VIRY.CZ

Dobry den, notebook je celkově zpomalený prosim o kontrolu logu Diky.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Pepik at 2015-05-26 14:35:35
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 279 GB (61%) free of 458 GB
Total RAM: 3767 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:35:38, on 26.5.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Normal

Running processes:
C:\Users\Pepik\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
C:\Program Files (x86)\Opera\29.0.1795.60\opera_crashreporter.exe
C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
C:\Program Files\trend micro\Pepik.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\RunOnce: [20150107] C:\Program Files\AVAST Software\Avast\setup\emupdate\de0d21b7-598d-496d-be6c-0cb7eb32389a.exe /check
O4 - HKCU\..\Run: [Flvto YouTube Downloader] "Flvto Youtube Downloader\FlvtoYoutubeDownloader.exe" /minimize
O4 - HKCU\..\Run: [BitTorrent] "C:\Users\Pepik\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9058 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
taskeng.exe {2D233557-4F65-47CD-9D4F-41E8730B19C0}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1344
C:\Windows\System32\alg.exe
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Windows\system32\Dwm.exe"
taskhost.exe USER
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\Windows\system32\igfxsrvc.exe -Embedding
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Users\Pepik\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe" --ran-launcher
"C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe" --ran-launcher /crash-reporter-parent-id=1716
"C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe" --type=gpu-process --channel="1716.0.1713838127\1059180158" --enable-proprietary-media-types-playback --crash-reporter-pid=4340 --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,20,43 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0046 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2182 --enable-proprietary-media-types-playback --crash-reporter-pid=4340 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --crash-reporter-pid=4340 --device-scale-factor=1 --font-cache-shared-mem-suffix=1716 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --disable-accelerated-video-decode --channel="1716.3.1323187519\313622622" /prefetch:673131151
"C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --crash-reporter-pid=4340 --device-scale-factor=1 --font-cache-shared-mem-suffix=1716 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --disable-accelerated-video-decode --channel="1716.4.902776315\818641184" /prefetch:673131151
"C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --crash-reporter-pid=4340 --device-scale-factor=1 --font-cache-shared-mem-suffix=1716 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --disable-accelerated-video-decode --channel="1716.5.1129594556\925285114" /prefetch:673131151
"C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe" --type=plugin --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll" --disable-direct-npapi-requests --lang=cs --channel="1716.6.830973595\1821616450" --enable-proprietary-media-types-playback --crash-reporter-pid=4340 /prefetch:-390060480
taskhost.exe $(Arg0)
"C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --crash-reporter-pid=4340 --device-scale-factor=1 --font-cache-shared-mem-suffix=1716 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --disable-accelerated-video-decode --channel="1716.10.233039058\119515040" /prefetch:673131151
C:\Windows\System32\svchost.exe -k WerSvcGroup

taskeng.exe {70CB79D8-58F2-42D0-BD97-5CCE0B73B36D}
"C:\Users\Pepik\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-01-19 347424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-07-31 612248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-01-19 49440]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Power Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-05-10 1831528]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-07-23 386584]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-07-23 161304]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-07-23 415256]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-02-18 11779176]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []
"Flvto YouTube Downloader"=Flvto Youtube Downloader\FlvtoYoutubeDownloader.exe /minimize []
"BitTorrent"=C:\Users\Pepik\AppData\Roaming\BitTorrent\BitTorrent.exe [2015-05-23 1696104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
C:\Users\Pepik\AppData\Roaming\BitTorrent\BitTorrent.exe [2015-05-23 1696104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flvto Youtube Downloader]
C:\Users\Pepik\AppData\Local\Flvto Youtube Downloader\FlvtoYoutubeDownloader.exe /minimize []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gaming Mouse Driver]
C:\Program Files (x86)\Gaming Mouse\Monitor.EXE [2011-09-09 200704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess]
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2010-03-16 718208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-15 190536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe -silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Pepik^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MEGAsync.lnk]
C:\Users\Pepik\AppData\Local\MEGAsync\MEGAsync.exe [2015-01-01 4147712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Pepik^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk]
C:\PROGRA~2\MICROS~2\Office14\ONENOTEM.EXE [2010-03-29 227712]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"=C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2011-04-24 297280]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-07-31 4085896]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"20150107"=C:\Program Files\AVAST Software\Avast\setup\emupdate\de0d21b7-598d-496d-be6c-0cb7eb32389a.exe [2015-05-26 183232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-07-20 271360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2015-05-26 14:35:35 ----D---- C:\rsit
2015-05-24 13:15:56 ----D---- C:\ProgramData\GRETECH
2015-05-24 13:13:01 ----D---- C:\Users\Pepik\AppData\Roaming\GRETECH

======List of files/folders modified in the last 1 month======

2015-05-26 14:35:37 ----D---- C:\Windows\Temp
2015-05-26 14:35:37 ----D---- C:\Program Files\trend micro
2015-05-26 14:35:04 ----D---- C:\Windows\Prefetch
2015-05-26 14:34:25 ----D---- C:\Users\Pepik\AppData\Roaming\BitTorrent
2015-05-26 14:32:47 ----D---- C:\Windows\system32\config
2015-05-26 14:22:36 ----A---- C:\Windows\SYSWOW64\log.txt
2015-05-25 20:04:16 ----D---- C:\Windows\System32
2015-05-25 20:04:16 ----D---- C:\Windows\inf
2015-05-25 20:04:16 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-05-25 13:11:40 ----SHD---- C:\System Volume Information
2015-05-25 10:51:57 ----D---- C:\Program Files (x86)
2015-05-25 10:39:30 ----D---- C:\Users\Pepik\AppData\Roaming\TS3Client
2015-05-25 10:39:22 ----D---- C:\Program Files\TeamSpeak 3 Client
2015-05-25 10:38:49 ----SHD---- C:\Windows\Installer
2015-05-25 10:38:48 ----D---- C:\Windows\SysWOW64
2015-05-25 10:38:10 ----D---- C:\Program Files
2015-05-25 10:36:39 ----D---- C:\ProgramData\Freemake
2015-05-25 10:36:28 ----D---- C:\Program Files (x86)\Internet Explorer
2015-05-25 10:27:19 ----D---- C:\Program Files (x86)\Applian Technologies
2015-05-25 10:25:12 ----D---- C:\Windows
2015-05-25 10:24:18 ----D---- C:\Program Files (x86)\Scorpions WinCheater
2015-05-25 10:17:52 ----D---- C:\Hry
2015-05-25 10:16:51 ----D---- C:\Program Files (x86)\Firefly Studios
2015-05-25 10:16:48 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-05-24 18:02:20 ----D---- C:\Users\Pepik\AppData\Roaming\Skype
2015-05-24 13:15:56 ----AD---- C:\ProgramData
2015-05-24 13:12:50 ----D---- C:\Program Files (x86)\GRETECH
2015-05-23 15:52:48 ----SD---- C:\ProgramData\Microsoft
2015-05-20 15:00:30 ----D---- C:\Windows\system32\Tasks
2015-05-20 15:00:30 ----D---- C:\Program Files (x86)\Opera
2015-05-19 20:25:10 ----D---- C:\Windows\Tasks
2015-05-19 17:04:06 ----RSD---- C:\Windows\Fonts
2015-05-04 19:52:16 ----D---- C:\Windows\system32\catroot2
2015-05-03 18:34:37 ----D---- C:\Windows\system32\wdi
2015-05-01 16:10:19 ----D---- C:\Windows\winsxs
2015-05-01 16:00:34 ----D---- C:\Users\Pepik\AppData\Roaming\Samsung
2015-05-01 16:00:34 ----D---- C:\Program Files (x86)\Samsung
2015-05-01 16:00:09 ----D---- C:\Program Files (x86)\PC Connectivity Solution
2015-05-01 15:57:53 ----D---- C:\Windows\SYSWOW64\drivers
2015-05-01 15:54:40 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-05-01 15:53:54 ----D---- C:\Users\Pepik\AppData\Roaming\Winamp
2015-05-01 15:08:57 ----D---- C:\Users\Pepik\AppData\Roaming\DAEMON Tools Lite

