Zdravím a prosím o kontrolu

Zpráva

kherold · #1 Příspěvek od **kherold** » 16 srp 2015 19:05

Dobrý večer,

tomuto počítači dlouhodobě klesá výkon (rychlost spouštění aplikací, herní výkon, FPS apod.). Díky za kontrolu logu.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Heroldovi at 2015-08-16 20:01:30
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 7 GB (5%) free of 123 GB
Total RAM: 3582 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:01:40, on 16.8.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17909)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Raxco\PerfectDisk\PDAgentS1.exe
C:\Windows\system32\GWX\GWX.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Users\Heroldovi\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Heroldovi\Desktop\RSIT.exe
C:\Program Files\trend micro\Heroldovi.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file)
R3 - URLSearchHook: (no name) - {62d40876-df18-411f-9d34-a9dd7a197bc5} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Heroldovi\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{366BC9E2-B021-4C88-952E-EC57B2F6BE04}: NameServer = 217.77.165.81 217.77.161.131
O17 - HKLM\System\CCS\Services\Tcpip\..\{9230FB09-A4AD-4ADD-9421-1EE8E7FED657}: NameServer = 217.77.165.81 217.77.161.131
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~2\bitguard\271832~1.68\{c16c1~1\bitguard.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Autodesk Content Service - Unknown owner - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Seiko Epson Corporation - C:\Windows\system32\EscSvc.exe
O23 - Service: EPSON V3 Service4(05) (EPSON_PM_RPCV4_05) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - D:\Adam\Nová složka\HiPatchService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: UsbClientService - Unknown owner - C:\Program Files\Synology\Assistant\UsbClientService.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd - C:\Program Files\RealVNC\VNC4\WinVNC4.exe

--
End of file - 10461 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\WinThruster_DEFAULT.job - C:\Program Files\WinThruster\WinThruster.exe -default
C:\Windows\tasks\WinThruster_UPDATES.job - C:\Program Files\WinThruster\WinThruster.exe -updatecheck

=========Mozilla firefox=========

ProfilePath - C:\Users\Heroldovi\AppData\Roaming\Mozilla\Firefox\Profiles\hafekmd6.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.google.com/?trackid=sp-006"
prefs.js - "keyword.URL" - "https://www.google.com/search/?trackid=sp-006"

"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt
sprotector.js

C:\Program Files\Mozilla Firefox\plugins\
nppdf32.DEU
nppdf32.dll
nppdf32.FRA
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
QuickTimePlugin.class

C:\Users\Heroldovi\AppData\Roaming\Mozilla\Firefox\Profiles\hafekmd6.default\searchplugins\
askcom.xml
babylon.xml
brothersoft-extreme3-customized-web-search.xml
BrowserProtect.xml
firmycz.xml
google-avast.xml
mapycz.xml
zbocz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-16 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-07-21 559624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23 321120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-16 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23 321120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2014-08-14 12025560]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-07-21 6109776]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"=C:\Users\Heroldovi\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2015-07-27 2017848]
"AdobeBridge"= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner.exe [2015-04-23 6278424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Users\Heroldovi\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2015-07-27 2017848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
D:\Adam\Steam\steam.exe [2015-07-24 2895552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Heroldovi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse.lnk]
C:\Users\HEROLD~1\AppData\Roaming\CURSEC~1\Bin\Curse.exe [2015-06-01 7134472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~2\bitguard\271832~1.68\{c16c1~1\bitguard.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\system32\wpdshserviceobj.dll [2010-11-20 105984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableInstallerDetection"=0
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
"SynchronousMachineGroupPolicy"=1
"SynchronousUserGroupPolicy"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux7"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-07-28 11:34:14 ----A---- C:\Windows\system32\generaltel.dll
2015-07-28 11:34:14 ----A---- C:\Windows\system32\devinv.dll
2015-07-28 11:34:14 ----A---- C:\Windows\system32\appraiser.dll
2015-07-28 11:34:14 ----A---- C:\Windows\system32\acmigration.dll
2015-07-28 11:34:13 ----A---- C:\Windows\system32\invagent.dll
2015-07-28 11:34:13 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-07-28 11:34:13 ----A---- C:\Windows\system32\aepdu.dll
2015-07-28 11:34:13 ----A---- C:\Windows\system32\aeinv.dll
2015-07-27 16:32:10 ----D---- C:\Users\Heroldovi\AppData\Roaming\Tera_Awesomium
2015-07-21 10:26:06 ----A---- C:\Windows\system32\aswBoot.exe
2015-07-21 10:21:27 ----A---- C:\Windows\avastSS.scr
2015-07-21 10:12:00 ----A---- C:\Windows\system32\lpk.dll
2015-07-21 10:12:00 ----A---- C:\Windows\system32\fontsub.dll
2015-07-21 10:12:00 ----A---- C:\Windows\system32\dciman32.dll
2015-07-21 10:12:00 ----A---- C:\Windows\system32\atmlib.dll
2015-07-21 10:12:00 ----A---- C:\Windows\system32\atmfd.dll
2015-07-19 16:34:41 ----SHD---- C:\Config.Msi
2015-07-19 15:18:59 ----A---- C:\Windows\system32\jscript9diag.dll
2015-07-19 15:18:59 ----A---- C:\Windows\system32\jscript9.dll
2015-07-19 15:18:54 ----A---- C:\Windows\system32\urlmon.dll
2015-07-19 15:18:54 ----A---- C:\Windows\system32\ieui.dll
2015-07-19 15:18:53 ----A---- C:\Windows\system32\ieframe.dll
2015-07-19 15:18:51 ----A---- C:\Windows\system32\mshtml.dll
2015-07-19 15:18:49 ----A---- C:\Windows\system32\iertutil.dll
2015-07-19 15:18:47 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-19 15:18:47 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-07-19 15:18:47 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-07-19 15:18:46 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-19 15:18:46 ----A---- C:\Windows\system32\iernonce.dll
2015-07-19 15:18:46 ----A---- C:\Windows\system32\ie4uinit.exe
2015-07-19 15:18:45 ----A---- C:\Windows\system32\iedkcs32.dll
2015-07-19 15:18:44 ----A---- C:\Windows\system32\jsproxy.dll
2015-07-19 15:18:44 ----A---- C:\Windows\system32\ieUnatt.exe
2015-07-19 15:18:44 ----A---- C:\Windows\system32\dxtmsft.dll
2015-07-19 15:18:43 ----A---- C:\Windows\system32\msfeeds.dll
2015-07-19 15:18:43 ----A---- C:\Windows\system32\ieapfltr.dll
2015-07-19 15:18:41 ----A---- C:\Windows\system32\msrating.dll
2015-07-19 15:18:41 ----A---- C:\Windows\system32\iesetup.dll
2015-07-19 15:18:41 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-07-19 15:18:40 ----A---- C:\Windows\system32\wininet.dll
2015-07-19 15:18:39 ----A---- C:\Windows\system32\dxtrans.dll
2015-07-19 15:18:36 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-07-19 15:18:36 ----A---- C:\Windows\system32\mshtmled.dll
2015-07-19 15:18:35 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-07-19 15:18:31 ----A---- C:\Windows\system32\vbscript.dll
2015-07-19 15:18:31 ----A---- C:\Windows\system32\jscript.dll
2015-07-19 15:14:36 ----A---- C:\Windows\system32\rdpcorets.dll
2015-07-19 15:14:35 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-19 15:13:43 ----A---- C:\Windows\system32\wksprt.exe
2015-07-19 15:13:42 ----A---- C:\Windows\system32\mstscax.dll
2015-07-19 15:13:38 ----A---- C:\Windows\system32\tsgqec.dll
2015-07-19 15:13:38 ----A---- C:\Windows\system32\rdvidcrl.dll
2015-07-19 15:09:50 ----A---- C:\Windows\system32\win32k.sys
2015-07-19 15:09:46 ----A---- C:\Windows\system32\msv1_0.dll
2015-07-19 15:09:46 ----A---- C:\Windows\system32\kerberos.dll
2015-07-19 15:09:46 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-07-19 15:09:46 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-07-19 15:09:45 ----A---- C:\Windows\system32\rpcrt4.dll
2015-07-19 15:09:45 ----A---- C:\Windows\system32\lsasrv.dll
2015-07-19 15:09:45 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-07-19 15:09:44 ----A---- C:\Windows\system32\TSpkg.dll
2015-07-19 15:09:44 ----A---- C:\Windows\system32\schannel.dll
2015-07-19 15:09:44 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-07-19 15:09:44 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-07-19 15:09:44 ----A---- C:\Windows\system32\cryptbase.dll
2015-07-19 15:09:43 ----A---- C:\Windows\system32\wdigest.dll
2015-07-19 15:09:43 ----A---- C:\Windows\system32\ncrypt.dll
2015-07-19 15:09:43 ----A---- C:\Windows\system32\lsass.exe
2015-07-19 15:09:43 ----A---- C:\Windows\system32\auditpol.exe
2015-07-19 15:09:42 ----A---- C:\Windows\system32\sspisrv.dll
2015-07-19 15:09:42 ----A---- C:\Windows\system32\sspicli.dll
2015-07-19 15:09:42 ----A---- C:\Windows\system32\secur32.dll
2015-07-19 15:09:42 ----A---- C:\Windows\system32\msaudite.dll
2015-07-19 15:09:42 ----A---- C:\Windows\system32\credssp.dll
2015-07-19 15:09:42 ----A---- C:\Windows\system32\adtschema.dll
2015-07-19 15:09:41 ----A---- C:\Windows\system32\msobjs.dll
2015-07-19 15:09:33 ----A---- C:\Windows\system32\msi.dll
2015-07-19 15:09:33 ----A---- C:\Windows\system32\consent.exe
2015-07-19 15:09:33 ----A---- C:\Windows\system32\authui.dll
2015-07-19 15:09:32 ----A---- C:\Windows\system32\msimsg.dll
2015-07-19 15:09:32 ----A---- C:\Windows\system32\msihnd.dll
2015-07-19 15:09:32 ----A---- C:\Windows\system32\msiexec.exe
2015-07-19 15:09:32 ----A---- C:\Windows\system32\appinfo.dll
2015-07-19 15:09:14 ----A---- C:\Windows\system32\ole32.dll
2015-07-19 15:09:04 ----A---- C:\Windows\system32\gdi32.dll
2015-07-19 15:09:01 ----A---- C:\Windows\system32\cryptsvc.dll
2015-07-19 15:09:01 ----A---- C:\Windows\system32\crypt32.dll
2015-07-19 15:09:00 ----A---- C:\Windows\system32\wintrust.dll
2015-07-19 15:09:00 ----A---- C:\Windows\system32\cryptnet.dll
2015-07-19 15:08:51 ----A---- C:\Windows\system32\wucltux.dll
2015-07-19 15:08:51 ----A---- C:\Windows\system32\wuaueng.dll
2015-07-19 15:08:50 ----A---- C:\Windows\system32\wuwebv.dll
2015-07-19 15:08:50 ----A---- C:\Windows\system32\wups2.dll
2015-07-19 15:08:50 ----A---- C:\Windows\system32\wups.dll
2015-07-19 15:08:50 ----A---- C:\Windows\system32\wudriver.dll
2015-07-19 15:08:50 ----A---- C:\Windows\system32\wuauclt.exe
2015-07-19 15:08:50 ----A---- C:\Windows\system32\wuapp.exe
2015-07-19 15:08:50 ----A---- C:\Windows\system32\wuapi.dll
2015-07-19 15:08:50 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-07-19 15:08:50 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-07-19 15:08:47 ----A---- C:\Windows\system32\cewmdm.dll

