VIRY.CZ

Dobrý den,
po odstarnění bordelu pomocí Avastího scanu před startem systému. 30 infekcí.
Došlo ke zrychlení systému, ale není pořád plněfunkční, nefungují aktualizace (ani windows update ani manuální instalace hotfixů, navíc bezdůvodně vypíná (resp snižuje na 0) hlasitost. zde vkládám log z FRST.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:19-12-2015
Ran by Tereza (administrator) on TEREZA-PC (19-12-2015 11:40:55)
Running from C:\Users\Tereza\Desktop
Loaded Profiles: Tereza (Available Profiles: Tereza)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: "C:\Program Files\Maxthon\Bin\Maxthon.exe" "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Maxthon) C:\Program Files\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
(StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Maxthon International ltd.) C:\Program Files\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files\Maxthon\Bin\Maxthon.exe
(forum.viry.cz) C:\Users\Tereza\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1725736 2010-04-22] (Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-16] (AVAST Software)
HKU\S-1-5-21-3548167528-2827145398-2739216196-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6602152 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-3548167528-2827145398-2739216196-1000\...\MountPoints2: {c1c7c1c0-abae-11e3-b299-806e6f6e6963} - D:\setup.exe
HKU\S-1-5-21-3548167528-2827145398-2739216196-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [293888 2013-02-06] (Microsoft Corporation)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-12-16] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-3548167528-2827145398-2739216196-1000] => http=http://127.0.0.1:9880
AutoConfigURL: [S-1-5-21-3548167528-2827145398-2739216196-1000] => http=hxxp://127.0.0.1:9880
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{1E3D00AE-2B3B-4A4F-9489-B4BDB1C2B7BC}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{3C592A8A-5550-4259-825B-7FA3D8DC7156}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{55BDEA94-476C-48DB-999B-0C7BC00F2CEB}: [DhcpNameServer] 10.100.0.1 10.0.0.1 8.8.8.8
Tcpip\..\Interfaces\{BB53FAD7-AECC-431C-A94F-5A1F2DA1CDC1}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hp&ts=14395632 ... 3804738047
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1439 ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=14395632 ... 3804738047
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1439 ... earchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com
HKU\S-1-5-21-3548167528-2827145398-2739216196-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1439 ... earchTerms}
HKU\S-1-5-21-3548167528-2827145398-2739216196-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.crawler.com/search/dispatcher.aspx? ... tbid=60747
HKU\S-1-5-21-3548167528-2827145398-2739216196-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-3548167528-2827145398-2739216196-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=14395632 ... 3804738047
HKU\S-1-5-21-3548167528-2827145398-2739216196-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1439 ... earchTerms}
SearchScopes: HKU\S-1-5-21-3548167528-2827145398-2739216196-1000 -> DefaultScope {059BFEDB-4384-49BA-9F75-2EEB6203D173} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=Searchmodule_1
SearchScopes: HKU\S-1-5-21-3548167528-2827145398-2739216196-1000 -> {059BFEDB-4384-49BA-9F75-2EEB6203D173} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=Searchmodule_1
SearchScopes: HKU\S-1-5-21-3548167528-2827145398-2739216196-1000 -> {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} URL = hxxp://www.crawler.com/search/dispatcher.aspx? ... tbid=60747
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-12-16] (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-02-19] (Google Inc.)
BHO: No Name -> {d40c654d-7c51-4eb3-95b2-1e23905c2a2d} -> No File
Toolbar: HKLM - No Name - {4B4D5056-3763-006A-76A7-7A786E7484D7} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-02-19] (Google Inc.)
Toolbar: HKU\S-1-5-21-3548167528-2827145398-2739216196-1000 -> No Name - {4B4D5056-3763-006A-76A7-7A786E7484D7} - No File
Toolbar: HKU\S-1-5-21-3548167528-2827145398-2739216196-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-02-19] (Google Inc.)

FireFox:
========
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-07-11] (Google, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [No File]
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-12-19] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-12-19] (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll [No File]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-12-21] (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\Tereza\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2015-04-26] [not signed]
FF Extension: Pirrit Suggestor - C:\Users\Tereza\AppData\Roaming\Mozilla\Firefox\profiles\extensions\suggestor@suggestor.pirrit.com.xpi [2014-02-20] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-16]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2015-12-16]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-12-16]

Opera:
=======
OPR StartupUrls: "hxxp://www.istartsurf.com/?type=hp&ts=14395632 ... 3804738047"
OPR Session Restore: -> is enabled.
StartMenuInternet: (HKLM) OperaStable - C:\Users\Tereza\Desktop\Launcher.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-16] (AVAST Software)
S2 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft Development Team)
R2 MaxthonUpdateSvc; C:\Program Files\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1872808 2015-12-18] (Maxthon)
S2 SetupARService; C:\Program Files\Realtek\Audio\SetupAfterRebootService.exe [24576 2014-02-20] (Realtek Semiconductor.) [File not signed]
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-12-16] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [81168 2015-12-18] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-12-16] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-12-16] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [794952 2015-12-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436360 2015-12-18] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [117712 2015-12-16] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209432 2015-12-16] (AVAST Software)
R3 RTL8192Ce; C:\Windows\System32\DRIVERS\rtl8192Ce.sys [853536 2010-06-11] (Realtek Semiconductor Corporation )
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [329384 2015-08-14] (Duplex Secure Ltd.)
U3 avjgn63s; C:\Windows\system32\Drivers\avjgn63s.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 btmaudio; system32\drivers\btmaud.sys [X]
S3 BTMCOM; System32\Drivers\btmcom.sys [X]
S3 BTMMODEM; system32\DRIVERS\btmcom.sys [X]
S3 BTMNET; system32\DRIVERS\btmnet.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-19 11:40 - 2015-12-19 11:42 - 00012729 _____ C:\Users\Tereza\Desktop\FRST.txt
2015-12-19 11:40 - 2015-12-19 11:40 - 00000000 ____D C:\FRST
2015-12-19 11:39 - 2015-12-19 11:39 - 00112640 _____ (forum.viry.cz) C:\Users\Tereza\Desktop\FRSTLauncher.exe
2015-12-19 11:36 - 2015-12-19 11:36 - 01721344 _____ (Farbar) C:\Users\Tereza\Desktop\FRST.exe
2015-12-19 00:26 - 2015-12-19 00:52 - 00000000 ___HD C:\$WINDOWS.~BT
2015-12-18 23:59 - 2015-12-18 23:59 - 00000000 ___HD C:\$Windows.~WS
2015-12-18 21:50 - 2015-12-18 21:51 - 00000000 ____D C:\Users\Tereza\AppData\Roaming\Maxthon3
2015-12-18 21:50 - 2015-12-18 21:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxthon Cloud Browser
2015-12-18 21:50 - 2015-12-18 21:50 - 00001043 _____ C:\Users\Public\Desktop\Maxthon Cloud Browser.lnk
2015-12-18 21:50 - 2015-12-18 21:50 - 00000000 ____D C:\Program Files\Maxthon
2015-12-17 17:18 - 2015-12-17 17:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
2015-12-17 17:18 - 2015-12-17 17:18 - 00000000 ____D C:\Program Files\HD Tune
2015-12-17 17:16 - 2015-12-17 17:16 - 00642632 _____ (EFD Software ) C:\Users\Tereza\Downloads\hdtune_255.exe
2015-12-17 10:17 - 2015-12-17 10:17 - 00000000 ____D C:\Windows\CheckSur
2015-12-17 09:54 - 2015-12-17 09:54 - 00286158 _____ C:\Users\Tereza\Desktop\cc_20151217_095419.reg
2015-12-16 23:55 - 2015-12-19 00:52 - 00001908 _____ C:\Windows\diagwrn.xml
2015-12-16 23:55 - 2015-12-19 00:52 - 00001908 _____ C:\Windows\diagerr.xml
2015-12-16 23:40 - 2015-12-19 00:13 - 00000000 ____D C:\ESD
2015-12-16 23:26 - 2015-12-19 00:51 - 00000000 ____D C:\Windows\Panther
2015-12-16 23:23 - 2015-12-16 23:24 - 07635472 _____ (Microsoft Corporation) C:\Users\Tereza\Downloads\GetWindows10-Web_Default_Attr.exe
2015-12-16 23:09 - 2015-12-16 23:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-12-16 22:56 - 2015-12-16 22:42 - 00322760 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-12-16 22:42 - 2015-12-16 22:42 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-12-16 22:23 - 2015-12-16 22:23 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-16 20:37 - 2015-12-18 22:39 - 00000000 ____D C:\Program Files\CCleaner
2015-12-16 20:37 - 2015-12-16 20:37 - 00000969 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-12-16 20:37 - 2015-12-16 20:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-12-16 20:30 - 2015-12-16 20:33 - 06801752 _____ (Piriform Ltd) C:\Users\Tereza\Downloads\ccsetup512.exe
2015-12-09 05:37 - 2015-12-09 05:37 - 00000000 ____D C:\Users\Tereza\Desktop\filmy od erži
2015-12-09 05:23 - 2015-12-14 19:45 - 00000000 ____D C:\Users\Tereza\Desktop\porno
2015-12-09 04:56 - 2015-12-09 04:58 - 00000000 ____D C:\Users\Tereza\Desktop\hudba era
2015-12-09 04:55 - 2015-12-09 04:56 - 00000000 ____D C:\Users\Tereza\Desktop\Don.Jon.2013.BDRip.XviD.CZ-TreZzoR