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-07-31 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-07-31 224896]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-04-13 540696]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-08-14 834544]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-07-31 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-22 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-07-31 427360]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-11-09 270912]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-07-31 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-07-31 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-07-31 92008]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-02 2750464]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-07-20 10603904]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-02-22 2750312]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2011-01-18 412712]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2011-03-10 18432]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2011-03-10 17408]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2010-04-28 26440]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2010-04-27 77512]
S2 WCMVCAM;WebcamMax, WDM Video Capture; C:\Windows\system32\DRIVERS\wcmvcam64.sys [2012-04-15 1071032]
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-06-08 4729408]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-09-22 243712]
S3 RtkBtFilter;Realtek Bluetooth Filter Driver; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [2015-01-20 585944]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 127488]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 18944]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 161280]
S3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2011-12-15 31232]
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 VCSVADHWSer;Avnex Virtual Audio Device (WDM); C:\Windows\system32\DRIVERS\vcsvad.sys [2008-12-26 21504]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2010-04-27 43976]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2010-04-28 16200]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-04-08 68992]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-07-31 50344]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-05-26 29696]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-18 268824]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-04-24 256832]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-08-18 75064]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2014-12-24 214520]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-20 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15 268464]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-10-09 655624]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2012-04-26 135584]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-20 107912]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2012-09-26 4460280]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-11-11 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]

-----------------EOF-----------------

Krasny den Vam preju

Doinstalujte dulezite Microsoft aktualizace (vcetne IE11).

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )

ukoncete vsechny programy
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Scan, pote na Cleaning
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

log zde:

# AdwCleaner v4.205 - Log vytvořen 28/05/2015 v 14:42:21
# Aktualizováno 21/05/2015 by Xplode
# Databáze : 2015-05-25.3 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x64)
# Uživatelské jméno : Pepik - PEPA
# Spuštěno z : C:\Users\Pepik\Desktop\adwcleaner_4.205.exe
# Nastavení : Čištění

***** [ Služby ] *****

***** [ Soubory / Složky ] *****

Složka Smazáno : C:\Users\Pepik\AppData\Roaming\Mozilla\Firefox\Profiles\6icesh4i.default\Extensions\anttoolbar@ant.com

***** [ Naplánované úlohy ] *****

***** [ Zástupci ] *****

***** [ Registry ] *****

Klíč Smazáno : HKCU\Software\Classes\MF
Klíč Smazáno : HKLM\SOFTWARE\823eb29b-3e65-4b6c-9e75-ca223c80fc59
Klíč Smazáno : HKCU\Software\TNT2
Klíč Smazáno : HKU\.DEFAULT\Software\AskPartnerNetwork

***** [ Prohlížeče ] *****

-\\ Internet Explorer v9.0.8112.16470

-\\ Mozilla Firefox v

-\\ Chromium v

-\\ Opera v29.0.1795.60

*************************

AdwCleaner[R0].txt - [1162 bytů] - [28/05/2015 14:40:22]
AdwCleaner[S0].txt - [1040 bytů] - [28/05/2015 14:42:21]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1098 bytů] ##########

Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

nevim kde mam najit Addition.txt

Pokud chcete vytvorit i Addition.txt, musite v pripade druheho a dalsiho spusteni FRST.exe/FRST64.exe pred zacatkem skenu volbu (checkbox) Addition explicitne zatrhnout.

FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:08-06-2015
Ran by Pepik (administrator) on PEPA on 10-06-2015 15:22:59
Running from C:\Users\Pepik\Desktop
Loaded Profiles: Pepik (Available Profiles: Pepik)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831528 2011-05-10] (Acer Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11779176 2011-02-18] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\Run: [Flvto YouTube Downloader] => "Flvto Youtube Downloader\FlvtoYoutubeDownloader.exe" /minimize
HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\Run: [BitTorrent] => C:\Users\Pepik\AppData\Roaming\BitTorrent\BitTorrent.exe [1696104 2015-05-23] (BitTorrent Inc.)
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Pepik\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Pepik\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Pepik\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2014-07-31] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Pepik\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Pepik\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Pepik\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM-x32 -> {4B036830-04A4-1DEC-89DE-5C185BEE66B1} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2289079560-4057469565-1523236124-1000 -> DefaultScope {268DDC2E-9AB6-4AF7-A619-699D23176C72} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
SearchScopes: HKU\S-1-5-21-2289079560-4057469565-1523236124-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2289079560-4057469565-1523236124-1000 -> {268DDC2E-9AB6-4AF7-A619-699D23176C72} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2012-01-19] (Sun Microsystems, Inc.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-07-31] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-01-19] (Sun Microsystems, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.9 212.47.0.7

FireFox:
========
FF ProfilePath: C:\Users\Pepik\AppData\Roaming\Mozilla\Firefox\Profiles\6icesh4i.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchUrl: hxxp://www.google.com/search?btnG=Google+Search&q=
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2012-01-19] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-08-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-08-08] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-04-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll No File
FF Plugin HKU\S-1-5-21-2289079560-4057469565-1523236124-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Pepik\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-04-14] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: YouTube Video and Audio Downloader - C:\Users\Pepik\AppData\Roaming\Mozilla\Firefox\Profiles\6icesh4i.default\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2015-03-27]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-11-09]
FF Extension: No Name - C:\Users\Pepik\AppData\Roaming\Mozilla\Firefox\Profiles\6icesh4i.default\extensions\anttoolbar@ant.com [not found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-31]

Opera:
=======
OPR StartupUrls: "hxxp://google.cz/"
OPR Extension: (SavePass 1.1) - C:\Users\Pepik\AppData\Roaming\Opera Software\Opera Stable\Extensions\eoakcjefpghelmgacocefhiniapndeoo [2014-08-16]
StartMenuInternet: (HKU\S-1-5-21-2289079560-4057469565-1523236124-1000) Opera - "C:\Program Files (x86)\Opera\Opera.exe"