======List of files/folders modified in the last 1 month======

2015-08-16 20:01:40 ----D---- C:\Windows\Prefetch
2015-08-16 20:01:33 ----D---- C:\Program Files\trend micro
2015-08-16 20:01:24 ----D---- C:\Windows\Temp
2015-08-16 20:00:18 ----D---- C:\Windows\System32
2015-08-16 20:00:12 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-08-16 19:58:54 ----D---- C:\Windows\tracing
2015-08-11 12:21:09 ----D---- C:\Windows\rescache
2015-08-11 11:36:13 ----SHD---- C:\System Volume Information
2015-08-11 11:32:02 ----D---- C:\Windows\system32\config
2015-08-07 15:31:00 ----D---- C:\Windows\system32\drivers
2015-08-07 15:31:00 ----D---- C:\Windows\inf
2015-08-07 15:30:59 ----D---- C:\Windows\system32\DriverStore
2015-08-02 10:18:09 ----D---- C:\Windows\system32\catroot2
2015-07-30 00:44:21 ----D---- C:\Users\Heroldovi\AppData\Roaming\Spotify
2015-07-29 01:00:36 ----SD---- C:\Windows\system32\CompatTel
2015-07-28 11:32:15 ----D---- C:\Windows\winsxs
2015-07-28 11:31:42 ----D---- C:\Windows\SoftwareDistribution
2015-07-27 16:15:06 ----D---- C:\ProgramData\boost_interprocess
2015-07-27 16:06:46 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2015-07-26 18:07:28 ----SHD---- C:\$Recycle.Bin
2015-07-26 18:06:19 ----SD---- C:\Windows\system32\GWX
2015-07-26 18:01:22 ----D---- C:\Windows\system32\Tasks
2015-07-21 20:29:53 ----D---- C:\Users\Heroldovi\AppData\Roaming\vlc
2015-07-21 10:24:29 ----D---- C:\Windows
2015-07-19 21:54:17 ----D---- C:\Windows\system32\cs-CZ
2015-07-19 21:54:15 ----D---- C:\Windows\system32\wbem
2015-07-19 21:54:15 ----D---- C:\Windows\system32\appraiser
2015-07-19 21:54:15 ----D---- C:\Windows\AppPatch
2015-07-19 21:54:12 ----D---- C:\Windows\system32\en-US
2015-07-19 21:54:12 ----D---- C:\Program Files\Internet Explorer
2015-07-19 20:09:55 ----D---- C:\Windows\system32\MRT
2015-07-19 19:58:11 ----D---- C:\Windows\debug
2015-07-19 19:55:44 ----SHD---- C:\Windows\Installer
2015-07-19 19:55:37 ----D---- C:\ProgramData\Microsoft Help
2015-07-19 14:54:15 ----D---- C:\ProgramData\NVIDIA
2015-07-19 11:09:58 ----D---- C:\temp
2015-07-19 11:08:52 ----D---- C:\Windows\PolicyDefinitions
2015-07-19 10:27:04 ----D---- C:\Program Files
2015-07-19 10:18:28 ----D---- C:\Windows\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-07-21 49776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-07-21 208664]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-03-13 691696]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-07-21 81728]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-07-21 788784]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-07-21 433264]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 eusk2par;EUTRON SmartKey Parallel Driver; \??\C:\Windows\system32\Drivers\eusk2par.sys [2006-12-13 30656]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-07-21 24016]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-07-21 76000]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-07-21 113592]
R2 DefragFS;DefragFS; C:\Windows\system32\drivers\DefragFS.sys [2012-09-11 104088]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R2 PDFSFilter;PDFsFilter; C:\Windows\system32\DRIVERS\PDFsFilter.sys [2012-08-23 69016]
R3 athur;Atheros AR9271 Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athur.sys [2010-01-05 1500160]
R3 busenum;Synology Virtual USB Hub; C:\Windows\system32\DRIVERS\busenum.sys [2011-02-18 46304]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2011-07-12 73344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2014-09-22 3308568]
R3 rt61x86;RT61 Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr61.sys [2010-04-08 376160]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2014-07-16 719064]
R3 vncmirror;vncmirror; C:\Windows\system32\DRIVERS\vncmirror.sys [2011-02-04 4608]
S0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2005-08-10 50688]
S0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\Windows\System32\drivers\sfvfs02.sys [2005-11-03 63488]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2011-07-12 102784]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2011-07-12 11136]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2011-07-12 89856]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2011-07-12 26624]
S3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [2011-07-12 182272]
S3 ivusb;Initio Driver for USB Default Controller; C:\Windows\system32\DRIVERS\ivusb.sys [2010-07-29 25112]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam.sys [2015-04-30 20256]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2015-07-21 146600]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 EPSON_PM_RPCV4_05;EPSON V3 Service4(05); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE [2012-02-27 142432]
R2 EpsonScanSvc;Epson Scanner Service; C:\Windows\system32\EscSvc.exe [2011-12-12 122000]
R2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-22 107912]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; D:\Adam\Nová složka\HiPatchService.exe [2015-07-27 8704]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-02-04 670536]
R2 PDAgent;PDAgent; C:\Program Files\Raxco\PerfectDisk\PDAgent.exe [2014-11-12 2234160]
R2 PDEngine;PDEngine; C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe [2014-11-12 2247472]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2014-06-05 93040]
R2 UsbClientService;UsbClientService; C:\Program Files\Synology\Assistant\UsbClientService.exe [2011-02-18 245760]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-26 1260320]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-16 269000]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2010-03-02 77944]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-03-11 1044816]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-22 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-06-19 102912]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-12-26 119408]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2014-02-08 569024]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-07-08 1343400]
S3 WinVNC4;VNC Server Version 4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe [2011-02-04 1696496]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#2 Příspěvek od **Márty84** » 16 srp 2015 20:59

Zdravim

Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

kherold · #3 Příspěvek od **kherold** » 17 srp 2015 08:40

Díky za instrukce, tady to je.

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Professional SP1 [6.1 Build 7601] (x86)
Date : 2015/08/17 9:28:05

-- Controller Map ----------------------------------------------------------
- ATA Channel 0 (0) [ATA]
+ ATA Channel 1 (1) [ATA]
- SAMSUNG HD322HJ ATA Device
+ Intel(R) ICH10 Family 4 port Serial ATA Storage Controller 1 - 3A20 [ATA]
+ ATA Channel 0 (0)
- ASUS DRW-24B1ST ATA Device
- ATA Channel 1 (1)
+ Intel(R) ICH10 Family 2 port Serial ATA Storage Controller 2 - 3A26 [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ JMB36X Standard Dual Channel PCIE IDE Controller [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ A7THY60U IDE Controller [SCSI]
- GPCRYV ABCXENSPEZ SCSI CdRom Device

-- Disk List ---------------------------------------------------------------
(1) SAMSUNG HD322HJ : 320,0 GB [0/5/0, pd1]

----------------------------------------------------------------------------
(1) SAMSUNG HD322HJ
----------------------------------------------------------------------------
Model : SAMSUNG HD322HJ
Firmware : 1AC01118
Serial Number : S17AJA0SA69203
Disk Size : 320,0 GB (8,4/137,4/320,0)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ATA8-ACS version 3b
Transfer Mode : SATA/300
Power On Hours : 9328 hod.
Power On Count : 3077 krát
Temparature : 22 C (71 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0000h [OFF]
AAM Level : FE00h [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 000000000000 Počet chyb čtení
03 _92 _92 _11 000000000C9E Čas na roztočení ploten
04 _97 _97 __0 000000000C0B Počet spuštění/zastavení
05 100 100 _10 000000000000 Počet přemapovaných sektorů
07 100 100 _51 000000000000 Počet chybných hledání
08 100 100 _15 000000000000 Čas potřebný na vyhledání
09 _98 _98 __0 000000002470 Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000003 Počet pokusů o překalibrování
0C _97 _97 __0 000000000C05 Počet cyklů zapnutí zařízení
0D 100 100 __0 000000000000 Počet pokusů o softvérové opravení chyb při čtení programů z disku
B7 100 100 __0 000000000000 Neznámý
B8 100 100 __0 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BE _82 _61 __0 000012120012 Teplota toku vzduchu
C2 _78 _58 __0 000016120016 Teplota
C3 100 100 __0 000000061017 Počet oprav chybného čtení
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 100 100 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 __0 000000000000 Počet chyb při zápisu sektorů
C9 253 253 __0 000000000000 Počet chyb při čtení programů z disku

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 8856 003F 003F 0000 0000 0000
010: 5331 3741 4A41 3053 4136 3033 3033 2020 2020 2020
020: 0003 8000 0004 3141 4330 3138 3138 5341 4D53 554E
030: 4720 4844 3332 3248 4A20 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 1706 1706 0000 004C 0040
080: 00F8 0052 746B 7F69 4133 BC41 BC41 4123 20FF 001F
090: 001F 0000 FFFE 0000 FE00 0005 0005 005D 86A0 0001
100: EAB0 2542 0000 0000 0064 0000 0000 0000 5002 4E92
110: 0138 C4F6 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 003F 003F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 64A5

---

# AdwCleaner v5.000 - Logfile created 17/08/2015 at 09:32:00
# Updated 14/08/2015 by Xplode
# Database : 2015-08-16.2 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x86)
# Username : Heroldovi - SAFIRA
# Running from : C:\Users\Heroldovi\Desktop\adwcleaner_5.000.exe
# Option : Cleaning