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-19 11:40 - 2009-07-14 03:37 - 00000000 ____D C:\Windows
2015-12-19 11:30 - 2014-02-20 18:42 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-19 11:00 - 2009-07-14 05:34 - 00022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-19 11:00 - 2009-07-14 05:34 - 00022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-19 10:53 - 2014-02-21 00:22 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-19 10:53 - 2014-02-20 20:23 - 00001498 _____ C:\Windows\Tasks\Plus-HD-7.6-updater.job
2015-12-19 10:53 - 2014-02-20 20:23 - 00001352 _____ C:\Windows\Tasks\Plus-HD-7.6-enabler.job
2015-12-19 10:53 - 2014-02-20 20:22 - 00002382 _____ C:\Windows\Tasks\Plus-HD-7.6-validator.job
2015-12-19 10:53 - 2014-02-20 20:22 - 00002304 _____ C:\Windows\Tasks\Plus-HD-7.6-firefoxinstaller.job
2015-12-19 10:53 - 2014-02-20 20:22 - 00001454 _____ C:\Windows\Tasks\Plus-HD-7.6-codedownloader.job
2015-12-19 10:53 - 2014-02-14 15:41 - 00016384 _____ C:\Windows\system32\Ikeext.etl
2015-12-19 10:53 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-19 10:45 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\tracing
2015-12-19 01:03 - 2015-08-13 09:52 - 00000000 ____D C:\Users\Tereza\AppData\Local\ElevatedDiagnostics
2015-12-18 23:14 - 2014-01-25 16:20 - 00004564 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-18 23:14 - 2009-07-14 09:44 - 01032982 _____ C:\Windows\system32\perfh005.dat
2015-12-18 23:14 - 2009-07-14 09:44 - 00263148 _____ C:\Windows\system32\perfc005.dat
2015-12-18 22:27 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2015-12-18 22:26 - 2014-02-19 18:39 - 00000000 ____D C:\Program Files\7-Zip
2015-12-18 19:46 - 2014-02-19 17:11 - 00436360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2015-12-18 19:46 - 2014-02-19 17:11 - 00081168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2015-12-17 17:42 - 2009-07-14 05:53 - 00032590 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-12-17 17:30 - 2014-02-20 18:42 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-12-17 17:30 - 2014-02-20 18:42 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-12-17 10:02 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2015-12-16 23:11 - 2014-02-19 17:07 - 00000000 ____D C:\ProgramData\AVAST Software
2015-12-16 22:42 - 2014-02-19 17:11 - 00209432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-12-16 22:42 - 2014-02-19 17:11 - 00117712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-12-16 22:42 - 2014-02-19 17:11 - 00081728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-12-16 22:42 - 2014-02-19 17:11 - 00049776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-12-16 22:42 - 2008-03-14 17:00 - 00024016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-12-16 22:41 - 2014-02-19 17:11 - 00794952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-12-16 22:41 - 2014-02-19 17:08 - 00000000 ____D C:\Program Files\AVAST Software
2015-12-16 22:12 - 2014-01-25 19:21 - 00000000 ____D C:\Users\Tereza\AppData\Local\Deployment
2015-12-16 21:02 - 2015-08-14 15:40 - 00000000 ____D C:\Users\Tereza\AppData\Roaming\istartsurf
2015-12-16 21:01 - 2014-02-20 21:21 - 00000000 ____D C:\Users\Tereza\AppData\Local\PirritSuggestor
2015-12-16 20:57 - 2015-08-14 15:41 - 00000000 ____D C:\ProgramData\gWinManProg
2015-12-16 20:40 - 2015-08-12 20:49 - 00000000 ____D C:\Users\Tereza\AppData\Roaming\AIMP3
2015-12-16 20:40 - 2014-02-19 17:46 - 00000000 ____D C:\Users\Tereza\AppData\Roaming\MPC-HC
2015-12-09 05:01 - 2014-01-25 19:07 - 00000000 ____D C:\Users\Tereza\Documents\Mé přijaté soubory
2015-12-02 13:25 - 2014-01-25 20:22 - 00247976 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2015-08-12 17:53 - 2015-07-10 17:05 - 0000318 _____ () C:\Program Files\launcher.visualelementsmanifest.xml
2015-08-12 17:53 - 2015-07-10 17:05 - 0003072 _____ () C:\Program Files\Resources.pri
2015-01-17 23:36 - 2015-01-17 23:41 - 0087608 _____ () C:\Users\Tereza\AppData\Roaming\inst.exe
2015-01-17 23:36 - 2015-01-17 23:41 - 0007887 _____ () C:\Users\Tereza\AppData\Roaming\pcouffin.cat
2015-01-17 23:36 - 2015-01-17 23:41 - 0001144 _____ () C:\Users\Tereza\AppData\Roaming\pcouffin.inf
2015-01-17 23:37 - 2015-04-18 02:49 - 0000033 _____ () C:\Users\Tereza\AppData\Roaming\pcouffin.log
2015-01-17 23:36 - 2015-01-17 23:41 - 0047360 _____ (VSO Software) C:\Users\Tereza\AppData\Roaming\pcouffin.sys
2014-03-03 14:45 - 2015-07-21 22:45 - 0001057 _____ () C:\Users\Tereza\AppData\Roaming\vso_ts_preview.xml
2014-02-19 21:18 - 2014-02-21 17:56 - 0005632 _____ () C:\Users\Tereza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-14 15:21 - 2015-11-11 15:59 - 0004000 _____ () C:\Users\Tereza\AppData\Local\mbt-actwiz.log
2015-08-12 20:07 - 2015-09-10 22:21 - 0065552 ___SH () C:\ProgramData\Desktop.lnk