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-31] (AVAST Software)
R2 GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [29696 2011-05-26] (Acer Incorporated) [File not signed]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4460280 2012-09-26] (INCA Internet Co., Ltd.)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75064 2013-08-18] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [214520 2014-12-24] ()
S4 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [620544 2008-11-11] (Nokia.) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-31] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-31] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-31] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-31] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-31] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-31] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-31] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [270912 2011-11-09] (DT Soft Ltd)
S3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [585944 2015-01-20] (Realtek Semiconductor Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2014-08-14] () [File not signed]
S3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [21504 2008-12-26] (Avnex) [File not signed]
S2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam64.sys [1071032 2012-04-15] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-10 15:22 - 2015-06-10 15:23 - 00015542 _____ C:\Users\Pepik\Desktop\FRST.txt
2015-06-10 15:21 - 2015-06-10 15:23 - 00000000 ____D C:\FRST
2015-06-10 15:20 - 2015-06-10 15:21 - 02108928 _____ (Farbar) C:\Users\Pepik\Desktop\FRST64.exe
2015-06-10 15:19 - 2015-06-10 15:18 - 00111021 _____ C:\Users\Pepik\Downloads\trz21A3.tmp
2015-06-09 15:15 - 2015-06-09 15:15 - 00000000 ____D C:\Users\Pepik\Downloads\KMOTR KOLEKCIA
2015-06-09 15:14 - 2015-06-09 15:14 - 00022899 _____ C:\Users\Pepik\Downloads\[CzT]Kmotr_1_2_3_The_Godfather_Trilogy_1972_1980_.torrent
2015-06-08 16:28 - 2015-06-08 16:28 - 00000000 ____D C:\Users\Pepik\Downloads\Bonez_MC-Krampfhaft_Kriminell-DE-2012-NOiR
2015-06-08 16:18 - 2015-03-25 14:59 - 00000000 ____D C:\Users\Pepik\Downloads\Vladimír 518 - Idiot
2015-06-08 16:17 - 2015-06-08 16:25 - 105116584 _____ C:\Users\Pepik\Downloads\B_MC-Kra.rar
2015-06-08 16:01 - 2015-06-08 16:10 - 56788655 _____ C:\Users\Pepik\Downloads\Vladimír-518---Idiot.rar
2015-06-08 15:59 - 2015-06-08 15:59 - 00012789 _____ C:\Users\Pepik\Downloads\[CzT]Vladimir_518_Idiot_2013_.torrent
2015-06-08 14:24 - 2015-06-08 15:00 - 1468764160 _____ C:\Users\Pepik\Downloads\Kmotr-2-CZ.avi
2015-06-07 19:03 - 2015-06-07 19:03 - 00000000 ____D C:\Users\Pepik\Downloads\[WeLiveTogether] Malena Morgan & Anastasia Morna [Leather and Lace][720p] [.mp4][PornLeech]
2015-06-07 18:35 - 2011-10-08 07:50 - 00000000 ____D C:\Users\Pepik\Downloads\The Scarface OST (1983)
2015-06-07 18:25 - 2015-06-07 18:30 - 83023365 _____ C:\Users\Pepik\Downloads\The-Scarface-OST-(1983).rar
2015-06-07 13:18 - 2015-06-07 14:56 - 1566375936 _____ C:\Users\Pepik\Downloads\Kmotr-(Godfather)-1-CZ.avi
2015-06-02 14:45 - 2015-06-10 15:14 - 00001232 _____ C:\Windows\setupact.log
2015-06-02 14:45 - 2015-06-02 14:45 - 00000000 _____ C:\Windows\setuperr.log
2015-05-31 14:28 - 2015-05-31 14:37 - 238995437 _____ C:\Users\Pepik\Downloads\26471_Pussy_Garage_480p_1500.mp4
2015-05-31 13:20 - 2015-05-31 13:24 - 206543886 _____ C:\Users\Pepik\Downloads\Leo TV - Prasakuv Gauc .avi
2015-05-31 12:36 - 2015-05-31 13:17 - 1124147790 _____ C:\Users\Pepik\Downloads\Spider-Man XXX 2 - An Axel Braun Parody.mp4
2015-05-30 19:24 - 2014-01-23 20:48 - 2670177409 ____R C:\Users\Pepik\Downloads\missmaya&SexyLorry-06-01-2014.mp4
2015-05-30 13:16 - 2015-05-30 15:48 - 2639940232 _____ C:\Users\Pepik\Downloads\Chaturbate-Models---Miss-Maya-And-Sexy-Lorry.zip
2015-05-28 19:33 - 2014-10-17 20:23 - 00000000 ____D C:\Users\Pepik\Downloads\HASAN - UNKNOWN (2014)
2015-05-28 19:32 - 2014-07-25 17:24 - 00000000 ____D C:\Users\Pepik\Downloads\HASAN - LÉTO S YELENEM (2014)
2015-05-28 19:09 - 2015-05-28 19:18 - 73793514 _____ C:\Users\Pepik\Downloads\HASAN - LÉTO S YELENEM (2014).zip
2015-05-28 19:08 - 2015-05-28 19:32 - 147643459 _____ C:\Users\Pepik\Downloads\HASAN - UNKNOWN (2014).zip
2015-05-28 18:41 - 2015-05-26 05:35 - 00000000 ____D C:\Users\Pepik\Downloads\A$AP Rocky - AT.LONG.LAST.A$AP
2015-05-28 18:28 - 2015-05-28 18:36 - 130695682 _____ C:\Users\Pepik\Downloads\A$AP-Rocky---A.L.L.A.-(At-Long-Last-ASAP)-(iTunes)(2015).zip
2015-05-28 14:40 - 2015-05-28 14:42 - 00000000 ____D C:\AdwCleaner
2015-05-28 14:39 - 2015-05-28 14:39 - 02223104 _____ C:\Users\Pepik\Desktop\adwcleaner_4.205.exe
2015-05-27 14:37 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-05-27 14:37 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-05-27 14:37 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-05-27 14:37 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-05-27 14:37 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-05-27 14:37 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-05-27 14:37 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-05-27 14:37 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-05-26 17:41 - 2015-05-26 18:06 - 305153493 _____ C:\Users\Pepik\Downloads\Cum Swapping Sluts 13 sc1 - Lexi Belle & Sara Faye.mp4
2015-05-26 16:53 - 2015-05-26 17:23 - 1393308154 _____ C:\Users\Pepik\Downloads\Boldly Girls 2.mp4
2015-05-26 14:35 - 2015-05-26 14:35 - 00000000 ____D C:\rsit
2015-05-26 14:31 - 2015-05-26 14:32 - 01222144 _____ C:\Users\Pepik\Desktop\RSITx64.exe
2015-05-25 11:32 - 2015-05-25 11:33 - 00000000 ____D C:\Users\Pepik\Downloads\StraplessDildo.com
2015-05-25 08:43 - 2015-05-25 09:41 - 1644195416 _____ C:\Users\Pepik\Downloads\104.mp4
2015-05-24 15:33 - 2015-05-24 16:08 - 00000000 ____D C:\Users\Pepik\Downloads\StraplessDildo.14.12.24.Mia.And.Scarlett.Mias.Xmas.Wish.Is.To.Fuck.Scarlett.Three.Times.XXX.1080p.MP4.KTR
2015-05-24 14:09 - 2015-05-24 14:15 - 00000000 ____D C:\Users\Pepik\Downloads\StraplessDildo.12.04.23.Jane.And.Raven.Love.In.Dual.Pantyhose.Encasement.XXX.720p.WMV.KTR
2015-05-24 13:41 - 2015-05-24 13:43 - 00000000 ____D C:\Users\Pepik\Downloads\StraplessDildo.13.06.25.Jane.And.Rossy.Bush.Strapon.Sex.With.Submissive.Sex.Doll.XXX.720p.WMV.KTR
2015-05-24 13:15 - 2015-05-24 13:15 - 00000000 ____D C:\ProgramData\GRETECH
2015-05-24 13:13 - 2015-05-24 13:13 - 00001177 _____ C:\Users\Pepik\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2015-05-24 13:13 - 2015-05-24 13:13 - 00000000 ____D C:\Users\Pepik\AppData\Roaming\GRETECH
2015-05-24 13:02 - 2015-05-24 13:04 - 00000000 ____D C:\Users\Pepik\Downloads\StraplessDildo.12.11.30.Adria.And.Tiffany.Pink.Sex.Doll.Gives.Good.Feeldoe.XXX.720p.WMV.KTR
2015-05-14 19:44 - 2015-05-14 19:44 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-05-14 15:37 - 2015-05-14 15:37 - 00002102 _____ C:\Users\Pepik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flvto YouTube Downloader.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-10 15:22 - 2009-07-14 06:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-10 15:22 - 2009-07-14 06:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-10 15:18 - 2011-12-28 14:38 - 01366123 _____ C:\Windows\WindowsUpdate.log
2015-06-10 15:16 - 2014-10-05 12:34 - 00000000 ____D C:\Users\Pepik\AppData\Roaming\BitTorrent
2015-06-10 15:15 - 2015-02-05 15:19 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-10 15:15 - 2012-09-07 11:54 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-06-10 15:14 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-10 14:56 - 2015-01-23 15:20 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-09 14:20 - 2014-07-19 13:30 - 00003822 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1405769399
2015-06-09 14:20 - 2014-07-19 13:29 - 00000000 ____D C:\Program Files (x86)\Opera
2015-06-03 18:02 - 2011-10-09 18:35 - 00669926 _____ C:\Windows\system32\perfh005.dat
2015-06-03 18:02 - 2011-10-09 18:35 - 00141526 _____ C:\Windows\system32\perfc005.dat
2015-06-03 18:02 - 2009-07-14 07:13 - 01586070 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-02 19:05 - 2011-11-09 13:11 - 00000000 ____D C:\Users\Pepik\AppData\Roaming\Skype
2015-06-02 18:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-06-01 19:05 - 2014-06-03 17:24 - 00000000 ____D C:\Users\Pepik\AppData\Roaming\Winamp
2015-05-31 19:44 - 2015-03-11 16:39 - 00000393 _____ C:\Users\Pepik\Desktop\x.txt
2015-05-29 15:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-05-29 14:45 - 2011-11-09 15:41 - 00000000 ____D C:\Program Files\trend micro
2015-05-25 10:39 - 2011-12-26 20:49 - 00000000 ___RD C:\Users\Pepik\Desktop\Programy
2015-05-25 10:39 - 2011-12-26 11:04 - 00000000 ____D C:\Users\Pepik\AppData\Roaming\TS3Client
2015-05-25 10:39 - 2011-12-26 11:04 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-05-25 10:36 - 2012-04-14 20:10 - 00000000 ____D C:\ProgramData\Freemake
2015-05-25 10:27 - 2013-03-17 18:04 - 00000000 ____D C:\Program Files (x86)\Applian Technologies
2015-05-25 10:27 - 2009-07-14 06:45 - 05063032 _____ C:\Windows\system32\FNTCACHE.DAT
2015-05-25 10:25 - 2013-03-17 18:40 - 00000000 ____D C:\Users\Pepik\AppData\Local\Jaksta_Technologies_Pty_L
2015-05-25 10:24 - 2014-10-04 16:05 - 00000000 ____D C:\Program Files (x86)\Scorpions WinCheater
2015-05-25 10:24 - 2014-08-22 19:29 - 00000000 ____D C:\Users\Pepik\AppData\Local\Deployment
2015-05-25 10:17 - 2012-02-11 20:09 - 00000000 ____D C:\Hry
2015-05-25 10:16 - 2012-12-10 21:17 - 00000000 ____D C:\Program Files (x86)\Firefly Studios
2015-05-25 10:16 - 2011-07-20 09:17 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-05-25 10:13 - 2011-11-09 12:20 - 00114544 _____ C:\Users\Pepik\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-25 10:06 - 2012-07-02 11:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-05-25 09:49 - 2014-11-06 18:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia
2015-05-25 09:43 - 2014-07-15 09:20 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-24 13:13 - 2011-11-09 15:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player
2015-05-24 13:12 - 2011-11-09 15:24 - 00000000 ____D C:\Program Files (x86)\GRETECH
2015-05-19 20:25 - 2015-02-05 15:19 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-19 20:25 - 2014-12-20 17:45 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-19 20:25 - 2014-12-20 17:45 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-19 17:23 - 2014-11-13 17:25 - 00001455 _____ C:\Users\Pepik\Desktop\tyt.txt
2015-05-16 07:55 - 2011-07-20 09:59 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-05-14 15:39 - 2013-06-24 15:17 - 00000000 ____D C:\Users\Pepik\AppData\Local\Flvto Youtube Downloader