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files\AskPartnerNetwork
[-] Folder Deleted : C:\Program Files\Conduit
[-] Folder Deleted : C:\Program Files\FileViewPro
[-] Folder Deleted : C:\Program Files\WinThruster
[-] Folder Deleted : C:\ProgramData\apn
[-] Folder Deleted : C:\ProgramData\Ask
[-] Folder Deleted : C:\ProgramData\AskPartnerNetwork
[-] Folder Deleted : C:\ProgramData\Babylon
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileViewPro
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinThruster
[-] Folder Deleted : C:\Users\Heroldovi\AppData\Local\AskPartnerNetwork
[-] Folder Deleted : C:\Users\Heroldovi\AppData\Local\Conduit
[-] Folder Deleted : C:\Users\Heroldovi\AppData\Local\onlysearch
[-] Folder Deleted : C:\Users\Heroldovi\AppData\Local\pdfforge
[-] Folder Deleted : C:\Users\Heroldovi\AppData\LocalLow\Conduit
[-] Folder Deleted : C:\Users\Heroldovi\AppData\LocalLow\pdfforge
[-] Folder Deleted : C:\Users\Heroldovi\AppData\LocalLow\PriceGong
[-] Folder Deleted : C:\Users\Heroldovi\AppData\LocalLow\Search Settings
[-] Folder Deleted : C:\Users\Heroldovi\AppData\Roaming\Babylon
[-] Folder Deleted : C:\Users\Heroldovi\AppData\Roaming\pdfforge
[-] Folder Deleted : C:\Users\Heroldovi\AppData\Roaming\Solvusoft
[-] Folder Deleted : C:\Users\Heroldovi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
[-] Folder Deleted : C:\Users\Heroldovi\AppData\Roaming\Mozilla\Firefox\Profiles\hafekmd6.default\Smartbar
[#] Folder Deleted : C:\Users\Heroldovi\AppData\Roaming\Mozilla\Firefox\Profiles\zgoc3fhf.default\Extensions\pdfforge@mybrowserbar.com
[#] Folder Deleted : C:\Users\Heroldovi\AppData\Roaming\Mozilla\Firefox\Profiles\zgoc3fhf.default\Extensions\wtxpcom@mybrowserbar.com

***** [ Files ] *****

[-] File Deleted : C:\Users\Heroldovi\AppData\Roaming\Mozilla\Firefox\Profiles\hafekmd6.default\bprotector_extensions.sqlite
[-] File Deleted : C:\Users\Heroldovi\AppData\Roaming\Mozilla\Firefox\Profiles\hafekmd6.default\bprotector_prefs.js
[-] File Deleted : C:\Users\Heroldovi\AppData\Roaming\Mozilla\Firefox\Profiles\hafekmd6.default\searchplugins\Askcom.xml
[-] File Deleted : C:\Users\Heroldovi\AppData\Roaming\Mozilla\Firefox\Profiles\hafekmd6.default\searchplugins\Babylon.xml
[-] File Deleted : C:\Users\Heroldovi\AppData\Roaming\Mozilla\Firefox\Profiles\hafekmd6.default\searchplugins\BrowserProtect.xml
[-] File Deleted : C:\Windows\system32\roboot.exe

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

[-] Task Deleted : BitGuard
[-] Task Deleted : WinThruster_DEFAULT
[-] Task Deleted : WinThruster_UPDATES

***** [ Registry ] *****

[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
[-] Key Deleted : HKCU\Software\Classes\keepmysearch
[-] Key Deleted : HKCU\Software\526db8be068ea14
[-] Key Deleted : HKLM\SOFTWARE\526db8be068ea14
[-] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3205709
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf
[!] Key Not Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{B922D405-6D13-4A2B-AE89-08A030DA4402}]
[-] Key Deleted : HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Key Deleted : HKCU\Software\AskPartnerNetwork
[-] Key Deleted : HKCU\Software\BABSOLUTION
[-] Key Deleted : HKCU\Software\BabylonToolbar
[-] Key Deleted : HKCU\Software\BI
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\DataMngr
[+] Key Deleted : HKCU\Software\DataMngr_Toolbar
[-] Key Deleted : HKCU\Software\filescout
[-] Key Deleted : HKCU\Software\pdfforge
[-] Key Deleted : HKCU\Software\Search Settings
[-] Key Deleted : HKCU\Software\Solvusoft
[-] Key Deleted : HKCU\Software\YahooPartnerToolbar
[-] Key Deleted : HKCU\Software\AppDataLow\Toolbar
[-] Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
[-] Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
[-] Key Deleted : HKLM\SOFTWARE\Babylon
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\DataMngr
[-] Key Deleted : HKLM\SOFTWARE\dt soft\daemon tools toolbar
[-] Key Deleted : HKLM\SOFTWARE\pdfforge
[-] Key Deleted : HKLM\SOFTWARE\Search Settings
[-] Key Deleted : HKLM\SOFTWARE\Solvusoft
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinThruster_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FileViewPro_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[!] Data Not Restored : HKCU\Software\Microsoft\Internet Explorer\Main [bProtector Start Page]
[!] Data Not Restored : HKU\S-1-5-21-333770512-150562242-2592583544-1001\Software\Microsoft\Internet Explorer\Main [bProtector Start Page]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3F8BE94B-E514-42CF-990F-99875D493022}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CB444517-CE6B-42BE-AA59-64E4501FE4AA}
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs]

***** [ Web browsers ] *****

[-] [C:\Users\Heroldovi\AppData\Roaming\Mozilla\Firefox\Profiles\hafekmd6.default\prefs.js] [Preference] Deleted : user_pref("CT3205709.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?SSPV=FFWSP03&ctid=CT3205709&SearchSource=2&q=");
[-] [C:\Users\Heroldovi\AppData\Roaming\Mozilla\Firefox\Profiles\hafekmd6.default\prefs.js] [Preference] Deleted : user_pref("CT3205709.installId", "conduitinstaller.exe");
[-] [C:\Users\Heroldovi\AppData\Roaming\Mozilla\Firefox\Profiles\hafekmd6.default\prefs.js] [Preference] Deleted : user_pref("CT3205709.installType", "conduitnsisintegration");
[-] [C:\Users\Heroldovi\AppData\Roaming\Mozilla\Firefox\Profiles\hafekmd6.default\prefs.js] [Preference] Deleted : user_pref("CT3205709.isPerformedSmartBarTransition", "true");
[-] [C:\Users\Heroldovi\AppData\Roaming\Mozilla\Firefox\Profiles\hafekmd6.default\prefs.js] [Preference] Deleted : user_pref("CT3205709.smartbar.CTID", "CT3205709");
[-] [C:\Users\Heroldovi\AppData\Roaming\Mozilla\Firefox\Profiles\hafekmd6.default\prefs.js] [Preference] Deleted : user_pref("CT3205709.smartbar.Uninstall", "0");
[-] [C:\Users\Heroldovi\AppData\Roaming\Mozilla\Firefox\Profiles\hafekmd6.default\prefs.js] [Preference] Deleted : user_pref("CT3205709.smartbar.homepage", true);
[-] [C:\Users\Heroldovi\AppData\Roaming\Mozilla\Firefox\Profiles\hafekmd6.default\prefs.js] [Preference] Deleted : user_pref("CT3205709.smartbar.toolbarName", "BrotherSoft Extreme3 ");
[-] [C:\Users\Heroldovi\AppData\Roaming\Mozilla\Firefox\Profiles\hafekmd6.default\prefs.js] [Preference] Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3205709&octid=CT3205709&SearchSource=61&CUI=SB_CUI&UP=SPABD91EC8-C976-4EA1-A334-1EA376C24931&SSPV=FFWSP03");
[-] [C:\Users\Heroldovi\AppData\Roaming\Mozilla\Firefox\Profiles\hafekmd6.default\prefs.js] [Preference] Deleted : user_pref("Smartbar.ConduitSearchEngineList", "BrotherSoft Extreme3 Customized Web Search");
[-] [C:\Users\Heroldovi\AppData\Roaming\Mozilla\Firefox\Profiles\hafekmd6.default\prefs.js] [Preference] Deleted : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?SSPV=FFWSP03&ctid=CT3205709&SearchSource=2&q=");
[-] [C:\Users\Heroldovi\AppData\Roaming\Mozilla\Firefox\Profiles\hafekmd6.default\prefs.js] [Preference] Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties");
[-] [C:\Users\Heroldovi\AppData\Roaming\Mozilla\Firefox\Profiles\hafekmd6.default\prefs.js] [Preference] Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3205709");
[-] [C:\Users\Heroldovi\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : search.conduit.com
[-] [C:\Users\Heroldovi\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : websearch.ask.com
[-] [C:\Users\Heroldovi\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : www2.delta-search.com

*************************

:: Proxy settings cleared
:: Winsock settings cleared

*************************

C:\AdwCleaner[C1].txt - [10635 octets] - [17/08/2015 09:32:00]
C:\AdwCleaner[R1].txt - [2206 octets] - [11/11/2012 18:05:37]
C:\AdwCleaner[S1].txt - [12480 octets] - [11/11/2012 18:06:21]

########## EOF - C:\AdwCleaner[C1].txt - [10826 octets] ##########

#4 Příspěvek od **Márty84** » 17 srp 2015 12:40

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

kherold · #5 Příspěvek od **kherold** » 17 srp 2015 17:19

Tady to máme.

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 17.8.2015
Čas skenování: 15:25
Protokol:
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.08.17.05
Databáze rootkitů: v2015.08.16.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: Heroldovi

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 698219
Uplynulý čas: 2 hod, 42 min, 57 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Sken hloubkových rootkitů: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 5
PUP.Optional.Babylon.A, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, , [bc2d99703e4d6bcb46861b7c25dd50b0],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\BHNJJBCNBMJMHGPLIAHLAMECMBEJPAOL, , [29c04bbeee9d62d4d87963bce41f07f9],
PUP.Optional.ConduitTB.Gen.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A915B5F7-64C4-455D-8BB7-D7B3CAF4150B}, , [09e059b08dfebb7b7be07a2d5ea66898],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-333770512-150562242-2592583544-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\BHNJJBCNBMJMHGPLIAHLAMECMBEJPAOL, , [c22703069bf04fe7c9890f10a26150b0],
PUP.Optional.Spigot.A, HKU\S-1-5-21-333770512-150562242-2592583544-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9F3FF8FF-35CC-4619-BC74-6FB5EC055695}, , [00e935d4206b38fea63e09170300b050],