Some files in TEMP:
====================
C:\Users\Tereza\AppData\Local\Temp\GetWindows10-Web_Default_Attr.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Plus-HD-7.6-codedownloader.job => C:\Program Files\Plus-HD-7.6\Plus-HD-7.6-codedownloader.exeȵ/reinstallapp /runfrom=task /agentregpath='Plus-HD-7.6' /appid=50778 /srcid='001106' /subid='0' /zdata='0' /bic=A77972B2E7024558AF970CE9C8D18E43IE /verifier=0f7b4f2f70bbafb4ebae32ec79818097 /installerversion=1_34_2_13 /installerfullversion=1.34.2.13 /installationtime=1392924129 /statsdomain=hxxp:/stats.srvstatsdata.com /errorsdomain=hxxp:/errors.srvstatsdata.com /codedownloaddomain=hxxp:/app-static.crossrider.com /defbro=ie /allusers /autoupdateulr='hxxp:/update.srvstatsdata.com/ie_code_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-7.6-enabler.job => C:\Program Files\Plus-HD-7.6\Plus-HD-7.6-enabler.exeȉ/enablebho /agentregpath='Plus-HD-7.6' /appid=50778 /srcid='001106' /subid='0' /zdata='0' /bic=A77972B2E7024558AF970CE9C8D18E43IE /verifier=0f7b4f2f70bbafb4ebae32ec79818097 /installerversion=1_34_2_13 /installationtime=1392924129 /statsdomain=hxxp:/stats.srvstatsdata.com /errorsdomain=hxxp:/errors.srvstatsdata.com /bhoguid=11111111-1111-1111-1111-110511071178 /defbro=ie /useiepol /allusers /autoupdateulr='hxxp:/update.srvstatsdata.com/ie_enable_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-7.6-firefoxinstaller.job => C:\Program Files\Plus-HD-7.6\Plus-HD-7.6-firefoxinstaller.exeϜ/installxpi /agentregpath='Plus-HD-7.6' /extensionfilepath C:\Program Files\Plus-HD-7.6\50778.xpi' /appid=50778 /srcid='001106' /subid='0' /zdata='0' /bic=A77972B2E7024558AF970CE9C8D18E43IE /verifier=0f7b4f2f70bbafb4ebae32ec79818097 /installerversion=1_34_2_13 /installerfullversion=1.34.2.13 /installationtime=1392924129 /statsdomain=hxxp:/stats.srvstatsdata.com /errorsdomain=hxxp:/errors.srvstatsdata.com /waitforbrowser=300 /extensionid=1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com /extensionversion=0.93 /prefsbranch=a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778 /updateurl=hxxps:/w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/50778.rdf /extensionname='Plus-HD-7.6' /extensiondesc='Turn YouTube videos to High Definition by default' /publishername='Plus HD' /defbro=ie /allusers /allprofiles /checkfflist /autoupdateulr='hxxp:/update.srvstatsdata.com/ff_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-7.6-updater.job => C:\Program Files\Plus-HD-7.6\Plus-HD-7.6-updater.exeɒ/runupdater /agentregpath='Plus-HD-7.6' /appid=50778 /srcid='001106' /subid='0' /zdata='0' /bic=A77972B2E7024558AF970CE9C8D18E43IE /verifier=0f7b4f2f70bbafb4ebae32ec79818097 /installerversion=1_34_2_13 /installationtime=1392924129 /statsdomain=hxxp:/stats.srvstatsdata.com /errorsdomain=hxxp:/errors.srvstatsdata.com /geoserviceurl=hxxp:/ipgeoapi.com/ /updatejsondomain=hxxp:/update.srvstatsdata.com /updaterversion=2 /monetizationdomain=hxxp:/stats.mstatsserv.com /autoupdateulr='hxxp:/update.srvstatsdata.com/updater_agent_updates/{CAMP_ID}/update.jso <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-7.6-validator.job => C:\Program Files\Plus-HD-7.6\Plus-HD-7.6-validator.exe <==== ATTENTION

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Tereza\Desktop" je 5981 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount
"C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BTMTrayAgent
rundll32.exe "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSystemDetect
C:\Users\Tereza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NextLive
C:\Windows\system32\rundll32.exe "C:\Users\Tereza\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SFAUpdater
"C:\Program Files\Smart File Advisor\SFAUpdater.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Smart File Advisor
"C:\Program Files\Smart File Advisor\sfa.exe" /checkassoc [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorShield
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdater
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

jen prodoplnění informací nejde ani upgrade na win 10 předem děkuji Ludvík Pokorný

Krasny den Vam preju



V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )

• ukoncete vsechny programy
• kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
• kliknete na Scan, pote na Cleaning
• po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

# AdwCleaner v5.025 - Logfile created 19/12/2015 at 14:09:24
# Updated 13/12/2015 by Xplode
# Database : 2015-12-13.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : Tereza - TEREZA-PC
# Running from : C:\Users\Tereza\Desktop\adwcleaner_5.025.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

Folder Found : C:\Program Files\AskPartnerNetwork
Folder Found : C:\ProgramData\apn
Folder Found : C:\ProgramData\AskPartnerNetwork
Folder Found : C:\ProgramData\gWinManProg
Folder Found : C:\Users\Tereza\AppData\Local\AskPartnerNetwork
Folder Found : C:\Users\Tereza\AppData\Local\genienext
Folder Found : C:\Users\Tereza\AppData\Local\Mobogenie
Folder Found : C:\Users\Tereza\AppData\Local\PirritSuggestor
Folder Found : C:\Users\Tereza\AppData\Local\WinRST
Folder Found : C:\Users\Tereza\AppData\Local\CheckCode
Folder Found : C:\Users\Tereza\AppData\Local\PConverter_dz
Folder Found : C:\Users\Tereza\AppData\LocalLow\iac
Folder Found : C:\Users\Tereza\AppData\LocalLow\PConverter_dz
Folder Found : C:\Users\Tereza\AppData\Roaming\istartsurf
Folder Found : C:\Users\Tereza\AppData\Roaming\newnext.me
Folder Found : C:\Users\Tereza\AppData\Roaming\OpenCandy
Folder Found : C:\Users\Tereza\AppData\Roaming\Pirrit
Folder Found : C:\Users\Tereza\AppData\Roaming\Systweak

***** [ Files ] *****

File Found : C:\Windows\system32\drivers\sp_rsdrv2.sys

***** [ DLL ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\Classes\speedupmypc
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [Plus-HD-7.6-bg.exe]
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0050778.BHO
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0050778.BHO.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0050778.Sandbox
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0050778.Sandbox.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{884189CF-7C10-41E8-A014-F7B2BE40AADB}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a29a50b7-9687-4473-9a51-e6987fa15fc7}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{b12ceca4-637c-4638-b748-c13b229c2191}
Key Found : HKCU\Software\AskPartnerNetwork
Key Found : HKCU\Software\InstalledBrowserExtensions
Key Found : HKCU\Software\PRODUCTSETUP
Key Found : HKLM\SOFTWARE\AskPartnerNetwork
Key Found : HKLM\SOFTWARE\istartsurfSoftware
Key Found : HKLM\SOFTWARE\Pirrit
Key Found : HKLM\SOFTWARE\supWindowsMangerProtect
Key Found : HKLM\SOFTWARE\Upt
Key Found : HKLM\SOFTWARE\WinUpd
Key Found : HKLM\SOFTWARE\SI-App
Key Found : HKLM\SOFTWARE\RST
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Smart File Advisor_is1
Key Found : HKU\.DEFAULT\Software\AskPartnerNetwork
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89EA4F1B8FBCDEF47AE328E455E28AA0
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97ECFF59EE08D4F47BB1464DEC37DA87
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8CB937199A57E748B6AC433DA453EE2
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4E78E12704AFCE408C7FBE501F1AA0A
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6A54B56C58C82a4688AFB93F42EA17B
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F0390A76D28822743A68D7F1AB22E6D0
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0A5AC497E6BBC8D45BE8AD6619DA8217
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
Key Found : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
Data Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.istartsurf.com/web/?type=ds&ts=1439 ... earchTerms}
Data Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.istartsurf.com/?type=hp&ts=14395632 ... 3804738047
Data Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [SearchAssistant] - hxxp://www.crawler.com/search/ie.aspx?tb_id=60747
Data Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [CustomizeSearch] - hxxp://dnl.crawler.com/support/sa_customize.aspx?TbId=60747
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}

***** [ Web browsers ] *****


########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [9157 bytes] ##########

# AdwCleaner v5.025 - Logfile created 19/12/2015 at 15:01:59
# Updated 13/12/2015 by Xplode
# Database : 2015-12-13.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : Tereza - TEREZA-PC
# Running from : C:\Users\Tereza\Desktop\adwcleaner_5.025.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files\AskPartnerNetwork
[-] Folder Deleted : C:\ProgramData\apn
[-] Folder Deleted : C:\ProgramData\AskPartnerNetwork
[-] Folder Deleted : C:\ProgramData\gWinManProg
[-] Folder Deleted : C:\Users\Tereza\AppData\Local\AskPartnerNetwork
[-] Folder Deleted : C:\Users\Tereza\AppData\Local\genienext
[-] Folder Deleted : C:\Users\Tereza\AppData\Local\Mobogenie
[-] Folder Deleted : C:\Users\Tereza\AppData\Local\PirritSuggestor
[-] Folder Deleted : C:\Users\Tereza\AppData\Local\WinRST
[-] Folder Deleted : C:\Users\Tereza\AppData\Local\CheckCode
[-] Folder Deleted : C:\Users\Tereza\AppData\Local\PConverter_dz
[-] Folder Deleted : C:\Users\Tereza\AppData\LocalLow\iac
[-] Folder Deleted : C:\Users\Tereza\AppData\LocalLow\PConverter_dz
[-] Folder Deleted : C:\Users\Tereza\AppData\Roaming\istartsurf
[-] Folder Deleted : C:\Users\Tereza\AppData\Roaming\newnext.me
[-] Folder Deleted : C:\Users\Tereza\AppData\Roaming\OpenCandy
[-] Folder Deleted : C:\Users\Tereza\AppData\Roaming\Pirrit
[-] Folder Deleted : C:\Users\Tereza\AppData\Roaming\Systweak

