00:27:59 ----A---- C:\windows\system32\wuwebv.dll
2015-04-19 00:27:59 ----A---- C:\windows\system32\wups2.dll
2015-04-19 00:27:59 ----A---- C:\windows\system32\wups.dll
2015-04-19 00:27:59 ----A---- C:\windows\system32\wudriver.dll
2015-04-19 00:27:59 ----A---- C:\windows\system32\wucltux.dll
2015-04-19 00:27:59 ----A---- C:\windows\system32\wuauclt.exe
2015-04-19 00:27:59 ----A---- C:\windows\system32\wuapp.exe
2015-04-19 00:27:59 ----A---- C:\windows\system32\wuapi.dll
2015-04-19 00:27:59 ----A---- C:\windows\system32\wu.upgrade.ps.dll
2015-04-19 00:27:59 ----A---- C:\windows\system32\WinSetupUI.dll
2015-04-19 00:27:58 ----A---- C:\windows\system32\wuaueng.dll
2015-04-19 00:27:39 ----A---- C:\windows\system32\drivers\http.sys
2015-04-19 00:27:35 ----A---- C:\windows\system32\msxml3.dll
2015-04-19 00:27:34 ----A---- C:\windows\system32\msxml3r.dll

======List of files/folders modified in the last 1 month======

2015-05-09 20:26:00 ----D---- C:\windows\Temp
2015-05-09 20:25:54 ----RD---- C:\Program Files
2015-05-09 18:36:14 ----D---- C:\windows\system32\config
2015-05-09 17:38:26 ----SHD---- C:\System Volume Information
2015-05-09 17:37:10 ----D---- C:\windows\system32\Tasks
2015-05-09 17:37:08 ----RSD---- C:\windows\Fonts
2015-05-09 17:36:47 ----SHD---- C:\windows\Installer
2015-05-09 17:36:40 ----SHD---- C:\Config.Msi
2015-05-09 16:40:02 ----D---- C:\windows\Prefetch
2015-05-09 16:32:20 ----D---- C:\windows\system32\drivers
2015-05-09 16:17:35 ----D---- C:\windows\System32
2015-05-09 16:17:32 ----HD---- C:\ProgramData
2015-05-09 15:08:00 ----D---- C:\Users\Arden\AppData\Roaming\ViberPC
2015-05-09 15:01:43 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-05-09 15:01:42 ----D---- C:\windows\inf
2015-05-09 14:54:53 ----D---- C:\Program Files\AVG SafeGuard toolbar
2015-05-06 15:16:32 ----D---- C:\ProgramData\ProductData
2015-05-05 15:00:02 ----D---- C:\Windows
2015-05-05 14:59:47 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-05-05 14:58:48 ----D---- C:\Program Files\Synergy
2015-05-05 14:58:21 ----D---- C:\windows\system32\DriverStore
2015-05-05 14:54:11 ----D---- C:\Program Files\ASUS
2015-05-05 14:36:19 ----D---- C:\ProgramData\Freemake
2015-05-05 14:29:03 ----D---- C:\Users\Arden\AppData\Roaming\XnView
2015-05-05 14:27:02 ----D---- C:\windows\debug
2015-05-05 14:21:48 ----D---- C:\windows\Tasks
2015-04-28 17:56:12 ----D---- C:\windows\AppCompat
2015-04-20 14:27:26 ----D---- C:\windows\system32\NDF
2015-04-20 09:55:52 ----D---- C:\windows\Microsoft.NET
2015-04-20 09:53:26 ----RSD---- C:\windows\assembly
2015-04-20 09:41:27 ----D---- C:\windows\winsxs
2015-04-20 09:38:07 ----SD---- C:\windows\system32\CompatTel
2015-04-20 09:38:06 ----D---- C:\windows\system32\wbem
2015-04-20 09:38:06 ----D---- C:\windows\system32\appraiser
2015-04-20 09:38:06 ----D---- C:\windows\AppPatch
2015-04-20 09:38:04 ----D---- C:\windows\system32\fr-FR
2015-04-20 09:38:02 ----D---- C:\windows\system32\en-US
2015-04-20 09:38:01 ----D---- C:\Program Files\Internet Explorer
2015-04-20 09:38:00 ----D---- C:\windows\PolicyDefinitions
2015-04-20 09:31:57 ----D---- C:\windows\system32\MRT
2015-04-20 09:11:35 ----A---- C:\windows\system32\MRT.exe
2015-04-19 00:15:11 ----D---- C:\windows\system32\catroot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2009-06-05 330264]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 AsUpIO;AsUpIO; C:\windows\system32\drivers\AsUpIO.sys [2010-06-12 11520]
R1 avipbb;avipbb; C:\windows\system32\DRIVERS\avipbb.sys [2015-04-16 136216]
R1 avkmgr;avkmgr; C:\windows\system32\DRIVERS\avkmgr.sys [2015-04-16 37896]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 avgntflt;avgntflt; C:\windows\system32\DRIVERS\avgntflt.sys [2015-04-16 107400]
R2 avnetflt;avnetflt; C:\windows\system32\DRIVERS\avnetflt.sys [2015-04-16 37896]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athr.sys [2009-10-05 1221632]
R3 BthEnum;Pilote de bloc de demande Bluetooth; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Pilote USB radio Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\windows\system32\drivers\btwampfl.sys [2015-02-04 508632]
R3 btwaudio;Périphérique audio Bluetooth; C:\windows\system32\drivers\btwaudio.sys [2015-02-04 152400]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\DRIVERS\btwavdt.sys [2015-02-04 175144]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2015-02-04 33832]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2015-02-04 18728]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2010-10-25 4807168]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHDA.sys [2010-04-19 3036832]
R3 kbfiltr;Keyboard Filter; C:\windows\system32\DRIVERS\kbfiltr.sys [2010-04-19 13880]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C62x86.sys [2010-04-26 65576]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 StillCam;Pilote d’appareil photo numérique série; C:\windows\system32\DRIVERS\serscan.sys [2009-07-14 9216]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
R3 WSDPrintDevice;Prise en charge de l’impression WSD via UMB; C:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]
S1 ssmdrv;ssmdrv; C:\windows\system32\DRIVERS\ssmdrv.sys [2015-04-16 28520]
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Pilote de filtre du bus AMD AGP; C:\windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\windows\system32\DRIVERS\bcmwl6.sys [2010-04-10 3764800]
S3 BTHPORT;Pilote de port Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 btusbflt;Bluetooth USB Filter; C:\windows\system32\drivers\btusbflt.sys [2010-04-19 43944]
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2014-03-31 49856]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 sisagp;Filtre de bus AGP SIS; C:\windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 usbscan;Pilote de scanneur USB; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 viaagp;Filtre de bus AGP VIA; C:\windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\Antivirus\sched.exe [2015-04-16 434424]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files\Avira\Antivirus\avguard.exe [2015-04-16 434424]
R2 AsusService;Asus Launcher Service; C:\Windows\System32\AsusService.exe [2009-08-19 219136]
R2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [2015-04-21 205616]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2014-07-17 829696]
R2 cbVSCService11;Cobian Backup 11 Stínová kopie - Requester; C:\Program Files\Cobian Backup 11\cbVSCService11.exe [2012-12-05 67584]
R2 CobianBackup11;Cobian Backup 11 Gravity; C:\Program Files\Cobian Backup 11\cbService.exe [2012-12-06 1131008]
R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service; C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [2014-06-17 242216]
R2 HPSLPSVC;HP Network Devices Support; C:\windows\system32\svchost.exe [2009-07-14 20992]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
R2 Synergy;Synergy; C:\Program Files\Synergy\synergyd.exe [2012-10-24 318536]
R2 vToolbarUpdater18.3.0;vToolbarUpdater18.3.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\ToolbarUpdater.exe [2015-03-08 1802776]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 1713904]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files\Avira\Antivirus\avmailc7.exe [2015-04-16 827640]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files\Avira\Antivirus\avwebg7.exe [2015-04-16 1185584]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-02-14 107848]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2015-03-15 2635552]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 20992]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 20992]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2014-03-31 1512640]
S3 gupdatem;Service Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-02-14 107848]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2015-03-13 102912]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-05-03 148080]
S4 aspnet_state;Service d'état ASP.NET; C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Zdravim


Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.