Hodnoty registru: 5
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\bhnjjbcnbmjmhgpliahlamecmbejpaol|path, C:\Users\Heroldovi\AppData\Local\CRE\bhnjjbcnbmjmhgpliahlamecmbejpaol.crx, , [29c04bbeee9d62d4d87963bce41f07f9]
PUP.Optional.ConduitTB.Gen.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A915B5F7-64C4-455D-8BB7-D7B3CAF4150B}|AppPath, C:\Users\Heroldovi\AppData\Local\Conduit\CT3205709, , [09e059b08dfebb7b7be07a2d5ea66898]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-333770512-150562242-2592583544-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\bhnjjbcnbmjmhgpliahlamecmbejpaol|path, C:\Users\Heroldovi\AppData\Local\CRE\bhnjjbcnbmjmhgpliahlamecmbejpaol.crx, , [c22703069bf04fe7c9890f10a26150b0]
PUP.Optional.Spigot.A, HKU\S-1-5-21-333770512-150562242-2592583544-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9F3FF8FF-35CC-4619-BC74-6FB5EC055695}|URL, http://search.yahoo.com/search?fr=chr-g ... earchTerms}, , [00e935d4206b38fea63e09170300b050]
PUP.Optional.Spigot.A, HKU\S-1-5-21-333770512-150562242-2592583544-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9F3FF8FF-35CC-4619-BC74-6FB5EC055695}|OSDFileURL, file:///C:/Program%20Files/Common%20Files/Spigot/Search%20Settings/yahoo_ie.xml, , [23c6b554e2a992a4ba6c6b3b768e9d63]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 22
PUP.Optional.APNToolBar.A, C:\AdwCleaner\Quarantine\C\Program Files\AskPartnerNetwork\Toolbar\APNSetup.exe.vir, , [53965bae088313239582525568995da3],
PUP.Optional.APNToolBar.A, C:\AdwCleaner\Quarantine\C\ProgramData\apn\APN-Stub\ORJ-V7\ApnSetup.exe.vir, , [e603ce3b404be4529582c9de18e9df21],
PUP.Optiona.ConduitTB.Gen, C:\Program Files\BrotherSoft_Extreme3\ldrtbBro0.dll, , [945545c4d4b761d5a6336321f11423dd],
PUP.Optiona.ConduitTB.Gen, C:\Program Files\BrotherSoft_Extreme3\ldrtbBrot.dll, , [08e1bd4c6724eb4b7861ea9a63a2e31d],
PUP.Optiona.ConduitTB.Gen, C:\Program Files\BrotherSoft_Extreme3\prxtbBro0.dll, , [2cbd42c753384aec6d6c4e36e71ed32d],
PUP.Optiona.ConduitTB.Gen, C:\Program Files\BrotherSoft_Extreme3\prxtbBro1.dll, , [21c804057b10122412c74440d62f9e62],
PUP.Optiona.ConduitTB.Gen, C:\Program Files\BrotherSoft_Extreme3\prxtbBrot.dll, , [678231d899f2c76ff3e67113b055966a],
PUP.Optiona.ConduitTB.Gen, C:\Program Files\BrotherSoft_Extreme3\tbBrot.dll, , [29c09079315ab77f76631470679e45bb],
PUP.Optiona.ConduitTB.Gen, C:\Users\Heroldovi\AppData\LocalLow\BrotherSoft_Extreme3\hk64tbBro0.dll, , [6c7da4658b003bfb0dccd7ad48bdf60a],
PUP.Optiona.ConduitTB.Gen, C:\Users\Heroldovi\AppData\LocalLow\BrotherSoft_Extreme3\hktbBro0.dll, , [9752fd0cc8c36fc722b79ee6cc3956aa],
PUP.Optiona.ConduitTB.Gen, C:\Users\Heroldovi\AppData\LocalLow\BrotherSoft_Extreme3\ldrtbBro0.dll, , [7772ff0ad0bb95a11cbde4a0d332748c],
PUP.Optiona.ConduitTB.Gen, C:\Users\Heroldovi\AppData\LocalLow\BrotherSoft_Extreme3\ldrtbBro2.dll, , [37b2af5a1e6dd95d27b2c2c2a75e2ed2],
PUP.Optiona.ConduitTB.Gen, C:\Users\Heroldovi\AppData\LocalLow\BrotherSoft_Extreme3\ldrtbBrot.dll, , [30b9947598f35bdb06d31371f01550b0],
PUP.Optiona.ConduitTB.Gen, C:\Users\Heroldovi\AppData\LocalLow\BrotherSoft_Extreme3\tbBro0.dll, , [698069a023683afca6332f55d72e35cb],
PUP.Optiona.ConduitTB.Gen, C:\Users\Heroldovi\AppData\LocalLow\BrotherSoft_Extreme3\tbBro2.dll, , [dc0dc4454f3cc86e2cad9ce88e770bf5],
PUP.Optiona.ConduitTB.Gen, C:\Users\Heroldovi\AppData\LocalLow\BrotherSoft_Extreme3\tbBrot.dll, , [7079c841404bd264d207790bcf36ac54],
PUP.RiskWareTool.CK, C:\Users\Heroldovi\Downloads\Adobe Photoshop CS6 13.0.1 Final Multilanguage (cracked dll) [ChingLiu]\cracked dll\32 bit\amtlib.dll, , [2fba6d9c2863f0460e181f70f80abf41],
PUP.RiskWareTool.CK, C:\Users\Heroldovi\Downloads\Adobe Photoshop CS6 13.0.1 Final Multilanguage (cracked dll) [ChingLiu]\cracked dll\64 bit\amtlib.dll, , [9653ed1c6922af87a4aa454ae12142be],
PUP.Optional.Conduit.A, C:\Users\Heroldovi\AppData\Roaming\Mozilla\Firefox\Profiles\hafekmd6.default\searchplugins\brothersoft-extreme3-customized-web-search.xml, , [48a1040552390f2739b536fb60a32dd3],
Exploit.Drop.GSA, C:\ProgramData\dsgsdgdsgdsgw.pad, , [ad3c70990685bc7a58c36d16857e5fa1],
Trojan.Delf, C:\ProgramData\lsass.exe, , [d41560a91972f34356c12074cd36ee12],
PUP.Optional.BitCoinMiner.A, C:\Users\Heroldovi\AppData\Roaming\Microsoft\Networking\inet32upd.exe, , [6e7bff0a4f3c3600d7317b2c669ee020],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

#6 Příspěvek od **Márty84** » 17 srp 2015 17:58

Vsechny nalezy nechte odstranit. Po odstraneni a restartu pc test s MBAM zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.

kherold · #7 Příspěvek od **kherold** » 17 srp 2015 21:53

Vypadá to dobře.

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 17.8.2015
Čas skenování: 19:07
Protokol:
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.08.17.07
Databáze rootkitů: v2015.08.16.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: Heroldovi

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 697663
Uplynulý čas: 2 hod, 45 min, 21 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Sken hloubkových rootkitů: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

#8 Příspěvek od **Márty84** » 17 srp 2015 21:55

Super, MBAM muzete odinstalovat.

Dejte novy log z RSIT

a k tomu

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

kherold · #9 Příspěvek od **kherold** » 17 srp 2015 22:14

Logy vloženy v požadovaném pořadí.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Heroldovi at 2015-08-17 23:00:26
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 5 GB (4%) free of 123 GB
Total RAM: 3582 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:00:32, on 17.8.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17937)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\GWX\GWX.exe
C:\Program Files\Raxco\PerfectDisk\PDAgentS1.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Users\Heroldovi\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\Heroldovi\Desktop\RSIT.exe
C:\Program Files\trend micro\Heroldovi.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {62d40876-df18-411f-9d34-a9dd7a197bc5} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Heroldovi\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{366BC9E2-B021-4C88-952E-EC57B2F6BE04}: NameServer = 217.77.165.81 217.77.161.131
O17 - HKLM\System\CCS\Services\Tcpip\..\{9230FB09-A4AD-4ADD-9421-1EE8E7FED657}: NameServer = 217.77.165.81 217.77.161.131
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~2\bitguard\271832~1.68\{c16c1~1\bitguard.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Autodesk Content Service - Unknown owner - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Seiko Epson Corporation - C:\Windows\system32\EscSvc.exe
O23 - Service: EPSON V3 Service4(05) (EPSON_PM_RPCV4_05) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - D:\Adam\Nová složka\HiPatchService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: UsbClientService - Unknown owner - C:\Program Files\Synology\Assistant\UsbClientService.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd - C:\Program Files\RealVNC\VNC4\WinVNC4.exe

--
End of file - 10345 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Heroldovi\AppData\Roaming\Mozilla\Firefox\Profiles\hafekmd6.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.google.com/?trackid=sp-006"
prefs.js - "keyword.URL" - "https://www.google.com/search/?trackid=sp-006"

"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt
sprotector.js

C:\Program Files\Mozilla Firefox\plugins\
nppdf32.DEU
nppdf32.dll
nppdf32.FRA
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
QuickTimePlugin.class