***** [ Files ] *****

[-] File Deleted : C:\Windows\system32\drivers\sp_rsdrv2.sys

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [Plus-HD-7.6-bg.exe]
[-] Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0050778.BHO
[-] Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0050778.BHO.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0050778.Sandbox
[-] Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0050778.Sandbox.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{884189CF-7C10-41E8-A014-F7B2BE40AADB}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a29a50b7-9687-4473-9a51-e6987fa15fc7}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{b12ceca4-637c-4638-b748-c13b229c2191}
[-] Key Deleted : HKCU\Software\AskPartnerNetwork
[-] Key Deleted : HKCU\Software\InstalledBrowserExtensions
[-] Key Deleted : HKCU\Software\PRODUCTSETUP
[-] Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
[-] Key Deleted : HKLM\SOFTWARE\istartsurfSoftware
[-] Key Deleted : HKLM\SOFTWARE\Pirrit
[-] Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
[-] Key Deleted : HKLM\SOFTWARE\Upt
[-] Key Deleted : HKLM\SOFTWARE\WinUpd
[-] Key Deleted : HKLM\SOFTWARE\SI-App
[-] Key Deleted : HKLM\SOFTWARE\RST
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Smart File Advisor_is1
[-] Key Deleted : HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89EA4F1B8FBCDEF47AE328E455E28AA0
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97ECFF59EE08D4F47BB1464DEC37DA87
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8CB937199A57E748B6AC433DA453EE2
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4E78E12704AFCE408C7FBE501F1AA0A
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6A54B56C58C82a4688AFB93F42EA17B
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F0390A76D28822743A68D7F1AB22E6D0
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0A5AC497E6BBC8D45BE8AD6619DA8217
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [SearchAssistant]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [CustomizeSearch]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}

***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [9359 bytes] ##########

Dejte logy FRST.txt a Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101
Pozn. pri druhem a dalsim spusteni je pro vytvoreni logu Addition.txt nutne tuto volbu explicitne zatrhnout pred zacatkem skenu.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:19-12-2015
Ran by Tereza (administrator) on TEREZA-PC (20-12-2015 17:09:41)
Running from C:\Users\Tereza\Desktop
Loaded Profiles: Tereza (Available Profiles: Tereza)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: "C:\Program Files\Maxthon\Bin\Maxthon.exe" "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Maxthon) C:\Program Files\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
(StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1725736 2010-04-22] (Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-16] (AVAST Software)
HKU\S-1-5-21-3548167528-2827145398-2739216196-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6602152 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-3548167528-2827145398-2739216196-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [293888 2013-02-06] (Microsoft Corporation)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-12-16] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-3548167528-2827145398-2739216196-1000] => http=http://127.0.0.1:9880
AutoConfigURL: [S-1-5-21-3548167528-2827145398-2739216196-1000] => http=hxxp://127.0.0.1:9880
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{1E3D00AE-2B3B-4A4F-9489-B4BDB1C2B7BC}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{3C592A8A-5550-4259-825B-7FA3D8DC7156}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{55BDEA94-476C-48DB-999B-0C7BC00F2CEB}: [DhcpNameServer] 10.100.0.1 10.0.0.1 8.8.8.8
Tcpip\..\Interfaces\{BB53FAD7-AECC-431C-A94F-5A1F2DA1CDC1}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3548167528-2827145398-2739216196-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3548167528-2827145398-2739216196-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3548167528-2827145398-2739216196-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKU\S-1-5-21-3548167528-2827145398-2739216196-1000 -> DefaultScope {059BFEDB-4384-49BA-9F75-2EEB6203D173} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=Searchmodule_1
SearchScopes: HKU\S-1-5-21-3548167528-2827145398-2739216196-1000 -> {059BFEDB-4384-49BA-9F75-2EEB6203D173} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=Searchmodule_1
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-12-16] (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-02-19] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-02-19] (Google Inc.)
Toolbar: HKU\S-1-5-21-3548167528-2827145398-2739216196-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-02-19] (Google Inc.)

FireFox:
========
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-07-11] (Google, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [No File]
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-12-19] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-12-19] (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll [No File]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-12-21] (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\Tereza\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2015-04-26] [not signed]
FF Extension: Pirrit Suggestor - C:\Users\Tereza\AppData\Roaming\Mozilla\Firefox\profiles\extensions\suggestor@suggestor.pirrit.com.xpi [2014-02-20] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-16]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2015-12-16]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-12-16]

Opera:
=======
OPR StartupUrls: "hxxp://www.istartsurf.com/?type=hp&ts=14395632 ... 3804738047"
OPR Session Restore: -> is enabled.
StartMenuInternet: (HKLM) OperaStable - C:\Users\Tereza\Desktop\Launcher.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-16] (AVAST Software)
S2 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft Development Team)
R2 MaxthonUpdateSvc; C:\Program Files\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1872808 2015-12-18] (Maxthon)
S2 SetupARService; C:\Program Files\Realtek\Audio\SetupAfterRebootService.exe [24576 2014-02-20] (Realtek Semiconductor.) [File not signed]
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-12-16] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [81168 2015-12-18] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-12-16] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-12-16] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [794952 2015-12-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436360 2015-12-18] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [117712 2015-12-16] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209432 2015-12-16] (AVAST Software)
R3 RTL8192Ce; C:\Windows\System32\DRIVERS\rtl8192Ce.sys [853536 2010-06-11] (Realtek Semiconductor Corporation )
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [329384 2015-08-14] (Duplex Secure Ltd.)
U3 anlec63x; C:\Windows\system32\Drivers\anlec63x.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 btmaudio; system32\drivers\btmaud.sys [X]
S3 BTMCOM; System32\Drivers\btmcom.sys [X]
S3 BTMMODEM; system32\DRIVERS\btmcom.sys [X]
S3 BTMNET; system32\DRIVERS\btmnet.sys [X]
S3 catchme; \??\C:\Users\Tereza\AppData\Local\Temp\catchme.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-19 23:19 - 2014-04-12 03:15 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-12-19 23:19 - 2014-04-12 03:15 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-12-19 23:19 - 2014-04-12 03:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-12-19 23:19 - 2014-04-12 03:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-12-19 23:19 - 2014-04-12 03:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-12-19 23:19 - 2014-04-12 03:11 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-12-19 23:19 - 2014-04-12 03:11 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-12-19 23:19 - 2014-03-04 10:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-12-19 23:19 - 2014-03-04 10:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-12-19 23:19 - 2014-03-04 10:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-12-19 23:19 - 2014-03-04 10:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-12-19 23:19 - 2014-03-04 10:17 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-12-19 23:19 - 2014-03-04 10:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-12-19 23:19 - 2014-03-04 10:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-12-19 23:19 - 2014-03-04 10:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-12-19 23:19 - 2014-03-04 10:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-12-19 23:19 - 2014-03-04 10:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-12-19 23:19 - 2014-03-04 10:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2015-12-19 23:19 - 2014-03-04 10:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2015-12-19 23:19 - 2014-03-04 10:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2015-12-19 23:19 - 2014-03-04 10:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2015-12-19 23:19 - 2014-03-04 10:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-12-19 23:19 - 2014-03-04 10:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2015-12-19 23:19 - 2014-03-04 10:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-12-19 16:19 - 2015-12-19 16:48 - 00000000 ___HD C:\$WINDOWS.~BT
2015-12-19 15:30 - 2015-12-19 15:30 - 00000000 ___HD C:\$Windows.~WS
2015-12-19 14:09 - 2015-12-20 11:46 - 00000000 ____D C:\AdwCleaner
2015-12-19 14:07 - 2015-12-19 14:07 - 01740288 _____ C:\Users\Tereza\Desktop\adwcleaner_5.025.exe
2015-12-19 13:23 - 2015-12-19 13:23 - 00014931 _____ C:\ComboFix.txt
2015-12-19 12:56 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2015-12-19 12:56 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2015-12-19 12:56 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-12-19 12:56 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-12-19 12:56 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-12-19 12:56 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2015-12-19 12:56 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2015-12-19 12:56 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2015-12-19 12:55 - 2015-12-19 13:23 - 00000000 ____D C:\Qoobox
2015-12-19 12:55 - 2015-12-19 13:19 - 00000000 ____D C:\Windows\erdnt
2015-12-19 12:54 - 2015-12-19 12:54 - 05639940 ____R (Swearware) C:\Users\Tereza\Desktop\ComboFix.exe
2015-12-19 12:31 - 2015-12-19 12:31 - 00013484 _____ C:\Users\Tereza\Desktop\log.rar
2015-12-19 12:13 - 2015-12-19 13:25 - 00000000 ____D C:\Program Files\trend micro
2015-12-19 12:13 - 2015-12-19 12:14 - 00000000 ____D C:\rsit
2015-12-19 12:11 - 2015-12-19 12:11 - 01107968 _____ C:\Users\Tereza\Desktop\RSIT.exe
2015-12-19 11:43 - 2015-12-19 11:44 - 00017758 _____ C:\Users\Tereza\Desktop\Addition.txt
2015-12-19 11:40 - 2015-12-20 17:11 - 00010466 _____ C:\Users\Tereza\Desktop\FRST.txt
2015-12-19 11:40 - 2015-12-20 17:09 - 00000000 ____D C:\FRST
2015-12-19 11:40 - 2015-12-19 11:40 - 00015327 _____ C:\Users\Tereza\Desktop\LM.bat
2015-12-19 11:36 - 2015-12-19 11:36 - 01721344 _____ (Farbar) C:\Users\Tereza\Desktop\FRST.exe
2015-12-18 21:50 - 2015-12-18 21:51 - 00000000 ____D C:\Users\Tereza\AppData\Roaming\Maxthon3
2015-12-18 21:50 - 2015-12-18 21:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxthon Cloud Browser
2015-12-18 21:50 - 2015-12-18 21:50 - 00001043 _____ C:\Users\Public\Desktop\Maxthon Cloud Browser.lnk
2015-12-18 21:50 - 2015-12-18 21:50 - 00000000 ____D C:\Program Files\Maxthon
2015-12-17 17:18 - 2015-12-17 17:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
2015-12-17 17:18 - 2015-12-17 17:18 - 00000000 ____D C:\Program Files\HD Tune
2015-12-17 10:17 - 2015-12-17 10:17 - 00000000 ____D C:\Windows\CheckSur
2015-12-17 09:54 - 2015-12-17 09:54 - 00286158 _____ C:\Users\Tereza\Desktop\cc_20151217_095419.reg
2015-12-16 23:55 - 2015-12-19 16:48 - 00001908 _____ C:\Windows\diagwrn.xml
2015-12-16 23:55 - 2015-12-19 16:48 - 00001908 _____ C:\Windows\diagerr.xml
2015-12-16 23:40 - 2015-12-19 16:08 - 00000000 ____D C:\ESD
2015-12-16 23:26 - 2015-12-19 16:47 - 00000000 ____D C:\Windows\Panther
2015-12-16 23:09 - 2015-12-16 23:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-12-16 22:56 - 2015-12-16 22:42 - 00322760 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-12-16 22:42 - 2015-12-16 22:42 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-12-16 22:23 - 2015-12-16 22:23 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-16 20:37 - 2015-12-18 22:39 - 00000000 ____D C:\Program Files\CCleaner
2015-12-16 20:37 - 2015-12-16 20:37 - 00000969 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-12-16 20:37 - 2015-12-16 20:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-12-09 05:37 - 2015-12-09 05:37 - 00000000 ____D C:\Users\Tereza\Desktop\filmy od erži
2015-12-09 05:23 - 2015-12-14 19:45 - 00000000 ____D C:\Users\Tereza\Desktop\porno
2015-12-09 04:56 - 2015-12-09 04:58 - 00000000 ____D C:\Users\Tereza\Desktop\hudba era
2015-12-09 04:55 - 2015-12-09 04:56 - 00000000 ____D C:\Users\Tereza\Desktop\Don.Jon.2013.BDRip.XviD.CZ-TreZzoR