==================== Files in the root of some directories =======

2013-06-02 12:52 - 2013-06-02 12:51 - 0014444 _____ () C:\Program Files (x86)\0x0405.ini
2013-06-02 12:52 - 2013-06-02 12:51 - 0102400 _____ () C:\Program Files (x86)\1029.MST
2013-06-02 12:52 - 2013-06-02 12:52 - 97979392 _____ () C:\Program Files (x86)\Samsung New PC Studio.msi
2014-10-02 15:35 - 2006-07-14 16:25 - 1629184 _____ () C:\Program Files (x86)\usbdiskguard.exe
2014-06-01 16:39 - 2015-03-22 16:32 - 0000132 _____ () C:\Users\Pepik\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2014-07-29 09:17 - 2014-07-29 09:17 - 0000624 _____ () C:\Users\Pepik\AppData\Roaming\All CPU MeterV3_Settings.ini
2014-06-03 19:36 - 2014-07-04 16:01 - 0065599 _____ () C:\Users\Pepik\AppData\Roaming\Camdata.ini
2014-06-03 19:36 - 2014-07-04 16:01 - 0000408 _____ () C:\Users\Pepik\AppData\Roaming\CamLayout.ini
2014-06-03 19:36 - 2014-07-04 16:01 - 0000408 _____ () C:\Users\Pepik\AppData\Roaming\CamShapes.ini
2014-06-03 19:36 - 2014-07-04 16:01 - 0004524 _____ () C:\Users\Pepik\AppData\Roaming\CamStudio.cfg
2014-08-16 12:48 - 2014-09-23 20:49 - 1437169 _____ () C:\Users\Pepik\AppData\Roaming\File.jar
2013-09-19 17:27 - 2013-09-21 08:50 - 0094699 _____ () C:\Users\Pepik\AppData\Roaming\ForgeModLoader-client-0.log
2013-09-19 17:27 - 2013-09-21 08:42 - 0000000 _____ () C:\Users\Pepik\AppData\Roaming\ForgeModLoader-client-0.log.lck
2013-09-19 17:27 - 2013-09-21 08:37 - 0075364 _____ () C:\Users\Pepik\AppData\Roaming\ForgeModLoader-client-1.log
2013-09-19 17:27 - 2013-09-20 21:07 - 0092507 _____ () C:\Users\Pepik\AppData\Roaming\ForgeModLoader-client-2.log
2014-07-29 09:23 - 2014-07-29 09:23 - 0000281 _____ () C:\Users\Pepik\AppData\Roaming\GPU MeterV2_Settings.ini
2003-04-09 05:28 - 2003-04-09 05:28 - 0233472 ____N () C:\Users\Pepik\AppData\Roaming\MafiaSetup.exe
2013-09-19 17:29 - 2013-09-20 21:07 - 0001262 _____ () C:\Users\Pepik\AppData\Roaming\options.txt
2013-09-19 17:28 - 2013-09-21 08:50 - 0026620 _____ () C:\Users\Pepik\AppData\Roaming\output-client.log
2013-09-19 17:30 - 2013-09-21 08:50 - 0012600 _____ () C:\Users\Pepik\AppData\Roaming\output-server.log
2013-09-19 17:30 - 2013-09-19 17:31 - 0001083 _____ () C:\Users\Pepik\AppData\Roaming\output-server.log.1
2012-03-07 19:04 - 2012-12-28 18:17 - 0045270 _____ () C:\Users\Pepik\AppData\Roaming\room_v3.dat
2012-12-11 19:46 - 2012-12-11 19:48 - 0024064 ___SH () C:\Users\Pepik\AppData\Roaming\Thumbs.db
2011-11-09 15:37 - 2011-11-09 15:37 - 0017212 _____ () C:\Users\Pepik\AppData\Roaming\UserTile.png
2012-02-11 23:31 - 2012-03-23 16:13 - 0005632 _____ () C:\Users\Pepik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-12-29 19:36 - 2011-12-29 19:37 - 0007605 _____ () C:\Users\Pepik\AppData\Local\Resmon.ResmonCfg
2013-03-23 15:29 - 2013-07-01 15:30 - 0877747 ____N () C:\Users\Pepik\AppData\Local\Tempmusic.ogg