C:\Users\Heroldovi\AppData\Roaming\Mozilla\Firefox\Profiles\hafekmd6.default\searchplugins\
firmycz.xml
google-avast.xml
mapycz.xml
zbocz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-16 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-07-21 559624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23 321120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-16 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23 321120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2014-08-14 12025560]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-07-21 6109776]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"=C:\Users\Heroldovi\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2015-07-27 2017848]
"AdobeBridge"= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner.exe [2015-04-23 6278424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Users\Heroldovi\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2015-07-27 2017848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
D:\Adam\Steam\steam.exe [2015-07-24 2895552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Heroldovi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse.lnk]
C:\Users\HEROLD~1\AppData\Roaming\CURSEC~1\Bin\Curse.exe [2015-06-01 7134472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~2\bitguard\271832~1.68\{c16c1~1\bitguard.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\system32\wpdshserviceobj.dll [2010-11-20 105984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableInstallerDetection"=0
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
"SynchronousMachineGroupPolicy"=1
"SynchronousUserGroupPolicy"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux7"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-08-17 15:21:35 ----D---- C:\ProgramData\Malwarebytes
2015-08-17 09:32:00 ----A---- C:\AdwCleaner[C1].txt
2015-08-17 09:29:52 ----D---- C:\AdwCleaner
2015-08-17 03:03:43 ----SHD---- C:\Config.Msi
2015-08-17 03:03:04 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-16 20:41:01 ----A---- C:\Windows\system32\invagent.dll
2015-08-16 20:41:01 ----A---- C:\Windows\system32\generaltel.dll
2015-08-16 20:41:01 ----A---- C:\Windows\system32\devinv.dll
2015-08-16 20:41:01 ----A---- C:\Windows\system32\appraiser.dll
2015-08-16 20:41:01 ----A---- C:\Windows\system32\aeinv.dll
2015-08-16 20:41:01 ----A---- C:\Windows\system32\acmigration.dll
2015-08-16 20:41:00 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-08-16 20:41:00 ----A---- C:\Windows\system32\aepdu.dll
2015-08-16 20:40:58 ----A---- C:\Windows\system32\wuwebv.dll
2015-08-16 20:40:58 ----A---- C:\Windows\system32\wups2.dll
2015-08-16 20:40:58 ----A---- C:\Windows\system32\wups.dll
2015-08-16 20:40:58 ----A---- C:\Windows\system32\wudriver.dll
2015-08-16 20:40:58 ----A---- C:\Windows\system32\wucltux.dll
2015-08-16 20:40:58 ----A---- C:\Windows\system32\wuaueng.dll
2015-08-16 20:40:58 ----A---- C:\Windows\system32\wuauclt.exe
2015-08-16 20:40:58 ----A---- C:\Windows\system32\wuapp.exe
2015-08-16 20:40:58 ----A---- C:\Windows\system32\wuapi.dll
2015-08-16 20:40:58 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-08-16 20:40:58 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-08-16 20:40:56 ----A---- C:\Windows\system32\WebClnt.dll
2015-08-16 20:40:56 ----A---- C:\Windows\system32\davclnt.dll
2015-08-16 20:40:55 ----A---- C:\Windows\system32\notepad.exe
2015-08-16 20:40:55 ----A---- C:\Windows\notepad.exe
2015-08-16 20:40:52 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-08-16 20:40:52 ----A---- C:\Windows\system32\ntkrnlpa.exe
2015-08-16 20:40:51 ----A---- C:\Windows\system32\wdigest.dll
2015-08-16 20:40:51 ----A---- C:\Windows\system32\sysmain.dll
2015-08-16 20:40:51 ----A---- C:\Windows\system32\srcore.dll
2015-08-16 20:40:51 ----A---- C:\Windows\system32\smss.exe
2015-08-16 20:40:51 ----A---- C:\Windows\system32\schannel.dll
2015-08-16 20:40:51 ----A---- C:\Windows\system32\rstrui.exe
2015-08-16 20:40:51 ----A---- C:\Windows\system32\rpcrt4.dll
2015-08-16 20:40:51 ----A---- C:\Windows\system32\ntdll.dll
2015-08-16 20:40:51 ----A---- C:\Windows\system32\ncrypt.dll
2015-08-16 20:40:51 ----A---- C:\Windows\system32\msv1_0.dll
2015-08-16 20:40:51 ----A---- C:\Windows\system32\lsasrv.dll
2015-08-16 20:40:51 ----A---- C:\Windows\system32\kerberos.dll
2015-08-16 20:40:51 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-08-16 20:40:51 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-08-16 20:40:51 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-08-16 20:40:51 ----A---- C:\Windows\system32\csrsrv.dll
2015-08-16 20:40:50 ----A---- C:\Windows\system32\TSpkg.dll
2015-08-16 20:40:50 ----A---- C:\Windows\system32\sspisrv.dll
2015-08-16 20:40:50 ----A---- C:\Windows\system32\sspicli.dll
2015-08-16 20:40:50 ----A---- C:\Windows\system32\srclient.dll
2015-08-16 20:40:50 ----A---- C:\Windows\system32\secur32.dll
2015-08-16 20:40:50 ----A---- C:\Windows\system32\msobjs.dll
2015-08-16 20:40:50 ----A---- C:\Windows\system32\msmmsp.dll
2015-08-16 20:40:50 ----A---- C:\Windows\system32\msaudite.dll
2015-08-16 20:40:50 ----A---- C:\Windows\system32\lsass.exe
2015-08-16 20:40:50 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-08-16 20:40:50 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-08-16 20:40:50 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-08-16 20:40:50 ----A---- C:\Windows\system32\cryptbase.dll
2015-08-16 20:40:50 ----A---- C:\Windows\system32\credssp.dll
2015-08-16 20:40:50 ----A---- C:\Windows\system32\auditpol.exe
2015-08-16 20:40:50 ----A---- C:\Windows\system32\apisetschema.dll
2015-08-16 20:40:50 ----A---- C:\Windows\system32\adtschema.dll
2015-08-16 20:40:46 ----A---- C:\Windows\system32\mstscax.dll
2015-08-16 20:40:45 ----A---- C:\Windows\system32\wksprt.exe
2015-08-16 20:40:45 ----A---- C:\Windows\system32\tsgqec.dll
2015-08-16 20:40:45 ----A---- C:\Windows\system32\rdvidcrl.dll
2015-08-16 20:40:44 ----A---- C:\Windows\system32\FntCache.dll
2015-08-16 20:40:44 ----A---- C:\Windows\system32\DWrite.dll
2015-08-16 20:40:44 ----A---- C:\Windows\system32\atmfd.dll
2015-08-16 20:40:43 ----A---- C:\Windows\system32\win32k.sys
2015-08-16 20:40:43 ----A---- C:\Windows\system32\lpk.dll
2015-08-16 20:40:43 ----A---- C:\Windows\system32\fontsub.dll
2015-08-16 20:40:43 ----A---- C:\Windows\system32\dciman32.dll
2015-08-16 20:40:43 ----A---- C:\Windows\system32\d3d10warp.dll
2015-08-16 20:40:43 ----A---- C:\Windows\system32\atmlib.dll
2015-08-16 20:40:41 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-16 20:40:41 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-08-16 20:40:41 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-08-16 20:40:40 ----A---- C:\Windows\system32\vbscript.dll
2015-08-16 20:40:40 ----A---- C:\Windows\system32\urlmon.dll
2015-08-16 20:40:40 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-16 20:40:40 ----A---- C:\Windows\system32\jsproxy.dll
2015-08-16 20:40:40 ----A---- C:\Windows\system32\iernonce.dll
2015-08-16 20:40:40 ----A---- C:\Windows\system32\iedkcs32.dll
2015-08-16 20:40:40 ----A---- C:\Windows\system32\ie4uinit.exe
2015-08-16 20:40:39 ----A---- C:\Windows\system32\msfeeds.dll
2015-08-16 20:40:39 ----A---- C:\Windows\system32\jscript9diag.dll
2015-08-16 20:40:39 ----A---- C:\Windows\system32\ieUnatt.exe
2015-08-16 20:40:39 ----A---- C:\Windows\system32\ieapfltr.dll
2015-08-16 20:40:39 ----A---- C:\Windows\system32\dxtmsft.dll
2015-08-16 20:40:38 ----A---- C:\Windows\system32\msrating.dll
2015-08-16 20:40:38 ----A---- C:\Windows\system32\iesetup.dll
2015-08-16 20:40:37 ----A---- C:\Windows\system32\wininet.dll
2015-08-16 20:40:37 ----A---- C:\Windows\system32\jscript.dll
2015-08-16 20:40:37 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-08-16 20:40:36 ----A---- C:\Windows\system32\dxtrans.dll
2015-08-16 20:40:35 ----A---- C:\Windows\system32\ieui.dll
2015-08-16 20:40:35 ----A---- C:\Windows\system32\ieframe.dll
2015-08-16 20:40:33 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-08-16 20:40:33 ----A---- C:\Windows\system32\mshtmled.dll
2015-08-16 20:40:32 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-08-16 20:40:31 ----A---- C:\Windows\system32\mshtml.dll
2015-08-16 20:40:31 ----A---- C:\Windows\system32\jscript9.dll
2015-08-16 20:40:29 ----A---- C:\Windows\system32\iertutil.dll
2015-08-16 20:40:14 ----A---- C:\Windows\system32\shell32.dll
2015-08-16 20:40:08 ----A---- C:\Windows\system32\basesrv.dll
2015-08-16 20:39:58 ----A---- C:\Windows\system32\msxml3.dll
2015-08-16 20:39:57 ----A---- C:\Windows\system32\msxml6r.dll
2015-08-16 20:39:57 ----A---- C:\Windows\system32\msxml6.dll
2015-08-16 20:39:57 ----A---- C:\Windows\system32\msxml3r.dll
2015-07-27 16:32:10 ----D---- C:\Users\Heroldovi\AppData\Roaming\Tera_Awesomium
2015-07-21 10:26:06 ----A---- C:\Windows\system32\aswBoot.exe
2015-07-21 10:21:27 ----A---- C:\Windows\avastSS.scr
2015-07-19 15:14:36 ----A---- C:\Windows\system32\rdpcorets.dll
2015-07-19 15:14:35 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-19 15:09:33 ----A---- C:\Windows\system32\msi.dll
2015-07-19 15:09:33 ----A---- C:\Windows\system32\consent.exe
2015-07-19 15:09:33 ----A---- C:\Windows\system32\authui.dll
2015-07-19 15:09:32 ----A---- C:\Windows\system32\msimsg.dll
2015-07-19 15:09:32 ----A---- C:\Windows\system32\msihnd.dll
2015-07-19 15:09:32 ----A---- C:\Windows\system32\msiexec.exe
2015-07-19 15:09:32 ----A---- C:\Windows\system32\appinfo.dll
2015-07-19 15:09:14 ----A---- C:\Windows\system32\ole32.dll
2015-07-19 15:09:04 ----A---- C:\Windows\system32\gdi32.dll
2015-07-19 15:09:01 ----A---- C:\Windows\system32\cryptsvc.dll
2015-07-19 15:09:01 ----A---- C:\Windows\system32\crypt32.dll
2015-07-19 15:09:00 ----A---- C:\Windows\system32\wintrust.dll
2015-07-19 15:09:00 ----A---- C:\Windows\system32\cryptnet.dll
2015-07-19 15:08:47 ----A---- C:\Windows\system32\cewmdm.dll

======List of files/folders modified in the last 1 month======

2015-08-17 23:00:32 ----D---- C:\Windows\Prefetch
2015-08-17 23:00:27 ----D---- C:\Windows\Temp
2015-08-17 23:00:27 ----D---- C:\Program Files\trend micro
2015-08-17 23:00:15 ----D---- C:\Program Files
2015-08-17 23:00:14 ----D---- C:\Windows\system32\drivers
2015-08-17 21:37:17 ----D---- C:\Windows\tracing
2015-08-17 19:07:12 ----D---- C:\Windows\system32\config
2015-08-17 19:02:41 ----D---- C:\Windows\Help
2015-08-17 19:01:40 ----HD---- C:\ProgramData
2015-08-17 19:01:40 ----D---- C:\Program Files\BrotherSoft_Extreme3
2015-08-17 09:32:05 ----D---- C:\Windows\Tasks
2015-08-17 09:32:05 ----D---- C:\Windows\system32\Tasks
2015-08-17 09:32:04 ----D---- C:\Windows\System32
2015-08-17 09:31:01 ----A---- C:\AdwCleaner[S1].txt
2015-08-17 04:15:39 ----D---- C:\Windows\rescache
2015-08-17 03:45:39 ----D---- C:\Windows\Microsoft.NET
2015-08-17 03:44:54 ----RSD---- C:\Windows\assembly
2015-08-17 03:39:24 ----D---- C:\Windows\winsxs
2015-08-17 03:37:57 ----D---- C:\Program Files\Microsoft Silverlight
2015-08-17 03:35:37 ----SD---- C:\Windows\system32\CompatTel
2015-08-17 03:35:37 ----D---- C:\Windows\system32\cs-CZ
2015-08-17 03:35:37 ----D---- C:\Windows\system32\appraiser
2015-08-17 03:35:37 ----D---- C:\Windows\AppPatch
2015-08-17 03:35:37 ----D---- C:\Windows
2015-08-17 03:35:36 ----D---- C:\Windows\system32\en-US
2015-08-17 03:35:36 ----D---- C:\Windows\system32\drivers\cs-CZ
2015-08-17 03:35:36 ----D---- C:\Program Files\Internet Explorer
2015-08-17 03:19:39 ----SHD---- C:\Windows\Installer
2015-08-17 03:18:25 ----D---- C:\ProgramData\Microsoft Help
2015-08-17 03:08:40 ----D---- C:\Windows\system32\MRT
2015-08-17 03:08:32 ----A---- C:\Windows\system32\MRT.exe
2015-08-17 03:03:58 ----A---- C:\Windows\win.ini
2015-08-17 03:01:37 ----SHD---- C:\System Volume Information
2015-08-16 20:37:10 ----D---- C:\Windows\system32\catroot2
2015-08-16 20:00:12 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-08-07 15:31:00 ----D---- C:\Windows\inf
2015-08-07 15:30:59 ----D---- C:\Windows\system32\DriverStore
2015-07-30 00:44:21 ----D---- C:\Users\Heroldovi\AppData\Roaming\Spotify
2015-07-28 11:31:42 ----D---- C:\Windows\SoftwareDistribution
2015-07-27 16:15:06 ----D---- C:\ProgramData\boost_interprocess
2015-07-27 16:06:46 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2015-07-26 18:07:28 ----SHD---- C:\$Recycle.Bin
2015-07-26 18:06:19 ----SD---- C:\Windows\system32\GWX
2015-07-21 20:29:53 ----D---- C:\Users\Heroldovi\AppData\Roaming\vlc
2015-07-19 21:54:15 ----D---- C:\Windows\system32\wbem
2015-07-19 19:58:11 ----D---- C:\Windows\debug
2015-07-19 14:54:15 ----D---- C:\ProgramData\NVIDIA
2015-07-19 11:09:58 ----D---- C:\temp
2015-07-19 11:08:52 ----D---- C:\Windows\PolicyDefinitions