Postupujte podle navodu kolegy

vyosek píše: Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/

• Ulozte nejlepe na Plochu a rozbalte
• Spustte kliknutim na mbar
• Nyni postupne kliknete na Next a Update
• Po dokonceni update (aktualizace) databaze kliknete opet na Next
• Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC
• Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko
• Tez zkontrolujte, jetsli je zatrzitko u Create Restore point
• Nyni kliknete na CleanUp cimz nalezenou infekci odstranime
• PC bude restartovan
• Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte

Děkuji za rady.
Ten výsledek prvního kroku je tady:

# AdwCleaner v4.204 - Rapport créé le 19/05/2015 a 13:48:18
# Mis a jour le 12/05/2015 par Xplode
# Base de données : 2015-05-12.2 [Serveur]
# Systeme d'exploitation : Windows 7 Starter Service Pack 1 (x86)
# Nom d'utilisateur : Arden - ASUS
# Exécuté depuis : C:\Users\Arden\Desktop\adwcleaner_4.204.exe
# Option : Nettoyer

***** [ Services ] *****

[#] Service Supprimé : vToolbarUpdater18.5.0

***** [ Fichiers / Dossiers ] *****

Dossier Supprimé : C:\ProgramData\AVG SafeGuard toolbar
Dossier Supprimé : C:\ProgramData\AVG Secure Search
Dossier Supprimé : C:\ProgramData\AVG Security Toolbar
Dossier Supprimé : C:\Program Files\AVG SafeGuard toolbar
Dossier Supprimé : C:\Program Files\AVG Security Toolbar
Dossier Supprimé : C:\Program Files\Common Files\AVG Secure Search
Dossier Supprimé : C:\Users\Arden\AppData\Local\AVG SafeGuard toolbar
Dossier Supprimé : C:\Users\Arden\AppData\Local\Hola
Dossier Supprimé : C:\Users\Arden\AppData\LocalLow\AVG SafeGuard toolbar
Dossier Supprimé : C:\Users\Arden\AppData\Roaming\OpenCandy
Dossier Supprimé : C:\Users\Arden\AppData\Roaming\RHEng

***** [ Tâches planifiées ] *****


***** [ Raccourcis ] *****


***** [ Registre ] *****

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Clé Supprimée : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Clé Supprimée : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Clé Supprimée : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Clé Supprimée : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Clé Supprimée : HKLM\SOFTWARE\Classes\S
Clé Supprimée : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Clé Supprimée : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Clé Supprimée : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Clé Supprimée : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Clé Supprimée : HKCU\Software\AVG SafeGuard toolbar
Clé Supprimée : HKCU\Software\AVG Security Toolbar
Clé Supprimée : HKLM\SOFTWARE\AVG SafeGuard toolbar
Clé Supprimée : HKLM\SOFTWARE\AVG Security Toolbar
Clé Supprimée : HKU\.DEFAULT\Software\AVG SafeGuard toolbar
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar

***** [ Navigateurs ] *****

-\\ Internet Explorer v11.0.9600.17728


-\\ Mozilla Firefox v37.0.2 (x86 fr)


-\\ Google Chrome v42.0.2311.135


*************************

AdwCleaner[R0].txt - [4848 octets] - [19/05/2015 13:41:30]
AdwCleaner[S0].txt - [4879 octets] - [19/05/2015 13:48:18]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4939 octets] ##########

Fajn

A druhy krok?

děkuji.
Druhý krok je tady:

Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
main: v2015.05.22.04
rootkit: v2015.05.16.01

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.17728
Arden :: ASUS [administrator]

22/05/2015 20:04:23
mbar-log-2015-05-22 (20-04-23).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 362639
Time elapsed: 52 minute(s), 19 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Jo dík, postupoval jsem podle návodu, zatím jsem nic nemazal a tady je ten log:

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 24/05/2015
Čas skenování: 16:16:11
Protokol: log.txt
Správce: Ano

Verze: 2.01.6.1022
Databáze malwaru: v2015.05.24.02
Databáze rootkitů: v2015.05.16.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: Arden

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 486954
Uplynulý čas: 5 hod, 5 min, 25 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 1
PUP.Optional.OpenCandy, C:\Users\Arden\Downloads\FreemakeVideoConverterSetup.exe, , [ff731d7a4248350190002e14867b39c7],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

Nalez muzete smazat.

MBAM muzete odinstalovat


Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

děkuji za, radu, snažil jsem se postupovat podle návodu a doporučení, ale musel jsem několikrát odkliknout v průběhu, než se počítač zresetoval, několik oken co vyskákala, a navíc se mi u toho pouštěla Avira, i když jsem ten antivir na začátku zavřel, nebo co...
No nic, tady je ten log.
Díky moc