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-20 16:30 - 2014-02-20 18:42 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-20 11:55 - 2009-07-14 05:34 - 00022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-20 11:55 - 2009-07-14 05:34 - 00022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-20 11:48 - 2014-02-21 00:22 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-20 11:48 - 2014-02-14 15:41 - 00016384 _____ C:\Windows\system32\Ikeext.etl
2015-12-20 11:48 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-20 02:42 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2015-12-19 23:31 - 2014-01-25 16:20 - 00006230 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-19 23:31 - 2009-07-14 09:44 - 01126668 _____ C:\Windows\system32\perfh005.dat
2015-12-19 23:31 - 2009-07-14 09:44 - 00303474 _____ C:\Windows\system32\perfc005.dat
2015-12-19 23:31 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2015-12-19 23:26 - 2009-07-14 03:37 - 00000000 ____D C:\Windows
2015-12-19 14:29 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\tracing
2015-12-19 13:17 - 2009-07-14 03:04 - 00000215 _____ C:\Windows\system.ini
2015-12-19 01:03 - 2015-08-13 09:52 - 00000000 ____D C:\Users\Tereza\AppData\Local\ElevatedDiagnostics
2015-12-18 22:26 - 2014-02-19 18:39 - 00000000 ____D C:\Program Files\7-Zip
2015-12-18 19:46 - 2014-02-19 17:11 - 00436360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2015-12-18 19:46 - 2014-02-19 17:11 - 00081168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2015-12-17 17:42 - 2009-07-14 05:53 - 00032590 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-12-17 17:30 - 2014-02-20 18:42 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-12-17 17:30 - 2014-02-20 18:42 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-12-17 10:02 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2015-12-16 23:11 - 2014-02-19 17:07 - 00000000 ____D C:\ProgramData\AVAST Software
2015-12-16 22:42 - 2014-02-19 17:11 - 00209432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-12-16 22:42 - 2014-02-19 17:11 - 00117712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-12-16 22:42 - 2014-02-19 17:11 - 00081728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-12-16 22:42 - 2014-02-19 17:11 - 00049776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-12-16 22:42 - 2008-03-14 17:00 - 00024016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-12-16 22:41 - 2014-02-19 17:11 - 00794952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-12-16 22:41 - 2014-02-19 17:08 - 00000000 ____D C:\Program Files\AVAST Software
2015-12-16 22:12 - 2014-01-25 19:21 - 00000000 ____D C:\Users\Tereza\AppData\Local\Deployment
2015-12-16 20:40 - 2015-08-12 20:49 - 00000000 ____D C:\Users\Tereza\AppData\Roaming\AIMP3
2015-12-16 20:40 - 2014-02-19 17:46 - 00000000 ____D C:\Users\Tereza\AppData\Roaming\MPC-HC
2015-12-09 05:01 - 2014-01-25 19:07 - 00000000 ____D C:\Users\Tereza\Documents\Mé přijaté soubory
2015-12-02 13:25 - 2014-01-25 20:22 - 00247976 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2015-08-12 17:53 - 2015-07-10 17:05 - 0000318 _____ () C:\Program Files\launcher.visualelementsmanifest.xml
2015-08-12 17:53 - 2015-07-10 17:05 - 0003072 _____ () C:\Program Files\Resources.pri
2015-01-17 23:36 - 2015-01-17 23:41 - 0007887 _____ () C:\Users\Tereza\AppData\Roaming\pcouffin.cat
2015-01-17 23:36 - 2015-01-17 23:41 - 0001144 _____ () C:\Users\Tereza\AppData\Roaming\pcouffin.inf
2015-01-17 23:37 - 2015-04-18 02:49 - 0000033 _____ () C:\Users\Tereza\AppData\Roaming\pcouffin.log
2015-01-17 23:36 - 2015-01-17 23:41 - 0047360 _____ (VSO Software) C:\Users\Tereza\AppData\Roaming\pcouffin.sys
2014-02-19 21:18 - 2014-02-21 17:56 - 0005632 _____ () C:\Users\Tereza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-14 15:21 - 2015-11-11 15:59 - 0004000 _____ () C:\Users\Tereza\AppData\Local\mbt-actwiz.log
2015-08-12 20:07 - 2015-09-10 22:21 - 0065552 ___SH () C:\ProgramData\Desktop.lnk

Some files in TEMP:
====================
C:\Users\Tereza\AppData\Local\temp\GetWindows10-Web_Default_Attr(1).exe
C:\Users\Tereza\AppData\Local\temp\GetWindows10-Web_Default_Attr.exe
C:\Users\Tereza\AppData\Local\temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-12-20 02:34

==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version:19-12-2015
Ran by Tereza (2015-12-20 17:12:12)
Running from C:\Users\Tereza\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2014-01-25 15:13:30)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3548167528-2827145398-2739216196-500 - Administrator - Disabled)
Guest (S-1-5-21-3548167528-2827145398-2739216196-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3548167528-2827145398-2739216196-1002 - Limited - Enabled)
Tereza (S-1-5-21-3548167528-2827145398-2739216196-1000 - Administrator - Enabled) => C:\Users\Tereza