Some files in TEMP:
====================
C:\Users\Pepik\AppData\Local\Temp\ExPromo.exe
C:\Users\Pepik\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\Pepik\AppData\Local\Temp\Quarantine.exe
C:\Users\Pepik\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Pepik\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-06-03 19:47

==================== End of log ============================

Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version:08-06-2015
Ran by Pepik at 2015-06-10 15:23:50
Running from C:\Users\Pepik\Desktop
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2289079560-4057469565-1523236124-500 - Administrator - Disabled)
Guest (S-1-5-21-2289079560-4057469565-1523236124-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2289079560-4057469565-1523236124-1002 - Limited - Enabled)
Pepik (S-1-5-21-2289079560-4057469565-1523236124-1000 - Administrator - Enabled) => C:\Users\Pepik

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1904 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3007 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3502 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0517.2011 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.3 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.14) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.14 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
AGEIA PhysX v6.10.25 (HKLM-x32\...\{7104189A-C592-4A56-AC9E-7C0CA135DA3C}) (Version: 6.10.25 - AGEIA Technologies, Inc.)
Ashampoo Burning Studio 2010 (HKLM-x32\...\Ashampoo Burning Studio 2010_is1) (Version: 9.12 - ashampoo GmbH & Co. KG)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden
Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
Battlefield Vietnam(TM) (HKLM-x32\...\{E35B3C63-E958-4E31-A178-95D22024109A}) (Version: - )
BitTorrent (HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\BitTorrent) (Version: 7.9.3.40299 - BitTorrent Inc.)
Broadcom Gigabit NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.6.1.2 - Broadcom Corporation)
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: - ) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.01 - Piriform)
Core Temp ~ Čestina 1.0 RC3 (HKLM-x32\...\Core Temp ~ Čestina 1.0 RC3) (Version: 1.0 RC3 - Michal Holcr)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.41.3.0173 - DT Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.10 - Piriform)
EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
Far Cry (Patch 1.32 AMD64) (Version: 1.00.0000 - Ubisoft) Hidden
Far Cry (Patch 1.4) (x32 Version: 1.00.0000 - Název společnosti:) Hidden
FarCry AMD64 ECU for x32 Edition (HKLM-x32\...\FarCry AMD64 ECU for x32 Edition) (Version: - )
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.0.429 - Foxit Corporation)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.9.0 - Futuremark Corporation)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - )
Gaming Mouse Driver (HKLM-x32\...\{F084204C-5497-4DC2-893E-D31CF5C640E8}) (Version: - )
GetFLV 9.1.2.0 (HKLM-x32\...\GetFLV_is1) (Version: - GetFLV, Inc.)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.69.5227 - Gretech Corporation)
Google Drive (HKLM-x32\...\{35574F09-89F9-4B16-B69B-64F3E25901B8}) (Version: 1.21.9226.6034 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Heroes of Might and Magic V (HKLM-x32\...\{9B22D57A-5338-49A5-AC08-70FE3E8B878B}) (Version: 1.6 - Ubisoft)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2182 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: - )
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java(TM) 6 Update 30 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416030FF}) (Version: 6.0.300 - Oracle)
Java(TM) 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Malwarebytes Anti-Malware verze 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MediaInfo 0.7.70 (HKLM\...\MediaInfo) (Version: 0.7.70 - MediaArea.net)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Minecraft Auto version 1.0 (HKLM-x32\...\{65356EEA-6ABF-437B-A7C7-5AAA0C6086F2}_is1) (Version: 1.0 - hajducek)
Minecraft Launcher 1.8 (HKLM-x32\...\Minecraft Launcher 1.8 1.0.0) (Version: 1.0.0 - Mojang)
MSVC80_x64 (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86 (x32 Version: 1.0.1.0 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 30.0.1835.52 (HKLM-x32\...\Opera 30.0.1835.52) (Version: 30.0.1835.52 - Opera Software)
Paint.NET v3.5.8 (HKLM\...\{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB3}) (Version: 3.58.0 - dotPDN LLC)
PC Connectivity Solution (HKLM-x32\...\{34610DE0-3C13-42CA-8E32-01FFA38AB6E8}) (Version: 8.47.7.0 - Nokia)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Rail Simulator (HKLM-x32\...\InstallShield_{0824EE6D-137F-4B83-9628-8E7B000BEBA6}) (Version: 1.0 - Electronic Arts)
Rail Simulator (x32 Version: 1.0 - Electronic Arts) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6314 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30124 - Realtek Semiconductor Corp.)
SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version: - )
Samsung Mobile Modem Device Software (HKLM\...\Samsung Mobile Modem Device) (Version: - )
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
SAMSUNG USB Mobile Device Software (HKLM\...\SAMSUNG USB Mobile Device) (Version: - )
SamsungConnectivityCableDriver (HKLM-x32\...\{7E84FAC8-C518-40F9-9807-7455301D6D25}) (Version: 6.83.6.2.1 - Samsung)
Sanny Builder 3.01 (HKLM-x32\...\Sanny Builder 3_is1) (Version: - )
Shockwave (HKLM-x32\...\Shockwave) (Version: - )
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab CYRI (HKLM-x32\...\{705216C1-BA52-4B16-AFE4-4143B340D62D}) (Version: 6.0.12.6 - Husdawg, LLC)
TRS2004 (HKLM-x32\...\{BDE1289F-4025-41A5-AD17-101DB4D82CA7}) (Version: 1.00.000 - )
Unity Web Player (HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Vegas Pro 11.0 (64-bit) (HKLM\...\{314DDDC0-E935-11E0-8F9F-F04DA23A5C58}) (Version: 11.0.371 - Sony)
Vegas Pro 12.0 (64-bit) (HKLM\...\{A7500970-FE98-11E1-B560-F04DA23A5C58}) (Version: 12.0.367 - Sony)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3503 - Acer Incorporated)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Xvid 1.2.2 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2289079560-4057469565-1523236124-1000_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2289079560-4057469565-1523236124-1000_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)