ComboFix 15-05-25.01 - Arden 26/05/2015 23:05:16.1.2 - x86
Microsoft Windows 7 Édition Starter 6.1.7601.1.1250.420.1036.18.1014.211 [GMT 2:00]
Spuštěný z: c:\users\Arden\Desktop\ComboFix.exe
AV: Avira Antivirus *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Antivirus *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Arden\AppData\Local\Temp\7zS21E7\HPSLPSVC32.DLL
c:\users\Arden\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\windows\system32\Thumbs.db
c:\windows\TEMP\CR_A22A1.tmp\setup.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_HPSLPSVC
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-04-27 do 2015-05-27 )))))))))))))))))))))))))))))))
.
.
2015-05-24 13:41 . 2015-05-24 13:41 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2015-05-24 13:41 . 2015-04-14 07:37 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-05-24 13:41 . 2015-04-14 07:37 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-05-23 02:10 . 2015-05-23 02:10 -------- d-s---w- c:\windows\system32\GWX
2015-05-23 01:12 . 2015-05-01 13:16 102608 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-22 19:48 . 2015-05-22 19:48 -------- d-----w- c:\users\Arden\AppData\Local\Hola
2015-05-22 18:04 . 2015-05-24 13:41 -------- d-----w- c:\programdata\Malwarebytes
2015-05-22 18:03 . 2015-05-26 20:42 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-05-22 18:03 . 2015-05-24 13:49 119512 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-05-22 17:59 . 2015-04-14 07:37 92888 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-05-20 17:11 . 2015-04-20 02:56 909312 ----a-w- c:\windows\system32\FntCache.dll
2015-05-20 17:11 . 2015-04-20 02:56 1250816 ----a-w- c:\windows\system32\DWrite.dll
2015-05-20 17:11 . 2015-04-20 02:03 2382336 ----a-w- c:\windows\system32\win32k.sys
2015-05-19 11:41 . 2015-05-19 11:49 -------- d-----w- C:\AdwCleaner
2015-05-19 11:39 . 2015-02-18 07:06 123904 ----a-w- c:\windows\system32\poqexec.exe
2015-05-19 10:41 . 2015-01-29 03:02 2311168 ----a-w- c:\windows\system32\wpdshext.dll
2015-05-19 10:39 . 2015-04-21 16:08 64000 ----a-w- c:\windows\system32\MshtmlDac.dll
2015-05-19 10:39 . 2015-04-21 15:38 817664 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2015-05-19 10:39 . 2015-04-21 15:31 4305920 ----a-w- c:\windows\system32\jscript9.dll
2015-05-19 10:39 . 2015-04-21 16:11 504320 ----a-w- c:\windows\system32\vbscript.dll
2015-05-19 10:37 . 2015-04-04 02:59 686080 ----a-w- c:\windows\system32\adtschema.dll
2015-05-19 10:37 . 2015-04-04 03:01 146432 ----a-w- c:\windows\system32\msaudite.dll
2015-05-19 10:37 . 2015-04-04 03:01 60416 ----a-w- c:\windows\system32\msobjs.dll
2015-05-19 10:36 . 2015-05-19 11:48 6420480 ----a-w- c:\program files\GUTD9EB.tmp
2015-05-19 10:36 . 2015-05-19 11:07 -------- d-----w- c:\program files\GUMD9AB.tmp
2015-05-17 00:18 . 2015-04-08 03:14 938496 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2015-05-17 00:18 . 2015-04-08 03:14 1415168 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
2015-05-17 00:18 . 2015-04-08 03:14 216064 ----a-w- c:\windows\system32\InkEd.dll
2015-05-17 00:18 . 2015-04-08 03:14 126464 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\rtscom.dll
2015-05-17 00:18 . 2015-04-08 03:14 274944 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkDiv.dll
2015-05-10 15:42 . 2015-05-10 15:42 -------- d-----w- c:\users\Public\Speedup Sessions
2015-05-10 15:40 . 2015-05-23 11:55 -------- d-----w- c:\users\Arden\AppData\Local\AviraSpeedup
2015-05-09 18:25 . 2015-05-09 18:27 -------- d-----w- c:\program files\trend micro
2015-05-09 18:25 . 2015-05-09 18:28 -------- d-----w- C:\rsit
2015-05-09 14:34 . 2015-05-09 14:34 -------- d-----w- c:\users\Arden\AppData\Roaming\Avira
2015-05-09 14:29 . 2015-04-16 13:23 37896 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2015-05-09 14:29 . 2015-04-16 13:23 37896 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2015-05-09 14:29 . 2015-04-16 13:23 136216 ----a-w- c:\windows\system32\drivers\avipbb.sys
2015-05-09 14:29 . 2015-04-16 13:23 107400 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2015-05-09 14:17 . 2015-05-09 15:37 -------- d-----w- c:\program files\Avira
2015-05-09 14:17 . 2015-05-09 14:29 -------- d-----w- c:\programdata\Avira
2015-05-09 14:17 . 2015-05-09 14:17 -------- d-----w- c:\programdata\Package Cache
2015-05-09 13:24 . 2015-04-04 06:39 9201616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9DDD14DC-392F-4B37-A19C-81AD55AF811C}\mpengine.dll
2015-05-05 12:58 . 2010-05-06 03:44 213384 ----a-w- c:\windows\ETDUninst.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-03-25 03:00 . 2015-04-18 22:27 92672 ----a-w- c:\windows\system32\wudriver.dll
2015-03-25 03:00 . 2015-04-18 22:27 566784 ----a-w- c:\windows\system32\wuapi.dll
2015-03-25 03:00 . 2015-04-18 22:27 35328 ----a-w- c:\windows\system32\wups2.dll
2015-03-25 03:00 . 2015-04-18 22:27 3088384 ----a-w- c:\windows\system32\wucltux.dll
2015-03-25 03:00 . 2015-04-18 22:27 29696 ----a-w- c:\windows\system32\wups.dll
2015-03-25 03:00 . 2015-04-18 22:27 173056 ----a-w- c:\windows\system32\wuwebv.dll
2015-03-25 03:00 . 2015-04-18 22:27 2020864 ----a-w- c:\windows\system32\wuaueng.dll
2015-03-25 03:00 . 2015-04-18 22:27 50176 ----a-w- c:\windows\system32\WinSetupUI.dll
2015-03-25 03:00 . 2015-04-18 22:27 11776 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2015-03-25 03:00 . 2015-04-18 22:27 33792 ----a-w- c:\windows\system32\wuapp.exe
2015-03-25 03:00 . 2015-04-18 22:27 131584 ----a-w- c:\windows\system32\wuauclt.exe
2015-03-23 03:06 . 2015-04-18 22:29 576000 ----a-w- c:\windows\system32\generaltel.dll
2015-03-23 03:06 . 2015-04-18 22:29 630784 ----a-w- c:\windows\system32\invagent.dll
2015-03-23 03:06 . 2015-04-18 22:29 331264 ----a-w- c:\windows\system32\devinv.dll
2015-03-23 03:06 . 2015-04-18 22:29 860160 ----a-w- c:\windows\system32\appraiser.dll
2015-03-23 03:06 . 2015-04-18 22:29 26112 ----a-w- c:\windows\system32\acmigration.dll
2015-03-23 03:06 . 2015-04-18 22:29 202752 ----a-w- c:\windows\system32\aepdu.dll
2015-03-23 03:06 . 2015-04-18 22:29 159744 ----a-w- c:\windows\system32\aepic.dll
2015-03-23 02:59 . 2015-04-18 22:29 896000 ----a-w- c:\windows\system32\aeinv.dll
2015-03-17 05:01 . 2015-04-18 22:29 3920824 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-03-17 05:01 . 2015-04-18 22:29 3976632 ----a-w- c:\windows\system32\ntkrnlpa.exe
2015-03-17 04:59 . 2015-04-18 22:29 1306112 ----a-w- c:\windows\system32\ntdll.dll
2015-03-17 04:57 . 2015-04-18 22:29 400896 ----a-w- c:\windows\system32\srcore.dll
2015-03-17 04:57 . 2015-04-18 22:29 43008 ----a-w- c:\windows\system32\srclient.dll
2015-03-17 04:56 . 2015-04-18 22:29 38912 ----a-w- c:\windows\system32\csrsrv.dll
2015-03-17 04:56 . 2015-04-18 22:29 69632 ----a-w- c:\windows\system32\smss.exe
2015-03-17 04:56 . 2015-04-18 22:29 262656 ----a-w- c:\windows\system32\rstrui.exe
2015-03-17 04:50 . 2015-04-18 22:29 6656 ----a-w- c:\windows\system32\apisetschema.dll
2015-03-10 03:08 . 2015-04-18 22:27 1237504 ----a-w- c:\windows\system32\msxml3.dll
2015-03-10 03:05 . 2015-04-18 22:27 2048 ----a-w- c:\windows\system32\msxml3r.dll
2015-03-05 04:06 . 2015-04-18 22:28 305152 ----a-w- c:\windows\system32\gdi32.dll
2015-03-04 04:16 . 2015-04-18 22:29 249784 ----a-w- c:\windows\system32\clfs.sys
2015-03-04 04:10 . 2015-04-18 22:29 58880 ----a-w- c:\windows\system32\clfsw32.dll
2015-03-04 04:10 . 2015-05-19 10:38 470528 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2015-03-04 04:10 . 2015-05-19 10:38 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
2015-03-04 04:06 . 2015-05-19 10:38 2560 ----a-w- c:\windows\apppatch\AcRes.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2015-03-15 20:41 752960 ----a-w- c:\program files\IObit\IObit Uninstaller\UninstallExplorer32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-10-29 16:59 233128 ----a-w- c:\users\Arden\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-10-29 16:59 233128 ----a-w- c:\users\Arden\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-10-29 16:59 233128 ----a-w- c:\users\Arden\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}"
[HKEY_CLASSES_ROOT\CLSID\{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}]
2012-08-03 09:39 1476480 ----a-w- c:\program files\ASUS\ASUS WebStorage\3.0.143.296\AsusWSShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{618A47A2-528B-4D9A-AFC8-97D3233511E2}"
[HKEY_CLASSES_ROOT\CLSID\{618A47A2-528B-4D9A-AFC8-97D3233511E2}]
2012-08-03 09:39 1476480 ----a-w- c:\program files\ASUS\ASUS WebStorage\3.0.143.296\AsusWSShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_U]
@="{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}"
[HKEY_CLASSES_ROOT\CLSID\{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}]
2012-08-03 09:39 1476480 ----a-w- c:\program files\ASUS\ASUS WebStorage\3.0.143.296\AsusWSShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2015-04-23 6278424]
"Viber"="c:\users\Arden\AppData\Local\Viber\Viber.exe" [2014-10-20 936656]
"HP Deskjet 3050A J611 series (NET)"="c:\program files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" [2012-10-17 1837672]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2010-07-01 3058304]
"HotkeyMon"="AsusSender.exe" [2010-05-24 35304]
"HotkeyService"="AsusSender.exe" [2010-05-24 35304]
"SuperHybridEngine"="AsusSender.exe" [2010-05-24 35304]
"LiveUpdate"="AsusSender.exe" [2010-05-24 35304]
"CapsHook"="AsusSender.exe" [2010-05-24 35304]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-04-19 8546848]
"OOBESetup"="c:\program files\asus\OOBERegBackup\OOBERegBackup.exe" [2009-12-11 334848]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"Boingo Wi-Fi"="c:\program files\Boingo\Boingo Wi-Fi\Boingo.lnk" [2014-06-05 2429]
"ASUSPRP"="c:\program files\ASUS\APRP\APRP.EXE" [2010-07-01 2018032]
"EEESplendidAR"="AsusSender.exe" [2010-05-24 35304]
"ASUSWebStorage"="c:\program files\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe" [2012-08-03 740736]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-10-25 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-10-25 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-10-25 150552]
"Cobian Backup 11 interface"="c:\program files\Cobian Backup 11\cbInterface.exe" [2012-12-05 4407808]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 926896]
"Avira Systray"="c:\program files\Avira\Launcher\Avira.OE.Systray.exe" [2015-04-21 127792]
"avgnt"="c:\program files\Avira\Antivirus\avgnt.exe" [2015-04-16 728312]
"Speedup_umh"="c:\program files\Avira\AviraSpeedup\Speedup_umh.exe" [2015-05-08 193632]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2014-06-09 280576]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files\ASUS\AsusVibe\AsusVibeLauncher.exe /start [2014-6-5 549040]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2014-7-17 1117952]
wubi.exe [2015-1-21 2551408]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
.
R2 AntiVirMailService;Avira Mail Protection;c:\program files\Avira\Antivirus\avmailc7.exe [2015-04-16 827640]
R2 AntiVirWebService;Avira Web Protection;c:\program files\Avira\Antivirus\avwebg7.exe [2015-04-16 1185584]
R2 LiveUpdateSvc;LiveUpdate;c:\program files\IObit\LiveUpdate\LiveUpdate.exe [2015-03-15 2635552]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [2015-04-14 1080120]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-04-19 43944]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-04-21 102912]
R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2015-04-14 92888]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2015-04-14 51928]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
S1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2010-06-12 11520]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2015-04-16 37896]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\Antivirus\sched.exe [2015-04-16 434424]
S2 AsusService;Asus Launcher Service;c:\windows\System32\AsusService.exe [2009-08-19 219136]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files\Avira\Launcher\Avira.ServiceHost.exe [2015-04-21 205616]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys [2015-04-16 37896]
S2 cbVSCService11;Cobian Backup 11 Stínová kopie - Requester;c:\program files\Cobian Backup 11\cbVSCService11.exe [2012-12-05 67584]
S2 CobianBackup11;Cobian Backup 11 Gravity;c:\program files\Cobian Backup 11\cbService.exe [2012-12-05 1131008]
S2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;c:\program files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [2014-06-17 242216]
S2 Synergy;Synergy;c:\program files\Synergy\synergyd.exe [2012-10-23 318536]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys [2015-02-03 508632]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2015-02-03 33832]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [2010-04-26 65576]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2015-04-14 23256]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-05-20 16:57 986440 ----a-w- c:\program files\Google\Chrome\Application\43.0.2357.65\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-05-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2015-02-13 22:26]
.
2015-05-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2015-02-13 22:26]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://asus.msn.com
IE: {{d8f67242-b229-4065-95fa-391b077ed6ca} - {d8f67242-b229-4065-95fa-391b077ed6ca} - mscoree.dll
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
Handler: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - c:\windows\System32\mscoree.dll
FF - ProfilePath - c:\users\Arden\AppData\Roaming\Mozilla\Firefox\Profiles\uruatnd9.default\
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(3736)
c:\program files\ASUS\ASUS WebStorage\3.0.143.296\ASUSWSShellExt.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Avira\Antivirus\avguard.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Avira\AviraSpeedup\avira_system_speedup.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\Avira\Antivirus\avshadow.exe
c:\windows\system32\conhost.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\DllHost.exe
c:\program files\Avira\Antivirus\update.exe
c:\program files\Avira\Antivirus\updrgui.exe
c:\program files\Avira\Antivirus\update.exe
.
**************************************************************************
.
Celkový čas: 2015-05-27 02:38:41 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-05-27 00:38
.
Před spuštěním: 59 638 931 456 octets libres
Po spuštění: 59 157 180 416 octets libres
.
- - End Of File - - A3CB7685FDA1E818BCFC523AFA98FA14
A36C5E4F47E84449FF07ED3517B43A31