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AIMP3 (HKLM\...\AIMP3) (Version: v3.60.1495, 03.06.2015 - AIMP DevTeam)
Avast Free Antivirus (HKLM\...\Avast) (Version: 11.1.2245 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
DarkWave Studio 4.6.8 (HKLM\...\DarkWave Studio) (Version: 4.6.8 - ExperimentalScene)
Dell System Detect (HKU\S-1-5-21-3548167528-2827145398-2739216196-1000\...\9204f5692a8faf3b) (Version: 5.4.0.4 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 15.0.18.0 - Synaptics Incorporated)
GameSpy Arcade (HKLM\...\GameSpy Arcade) (Version: - )
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
HD Tune 2.55 (HKLM\...\HD Tune_is1) (Version: - EFD Software)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.14.10.2117 - Intel Corporation)
KMP Media Toolbar (HKLM\...\{4B4D5056-3763-006A-76A7-A758B70C1300}) (Version: 12.19.0.3618 - APN, LLC)
KMP Media Toolbar (HKLM\...\{4B4D5056-3763-006A-76A7-A758B70C1801}) (Version: 12.24.1.316 - APN, LLC)
KMP Media Toolbar (HKLM\...\{4B4D5056-3763-006A-76A7-A758B70C1D00}) (Version: 12.29.0.1631 - APN, LLC)
Maxthon Cloud Browser (HKLM\...\Maxthon3) (Version: 4.4.8.1000 - Maxthon International Limited)
Medal of Honor Allied Assault (HKLM\...\{0DEA94ED-915A-4834-A87E-388D012C8E02}) (Version: - )
Medal of Honor Allied Assault v 1.0.0.1 (HKLM\...\Medal of Honor Allied Assault v 1.0.0.1_is1) (Version: - .)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
NVIDIA PhysX (HKLM\...\{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (HKLM\...\NVIDIAStereo) (Version: 7.17.13.3221 - NVIDIA Corporation)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9.140.239 - Google, Inc.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.22.615.2010 - Realtek)
REALTEK PCIE Wireless LAN Driver (HKLM\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.0153 - )
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30117 - Realtek Semiconductor Corp.)
SMPlayer 14.9.0 (HKLM\...\SMPlayer) (Version: 14.9.0 - Ricardo Villalba)
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9600 - Broadcom Corporation)
Win7codecs (HKLM\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 4.1.2 - Shark007)
WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3548167528-2827145398-2739216196-1000_Classes\CLSID\{0002DF01-0000-0000-C000-000000000046}\localserver32 -> C:\Program Files\Maxthon\Bin\Maxthon.exe (Maxthon International ltd.)

==================== Restore Points =========================

19-12-2015 01:10:38 Windows Update
19-12-2015 23:06:30 Windows Update
19-12-2015 23:21:13 Windows Update
19-12-2015 23:44:54 Installed Microsoft Fix it 50123
19-12-2015 23:50:28 Windows Update
20-12-2015 00:04:52 Windows Update
20-12-2015 00:14:53 Windows Update
20-12-2015 00:22:33 Windows Update
20-12-2015 00:33:17 Installed Microsoft Fix it 50123
20-12-2015 03:00:15 Windows Update
20-12-2015 11:30:56 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2015-12-19 13:17 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C4CCA31-1751-4A3A-8734-9A68B9159F00} - System32\Tasks\{B05D195C-3EE4-4A37-96E5-D78A22D6F42A} => C:\Users\Tereza\Documents\Mé přijaté soubory\launcher.exe
Task: {13094684-A668-4D53-A249-60278A253354} - System32\Tasks\Opera scheduled Autoupdate 1439398403 => C:\Users\Tereza\Desktop\launcher.exe
Task: {171913EA-D60F-474A-A024-761EA3F24B69} - System32\Tasks\{45C2B743-24B2-4AF7-9F12-3BE9C9C6D00E} => pcalua.exe -a C:\Users\Tereza\Downloads\wmp11-windowsxp-x86-CS-CZ.exe -d C:\Users\Tereza\Desktop
Task: {1CD61C51-FD5F-44FC-BB28-6CCFDEEF8259} - System32\Tasks\Opera scheduled Autoupdate 1429312727 => C:\Program Files\Opera\launcher.exe
Task: {287515E2-E5E3-445F-8E61-33626BE7BF10} - System32\Tasks\{0436AD5A-FBE4-4430-B135-C323345A944B} => pcalua.exe -a C:\Users\Tereza\Downloads\Codecs6030_allin1.exe -d C:\Users\Tereza\Desktop
Task: {2DF14518-0C97-4D49-99C4-AD19A80A59D1} - System32\Tasks\{ACB04FCB-5ED6-4DD8-8A08-40768A2364C7} => C:\Program Files\Codec Pack - All In 1\DivXconfig.exe
Task: {2E7B1CA3-AF5E-45B7-B97A-AEE4D597857C} - System32\Tasks\{54E3CAB5-727E-4FDD-8438-DC8B28A9F001} => pcalua.exe -a C:\Users\Tereza\Desktop\KrizInst.exe -d C:\Users\Tereza\Desktop
Task: {3DFD3B8A-503E-444E-BB90-E5848D004258} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-12-16] (AVAST Software)
Task: {47801E41-98B2-4DB0-B131-668B61320A45} - System32\Tasks\{95AD3437-4416-44FD-B8FF-8AEB1A4B2956} =>
Task: {4A040BEC-02ED-4D92-A4DD-A14370749806} - System32\Tasks\Opera scheduled Autoupdate 1440972118 => C:\Users\Tereza\Desktop\launcher.exe
Task: {549D2707-72ED-4277-9246-9A0A73DA6BBF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-02-19] (Google Inc.)
Task: {5826A739-F575-4C4F-A385-11584616DC9D} - System32\Tasks\{7F346653-917E-41C9-9FEE-EDB7AA122AC3} => C:\Program Files\1C\RC Cars\RCCars.exe
Task: {5D0FCE5F-8E30-477D-A08D-65CC46E4C4F0} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3548167528-2827145398-2739216196-1000
Task: {70B1F426-A549-42BD-B221-E30755A002BA} - System32\Tasks\{6B74B2D2-3D9C-4142-BD59-B8667B82A2C5} => pcalua.exe -a C:\Users\Tereza\Desktop\trial_musicmaker2013_dlm\setup.exe -d C:\Users\Tereza\Desktop\trial_musicmaker2013_dlm
Task: {7BC48A5D-10FD-4C57-93E8-323A0C3473F2} - System32\Tasks\{B6672E20-B16F-46C6-8078-0F05309002F2} => C:\Users\Tereza\Desktop\kodek016cz.exe
Task: {8CABAD23-4DA4-4056-AC81-77F909A9CF51} - \{F9B3DE60-81F9-48F5-92EA-4A559F227CD8} -> No File <==== ATTENTION
Task: {8F0EA46E-356D-44EE-BD9C-E66FD6FD9F49} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-12-16] (AVAST Software)
Task: {906279A3-7053-406D-96B3-24C01612B61E} - System32\Tasks\{753E41F1-6510-4868-A8A5-0EC6881514BB} => pcalua.exe -a C:\NVIDIA\DisplayDriver\332.21\Win8_WinVista_Win7\English\Display.Driver\dbInstaller.exe -d C:\NVIDIA\DisplayDriver\332.21\Win8_WinVista_Win7\English\Display.Driver
Task: {91D0E1B0-DA7F-463F-8256-1045297A406D} - System32\Tasks\{0D37E6B3-B1DA-487C-B61C-B2DF19CAACC0} => pcalua.exe -a C:\Windows\IsUninst.exe -c -fC:\SIMS\RACER\Uninst.isu
Task: {99E8CCA6-ECB0-4DE3-B8FC-A354E92D305D} - \{BB108338-6042-417C-989F-2BBE0C35085B} -> No File <==== ATTENTION
Task: {9A4DEF08-91F2-4A75-A973-8660E5FCE17B} - System32\Tasks\{9D78EECB-4C76-46C8-9132-785D3726D538} => D:\setup.exe
Task: {A23670AF-65F5-43C8-9CEF-86C39564EB38} - System32\Tasks\{F4794487-C796-4BCD-9597-ED99799EEE45} => C:\NVIDIA\DisplayDriver\332.21\Win8_WinVista_Win7\English\LEDVisualizer\NvLedVisualizer.exe
Task: {A650CC9C-3259-4E0B-B4C0-E16BDFD00616} - System32\Tasks\Opera scheduled Autoupdate 1439396857 => C:\Users\Tereza\Desktop\launcher.exe
Task: {B2447344-ED8C-4ED7-A511-52194348F69B} - System32\Tasks\{D544D72F-483B-4089-9061-40DE06E075AA} => C:\Users\Tereza\Desktop\launcher.exe
Task: {B35D6265-94BE-4BC7-A7D9-90F45EDD5438} - \{39D71523-7FA0-45E8-86A5-CE4FE66ED080} -> No File <==== ATTENTION
Task: {B37786CE-DED9-48C1-8603-C47F23DFD5DE} - System32\Tasks\{EA1BD033-1265-4045-8268-76D1A58CB00A} => pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{7F8EEE16-9240-4B20-8357-13CE74D1858C}\setup.exe" -d "C:\Program Files\InstallShield Installation Information\{7F8EEE16-9240-4B20-8357-13CE74D1858C}"
Task: {B8AB4830-F918-41C5-A805-B33309F439FE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-02-19] (Google Inc.)
Task: {B9A16F1D-1EB8-4C56-B5EE-9638D3B58E76} - \{EFBC9688-3A81-4A81-9775-14470489210A} -> No File <==== ATTENTION
Task: {C9964280-B44D-4560-949E-BCB282E04F41} - System32\Tasks\{79EE04E0-A8E4-40B0-8AFD-6712C05A2199} => pcalua.exe -a "C:\Program Files\NVIDIA Corporation\3D Vision\nvStInst.exe" -d "C:\Program Files\NVIDIA Corporation\3D Vision"
Task: {CAA4D5D5-5A5C-41D5-810B-86287FEB72F7} - System32\Tasks\{8AD709BD-7009-4EBB-A319-F6A4CB42C700} => pcalua.exe -a C:\Dell\Drivers\TTW58\R226746\Win32\svcpack\SetupBluetoothDFU.exe -d C:\Dell\Drivers\TTW58\R226746\Win32\svcpack
Task: {CCD919A7-E00D-44C2-A368-26CE18717109} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-17] (Adobe Systems Incorporated)
Task: {D0806D37-626D-42DB-B304-3044A6D7201B} - System32\Tasks\{22898181-FE0A-4171-A50B-12D6CD034F9C} => C:\Users\Tereza\Desktop\kodek016cz.exe
Task: {D0A88C7C-77E0-461C-8E1E-32D32D018D63} - System32\Tasks\Maxthon Update => C:\Program Files\Maxthon\Bin\Maxthon.exe [2015-10-29] (Maxthon International ltd.)
Task: {E8223C5D-41B7-478C-ABB3-7808D710B43A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)
Task: {F3502A7B-1A18-4BBD-A943-FCBBAD539497} - System32\Tasks\{4057EC0F-0332-4E9C-A437-8CC5EF8B0CD9} =>
Task: {F97D2186-2BD8-44A7-B598-F0D8F5066057} - System32\Tasks\{87905E85-A0E8-4A61-896F-47156A44FDD6} => pcalua.exe -a D:\DX81cze.exe -d D:\