==================== Restore Points =========================

30-05-2015 15:46:30 Windows Update
07-06-2015 14:15:48 Naplánovaný kontrolní bod

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-12-26 11:10 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {139B4DED-CB83-4F59-A3CE-23E32E7C27B7} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-31] (AVAST Software)
Task: {142CFBDF-C5CF-446F-BB3E-5C6F84F6B073} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {2372A4B6-6E4A-4E4F-839C-506392D58462} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe
Task: {26582110-B59A-4CAF-98CF-49B9ED7F302F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-04-23] (Piriform Ltd)
Task: {284F7700-DF58-437B-A6F2-FB8A1627895C} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {35764511-EDC8-4094-ADC9-2F8DF9FCFB16} - System32\Tasks\{33AABD49-C48E-4F18-B478-30E615CC3EC0} => C:\Program Files (x86)\Valve\hlds.exe
Task: {36D33363-AC13-4BA5-B0C5-3667EEF5A0E0} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2289079560-4057469565-1523236124-1000Core => C:\Users\Pepik\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {634CF12E-26B7-4A6F-86FB-129E9BB0E97C} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21] (Microsoft Corporation)
Task: {77468F11-9C45-4265-94AF-9FDE74C99224} - System32\Tasks\{254648AA-1297-4484-AEB8-50F114897341} => pcalua.exe -a E:\Setup\rsrc\AUTORUN.EXE -d E:\Setup\rsrc
Task: {82705C99-4DF6-4E7D-86F1-35141683D4FA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2289079560-4057469565-1523236124-1000Core => C:\Users\Pepik\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {8665A49B-619D-41F7-9AE3-3CE6F12A57AD} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2015-04-30] (Adobe Systems Incorporated)
Task: {89C6892B-610B-415E-BB9A-5E226B0BB7B8} - System32\Tasks\{AD421B83-62BF-4400-B375-D2B291FF9044} => C:\Program Files (x86)\Valve\hlds.exe
Task: {965EE248-B730-40C0-80DD-0642D2BBF0CF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2289079560-4057469565-1523236124-1000UA => C:\Users\Pepik\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {B25081D3-51D7-4D6F-A59F-C1B05D217600} - System32\Tasks\{C6CD8E6F-D442-47AD-8048-0D95E5CFD5EA} => Chrome.exe http://ui.skype.com/ui/0/6.14.0.104/cs/ ... rogressBar
Task: {B523D847-765E-482B-BD39-D45F952850A2} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {B53E4285-DFF8-4DA8-B55F-F35755A82021} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-20] (Google Inc.)
Task: {C9E2A82C-CDBA-49AE-A012-4880BB9EEDC5} - System32\Tasks\Opera scheduled Autoupdate 1405769399 => C:\Program Files (x86)\Opera\launcher.exe [2015-06-08] (Opera Software)
Task: {CD527BB4-9567-40DE-A01A-E2705506E5E8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-20] (Google Inc.)
Task: {CE32BB62-CCD2-4005-8F0C-4748969658B1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {CFDD9B82-9D48-4BCE-B773-23ADF173AE7A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2289079560-4057469565-1523236124-1000UA => C:\Users\Pepik\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {EA46027F-9AF6-411D-8B62-92FC27722DAC} - System32\Tasks\{E3ACE1CE-789F-4074-94AA-FC0787B01970} => Chrome.exe http://ui.skype.com/ui/0/6.14.0.104/cs/ ... rogressBar
Task: {ECBFE130-0D5B-4E0D-9151-F388E426C4D2} - System32\Tasks\{45B7C526-C645-40F3-BF37-0A440249EDD6} => Firefox.exe http://www.skype.com/go/downloading?sou ... tError=404
Task: {F234EDDA-0F08-4281-ABC8-3A7E9A850305} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2011-11-11] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2012-03-05 16:47 - 2013-08-18 09:12 - 00075064 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2012-03-05 16:47 - 2014-12-24 15:21 - 00214520 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-05-01 16:13 - 2014-05-01 16:13 - 00470016 _____ () C:\Users\Pepik\AppData\Local\MEGAsync\ShellExtX64.dll
2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-03-24 21:38 - 2010-03-24 21:38 - 08794976 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2011-11-09 14:53 - 2011-05-28 23:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2014-07-31 15:29 - 2014-07-31 15:29 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2015-06-09 18:26 - 2015-06-09 18:26 - 02952192 _____ () C:\Program Files\AVAST Software\Avast\defs\15060901\algo.dll
2015-06-10 15:15 - 2015-06-10 15:15 - 02953216 _____ () C:\Program Files\AVAST Software\Avast\defs\15061000\algo.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2014-07-31 15:29 - 2014-07-31 15:29 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-01-11 18:35 - 2013-01-11 18:35 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\99bd60d446f190d3f787f8eb02442187\IsdiInterop.ni.dll
2011-07-20 09:17 - 2010-04-13 18:52 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData:$SS_DESCRIPTOR_LBP6VPVFLVGVVFB84LTSUTB92PFNPC7BPV4XFJDMNGTFB5V5NBJ5TBBJMT9Y0N96GMP3V0GRUEF39X8XHH0TCFUL44FTBX4MLSWPBXRTF6VEKLFEJK35PNX0WHNGT9LSVEVF1VTVVTVXVVD
AlternateDataStreams: C:\Users\All Users:$SS_DESCRIPTOR_LBP6VPVFLVGVVFB84LTSUTB92PFNPC7BPV4XFJDMNGTFB5V5NBJ5TBBJMT9Y0N96GMP3V0GRUEF39X8XHH0TCFUL44FTBX4MLSWPBXRTF6VEKLFEJK35PNX0WHNGT9LSVEVF1VTVVTVXVVD
AlternateDataStreams: C:\ProgramData\Application Data:$SS_DESCRIPTOR_LBP6VPVFLVGVVFB84LTSUTB92PFNPC7BPV4XFJDMNGTFB5V5NBJ5TBBJMT9Y0N96GMP3V0GRUEF39X8XHH0TCFUL44FTBX4MLSWPBXRTF6VEKLFEJK35PNX0WHNGT9LSVEVF1VTVVTVXVVD

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\100sexlinks.com -> 100sexlinks.com

There are 4791 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.9 - 212.47.0.7