Psal jste, ze nejde spustit antivir a u tohohle se spoustel sam? Ta Avira je nejaka ujeta


Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

Jo, tady jsou ty dva logy.Asi jsem je dělal v opačném pořadí, snad to neva, Šlo to docela rychle

první:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-05-2015 01
Ran by Arden (administrator) on ASUS on 27-05-2015 22:57:49
Running from C:\Users\Arden\Desktop
Loaded Profiles: Arden (Available Profiles: Arden)
Platform: Microsoft Windows 7 Édition Starter Service Pack 1 (X86) OS Language: Français (France)
Internet Explorer Version 11 (Default browser path: "C:\Program Files\Maxthon\Bin\Maxthon.exe" "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe
() C:\Windows\System32\AsusService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(ASUS) C:\Windows\AsScrPro.exe
(CobianSoft, Luis Cobian) C:\Program Files\Cobian Backup 11\cbVSCService11.exe
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\SHE\SuperHybridEngine.exe
(AsusTek Computer Inc.) C:\Program Files\ASUS\LiveUpdate\LiveUpdate.exe
(ASUS) C:\Program Files\EeePC\CapsHook\CapsHook.exe
(Boingo Wireless, Inc.) C:\Program Files\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Luis Cobian, CobianSoft) C:\Program Files\Cobian Backup 11\cbInterface.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
() C:\Users\Arden\AppData\Local\Viber\Viber.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
(Luis Cobian, CobianSoft) C:\Program Files\Cobian Backup 11\cbService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Foxit Corporation) C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Maxthon) C:\Program Files\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
() C:\Program Files\Synergy\synergyd.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.OE.Systray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avshadow.exe
(forum.viry.cz) C:\Users\Arden\Desktop\FRSTLauncher.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [ASUS Screen Saver Protector] => C:\windows\AsScrPro.exe [3058304 2010-07-01] (ASUS)
HKLM\...\Run: [HotkeyMon] => C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe [100328 2009-09-11] (ASUSTeK Computer Inc.)
HKLM\...\Run: [HotkeyService] => C:\Program Files\EeePC\HotkeyService\HotkeyService.exe [1242544 2010-06-04] (ASUSTeK Computer Inc.)
HKLM\...\Run: [SuperHybridEngine] => C:\Program Files\EeePC\SHE\SuperHybridEngine.exe [412600 2010-06-09] (ASUSTeK Computer Inc.)
HKLM\...\Run: [LiveUpdate] => C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe [976872 2010-06-12] (AsusTek Computer Inc.)
HKLM\...\Run: [CapsHook] => C:\Program Files\EeePC\CapsHook\CapsHook.exe [445344 2010-05-29] (ASUS)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8546848 2010-04-19] (Realtek Semiconductor)
HKLM\...\Run: [OOBESetup] => C:\Program Files\asus\OOBERegBackup\OOBERegBackup.exe [334848 2009-12-11] (ASUSTeK Computer Inc.)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [Boingo Wi-Fi] => C:\Program Files\Boingo\Boingo Wi-Fi\Boingo.lnk [2429 2014-06-05] ()
HKLM\...\Run: [ASUSPRP] => C:\Program Files\ASUS\APRP\APRP.EXE [2018032 2010-07-01] (ASUSTek Computer Inc.)
HKLM\...\Run: [EEESplendidAR] => C:\Program Files\ASUS\EeeSplendid\AutoRun.exe [169472 2009-11-18] (ASUSTeK Computer Inc.)
HKLM\...\Run: [ASUSWebStorage] => C:\Program Files\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe [740736 2012-08-03] (ASUS Cloud Corporation)
HKLM\...\Run: [Cobian Backup 11 interface] => C:\Program Files\Cobian Backup 11\cbInterface.exe [4407808 2012-12-06] (Luis Cobian, CobianSoft)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\Launcher\Avira.OE.Systray.exe [127792 2015-04-21] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\Antivirus\avgnt.exe [728312 2015-04-16] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Speedup_umh] => C:\Program Files\Avira\AviraSpeedup\Speedup_umh.exe [193632 2015-05-08] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1060993103-2144846065-1220290441-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6278424 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-1060993103-2144846065-1220290441-1000\...\Run: [Viber] => C:\Users\Arden\AppData\Local\Viber\Viber.exe [936656 2014-10-20] ()
HKU\S-1-5-21-1060993103-2144846065-1220290441-1000\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1060993103-2144846065-1220290441-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\ASUSSC~1.SCR [25569185 2010-05-25] (Axialis Software)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\windows\System32\SPReview\SPReview.exe [280576 2014-06-09] (Microsoft Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2014-06-05]
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-02-04]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\wubi.exe [2015-01-21] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1060993103-2144846065-1220290441-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1060993103-2144846065-1220290441-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-1060993103-2144846065-1220290441-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
HKU\S-1-5-21-1060993103-2144846065-1220290441-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://eeepc.asus.com
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2015-03-15] (IObit)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-21] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-21] (Oracle Corporation)
Winsock: Catalog5 000000000008 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corp.)
Winsock: Catalog5 000000000009 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37

FireFox:
========
FF ProfilePath: C:\Users\Arden\AppData\Roaming\Mozilla\Firefox\Profiles\uruatnd9.default
FF Homepage: hxxp://seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll [2014-10-29] ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-21] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-14] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-14] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1060993103-2144846065-1220290441-1000: @hola.org/vlc,version=1.7.974 -> C:\Users\Arden\AppData\Local\Hola\firefox\app\vlc [2015-05-22] ()
FF Extension: Avira Browser Safety - C:\Users\Arden\AppData\Roaming\Mozilla\Firefox\Profiles\uruatnd9.default\Extensions\abs@avira.com [2015-05-09]
FF Extension: Hola Better Internet - C:\Users\Arden\AppData\Roaming\Mozilla\Firefox\Profiles\uruatnd9.default\Extensions\jid1-4P0kohSJxU1qGg@jetpack [2015-05-14]
FF Extension: Media Converter and Muxer - C:\Users\Arden\AppData\Roaming\Mozilla\Firefox\Profiles\uruatnd9.default\Extensions\jid1-kps5PrGBNtzSLQ@jetpack.xpi [2014-10-29]
FF Extension: YouTube Flash Video Player - C:\Users\Arden\AppData\Roaming\Mozilla\Firefox\Profiles\uruatnd9.default\Extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi [2014-10-29]