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-07-21 49776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-07-21 208664]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-03-13 691696]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-07-21 81728]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-07-21 788784]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-07-21 433264]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 eusk2par;EUTRON SmartKey Parallel Driver; \??\C:\Windows\system32\Drivers\eusk2par.sys [2006-12-13 30656]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-07-21 24016]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-07-21 76000]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-07-21 113592]
R2 DefragFS;DefragFS; C:\Windows\system32\drivers\DefragFS.sys [2012-09-11 104088]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R2 PDFSFilter;PDFsFilter; C:\Windows\system32\DRIVERS\PDFsFilter.sys [2012-08-23 69016]
R3 athur;Atheros AR9271 Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athur.sys [2010-01-05 1500160]
R3 busenum;Synology Virtual USB Hub; C:\Windows\system32\DRIVERS\busenum.sys [2011-02-18 46304]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2011-07-12 73344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2014-09-22 3308568]
R3 rt61x86;RT61 Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr61.sys [2010-04-08 376160]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2014-07-16 719064]
R3 vncmirror;vncmirror; C:\Windows\system32\DRIVERS\vncmirror.sys [2011-02-04 4608]
S0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2005-08-10 50688]
S0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\Windows\System32\drivers\sfvfs02.sys [2005-11-03 63488]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2011-07-12 102784]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2011-07-12 11136]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2011-07-12 89856]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2011-07-12 26624]
S3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [2011-07-12 182272]
S3 ivusb;Initio Driver for USB Default Controller; C:\Windows\system32\DRIVERS\ivusb.sys [2010-07-29 25112]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam.sys [2015-04-30 20256]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2015-07-21 146600]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 EPSON_PM_RPCV4_05;EPSON V3 Service4(05); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE [2012-02-27 142432]
R2 EpsonScanSvc;Epson Scanner Service; C:\Windows\system32\EscSvc.exe [2011-12-12 122000]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; D:\Adam\Nová složka\HiPatchService.exe [2015-07-27 8704]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-02-04 670536]
R2 PDAgent;PDAgent; C:\Program Files\Raxco\PerfectDisk\PDAgent.exe [2014-11-12 2234160]
R2 PDEngine;PDEngine; C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe [2014-11-12 2247472]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2014-06-05 93040]
R2 UsbClientService;UsbClientService; C:\Program Files\Synology\Assistant\UsbClientService.exe [2011-02-18 245760]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-22 107912]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-26 1260320]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-16 269000]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2010-03-02 77944]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-03-11 1044816]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-22 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-07-16 102912]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-12-26 119408]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2014-02-08 569024]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-07-08 1343400]
S3 WinVNC4;VNC Server Version 4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe [2011-02-04 1696496]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:17-08-2015
Ran by Heroldovi (administrator) on SAFIRA (17-08-2015 23:06:37)
Running from C:\Users\Heroldovi\Desktop
Loaded Profiles: Heroldovi (Available Profiles: Heroldovi & UpdatusUser)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE
(Hi-Rez Studios) D:\Adam\Nová složka\HiPatchService.exe
(Raxco Software, Inc.) C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
() C:\Program Files\Synology\Assistant\UsbClientService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk\PDAgentS1.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Spotify Ltd) C:\Users\Heroldovi\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Heroldovi\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12025560 2014-08-14] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [6109776 2015-07-21] (AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS6ServiceManager] => C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKU\S-1-5-21-333770512-150562242-2592583544-1001\...\Run: [Spotify Web Helper] => C:\Users\Heroldovi\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017848 2015-07-27] (Spotify Ltd)
HKU\S-1-5-21-333770512-150562242-2592583544-1001\...\Run: [AdobeBridge] => [X]
AppInit_DLLs: c:\progra~2\bitguard\271832~1.68\{c16c1~1\bitguard.dll => c:\progra~2\bitguard\271832~1.68\{c16c1~1\bitguard.dll File not found
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2015-07-21] (AVAST Software)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-06-20] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-06-20] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-06-20] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-06-20] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-06-20] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-06-20] (Google)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2011-02-04] (Autodesk, Inc.)
BootExecute: PDBoot.exeautocheck autochk *
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-333770512-150562242-2592583544-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.cz/
HKU\S-1-5-21-333770512-150562242-2592583544-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.cz/
URLSearchHook: HKLM - (No Name) - {62d40876-df18-411f-9d34-a9dd7a197bc5} - No File
URLSearchHook: HKU\S-1-5-21-333770512-150562242-2592583544-1001 - (No Name) - {62d40876-df18-411f-9d34-a9dd7a197bc5} - No File
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-333770512-150562242-2592583544-1001 -> DefaultScope {C1C8F4A8-4D2C-443A-9A7B-74EB645B67B3} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-333770512-150562242-2592583544-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM ... -SearchBox
SearchScopes: HKU\S-1-5-21-333770512-150562242-2592583544-1001 -> {1520F742-1296-4D9F-882F-54706C3A69C3} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_13415
SearchScopes: HKU\S-1-5-21-333770512-150562242-2592583544-1001 -> {3C05537B-2A0F-4127-A3FF-AE6EED8D7E97} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_13415
SearchScopes: HKU\S-1-5-21-333770512-150562242-2592583544-1001 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-333770512-150562242-2592583544-1001 -> {9FD79DB8-70F4-4C94-974C-39C9527104B2} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_13415
SearchScopes: HKU\S-1-5-21-333770512-150562242-2592583544-1001 -> {B674D0DC-630B-4818-A67A-38DFC5682CB1} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-333770512-150562242-2592583544-1001 -> {C1C8F4A8-4D2C-443A-9A7B-74EB645B67B3} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-333770512-150562242-2592583544-1001 -> {F1084409-C354-467F-B3D1-C1AC7B64A265} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-333770512-150562242-2592583544-1001 -> {F5DB1226-0962-495C-83BE-156D45E2E8C1} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-333770512-150562242-2592583544-1001 -> {FE014D34-064D-4776-B992-9C316F5D598C} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-333770512-150562242-2592583544-1001 -> {FFC6C054-A008-4368-9A31-008515FFBB4C} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_13415
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21] (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-16] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-07-21] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-16] (Oracle Corporation)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-333770512-150562242-2592583544-1001 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-333770512-150562242-2592583544-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-333770512-150562242-2592583544-1001 -> No Name - {62D40876-DF18-411F-9D34-A9DD7A197BC5} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1F444D1D-9A8E-4CF9-B056-98A557C0FF1D}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{366BC9E2-B021-4C88-952E-EC57B2F6BE04}: [NameServer] 217.77.165.81 217.77.161.131
Tcpip\..\Interfaces\{3E41EB57-38E8-4414-83D1-917654069DB5}: [DhcpNameServer] 192.168.6.1
Tcpip\..\Interfaces\{9230FB09-A4AD-4ADD-9421-1EE8E7FED657}: [NameServer] 217.77.165.81 217.77.161.131
Tcpip\..\Interfaces\{C2F50415-F72C-4A3D-A676-B3B62F27FB11}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Heroldovi\AppData\Roaming\Mozilla\Firefox\Profiles\hafekmd6.default
FF DefaultSearchEngine: Google (avast)
FF DefaultSearchUrl: https://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: Google (avast)
FF Homepage: https://www.google.com/?trackid=sp-006
FF Keyword.URL: https://www.google.com/search/?trackid=sp-006
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-16] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-16] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-19] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin HKU\S-1-5-21-333770512-150562242-2592583544-1001: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll [2013-11-17] (The Happy Cloud)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2006-10-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-03-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-03-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-03-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-03-16] (Apple Inc.)
FF SearchPlugin: C:\Users\Heroldovi\AppData\Roaming\Mozilla\Firefox\Profiles\hafekmd6.default\searchplugins\firmycz.xml [2013-06-20]
FF SearchPlugin: C:\Users\Heroldovi\AppData\Roaming\Mozilla\Firefox\Profiles\hafekmd6.default\searchplugins\google-avast.xml [2015-06-12]
FF SearchPlugin: C:\Users\Heroldovi\AppData\Roaming\Mozilla\Firefox\Profiles\hafekmd6.default\searchplugins\mapycz.xml [2013-06-20]
FF SearchPlugin: C:\Users\Heroldovi\AppData\Roaming\Mozilla\Firefox\Profiles\hafekmd6.default\searchplugins\zbocz.xml [2013-06-20]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012-03-03]