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\startupfolder: C:^Users^Pepik^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MEGAsync.lnk => C:\Windows\pss\MEGAsync.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Pepik^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2010 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: BitTorrent => "C:\Users\Pepik\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
MSCONFIG\startupreg: Flvto Youtube Downloader => "C:\Users\Pepik\AppData\Local\Flvto Youtube Downloader\FlvtoYoutubeDownloader.exe" /minimize
MSCONFIG\startupreg: Gaming Mouse Driver => "C:\Program Files (x86)\Gaming Mouse\Monitor.EXE"
MSCONFIG\startupreg: OfficeSyncProcess => "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
MSCONFIG\startupreg: Start WingMan Profiler => C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{6FC5ABB6-DEED-49F4-A246-5C32FA8B704A}D:\easysetupassistant\easysetupassistant.exe] => (Allow) D:\easysetupassistant\easysetupassistant.exe
FirewallRules: [UDP Query User{D6A24935-5E3D-4A21-A145-575EC5E0B196}D:\easysetupassistant\easysetupassistant.exe] => (Allow) D:\easysetupassistant\easysetupassistant.exe
FirewallRules: [TCP Query User{3384FA01-8813-4719-95F4-81BE624A32D6}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{79D22DF7-6900-4CF4-B2B6-DFF32224F9A7}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{5FF43B8D-B5E1-4BE9-B1CB-B09579EBDD18}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{5D5DF7FF-B376-43DB-8820-96E1393D110C}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{D6B65D4B-340E-4713-931A-58C3E6B90A25}C:\program files (x86)\java\jre6\bin\java.exe] => (Allow) C:\program files (x86)\java\jre6\bin\java.exe
FirewallRules: [UDP Query User{DA2AA511-FFF8-472E-A529-DC44D29082C7}C:\program files (x86)\java\jre6\bin\java.exe] => (Allow) C:\program files (x86)\java\jre6\bin\java.exe
FirewallRules: [TCP Query User{5444DE6E-90F5-4FB8-9644-04934C9CC9A2}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{98E99ADF-70D3-4003-B165-F8B67B4BE396}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{A35B5E75-B9AD-4252-A7B6-4BE5421446CB}C:\program files\java\jre6\bin\java.exe] => (Allow) C:\program files\java\jre6\bin\java.exe
FirewallRules: [UDP Query User{1FC2E00C-2064-4A5F-930F-F4895022F3D3}C:\program files\java\jre6\bin\java.exe] => (Allow) C:\program files\java\jre6\bin\java.exe
FirewallRules: [TCP Query User{D83C4E02-5492-48CF-B1C4-4FFE0B6917B7}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{362DE726-DF82-4669-95FD-6BCF3DD37B47}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{4C9D6B6B-DFF3-4600-B403-E6B3BE2A94FB}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{8D9EB1C5-7062-4F6B-BEAB-0C928F6E673D}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{FA7A0F20-6A95-4E00-BDB2-1A4908F9604B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{3ED93162-8ED1-4B8E-9D4C-6820189F6395}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [UDP Query User{1EAE0B2B-6D5D-4C5F-A50F-86BE4F5E59D6}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [{2FBCF90C-7034-49F8-9332-EA19D72C139C}] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [{21A64971-24FC-477C-BD86-B3509F120AF5}] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [TCP Query User{6F79003C-6709-4B99-9A80-A891B14A9745}C:\program files (x86)\windows sidebar\sidebar.exe] => (Allow) C:\program files (x86)\windows sidebar\sidebar.exe
FirewallRules: [UDP Query User{F0B6B661-31B2-4D9B-87C1-F679B773749D}C:\program files (x86)\windows sidebar\sidebar.exe] => (Allow) C:\program files (x86)\windows sidebar\sidebar.exe
FirewallRules: [{D30F365C-3C08-4BE6-A6EB-CC62588DF478}] => (Block) C:\program files (x86)\windows sidebar\sidebar.exe
FirewallRules: [{E35E4D3F-C842-4F52-9141-DB9E89EE6466}] => (Block) C:\program files (x86)\windows sidebar\sidebar.exe
FirewallRules: [TCP Query User{239A5A87-219D-4475-AA26-81BAA84F193F}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{CC25FECE-A725-41FC-8794-509B1C41FCE7}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{7ECB1A33-12F4-457F-81FC-BB36C1E0E3B0}] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{7CD4E390-5D24-46E8-91A4-CDB5C4F3BD99}] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{E9261615-CDEF-47C0-A2C5-338F6E98E2E8}C:\program files\windows sidebar\sidebar.exe] => (Allow) C:\program files\windows sidebar\sidebar.exe
FirewallRules: [UDP Query User{94F1FD37-6C68-4935-9AEF-378915BFA002}C:\program files\windows sidebar\sidebar.exe] => (Allow) C:\program files\windows sidebar\sidebar.exe
FirewallRules: [{B574A1F6-0A7B-4B5E-8D2C-147E43BDF871}] => (Block) C:\program files\windows sidebar\sidebar.exe
FirewallRules: [{051F0171-F231-44F8-BDA3-5C00E89CA503}] => (Block) C:\program files\windows sidebar\sidebar.exe
FirewallRules: [TCP Query User{E024D277-9497-4D7B-B0BC-5B5B8396A196}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{8A7B2D27-C0B5-443F-8C7D-2926D57EE20C}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{1425F909-721E-4498-8E2E-1D7091656D06}C:\program files\java\jre6\bin\java.exe] => (Allow) C:\program files\java\jre6\bin\java.exe
FirewallRules: [UDP Query User{3DC43CB3-3679-4AF4-8AA9-103FE52A31A7}C:\program files\java\jre6\bin\java.exe] => (Allow) C:\program files\java\jre6\bin\java.exe
FirewallRules: [TCP Query User{587B94EE-6CF9-4ACD-9BFE-447F47B4E640}C:\windows\syswow64\dpnsvr.exe] => (Block) C:\windows\syswow64\dpnsvr.exe
FirewallRules: [UDP Query User{7B556092-FF5B-42CC-86FF-D867BB9DC093}C:\windows\syswow64\dpnsvr.exe] => (Block) C:\windows\syswow64\dpnsvr.exe
FirewallRules: [{71E666A6-687F-4664-A9ED-E87D8DC7A857}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{CDF497B2-244F-4D29-932A-57E8C04CBC51}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5AC3BEBE-850F-4471-AB17-EA8CB0A689E1}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B0908840-4365-4B98-A064-E8E1F4111745}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{27131BE5-BD67-4475-81F1-C9F1AEE5BD12}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{2BADB6DD-A76B-4AF6-86D4-22E78121D6BB}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [{097A0673-A93B-4A7B-B5AD-CAE80FFEF111}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{12346F5D-55F9-43C1-999F-83E44CF1548D}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [TCP Query User{1A1B36B2-0E56-42D6-9017-ECEC6FA22EB6}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{3209793C-1238-42D7-8963-473F29D3FA37}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{99F0E361-1946-41A7-A31F-8E9F99001B67}] => (Allow) C:\Users\Pepik\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{AA50E3A3-95A5-4772-843E-EF5AA8C11E61}] => (Allow) C:\Users\Pepik\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [TCP Query User{8BEA2073-D52D-4939-A3AC-1AA7F2C316E7}C:\Program Files\Java\jre6\launch4j-tmp\frd.exe] => (Allow) C:\Program Files\Java\jre6\launch4j-tmp\frd.exe
FirewallRules: [UDP Query User{AAD93A72-B81D-489D-BD42-3108EE7CC9BE}C:\Program Files\Java\jre6\launch4j-tmp\frd.exe] => (Allow) C:\Program Files\Java\jre6\launch4j-tmp\frd.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (06/10/2015 03:15:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/10/2015 02:15:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/09/2015 06:27:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/09/2015 02:14:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/08/2015 04:21:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/07/2015 01:46:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/06/2015 08:35:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/05/2015 02:14:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/04/2015 02:42:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/03/2015 01:25:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (06/10/2015 03:15:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba WebcamMax, WDM Video Capture neuspěla při spuštění v důsledku následující chyby:
%%1058

Error: (06/10/2015 02:15:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba WebcamMax, WDM Video Capture neuspěla při spuštění v důsledku následující chyby:
%%1058

Error: (06/09/2015 06:26:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba WebcamMax, WDM Video Capture neuspěla při spuštění v důsledku následující chyby:
%%1058

Error: (06/09/2015 02:14:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba WebcamMax, WDM Video Capture neuspěla při spuštění v důsledku následující chyby:
%%1058