Chrome:
=======
CHR Profile: C:\Users\Arden\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avira Browser Safety) - C:\Users\Arden\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-05-09]
CHR Extension: (Bookmark Manager) - C:\Users\Arden\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-23]
CHR Extension: (Google Wallet) - C:\Users\Arden\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-08]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc7.exe [827640 2015-04-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [434424 2015-04-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [434424 2015-04-16] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\Antivirus\avwebg7.exe [1185584 2015-04-16] (Avira Operations GmbH & Co. KG)
R2 AsusService; C:\Windows\System32\AsusService.exe [219136 2009-08-19] () [File not signed]
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [205616 2015-04-21] (Avira Operations GmbH & Co. KG)
R2 cbVSCService11; C:\Program Files\Cobian Backup 11\cbVSCService11.exe [67584 2012-12-05] (CobianSoft, Luis Cobian) [File not signed]
R2 CobianBackup11; C:\Program Files\Cobian Backup 11\cbService.exe [1131008 2012-12-06] (Luis Cobian, CobianSoft) [File not signed]
R2 FoxitCloudUpdateService; C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242216 2014-06-17] (Foxit Corporation)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2635552 2015-03-15] (IObit)
R2 MaxthonUpdateSvc; C:\Program Files\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1872152 2015-05-11] (Maxthon)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S2 Net Driver HPZ12; C:\windows\system32\HPZinw12.dll [44032 2009-05-15] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\windows\system32\HPZipm12.dll [53760 2009-05-15] (Hewlett-Packard) [File not signed]
R2 Synergy; C:\Program Files\Synergy\synergyd.exe [318536 2012-10-24] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsUpIO; C:\windows\System32\drivers\AsUpIO.sys [11520 2010-06-12] ()
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [107400 2015-04-16] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\System32\DRIVERS\avipbb.sys [136216 2015-04-16] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\System32\DRIVERS\avkmgr.sys [37896 2015-04-16] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\windows\System32\DRIVERS\avnetflt.sys [37896 2015-04-16] (Avira Operations GmbH & Co. KG)
R3 btwampfl; C:\windows\system32\drivers\btwampfl.sys [508632 2015-02-04] (Broadcom Corporation.)
R3 kbfiltr; C:\windows\System32\DRIVERS\kbfiltr.sys [13880 2010-04-19] ( )
S3 mbamchameleon; C:\windows\system32\drivers\mbamchameleon.sys [92888 2015-04-14] (Malwarebytes Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
S3 PROCEXP113; C:\windows\system32\Drivers\PROCEXP113.SYS [12568 2015-05-27] (Sysinternals - www.sysinternals.com) [File not signed]
R1 ssmdrv; C:\windows\System32\DRIVERS\ssmdrv.sys [28520 2015-04-16] (Avira GmbH)
U5 AppMgmt; C:\windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Arden\AppData\Local\Temp\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-27 22:55 - 2015-05-27 22:55 - 01147392 _____ (Farbar) C:\Users\Arden\Desktop\FRST(1).exe
2015-05-27 22:44 - 2015-05-27 22:58 - 00017260 _____ () C:\Users\Arden\Desktop\FRST.txt
2015-05-27 22:43 - 2015-05-27 22:58 - 00000000 ____D () C:\FRST
2015-05-27 22:12 - 2015-05-27 22:12 - 00112640 _____ (forum.viry.cz) C:\Users\Arden\Desktop\FRSTLauncher.exe
2015-05-27 21:59 - 2015-05-27 21:59 - 01147392 _____ (Farbar) C:\Users\Arden\Desktop\FRST.exe
2015-05-27 04:42 - 2015-05-27 04:44 - 94578794 _____ () C:\Users\Arden\Downloads\chrome-win32.zip
2015-05-27 03:02 - 2015-05-27 03:03 - 00000000 ____D () C:\Users\Arden\AppData\Roaming\Maxthon3
2015-05-27 03:02 - 2015-05-27 03:02 - 00001043 _____ () C:\Users\Public\Desktop\Maxthon Cloud Browser.lnk
2015-05-27 03:02 - 2015-05-27 03:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxthon Cloud Browser
2015-05-27 03:01 - 2015-05-27 03:02 - 00000000 ____D () C:\Program Files\Maxthon
2015-05-27 02:59 - 2015-05-27 02:59 - 01558792 _____ (Maxthon International ltd.) C:\Users\Arden\Downloads\mxsetup.exe
2015-05-27 02:59 - 2015-05-27 02:59 - 01558792 _____ (Maxthon International ltd.) C:\Users\Arden\Downloads\mxsetup (1).exe
2015-05-27 02:38 - 2015-05-27 02:38 - 00019180 _____ () C:\ComboFix.txt
2015-05-27 02:38 - 2015-05-27 02:38 - 00012568 _____ (Sysinternals - www.sysinternals.com) C:\windows\system32\Drivers\PROCEXP113.SYS
2015-05-26 22:57 - 2011-06-26 08:45 - 00256000 _____ () C:\windows\PEV.exe
2015-05-26 22:57 - 2010-11-07 19:20 - 00208896 _____ () C:\windows\MBR.exe
2015-05-26 22:57 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2015-05-26 22:57 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2015-05-26 22:57 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2015-05-26 22:57 - 2000-08-31 02:00 - 00098816 _____ () C:\windows\sed.exe
2015-05-26 22:57 - 2000-08-31 02:00 - 00080412 _____ () C:\windows\grep.exe
2015-05-26 22:57 - 2000-08-31 02:00 - 00068096 _____ () C:\windows\zip.exe
2015-05-26 22:55 - 2015-05-27 02:39 - 00000000 ____D () C:\Qoobox
2015-05-26 22:55 - 2015-05-27 02:39 - 00000000 ____D () C:\ComboFix
2015-05-26 22:52 - 2015-05-27 02:33 - 00000000 ____D () C:\windows\erdnt
2015-05-26 22:48 - 2015-05-26 22:49 - 05628291 ____R (Swearware) C:\Users\Arden\Desktop\ComboFix.exe
2015-05-26 22:40 - 2015-05-27 02:25 - 00001410 _____ () C:\windows\PFRO.log
2015-05-24 15:41 - 2015-05-24 15:41 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-24 15:41 - 2015-05-24 15:41 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-05-24 15:41 - 2015-04-14 09:37 - 00051928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-05-24 15:41 - 2015-04-14 09:37 - 00023256 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-05-24 15:37 - 2015-05-24 15:38 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Arden\Downloads\mbam-setup-2.1.6.1022.exe
2015-05-24 15:07 - 2015-05-24 15:07 - 00000000 ____D () C:\Users\Arden\Documents\Hebrew
2015-05-23 14:31 - 2015-05-27 11:28 - 00000280 _____ () C:\windows\setupact.log
2015-05-23 14:31 - 2015-05-23 14:31 - 00000000 _____ () C:\windows\setuperr.log
2015-05-23 14:24 - 2015-05-23 14:24 - 06484352 _____ (Piriform Ltd) C:\Users\Arden\Downloads\ccsetup505 (1).exe
2015-05-23 14:23 - 2015-05-23 14:24 - 06484352 _____ (Piriform Ltd) C:\Users\Arden\Downloads\ccsetup505.exe
2015-05-23 13:55 - 2015-05-23 13:55 - 00001163 _____ () C:\Users\Public\Desktop\Avira System Speedup.lnk
2015-05-23 04:10 - 2015-05-23 04:10 - 00000000 ___SD () C:\windows\system32\GWX
2015-05-23 04:01 - 2015-05-23 04:01 - 00001541 _____ () C:\Users\Arden\Downloads\66.cer
2015-05-23 03:58 - 2015-05-23 03:59 - 00001464 _____ () C:\Users\Arden\Downloads\72.cer
2015-05-23 03:50 - 2015-05-23 03:50 - 00001041 _____ () C:\Users\Arden\Downloads\CESNET_CA_Root.crt
2015-05-23 03:50 - 2015-05-23 03:50 - 00000589 _____ () C:\Users\Arden\Downloads\CESNET_CA_Root.crl
2015-05-23 03:12 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-22 21:48 - 2015-05-22 21:48 - 00000000 ____D () C:\Users\Arden\AppData\Local\Hola
2015-05-22 20:04 - 2015-05-24 15:41 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-22 20:03 - 2015-05-26 22:42 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-05-22 20:03 - 2015-05-24 15:49 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-22 19:59 - 2015-05-22 21:39 - 00000000 ____D () C:\Users\Arden\Desktop\mbar
2015-05-22 19:59 - 2015-04-14 09:37 - 00092888 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-05-22 19:58 - 2015-05-22 19:58 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Arden\Downloads\mbar-1.09.1.1004.exe
2015-05-20 19:11 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-05-20 19:11 - 2015-04-20 04:56 - 00909312 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-05-20 19:11 - 2015-04-20 04:03 - 02382336 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-05-19 13:41 - 2015-05-19 13:49 - 00000000 ____D () C:\AdwCleaner
2015-05-19 13:39 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2015-05-19 13:32 - 2015-05-19 13:33 - 02209792 _____ () C:\Users\Arden\Desktop\adwcleaner_4.204.exe
2015-05-19 12:41 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\windows\system32\wpdshext.dll
2015-05-19 12:40 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-05-19 12:40 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-05-19 12:40 - 2015-04-21 18:25 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-05-19 12:40 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-05-19 12:40 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-05-19 12:40 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-05-19 12:40 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-05-19 12:40 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-05-19 12:40 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-05-19 12:40 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-05-19 12:40 - 2015-04-21 17:58 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-05-19 12:40 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-05-19 12:40 - 2015-04-21 17:51 - 00667648 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-05-19 12:40 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-05-19 12:40 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-05-19 12:40 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-05-19 12:40 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-05-19 12:40 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-05-19 12:40 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-05-19 12:40 - 2015-04-21 17:26 - 00685568 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-05-19 12:40 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-05-19 12:40 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-05-19 12:40 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-05-19 12:40 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-05-19 12:40 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-05-19 12:40 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-05-19 12:39 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-05-19 12:39 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-05-19 12:39 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-05-19 12:39 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-05-19 12:39 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-05-19 12:39 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-05-19 12:38 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-05-19 12:38 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2015-05-19 12:38 - 2015-04-13 05:19 - 00259072 _____ (Microsoft Corporation) C:\windows\system32\services.exe
2015-05-19 12:38 - 2015-04-04 05:10 - 00137656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-05-19 12:38 - 2015-04-04 05:10 - 00067512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-05-19 12:38 - 2015-04-04 05:05 - 01061376 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-05-19 12:38 - 2015-04-04 05:05 - 00550912 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-05-19 12:38 - 2015-04-04 05:05 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-05-19 12:38 - 2015-04-04 05:05 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-05-19 12:38 - 2015-04-04 05:05 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-05-19 12:38 - 2015-04-04 05:05 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-05-19 12:38 - 2015-04-04 05:05 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-05-19 12:38 - 2015-04-04 05:05 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-05-19 12:38 - 2015-04-04 05:05 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-05-19 12:38 - 2015-04-04 05:05 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-05-19 12:38 - 2015-04-04 05:04 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-05-19 12:38 - 2015-04-04 05:04 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-05-19 12:38 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\shimeng.dll
2015-05-19 12:38 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\windows\system32\apphelp.dll
2015-05-19 12:38 - 2015-03-04 06:10 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\aelupsvc.dll
2015-05-19 12:38 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\windows\system32\sdbinst.exe
2015-05-19 12:37 - 2015-04-04 05:01 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-05-19 12:37 - 2015-04-04 05:01 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-05-19 12:37 - 2015-04-04 04:59 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-05-19 12:36 - 2015-05-19 13:48 - 06420480 _____ () C:\Program Files\GUTD9EB.tmp
2015-05-19 12:36 - 2015-05-19 13:07 - 00000000 ____D () C:\Program Files\GUMD9AB.tmp
2015-05-17 02:18 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2015-05-10 17:42 - 2015-05-10 17:42 - 00000000 ____D () C:\Users\Public\Speedup Sessions
2015-05-10 17:40 - 2015-05-23 13:55 - 00000000 ____D () C:\Users\Arden\AppData\Local\AviraSpeedup
2015-05-09 20:25 - 2015-05-09 20:28 - 00000000 ____D () C:\rsit
2015-05-09 20:25 - 2015-05-09 20:27 - 00000000 ____D () C:\Program Files\trend micro
2015-05-09 20:24 - 2015-05-09 20:24 - 01107968 _____ () C:\Users\Arden\Downloads\RSIT (2).exe
2015-05-09 20:24 - 2015-05-09 20:24 - 01107968 _____ () C:\Users\Arden\Downloads\RSIT (1).exe
2015-05-09 20:20 - 2015-05-09 20:20 - 01107968 _____ () C:\Users\Arden\Downloads\RSIT.exe
2015-05-09 17:38 - 2015-05-23 13:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviraSpeedup
2015-05-09 16:34 - 2015-05-09 16:34 - 00000000 ____D () C:\Users\Arden\AppData\Roaming\Avira
2015-05-09 16:29 - 2015-04-16 15:23 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2015-05-09 16:29 - 2015-04-16 15:23 - 00107400 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2015-05-09 16:29 - 2015-04-16 15:23 - 00037896 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2015-05-09 16:29 - 2015-04-16 15:23 - 00037896 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avkmgr.sys
2015-05-09 16:29 - 2015-04-16 15:23 - 00028520 _____ (Avira GmbH) C:\windows\system32\Drivers\ssmdrv.sys
2015-05-09 16:17 - 2015-05-09 17:37 - 00000000 ____D () C:\Program Files\Avira
2015-05-09 16:17 - 2015-05-09 16:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-05-09 16:17 - 2015-05-09 16:29 - 00000000 ____D () C:\ProgramData\Avira
2015-05-09 16:17 - 2015-05-09 16:17 - 00000000 ____D () C:\ProgramData\Package Cache
2015-05-09 16:15 - 2015-05-09 16:16 - 04734040 _____ (Avira Operations GmbH & Co. KG) C:\Users\Arden\Downloads\avira_en_av_554e15bae6de3__ws.exe
2015-05-07 14:45 - 2015-05-07 14:48 - 00000000 ____D () C:\Users\Arden\Desktop\malostr hrb 2005 copie de gg
2015-05-06 20:21 - 2012-05-11 14:30 - 00000751 _____ () C:\Users\Arden\Desktop\sisus et jerušalajim pouze melodie.wpl
2015-05-05 14:58 - 2010-05-06 05:44 - 00213384 _____ (ELAN Microelectronic Corp.) C:\windows\ETDUninst.dll
2015-05-03 21:24 - 2015-05-23 04:13 - 00000000 ____D () C:\Program Files\Mozilla Firefox