Chrome:
=======
CHR Profile: C:\Users\Heroldovi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Heroldovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-05]
CHR Extension: (Google Docs) - C:\Users\Heroldovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-05]
CHR Extension: (Google Drive) - C:\Users\Heroldovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-05]
CHR Extension: (YouTube) - C:\Users\Heroldovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-05]
CHR Extension: (Adblock Plus) - C:\Users\Heroldovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-05-27]
CHR Extension: (Google Search) - C:\Users\Heroldovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-05]
CHR Extension: (Google Sheets) - C:\Users\Heroldovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Heroldovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-05]
CHR Extension: (Gmail) - C:\Users\Heroldovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-05]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2015-07-21]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [146600 2015-07-21] (AVAST Software)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [122000 2011-12-12] (Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_05; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE [142432 2012-02-27] (SEIKO EPSON CORPORATION)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2013-03-11] (Flexera Software, Inc.)
U2 HiPatchService; D:\Adam\Nová složka\HiPatchService.exe [8704 2015-07-27] (Hi-Rez Studios) [File not signed]
R2 PDAgent; C:\Program Files\Raxco\PerfectDisk\PDAgent.exe [2234160 2014-11-12] (Raxco Software, Inc.)
R2 PDEngine; C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe [2247472 2014-11-12] (Raxco Software, Inc.)
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 UsbClientService; C:\Program Files\Synology\Assistant\UsbClientService.exe [245760 2011-02-18] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S3 WinVNC4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe [1696496 2011-02-04] (RealVNC Ltd)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-07-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-07-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-07-21] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-07-21] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [788784 2015-07-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [433264 2015-07-21] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [113592 2015-07-21] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-07-21] (AVAST Software)
R3 athur; C:\Windows\System32\DRIVERS\athur.sys [1500160 2010-01-05] (Atheros Communications, Inc.)
R3 busenum; C:\Windows\System32\DRIVERS\busenum.sys [46304 2011-02-18] (Windows (R) Win 7 DDK provider)
R2 DefragFS; C:\Windows\system32\Drivers\DefragFS.sys [104088 2012-09-11] (Raxco Software, Inc.)
R1 eusk2par; C:\Windows\system32\Drivers\eusk2par.sys [30656 2006-12-13] (Eutron)
S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [89856 2011-07-12] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [26624 2011-07-12] (Huawei Technologies Co., Ltd.)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [182272 2011-07-12] (Huawei Technologies Co., Ltd.)
S3 ivusb; C:\Windows\System32\DRIVERS\ivusb.sys [25112 2010-07-29] (Initio Corporation)
R2 PDFSFilter; C:\Windows\System32\DRIVERS\PDFsFilter.sys [69016 2012-08-23] (Raxco Software, Inc.)
R3 Serenum; C:\Windows\System32\DRIVERS\nuvserenum.sys [17920 2014-01-12] (Windows (R) Win 7 DDK provider)
R3 Serial; C:\Windows\System32\DRIVERS\nuvserial.sys [76288 2014-01-12] (Nuvoton Technology Corp.)
S0 sfdrv01; C:\Windows\System32\drivers\sfdrv01.sys [50688 2005-08-10] (Protection Technology) [File not signed]
R0 sfhlp02; C:\Windows\System32\drivers\sfhlp02.sys [6656 2005-05-16] (Protection Technology) [File not signed]
S0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [63488 2005-11-03] (Protection Technology) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-03-13] () [File not signed]
R3 vncmirror; C:\Windows\System32\DRIVERS\vncmirror.sys [4608 2011-02-04] (RealVNC Ltd.)
U3 awj111zh; C:\Windows\system32\Drivers\awj111zh.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys [X]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-17 23:06 - 2015-08-17 23:06 - 00021723 _____ C:\Users\Heroldovi\Desktop\FRST.txt
2015-08-17 23:05 - 2015-08-17 23:06 - 00000000 ____D C:\FRST
2015-08-17 23:05 - 2015-08-17 23:05 - 00112640 _____ (forum.viry.cz) C:\Users\Heroldovi\Desktop\FRSTLauncher.exe
2015-08-17 23:03 - 2015-08-17 23:03 - 00112640 _____ (forum.viry.cz) C:\Users\Heroldovi\Desktop\Nepotvrzeno 986007.crdownload
2015-08-17 23:01 - 2015-08-17 23:01 - 01677312 _____ (Farbar) C:\Users\Heroldovi\Desktop\FRST.exe
2015-08-17 15:21 - 2015-08-17 15:21 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-17 15:20 - 2015-08-17 15:21 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Heroldovi\Downloads\mbam-setup-2.1.8.1057.exe
2015-08-17 09:32 - 2015-08-17 09:32 - 00010896 _____ C:\AdwCleaner[C1].txt
2015-08-17 09:29 - 2015-08-17 09:32 - 00000000 ____D C:\AdwCleaner
2015-08-17 09:27 - 2015-08-17 09:27 - 01563648 _____ C:\Users\Heroldovi\Desktop\adwcleaner_5.000.exe
2015-08-17 09:26 - 2015-08-17 09:26 - 00000000 ____D C:\Users\Heroldovi\Desktop\CrystalDiskInfo5_0_0
2015-08-17 03:03 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-16 20:41 - 2015-07-28 22:04 - 00015808 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-16 20:41 - 2015-07-28 22:00 - 00952832 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-16 20:41 - 2015-07-28 22:00 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-16 20:41 - 2015-07-28 22:00 - 00598528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-16 20:41 - 2015-07-28 22:00 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-16 20:41 - 2015-07-28 22:00 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-16 20:41 - 2015-07-28 22:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-16 20:41 - 2015-07-28 21:54 - 00934400 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-16 20:40 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-16 20:40 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-16 20:40 - 2015-07-30 19:57 - 00909824 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-16 20:40 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-16 20:40 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-16 20:40 - 2015-07-30 19:57 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-16 20:40 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-16 20:40 - 2015-07-30 18:52 - 02384384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-16 20:40 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-16 20:40 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-16 20:40 - 2015-07-20 19:56 - 02943488 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-16 20:40 - 2015-07-20 19:56 - 02061312 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-16 20:40 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-16 20:40 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-16 20:40 - 2015-07-20 19:56 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-16 20:40 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-16 20:40 - 2015-07-20 19:56 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-16 20:40 - 2015-07-20 19:56 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-16 20:40 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-16 20:40 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-16 20:40 - 2015-07-20 19:56 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-16 20:40 - 2015-07-16 22:20 - 19870208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-16 20:40 - 2015-07-16 22:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-16 20:40 - 2015-07-16 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-16 20:40 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-16 20:40 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-16 20:40 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-16 20:40 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-16 20:40 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-16 20:40 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-16 20:40 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-16 20:40 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-16 20:40 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-16 20:40 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-16 20:40 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-16 20:40 - 2015-07-16 21:39 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-16 20:40 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-16 20:40 - 2015-07-16 21:32 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-16 20:40 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-16 20:40 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-16 20:40 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-16 20:40 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-16 20:40 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-16 20:40 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-16 20:40 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-16 20:40 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-16 20:40 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-16 20:40 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-16 20:40 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-16 20:40 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-16 20:40 - 2015-07-16 21:06 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-16 20:40 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-16 20:40 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-16 20:40 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-16 20:40 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-16 20:40 - 2015-07-16 17:14 - 00355840 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-08-16 20:40 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-08-16 20:40 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-16 20:40 - 2015-07-15 19:59 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-16 20:40 - 2015-07-15 19:59 - 00078784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-16 20:40 - 2015-07-15 19:59 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-16 20:40 - 2015-07-15 19:56 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-16 20:40 - 2015-07-15 19:55 - 01159168 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-16 20:40 - 2015-07-15 19:55 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-16 20:40 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-16 20:40 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-16 20:40 - 2015-07-15 19:55 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-16 20:40 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-16 20:40 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-16 20:40 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-16 20:40 - 2015-07-15 19:55 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-16 20:40 - 2015-07-15 19:54 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-16 20:40 - 2015-07-15 19:54 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-16 20:40 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-16 20:40 - 2015-07-15 19:54 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-16 20:40 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-16 20:40 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-16 20:40 - 2015-07-15 19:54 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-16 20:40 - 2015-07-15 19:54 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-16 20:40 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-16 20:40 - 2015-07-15 19:54 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-16 20:40 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-16 20:40 - 2015-07-15 19:54 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-16 20:40 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-16 20:40 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-16 20:40 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-16 20:40 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-16 20:40 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-16 20:40 - 2015-07-15 18:36 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-16 20:40 - 2015-07-15 18:36 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-16 20:40 - 2015-07-15 18:36 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-16 20:40 - 2015-07-15 04:55 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-16 20:40 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-16 20:40 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-16 20:40 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-16 20:40 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-16 20:40 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-16 20:39 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-16 20:39 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-16 20:39 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-16 20:39 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-16 20:01 - 2015-08-16 20:01 - 01107968 _____ C:\Users\Heroldovi\Desktop\RSIT.exe
2015-07-28 21:17 - 2015-07-28 21:17 - 00000000 ____D C:\Users\Heroldovi\AppData\Local\Risk_of_Rain
2015-07-28 15:26 - 2015-07-28 15:26 - 00000000 ____D C:\Users\Heroldovi\AppData\Local\CEF
2015-07-27 16:32 - 2015-07-27 16:32 - 00000000 ____D C:\Users\Heroldovi\AppData\Roaming\Tera_Awesomium
2015-07-21 10:26 - 2015-07-21 10:21 - 00313472 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-07-21 10:21 - 2015-07-21 10:21 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-07-21 10:11 - 2015-07-21 10:11 - 00113469 _____ C:\Users\Heroldovi\Downloads\True.Detective.S02E03.720p.HDTV.x264-0SEC[rartv]-[rarbg.com].torrent
2015-07-19 15:14 - 2015-06-09 21:35 - 02745856 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-19 15:14 - 2015-06-09 21:35 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-19 15:09 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-19 15:09 - 2015-06-17 19:39 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-19 15:09 - 2015-06-15 23:47 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-19 15:09 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-19 15:09 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-19 15:09 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-19 15:09 - 2015-06-15 23:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-19 15:09 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-19 15:09 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-19 15:09 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-19 15:09 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-19 15:09 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-19 15:09 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-19 15:08 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-17 23:04 - 2014-12-05 10:25 - 00000000 __SHD C:\Users\Heroldovi\AppData\Local\EmieUserList
2015-08-17 23:04 - 2014-12-05 10:25 - 00000000 __SHD C:\Users\Heroldovi\AppData\Local\EmieSiteList
2015-08-17 23:04 - 2014-12-05 10:25 - 00000000 __SHD C:\Users\Heroldovi\AppData\Local\EmieBrowserModeList
2015-08-17 23:00 - 2013-09-02 23:20 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-17 23:00 - 2010-10-17 11:15 - 00000000 ____D C:\Program Files\trend micro
2015-08-17 22:58 - 2015-05-24 21:07 - 01935726 _____ C:\Windows\WindowsUpdate.log
2015-08-17 22:23 - 2010-02-28 16:17 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-17 21:37 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\tracing
2015-08-17 21:26 - 2009-07-14 06:34 - 00015376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-17 21:26 - 2009-07-14 06:34 - 00015376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-17 19:03 - 2013-07-10 16:52 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2015-08-17 19:03 - 2010-02-28 16:17 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-17 19:02 - 2015-06-19 15:29 - 00019608 _____ C:\Windows\PFRO.log
2015-08-17 19:02 - 2015-05-25 17:33 - 00010674 _____ C:\Windows\setupact.log
2015-08-17 19:02 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-17 19:02 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Help
2015-08-17 19:01 - 2012-11-11 22:59 - 00000000 ____D C:\Program Files\BrotherSoft_Extreme3
2015-08-17 09:31 - 2012-11-11 18:06 - 00012480 _____ C:\AdwCleaner[S1].txt
2015-08-17 04:15 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-08-17 03:45 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-08-17 03:38 - 2009-07-14 06:33 - 03896696 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-17 03:37 - 2010-03-19 20:37 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-17 03:35 - 2015-05-24 18:27 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-17 03:35 - 2015-05-24 18:27 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-17 03:19 - 2010-06-04 19:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-17 03:18 - 2010-02-28 18:33 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-17 03:16 - 2013-08-16 03:06 - 00000000 ____D C:\Windows\system32\MRT
2015-08-17 03:08 - 2010-03-02 21:28 - 129304528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-17 03:03 - 2009-07-14 04:04 - 00000518 _____ C:\Windows\win.ini
2015-08-17 03:02 - 2010-02-27 21:44 - 00000000 ____D C:\Users\Heroldovi\AppData\Local\Adobe
2015-08-16 20:57 - 2014-12-05 13:08 - 00002095 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-16 20:00 - 2012-11-11 18:32 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-08-16 20:00 - 2012-11-11 18:32 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-08-07 15:29 - 2014-12-05 07:59 - 00000000 ____D C:\Users\Heroldovi\AppData\Local\CrashDumps
2015-07-30 00:44 - 2015-05-24 19:11 - 00000000 ____D C:\Users\Heroldovi\AppData\Roaming\Spotify
2015-07-30 00:39 - 2015-05-24 19:12 - 00000000 ____D C:\Users\Heroldovi\AppData\Local\Spotify
2015-07-30 00:37 - 2013-12-26 23:05 - 00000000 ____D C:\Users\Heroldovi\AppData\Local\Battle.net
2015-07-27 16:15 - 2015-06-11 18:47 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-07-27 16:06 - 2015-06-20 02:25 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-07-27 13:57 - 2015-05-25 18:37 - 00000000 ____D C:\Users\Heroldovi\Documents\My Games
2015-07-26 18:06 - 2015-05-24 18:27 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-21 20:29 - 2010-03-13 18:09 - 00000000 ____D C:\Users\Heroldovi\AppData\Roaming\vlc
2015-07-21 10:24 - 2014-04-21 21:24 - 00024016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-07-21 10:24 - 2013-12-25 07:50 - 00113592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-07-21 10:24 - 2013-03-10 13:23 - 00208664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-07-21 10:24 - 2013-03-10 13:23 - 00049776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-07-21 10:24 - 2012-03-03 14:25 - 00081728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-07-21 10:24 - 2010-02-27 21:10 - 00433264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-07-21 10:24 - 2010-02-27 21:10 - 00076000 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-07-21 10:19 - 2012-03-03 14:24 - 00788784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-07-19 16:34 - 2013-05-27 15:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-07-19 14:54 - 2010-02-27 21:27 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-19 11:09 - 2013-03-15 12:29 - 00000000 ____D C:\temp
2015-07-19 10:29 - 2009-07-14 06:53 - 00032528 _____ C:\Windows\Tasks\SCHEDLGU.TXT