Error: (06/08/2015 04:20:10 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba WebcamMax, WDM Video Capture neuspěla při spuštění v důsledku následující chyby:
%%1058

Error: (06/07/2015 01:45:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba WebcamMax, WDM Video Capture neuspěla při spuštění v důsledku následující chyby:
%%1058

Error: (06/06/2015 08:35:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba WebcamMax, WDM Video Capture neuspěla při spuštění v důsledku následující chyby:
%%1058

Error: (06/05/2015 02:13:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba WebcamMax, WDM Video Capture neuspěla při spuštění v důsledku následující chyby:
%%1058

Error: (06/04/2015 02:41:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba WebcamMax, WDM Video Capture neuspěla při spuštění v důsledku následující chyby:
%%1058

Error: (06/03/2015 01:25:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba WebcamMax, WDM Video Capture neuspěla při spuštění v důsledku následující chyby:
%%1058

Microsoft Office:
=========================
Error: (06/10/2015 03:15:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/10/2015 02:15:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/09/2015 06:27:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/09/2015 02:14:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/08/2015 04:21:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/07/2015 01:46:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/06/2015 08:35:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/05/2015 02:14:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/04/2015 02:42:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/03/2015 01:25:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

CodeIntegrity Errors:
===================================
Date: 2015-06-10 15:14:50.218
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\vcsvad.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-06-10 15:14:50.140
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\vcsvad.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-06-10 14:15:18.390
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\vcsvad.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-06-10 14:15:18.327
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\vcsvad.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-06-09 18:25:56.029
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\vcsvad.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-06-09 18:25:55.951
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\vcsvad.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-06-09 14:13:50.357
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\vcsvad.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-06-09 14:13:50.279
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\vcsvad.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-06-08 04:19:58.454
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\vcsvad.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-06-08 04:19:58.391
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\vcsvad.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz
Percentage of memory in use: 33%
Total physical RAM: 3766.7 MB
Available physical RAM: 2492.2 MB
Total Pagefile: 7531.59 MB
Available Pagefile: 6116.25 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:447.66 GB) (Free:260.67 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 1B47FC47)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=447.7 GB) - (Type=07 NTFS)

==================== End of log ============================

Doinstalujte dulezite Microsoft aktualizace (vcetne IE11).

Vypnete trvale Windows Defender - http://windows.microsoft.com/cs-cz/wind ... =windows-7

Odinstalujte stare a zranitelne verze javy Java 7 Update 67, Java(TM) 6 Update 30 a Java(TM) 6 Update 31. Pokud javu potrebujete, pak nainstalujte novou z java.com - pozor na adware pri jeji instalaci http://forum.viry.cz/viewtopic.php?p=1374438#p1374438 . Z hlediska bezpecnosti (exploity) je lepsi ji nemit.

Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
znovu spustte FRST a kliknete na Fix

po restartu bude na plose ulozen fixlog, jehoz obsah mi vlozte do pristi odpovedi

Kód: Vybrat vše

Start
CloseProcesses:
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\Run: [AdobeBridge] => [X]

SearchScopes: HKLM-x32 -> {4B036830-04A4-1DEC-89DE-5C185BEE66B1} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll No File

2015-06-10 15:19 - 2015-06-10 15:18 - 00111021 _____ C:\Users\Pepik\Downloads\trz21A3.tmp
2015-05-28 14:40 - 2015-05-28 14:42 - 00000000 ____D C:\AdwCleaner
2015-05-28 14:39 - 2015-05-28 14:39 - 02223104 _____ C:\Users\Pepik\Desktop\adwcleaner_4.205.exe
2015-05-26 14:35 - 2015-05-26 14:35 - 00000000 ____D C:\rsit
2015-05-26 14:31 - 2015-05-26 14:32 - 01222144 _____ C:\Users\Pepik\Desktop\RSITx64.exe
Task: {77468F11-9C45-4265-94AF-9FDE74C99224} - System32\Tasks\{254648AA-1297-4484-AEB8-50F114897341} => pcalua.exe -a E:\Setup\rsrc\AUTORUN.EXE -d E:\Setup\rsrc
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
EmptyTemp:
End

Fix result of Farbar Recovery Scan Tool (x64) Version:21-06-2015 01
Ran by Pepik at 2015-06-23 15:14:57 Run:1
Running from C:\Users\Pepik\Desktop
Loaded Profiles: Pepik (Available Profiles: Pepik)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\Run: [AdobeBridge] => [X]

SearchScopes: HKLM-x32 -> {4B036830-04A4-1DEC-89DE-5C185BEE66B1} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll No File

2015-06-10 15:19 - 2015-06-10 15:18 - 00111021 _____ C:\Users\Pepik\Downloads\trz21A3.tmp
2015-05-28 14:40 - 2015-05-28 14:42 - 00000000 ____D C:\AdwCleaner
2015-05-28 14:39 - 2015-05-28 14:39 - 02223104 _____ C:\Users\Pepik\Desktop\adwcleaner_4.205.exe
2015-05-26 14:35 - 2015-05-26 14:35 - 00000000 ____D C:\rsit
2015-05-26 14:31 - 2015-05-26 14:32 - 01222144 _____ C:\Users\Pepik\Desktop\RSITx64.exe
Task: {77468F11-9C45-4265-94AF-9FDE74C99224} - System32\Tasks\{254648AA-1297-4484-AEB8-50F114897341} => pcalua.exe -a E:\Setup\rsrc\AUTORUN.EXE -d E:\Setup\rsrc
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS6ServiceManager => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value removed successfully
HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{4B036830-04A4-1DEC-89DE-5C185BEE66B1}" => key removed successfully
HKCR\Wow6432Node\CLSID\{4B036830-04A4-1DEC-89DE-5C185BEE66B1} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\adobe.com/AdobeExManDetect" => key removed successfully
C:\Users\Pepik\Downloads\trz21A3.tmp => moved successfully.
C:\AdwCleaner => moved successfully.
C:\Users\Pepik\Desktop\adwcleaner_4.205.exe => moved successfully.
C:\rsit => moved successfully.
C:\Users\Pepik\Desktop\RSITx64.exe => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{77468F11-9C45-4265-94AF-9FDE74C99224}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{77468F11-9C45-4265-94AF-9FDE74C99224}" => key removed successfully
C:\Windows\System32\Tasks\{254648AA-1297-4484-AEB8-50F114897341} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{254648AA-1297-4484-AEB8-50F114897341}" => key removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully.
EmptyTemp: => 1.6 GB temporary data Removed.

The system needed a reboot..

==== End of Fixlog 15:17:08 ====

Takze jeste uklidime.

Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
Oznacte jen moznost "Remove disinfection tools"
kliknete na Run

A pokud nejsou dotazy ci jine problemy, je to ode mne vse.

Děkuji mnohokrat pc je na tom lepe.

Nemate zac, rad jsem pomohl

Mejte se krasne a treba zase nekdy

VIRY.CZ

Zpomalený NB

Zpomalený NB

Re: Zpomalený NB

Re: Zpomalený NB

Re: Zpomalený NB

Re: Zpomalený NB

Re: Zpomalený NB

Re: Zpomalený NB

Re: Zpomalený NB

Re: Zpomalený NB

Re: Zpomalený NB

Re: Zpomalený NB

Re: Zpomalený NB