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-27 22:56 - 2014-06-05 19:27 - 01198453 _____ () C:\windows\WindowsUpdate.log
2015-05-27 22:32 - 2015-02-14 00:27 - 00000938 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-27 22:00 - 2009-07-14 06:34 - 00016160 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-27 22:00 - 2009-07-14 06:34 - 00016160 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-27 15:24 - 2014-08-06 15:37 - 00000000 ____D () C:\Users\Arden\AppData\Local\Axialis
2015-05-27 11:33 - 2014-10-29 13:02 - 00000000 ____D () C:\Users\Arden\AppData\Roaming\ViberPC
2015-05-27 11:28 - 2015-02-14 00:27 - 00000934 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-27 11:28 - 2014-10-29 13:00 - 00000000 ____D () C:\Users\Arden\AppData\Local\Viber
2015-05-27 11:28 - 2009-07-14 06:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-05-27 04:41 - 2015-02-14 00:28 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-27 02:38 - 2009-07-14 04:37 - 00000000 __RHD () C:\Users\Default
2015-05-27 02:38 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public
2015-05-27 02:28 - 2009-07-14 04:04 - 00000215 _____ () C:\windows\system.ini
2015-05-27 02:24 - 2009-07-14 04:03 - 64487424 _____ () C:\windows\system32\config\COMPON~2.bak
2015-05-27 02:24 - 2009-07-14 04:03 - 00786432 _____ () C:\windows\system32\config\default.bak
2015-05-27 02:24 - 2009-07-14 04:03 - 00262144 _____ () C:\windows\system32\config\security.bak
2015-05-27 02:24 - 2009-07-14 04:03 - 00262144 _____ () C:\windows\system32\config\sam.bak
2015-05-26 22:42 - 2015-03-15 22:36 - 00000000 ____D () C:\ProgramData\ProductData
2015-05-26 22:40 - 2009-07-14 06:56 - 00000000 ____D () C:\windows\DigitalLocker
2015-05-24 15:08 - 2009-07-25 09:50 - 01667292 _____ () C:\windows\system32\PerfStringBackup.INI
2015-05-23 14:31 - 2014-06-19 01:25 - 00000000 ____D () C:\Program Files\epson
2015-05-23 14:30 - 2009-07-14 06:52 - 00000000 ____D () C:\windows\twain_32
2015-05-23 14:25 - 2002-01-17 09:19 - 00000969 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-05-23 14:25 - 2002-01-17 09:18 - 00000000 ____D () C:\Program Files\CCleaner
2015-05-23 14:22 - 2014-11-02 23:20 - 00000000 ____D () C:\Users\Arden\AppData\Local\CrashDumps
2015-05-23 14:10 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\Microsoft.NET
2015-05-23 04:13 - 2014-08-07 20:22 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-05-23 03:28 - 2009-07-14 06:33 - 00289208 _____ () C:\windows\system32\FNTCACHE.DAT
2015-05-23 03:24 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\fr-FR
2015-05-23 03:24 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\AdvancedInstallers
2015-05-19 13:55 - 2014-06-05 10:47 - 00065640 _____ () C:\windows\system32\GDIPFONTCACHEV1.DAT
2015-05-19 13:53 - 2010-07-01 02:33 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-19 13:33 - 2014-06-05 14:23 - 00000000 ____D () C:\windows\system32\MRT
2015-05-19 13:32 - 2014-06-05 14:23 - 137310008 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-05-19 13:17 - 2010-07-01 02:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-10 20:56 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\LogFiles
2015-05-10 17:54 - 2014-06-05 10:42 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-05-10 17:40 - 2014-08-06 15:29 - 00065640 _____ () C:\Users\Arden\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-05 14:58 - 2015-02-08 23:06 - 00000000 ____D () C:\Program Files\Synergy
2015-05-05 14:54 - 2010-07-01 02:19 - 00000000 ____D () C:\Program Files\ASUS
2015-05-05 14:36 - 2014-09-14 11:07 - 00000000 ____D () C:\ProgramData\Freemake
2015-05-05 14:29 - 2014-08-07 20:10 - 00000000 ____D () C:\Users\Arden\AppData\Roaming\XnView
2015-04-28 17:56 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\AppCompat