==================== Files in the root of some directories =======

2015-05-30 00:02 - 2015-05-25 18:36 - 0012005 _____ () C:\Users\Heroldovi\AppData\Roaming\alsoft.ini
2014-12-05 23:14 - 2014-12-05 23:14 - 0021868 _____ () C:\Users\Heroldovi\AppData\Roaming\Hodnoty oddělené čárkami (Windows).ADR
2010-03-02 21:58 - 2010-03-02 21:58 - 0000097 _____ () C:\Users\Heroldovi\AppData\Local\fusioncache.dat
2013-05-05 18:23 - 2013-05-05 18:23 - 0000017 _____ () C:\Users\Heroldovi\AppData\Local\resmon.resmoncfg
2013-03-11 11:58 - 2013-03-11 11:58 - 0000147 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Some files in TEMP:
====================
C:\Users\Heroldovi\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
C:\Users\Heroldovi\AppData\Local\Temp\HiRezLauncherControls.dll
C:\Users\Heroldovi\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-08-16 21:31

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (system) (Fixed) (Total:119.82 GB) (Free:4.79 GB) NTFS
Drive d: (data) (Fixed) (Total:178.16 GB) (Free:111.34 GB) NTFS
Drive e: (Ples 7087 6.12.) (CDROM) (Total:0.75 GB) (Free:0 GB) CDFS

Available physical RAM: 1995.14 MB
Total physical RAM: 3582.49 MB
Percentage of memory in use: 44%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: DCD7DCD7)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=178.2 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Heroldovi\Desktop" je 265 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper
"C:\Users\Heroldovi\AppData\Roaming\Spotify\SpotifyWebHelper.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
"D:\Adam\Steam\steam.exe" -silent [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Heroldovi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse.lnk
C:\Users\HEROLD~1\AppData\Roaming\CURSEC~1\Bin\Curse.exe

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#10 Příspěvek od **Márty84** » 18 srp 2015 08:10

Vypnete trvale Windows Defender.

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS6ServiceManager] => C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKU\S-1-5-21-333770512-150562242-2592583544-1001\...\Run: [AdobeBridge] => [X]
AppInit_DLLs: c:\progra~2\bitguard\271832~1.68\{c16c1~1\bitguard.dll => c:\progra~2\bitguard\271832~1.68\{c16c1~1\bitguard.dll File not found
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

HKU\S-1-5-21-333770512-150562242-2592583544-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.cz/
URLSearchHook: HKLM - (No Name) - {62d40876-df18-411f-9d34-a9dd7a197bc5} - No File
URLSearchHook: HKU\S-1-5-21-333770512-150562242-2592583544-1001 - (No Name) - {62d40876-df18-411f-9d34-a9dd7a197bc5} - No File
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-333770512-150562242-2592583544-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-333770512-150562242-2592583544-1001 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
Toolbar: HKU\S-1-5-21-333770512-150562242-2592583544-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-333770512-150562242-2592583544-1001 -> No Name - {62D40876-DF18-411F-9D34-A9DD7A197BC5} - No File

FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]

S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
U3 awj111zh; C:\Windows\system32\Drivers\awj111zh.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-22 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-16 269000]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-22 107912]

2015-08-17 15:21 - 2015-08-17 15:21 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-17 15:20 - 2015-08-17 15:21 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Heroldovi\Downloads\mbam-setup-2.1.8.1057.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

kherold · #11 Příspěvek od **kherold** » 18 srp 2015 09:20

Tady to je.

Fix result of Farbar Recovery Scan Tool (x86) Version:17-08-2015
Ran by Heroldovi (2015-08-18 10:10:13) Run:1
Running from C:\Users\Heroldovi\Desktop
Loaded Profiles: Heroldovi (Available Profiles: Heroldovi & UpdatusUser)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS6ServiceManager] => C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKU\S-1-5-21-333770512-150562242-2592583544-1001\...\Run: [AdobeBridge] => [X]
AppInit_DLLs: c:\progra~2\bitguard\271832~1.68\{c16c1~1\bitguard.dll => c:\progra~2\bitguard\271832~1.68\{c16c1~1\bitguard.dll File not found
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

HKU\S-1-5-21-333770512-150562242-2592583544-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.cz/
URLSearchHook: HKLM - (No Name) - {62d40876-df18-411f-9d34-a9dd7a197bc5} - No File
URLSearchHook: HKU\S-1-5-21-333770512-150562242-2592583544-1001 - (No Name) - {62d40876-df18-411f-9d34-a9dd7a197bc5} - No File
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-333770512-150562242-2592583544-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM ... -SearchBox
SearchScopes: HKU\S-1-5-21-333770512-150562242-2592583544-1001 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
Toolbar: HKU\S-1-5-21-333770512-150562242-2592583544-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-333770512-150562242-2592583544-1001 -> No Name - {62D40876-DF18-411F-9D34-A9DD7A197BC5} - No File

FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]

S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
U3 awj111zh; C:\Windows\system32\Drivers\awj111zh.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-22 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-16 269000]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-22 107912]

2015-08-17 15:21 - 2015-08-17 15:21 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-17 15:20 - 2015-08-17 15:21 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Heroldovi\Downloads\mbam-setup-2.1.8.1057.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeCS6ServiceManager => value removed successfully.
HKU\S-1-5-21-333770512-150562242-2592583544-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully.
"c:\progra~2\bitguard\271832~1.68\{c16c1~1\bitguard.dll" => Value data removed successfully..
"HKLM\SOFTWARE\Policies\Google" => key removed successfully.
HKU\S-1-5-21-333770512-150562242-2592583544-1001\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache => value removed successfully.
HKLM\Software\Microsoft\Internet Explorer\URLSearchHooks\\{62d40876-df18-411f-9d34-a9dd7a197bc5} => value removed successfully.
HKU\S-1-5-21-333770512-150562242-2592583544-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{62d40876-df18-411f-9d34-a9dd7a197bc5} => value removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909}" => key removed successfully.
HKCR\CLSID\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} => key not found.
"HKU\S-1-5-21-333770512-150562242-2592583544-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKU\S-1-5-21-333770512-150562242-2592583544-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909}" => key removed successfully.
HKCR\CLSID\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} => key not found.
HKU\S-1-5-21-333770512-150562242-2592583544-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
HKU\S-1-5-21-333770512-150562242-2592583544-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{62D40876-DF18-411F-9D34-A9DD7A197BC5} => value removed successfully.
HKCR\CLSID\{62D40876-DF18-411F-9D34-A9DD7A197BC5} => key not found.
"HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => key removed successfully.
SwitchBoard => service removed successfully.
awj111zh => service not found.
gupdate => service removed successfully.
SkypeUpdate => service removed successfully.
AdobeFlashPlayerUpdateSvc => service removed successfully.
gupdatem => service removed successfully.
C:\ProgramData\Malwarebytes => moved successfully.
C:\Users\Heroldovi\Downloads\mbam-setup-2.1.8.1057.exe => moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam => key removed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 2.9 GB temporary data Removed.

The system needed a reboot.

==== End of Fixlog 10:11:10 ====

#12 Příspěvek od **Márty84** » 18 srp 2015 09:25

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

vyosek píše: DelFix https://toolslib.net/downloads/finish/2/
Stahnete a spustte

Ponechte zatrzitkou pouze u volby Remove disinfection tools

Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak to s pc vypada.

kherold · #13 Příspěvek od **kherold** » 18 srp 2015 18:57

Funguje výborně! Moc děkuji.

#14 Příspěvek od **Márty84** » 18 srp 2015 22:36

Nemate zac!

Mejte se a treba zase nekdy

VIRY.CZ

Zdravím a prosím o kontrolu

Zdravím a prosím o kontrolu

Re: Zdravím a prosím o kontrolu

Re: Zdravím a prosím o kontrolu

Re: Zdravím a prosím o kontrolu

Re: Zdravím a prosím o kontrolu

Re: Zdravím a prosím o kontrolu

Re: Zdravím a prosím o kontrolu

Re: Zdravím a prosím o kontrolu

Re: Zdravím a prosím o kontrolu

Re: Zdravím a prosím o kontrolu

Re: Zdravím a prosím o kontrolu

Re: Zdravím a prosím o kontrolu

Re: Zdravím a prosím o kontrolu

Re: Zdravím a prosím o kontrolu