==================== Files in the root of some directories =======

2015-05-19 12:36 - 2015-05-19 13:48 - 6420480 _____ () C:\Program Files\GUTD9EB.tmp
2014-11-22 15:44 - 2014-11-22 15:44 - 0000781 _____ () C:\Users\Arden\AppData\Local\recently-used.xbel
2015-01-17 18:20 - 2015-01-17 18:20 - 0000057 _____ () C:\ProgramData\Ament.ini
2010-07-01 02:21 - 2010-03-03 00:59 - 0131984 _____ () C:\ProgramData\FullRemove.exe

Some files in TEMP:
====================
C:\Users\Arden\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================

FontResizer (HKLM\...\InstallShield_{17780F99-A9DF-450B-81B3-6781B20A17A8}) (Version: 1.01.0011 - ASUSTek)
FontResizer (Version: 1.01.0011 - ASUSTek) Hidden

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Arden\Desktop" je 5103 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

...a druhý:



Additional scan result of Farbar Recovery Scan Tool (x86) Version: 27-05-2015 01
Ran by Arden at 2015-05-27 23:00:01
Running from C:\Users\Arden\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrateur (S-1-5-21-1060993103-2144846065-1220290441-500 - Administrator - Disabled)
Arden (S-1-5-21-1060993103-2144846065-1220290441-1000 - Administrator - Enabled) => C:\Users\Arden
Invité (S-1-5-21-1060993103-2144846065-1220290441-501 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 1.1.0 - Hewlett-Packard) Hidden
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Reader XI - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
All-in-One PDF Lite (HKLM\...\All-in-One PDF Lite_is1) (Version: - All-in-One PDF Lite)
ASUS WebStorage (HKLM\...\ASUS WebStorage) (Version: 3.0.143.296 - ASUS Cloud Corporation)
ASUSUpdate for Eee PC (HKLM\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 1.04.01 - ASUSTeK Computer Inc.)
AsusVibe2.0 (HKLM\...\Asus Vibe2.0) (Version: 2.0.9.157 - ASUSTEK)
Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.23 - Atheros Communications Inc.)
Avira (HKLM\...\{2d044ded-ae1b-40d3-8d18-97cfda75bd69}) (Version: 1.1.37.14600 - Avira Operations GmbH & Co. KG)
Avira (Version: 1.1.37.14600 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.10.434 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira System Speedup (HKLM\...\Avira System Speedup_is1) (Version: 1.6.5.940 - Avira Operations GmbH & Co. KG)
Boingo Wi-Fi (HKLM\...\{7E49ED48-B67E-4A27-839D-EE08590A96BB}) (Version: 1.7.0048 - Boingo Wireless, Inc.)
Broadcom Wireless Network Adapter (HKLM\...\{4FCBCF89-1823-4D97-A6F2-0E8DD66E273A}) (Version: 1.00.0000 - AzureWave)
CapsHook (HKLM\...\{4B5092B6-F231-4D18-83BC-2618B729CA45}) (Version: 1.0.0.5 - AsusTek Computer)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Cobian Backup 11 Gravity (HKLM\...\CobBackup11) (Version: - )
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3718a - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Davar3 (remove all files) (HKLM\...\Davar3) (Version: - )
DjVu Viewer version 1.0 (HKLM\...\{3A959BCB-643A-462F-A692-5B7FE4CE35AC}_is1) (Version: 1.0 - djvuviewer.com)
Eee Docking 3.8.0 (HKLM\...\Eee Docking_is1) (Version: 3.8.0 - ASUSTek Computer Inc.)
EeeSplendid (HKLM\...\{6333FC29-BFE5-4024-AC78-958A1A7555D1}) (Version: 5.1.2.0011 - ASUS)
EeeSplendid (Version: 5.1.2.0011 - ASUS) Hidden
FontResizer (HKLM\...\InstallShield_{17780F99-A9DF-450B-81B3-6781B20A17A8}) (Version: 1.01.0011 - ASUSTek)
FontResizer (Version: 1.01.0011 - ASUSTek) Hidden
Fotogalerie (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Foxit Cloud (HKLM\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.5.129.617 - Foxit Corporation)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 6.2.1.618 - Foxit Corporation)
Galerie de photos (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GonVisor 1.73 (HKLM\...\GonVisor_is1) (Version: - G.A.A.)
Google Chrome (HKLM\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Hotkey Service (HKLM\...\{71C0E38E-09F2-4386-9977-404D4F6640CD}) (Version: 1.27 - AsusTek Computer)
Inkscape 0.48.4 (HKLM\...\Inkscape) (Version: 0.48.4 - )
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.14.10.2230 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
IObit Uninstaller (HKLM\...\IObitUninstall) (Version: 4.2.6.1 - IObit)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
LiveUpdate (HKLM\...\{38E5A3B1-ADF1-47E0-8024-76310A30EB36}) (Version: 1.22 - AsusTek Computer Inc.)
LocaleMe (HKLM\...\{F58C1D44-4AC9-48E8-9049-7A6CDFCB415C}) (Version: 1.3 - ASUS)
Logiciel de base du périphérique HP Deskjet 3050A J611 series (HKLM\...\{D2782627-DEFC-486F-A424-FC178C9D70B4}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Malwarebytes Anti-Malware verze 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Maxthon Cloud Browser (HKLM\...\Maxthon3) (Version: 4.4.5.2000 - Maxthon International Limited)
Microsoft .NET Framework 4.5.1 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1060993103-2144846065-1220290441-1000\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 38.0.1 (x86 fr) (HKLM\...\Mozilla Firefox 38.0.1 (x86 fr)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
OOBERegBackup (HKLM\...\OOBERegBackup_is1) (Version: - ASUSTeK Computer Inc.)
OpenOffice 4.1.0 (HKLM\...\{B3B009FC-6909-4E00-9F43-FFB5CA93D606}) (Version: 4.10.9764 - Apache Software Foundation)
Ralink RT2860 Wireless LAN Card (HKLM\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 1.2.0.19 - Ralink)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6066 - Realtek Semiconductor Corp.)
SRS Premium Sound Control Panel (HKLM\...\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}) (Version: 1.8.50.0 - SRS Labs, Inc.)
Super Hybrid Engine (HKLM\...\{88F08F98-12BC-4613-81A2-8F9B88CFC73E}) (Version: 2.16 - AsusTek Computer)
Synergy (HKLM\...\Synergy) (Version: 1.4.10 - The Synergy Project)
Viber (HKU\S-1-5-21-1060993103-2144846065-1220290441-1000\...\Viber) (Version: 4.4.0.134678 - Viber Media Inc)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.5800 - Broadcom Corporation)
Windows Driver Package - Broadcom Bluetooth (07/17/2009 6.2.0.9403) (HKLM\...\B41C7C96D83162A676DA7365ADEFD6C1AF62A4EE) (Version: 07/17/2009 6.2.0.9403 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (07/29/2009 6.1.7100.0) (HKLM\...\B5C82F3814F82FB37F1513B3185399BD88892B08) (Version: 07/29/2009 6.1.7100.0 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live FolderShare (HKLM\...\{2075CB0A-D26F-4DAA-B424-5079296B43BA}) (Version: 14.0.8089.726 - Microsoft Corporation)
XnView 2.22 (HKLM\...\XnView_is1) (Version: 2.22 - Gougelet Pierre-e)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1060993103-2144846065-1220290441-1000_Classes\CLSID\{0002DF01-0000-0000-C000-000000000046}\localserver32 -> C:\Program Files\Maxthon\Bin\Maxthon.exe (Maxthon International ltd.)
CustomCLSID: HKU\S-1-5-21-1060993103-2144846065-1220290441-1000_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\Arden\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1060993103-2144846065-1220290441-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Arden\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1060993103-2144846065-1220290441-1000_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\Arden\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1060993103-2144846065-1220290441-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Arden\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1060993103-2144846065-1220290441-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Arden\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1060993103-2144846065-1220290441-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Arden\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1060993103-2144846065-1220290441-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Arden\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\FileSyncApi.dll (Microsoft Corporation)

==================== Restore Points =========================

19-05-2015 12:37:20 Windows Update
23-05-2015 03:00:45 Windows Update
23-05-2015 04:09:32 Windows Update
23-05-2015 13:54:16 Avira System Speedup 1.6.5

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {086B91B8-2D6C-49DB-9E75-17E7FB541064} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-02-14] (Google Inc.)
Task: {131EF710-8542-4E5E-BC38-C2AFCD8A075B} - System32\Tasks\Uninstaller_SkipUac_Arden => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-03-15] (IObit)
Task: {45E9528B-EF11-4F09-81E5-B12E413426BD} - System32\Tasks\{A98D623F-80A1-478F-B70E-C8AD878256B5} => pcalua.exe -a C:\Users\Arden\Downloads\davar3_setup.exe -d C:\Users\Arden\Downloads
Task: {91765747-4EAF-4BDC-94A6-597579EA81BD} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {974FBF33-4672-4B25-879F-77A060A70B0F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {AFC4297A-149E-48D3-9C43-DE84133A0D3E} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {B4FEACA2-DFFE-44F7-9DE9-0A80637CF274} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-02-14] (Google Inc.)
Task: {C6C8CD6D-3149-43EA-9930-60FB0FDA0B23} - System32\Tasks\Maxthon Update => C:\Program Files\Maxthon\Bin\Maxthon.exe [2015-05-21] (Maxthon International ltd.)
Task: {EF230AA6-E6E4-4BDE-A35B-5783A3722AF5} - System32\Tasks\AviraSpeedup => C:\Program Files\Avira\AviraSpeedup\avira_system_speedup.exe [2015-05-08] (Avira Operations GmbH & Co. KG)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

Aviru bych minimalne preinstaloval, aby se vzpamatovala. Ja bych ji teda vyhodil uplne, ale kdyz jste na ni zvykly...

hommeros píše:***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Arden\Desktop" je 5103 MB.

Velikost plochy by nemela presahovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku




Otevrete si poznamkovy blok a zkopirujte do nej tento skript Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

Děkuji,

já bych tu Aviru dal pryč, ale co místno ní?
Z plochy jsem dal většinu pryč a tady je ten log, snad jsem to udělal správně...:
Navíc bych klidně měl vedle Win7 raději Ubuntu....ale používám Davar, který na Ubuntu nechodí...

dík.




Fix result of Farbar Recovery Scan Tool (x86) Version: 27-05-2015 01
Ran by Arden at 2015-05-28 13:13:05 Run:1
Running from C:\Users\Arden\Desktop
Loaded Profiles: Arden (Available Profiles: Arden)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKU\S-1-5-21-1060993103-2144846065-1220290441-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6278424 2015-04-23] (Piriform Ltd)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1060993103-2144846065-1220290441-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1060993103-2144846065-1220290441-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-1060993103-2144846065-1220290441-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
HKU\S-1-5-21-1060993103-2144846065-1220290441-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://eeepc.asus.com
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2015-03-15] (IObit)

FF Plugin HKU\S-1-5-21-1060993103-2144846065-1220290441-1000: @hola.org/vlc,version=1.7.974 -> C:\Users\Arden\AppData\Local\Hola\firefox\app\vlc [2015-05-22] ()

S3 catchme; \??\C:\Users\Arden\AppData\Local\Temp\catchme.sys [X]

2015-05-19 12:36 - 2015-05-19 13:48 - 06420480 _____ () C:\Program Files\GUTD9EB.tmp
2015-05-19 12:36 - 2015-05-19 13:07 - 00000000 ____D () C:\Program Files\GUMD9AB.tmp

Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value Removed successfully.
HKU\S-1-5-21-1060993103-2144846065-1220290441-1000\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value Removed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key Removed successfully.
"HKU\S-1-5-21-1060993103-2144846065-1220290441-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key Removed successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page => value Removed successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value Removed successfully.
HKU\S-1-5-21-1060993103-2144846065-1220290441-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-1060993103-2144846065-1220290441-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-1060993103-2144846065-1220290441-1000\Software\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL => value Removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}" => key Removed successfully.
"HKCR\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}" => key Removed successfully.
"HKU\S-1-5-21-1060993103-2144846065-1220290441-1000\Software\MozillaPlugins\@hola.org/vlc,version=1.7.974" => key Removed successfully.
FF Plugin HKU\S-1-5-21-1060993103-2144846065-1220290441-1000: @hola.org/vlc,version=1.7.974 -> C:\Users\Arden\AppData\Local\Hola\firefox\app\vlc [2015-05-22] () not found.
catchme => Service Removed successfully.
C:\Program Files\GUTD9EB.tmp => Moved successfully.
C:\Program Files\GUMD9AB.tmp => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts restored successfully.
EmptyTemp: => Removed 145.1 MB temporary data.


The system needed a reboot.

==== End of Fixlog 13:15:06 ====

hommeros píše:já bych tu Aviru dal pryč, ale co místno ní?

Ja pouzivam uz asi 10 let Avast free a po uprave nastaveni jsem naprosto spokojeny. Jinak dalsi moznost je treba Bitdefender free.


Vse probehlo jak melo


Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)



Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

Prejmenujte ComboFix na Uninstall a spustte ho. CF by se mel odinstalovat.

vyosek píše: DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remove disinfection tools
• Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak je na tom pc.

Děkuji moc za rady.
snažil jsem se postupovat podle návodů:
log crystal disk je tady:

¨----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Starter Edition SP1 [6.1 Build 7601] (x86)
Date : 2015/06/02 16:12:17

-- Controller Map ----------------------------------------------------------
+ Intel(R) NM10 Express Chipset [ATA]
- ST9250315AS

-- Disk List ---------------------------------------------------------------
(1) ST9250315AS : 250,0 GB [0/0/0, pd1] - st

----------------------------------------------------------------------------
(1) ST9250315AS
----------------------------------------------------------------------------
Model : ST9250315AS
Firmware : 0003SDM1
Serial Number : 6VC52H3N
Disk Size : 250,0 GB (8,4/137,4/250,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 488397168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/300
Power On Hours : 1063 hod.
Power On Count : 1138 krát
Temparature : 29 C (84 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 117 _99 __6 000009F975D2 Počet chyb čtení
03 _99 _99 __0 000000000000 Čas na roztočení ploten
04 _99 _99 _20 000000000482 Počet spuštění/zastavení
05 100 100 _36 000000000000 Počet přemapovaných sektorů
07 _77 _60 _30 000003579C6A Počet chybných hledání
09 _99 _99 __0 000000000427 Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _99 _37 _20 000000000472 Počet cyklů zapnutí zařízení
B8 100 100 _99 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 _99 __0 00000000000C Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _71 _51 _45 00001D18001D Teplota toku vzduchu
BF 100 100 __0 00000000001D Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000000031 Počet vypnutí disku
C1 _90 _90 __0 000000004EEE Počet cyklů načítání/vymazání
C2 _29 _49 __0 000B0000001D Teplota
C3 _48 _39 __0 000009F975D2 Počet oprav chybného čtení
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
FE 100 100 __0 000000000000 Ochrana proti pádu

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 3656 3656 4335 3248 334E
020: 0000 4000 0004 3030 3033 4D31 4D31 5354 3932 3530
030: 3331 3541 5320 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0506 0506 0000 0048 0048
080: 01F0 0029 346B 7D09 6123 BC09 BC09 6123 407F 0022
090: 0022 8080 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: 5970 1D1C 0000 0000 0000 0000 0000 0000 5000 C500
110: 22CB 4EA5 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 5970
130: 1D1C 5970 1D1C 2020 0002 0100 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 001F 001F 0280 0000 0000
150: 0008 0000 0000 0000 0000 0000 0000 0000 3C00 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 103B 103B 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 1010 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 09A5

-------------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------------

...potom přejmenoval ComboFix na Uninstall, spustil jako správce a nic. Ale pak jsem ho jako normálně otevřel a odinstaloval se v pohodě.
.... potom delfix, tadyje z toho výsledek:

# DelFix v1.010 - Rapport créé le 02/06/2015 a 16:30:00
# Mis a jour le 26/04/2015 par Xplode
# Nom d'utilisateur : Arden - ASUS
# Systeme d'exploitation : Windows 7 Starter Service Pack 1 (32 bits)

~ Suppression des outils de désinfection ...

Supprimé : C:\RSIT
Supprimé : C:\Combofix
Supprimé : C:\FRST
Supprimé : C:\AdwCleaner
Supprimé : C:\Users\Arden\Desktop\mbar
Supprimé : C:\ComboFix.txt
Supprimé : C:\Users\Arden\Desktop\Addition.txt
Supprimé : C:\Users\Arden\Desktop\adwcleaner_4.204.exe
Supprimé : C:\Users\Arden\Desktop\Fixlog.txt
Supprimé : C:\Users\Arden\Desktop\FRST.exe
Supprimé : C:\Users\Arden\Desktop\FRST.txt
Supprimé : C:\Users\Arden\Desktop\FRSTLauncher.exe
Supprimé : C:\Users\Arden\Desktop\log.txt
Supprimé : C:\Users\Arden\Downloads\RSIT (1).exe
Supprimé : C:\Users\Arden\Downloads\RSIT (2).exe
Supprimé : C:\Users\Arden\Downloads\RSIT.exe
Supprimée : HKLM\SOFTWARE\AdwCleaner
Supprimée : HKLM\SOFTWARE\Swearware

########## - EOF - ##########


...a nakonec Ccleaner a Defraggler taky v poho.

PC běží normálně, mnohem rychleji a bez čekání.
Teď ještě nainstaluju nějaký antivir. Nevím jestli znovu Aviru nebo ty doporučované Bitdefender free nebo Avast free. A pak bych ještě zrušil browsery Google Chrome i Mozillu Firefox a používal jako prohllížeče něco jednoduššího , nevíte třeba jak chodí nebo jestli se hodí Maxthon nebo něco podobného?

Jinak díky moc,
fakt mi to pomohlo!