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-12-16 22:42 - 2015-12-16 22:42 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-12-16 22:42 - 2015-12-16 22:42 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-12-19 21:19 - 2015-12-19 21:19 - 02805760 _____ () C:\Program Files\AVAST Software\Avast\defs\15121901\algo.dll
2015-12-16 22:42 - 2015-12-16 22:42 - 00469008 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-12-20 15:49 - 2015-12-20 15:49 - 02805760 _____ () C:\Program Files\AVAST Software\Avast\defs\15122000\algo.dll
2015-12-16 22:42 - 2015-12-16 22:42 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-11-16 17:55 - 2015-11-16 17:55 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll

==================== Alternate Data Streams (Whitelisted) =========

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3548167528-2827145398-2739216196-1000\...\dell.com -> dell.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3548167528-2827145398-2739216196-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Tereza\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AlcoholAutomount => "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
MSCONFIG\startupreg: DellSystemDetect => C:\Users\Tereza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms
MSCONFIG\startupreg: SFAUpdater => "C:\Program Files\Smart File Advisor\SFAUpdater.exe"
MSCONFIG\startupreg: Smart File Advisor => "C:\Program Files\Smart File Advisor\sfa.exe" /checkassoc

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{85538C20-7C20-418D-8F4E-6C2C50EFD320}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{50F41115-FC2A-4D4F-8937-BAA43B51BC96}] => (Allow) C:\Program Files\Maxthon\Bin\MxUp.exe
FirewallRules: [{95BD4751-800E-4179-A53A-0799A46FE72D}] => (Allow) C:\Program Files\Maxthon\Bin\Maxthon.exe
FirewallRules: [{A51FDA30-A434-4C7B-A3BD-673B018CA9B0}] => (Allow) C:\Program Files\Maxthon\Bin\MxUp.exe
FirewallRules: [{D1D8A4C2-35A8-4A90-A327-E66A25EDF45A}] => (Allow) C:\Program Files\Maxthon\Bin\Maxthon.exe

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/20/2015 11:48:39 AM) (Source: SetupARService) (EventID: 0) (User: )
Description: Službu nelze spustit. System.NullReferenceException: Odkaz na objekt není nastaven na instanci objektu.
v SetupAfterRebootService.SetupARService.OnStart(String[] args)
v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (12/20/2015 11:48:27 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=43, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (12/20/2015 11:48:27 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=25, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (12/20/2015 11:48:27 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=17, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (12/20/2015 11:36:58 AM) (Source: SetupARService) (EventID: 0) (User: )
Description: Službu nelze spustit. System.NullReferenceException: Odkaz na objekt není nastaven na instanci objektu.
v SetupAfterRebootService.SetupARService.OnStart(String[] args)
v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (12/20/2015 11:36:43 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=43, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (12/20/2015 11:36:43 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=25, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (12/20/2015 11:36:43 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=17, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (12/20/2015 01:52:51 AM) (Source: SetupARService) (EventID: 0) (User: )
Description: Službu nelze spustit. System.NullReferenceException: Odkaz na objekt není nastaven na instanci objektu.
v SetupAfterRebootService.SetupARService.OnStart(String[] args)
v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (12/20/2015 01:52:16 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=43, ID autora=9, ID dodavatele=0, typ dodavatele=0


System errors:
=============
Error: (12/20/2015 11:50:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Google Update (gupdate) neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (12/20/2015 11:50:42 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Google Update (gupdate) bylo dosaženo časového limitu (30000 ms).

Error: (12/20/2015 11:47:34 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Windows Update se po přijetí pokynu pro vypnutí neukončila správně.

Error: (12/20/2015 11:46:29 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Instalační služba modulů systému Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (12/20/2015 11:46:29 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (12/20/2015 11:46:28 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (12/20/2015 11:46:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba StarWind AE Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/20/2015 11:46:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Maxthon Core Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/20/2015 11:46:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/20/2015 11:46:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Stereoscopic 3D Driver Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


CodeIntegrity:
===================================
Date: 2014-03-12 01:25:37.572
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\usp10.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-03-11 19:26:21.792
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\usp10.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-03-11 07:35:33.980
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\usp10.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-03-10 10:03:35.713
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\usp10.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-03-09 20:11:17.620
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\usp10.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-03-09 12:02:56.026
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\usp10.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-03-07 19:39:31.354
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\usp10.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-03-07 17:44:31.214
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\usp10.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-03-05 21:45:41.124
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\usp10.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-03-05 21:37:51.630
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\usp10.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Atom(TM) CPU N455 @ 1.66GHz
Percentage of memory in use: 65%
Total physical RAM: 1013.42 MB
Available physical RAM: 344.84 MB
Total Virtual: 2037.42 MB
Available Virtual: 1215.86 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.79 GB) (Free:150.63 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 1F8E7850)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Tady to je systém se ted tvářív svižněji a stabilněji, ale pořád nelze naistalovat 90% aktualizací

Delate mi v tom strasnej zmatek. Behem cisteni nepouzivejte jine antimalwarove nastroje (zejmena ComboFix - proctete si pravidla fora http://forum.viry.cz/viewtopic.php?f=12&t=5601 ). Kdyz uz jste CF spustil, vlozte obsah jeho logu C:\ComboFix.txt

• Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
• ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
• znovu spustte FRST a kliknete na Fix
• po restartu bude na plose ulozen fixlog, jehoz obsah vlozte do pristi odpovedi

  Kód: Vybrat vše

  Start
  CreateRestorePoint:
  CloseProcesses:
  ProxyServer: [S-1-5-21-3548167528-2827145398-2739216196-1000] => http=http://127.0.0.1:9880
  AutoConfigURL: [S-1-5-21-3548167528-2827145398-2739216196-1000] => http=hxxp://127.0.0.1:9880
  HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
  HKU\S-1-5-21-3548167528-2827145398-2739216196-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
  SearchScopes: HKU\S-1-5-21-3548167528-2827145398-2739216196-1000 -> DefaultScope {059BFEDB-4384-49BA-9F75-2EEB6203D173} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=Searchmodule_1
  SearchScopes: HKU\S-1-5-21-3548167528-2827145398-2739216196-1000 -> {059BFEDB-4384-49BA-9F75-2EEB6203D173} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=Searchmodule_1
  FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
  FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [No File]
  FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll [No File]
  FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll [No File]
  FF Extension: No Name - C:\Users\Tereza\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2015-04-26] [not signed]
  FF Extension: Pirrit Suggestor - C:\Users\Tereza\AppData\Roaming\Mozilla\Firefox\profiles\extensions\suggestor@suggestor.pirrit.com.xpi [2014-02-20] [not signed]
  OPR StartupUrls: "hxxp://www.istartsurf.com/?type=hp&ts=1439563227&z=cfbdd3101838d0c40175018g5z4cct4wdqec2g1zew&from=cor&uid=WDCXWD2500BEVT-75A23T0_WD-WX61AC03804738047" 
  S3 btmaudio; system32\drivers\btmaud.sys [X]
  S3 BTMCOM; System32\Drivers\btmcom.sys [X]
  S3 BTMMODEM; system32\DRIVERS\btmcom.sys [X]
  S3 BTMNET; system32\DRIVERS\btmnet.sys [X]
  S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X]
  2015-12-19 14:09 - 2015-12-20 11:46 - 00000000 ____D C:\AdwCleaner
  2015-12-19 14:07 - 2015-12-19 14:07 - 01740288 _____ C:\Users\Tereza\Desktop\adwcleaner_5.025.exe
  2015-12-19 12:13 - 2015-12-19 13:25 - 00000000 ____D C:\Program Files\trend micro
  2015-12-19 12:13 - 2015-12-19 12:14 - 00000000 ____D C:\rsit
  2015-12-19 12:11 - 2015-12-19 12:11 - 01107968 _____ C:\Users\Tereza\Desktop\RSIT.exe
  2015-12-19 11:43 - 2015-12-19 11:44 - 00017758 _____ C:\Users\Tereza\Desktop\Addition.txt
  2015-12-19 11:40 - 2015-12-20 17:11 - 00010466 _____ C:\Users\Tereza\Desktop\FRST.txt
  2015-12-19 11:40 - 2015-12-19 11:40 - 00015327 _____ C:\Users\Tereza\Desktop\LM.bat
  Task: {0C4CCA31-1751-4A3A-8734-9A68B9159F00} - System32\Tasks\{B05D195C-3EE4-4A37-96E5-D78A22D6F42A} => C:\Users\Tereza\Documents\Mé přijaté soubory\launcher.exe
  Task: {13094684-A668-4D53-A249-60278A253354} - System32\Tasks\Opera scheduled Autoupdate 1439398403 => C:\Users\Tereza\Desktop\launcher.exe
  Task: {171913EA-D60F-474A-A024-761EA3F24B69} - System32\Tasks\{45C2B743-24B2-4AF7-9F12-3BE9C9C6D00E} => pcalua.exe -a C:\Users\Tereza\Downloads\wmp11-windowsxp-x86-CS-CZ.exe -d C:\Users\Tereza\Desktop
  Task: {2E7B1CA3-AF5E-45B7-B97A-AEE4D597857C} - System32\Tasks\{54E3CAB5-727E-4FDD-8438-DC8B28A9F001} => pcalua.exe -a C:\Users\Tereza\Desktop\KrizInst.exe -d C:\Users\Tereza\Desktop
  Task: {70B1F426-A549-42BD-B221-E30755A002BA} - System32\Tasks\{6B74B2D2-3D9C-4142-BD59-B8667B82A2C5} => pcalua.exe -a C:\Users\Tereza\Desktop\trial_musicmaker2013_dlm\setup.exe -d C:\Users\Tereza\Desktop\trial_musicmaker2013_dlm
  Task: {7BC48A5D-10FD-4C57-93E8-323A0C3473F2} - System32\Tasks\{B6672E20-B16F-46C6-8078-0F05309002F2} => C:\Users\Tereza\Desktop\kodek016cz.exe
  Task: {8CABAD23-4DA4-4056-AC81-77F909A9CF51} - \{F9B3DE60-81F9-48F5-92EA-4A559F227CD8} -> No File <==== ATTENTION
  Task: {99E8CCA6-ECB0-4DE3-B8FC-A354E92D305D} - \{BB108338-6042-417C-989F-2BBE0C35085B} -> No File <==== ATTENTION
  Task: {9A4DEF08-91F2-4A75-A973-8660E5FCE17B} - System32\Tasks\{9D78EECB-4C76-46C8-9132-785D3726D538} => D:\setup.exe
  Task: {A650CC9C-3259-4E0B-B4C0-E16BDFD00616} - System32\Tasks\Opera scheduled Autoupdate 1439396857 => C:\Users\Tereza\Desktop\launcher.exe
  Task: {B2447344-ED8C-4ED7-A511-52194348F69B} - System32\Tasks\{D544D72F-483B-4089-9061-40DE06E075AA} => C:\Users\Tereza\Desktop\launcher.exe
  Task: {B35D6265-94BE-4BC7-A7D9-90F45EDD5438} - \{39D71523-7FA0-45E8-86A5-CE4FE66ED080} -> No File <==== ATTENTION
  Task: {B9A16F1D-1EB8-4C56-B5EE-9638D3B58E76} - \{EFBC9688-3A81-4A81-9775-14470489210A} -> No File <==== ATTENTION
  Task: {D0806D37-626D-42DB-B304-3044A6D7201B} - System32\Tasks\{22898181-FE0A-4171-A50B-12D6CD034F9C} => C:\Users\Tereza\Desktop\kodek016cz.exe
  Task: {F3502A7B-1A18-4BBD-A943-FCBBAD539497} - System32\Tasks\{4057EC0F-0332-4E9C-A437-8CC5EF8B0CD9} =>
  Task: {F97D2186-2BD8-44A7-B598-F0D8F5066057} - System32\Tasks\{87905E85-A0E8-4A61-896F-47156A44FDD6} => pcalua.exe -a D:\DX81cze.exe -d D:\
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  EmptyTemp:
  End

Fix result of Farbar Recovery Scan Tool (x86) Version:19-12-2015
Ran by Tereza (2015-12-21 14:20:32) Run:1
Running from C:\Users\Tereza\Desktop
Loaded Profiles: Tereza (Available Profiles: Tereza)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
ProxyServer: [S-1-5-21-3548167528-2827145398-2739216196-1000] => http=http://127.0.0.1:9880
AutoConfigURL: [S-1-5-21-3548167528-2827145398-2739216196-1000] => http=hxxp://127.0.0.1:9880
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3548167528-2827145398-2739216196-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-3548167528-2827145398-2739216196-1000 -> DefaultScope {059BFEDB-4384-49BA-9F75-2EEB6203D173} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=Searchmodule_1
SearchScopes: HKU\S-1-5-21-3548167528-2827145398-2739216196-1000 -> {059BFEDB-4384-49BA-9F75-2EEB6203D173} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=Searchmodule_1
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll [No File]
FF Extension: No Name - C:\Users\Tereza\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2015-04-26] [not signed]
FF Extension: Pirrit Suggestor - C:\Users\Tereza\AppData\Roaming\Mozilla\Firefox\profiles\extensions\suggestor@suggestor.pirrit.com.xpi [2014-02-20] [not signed]
OPR StartupUrls: "hxxp://www.istartsurf.com/?type=hp&ts=14395632 ... 3804738047"
S3 btmaudio; system32\drivers\btmaud.sys [X]
S3 BTMCOM; System32\Drivers\btmcom.sys [X]
S3 BTMMODEM; system32\DRIVERS\btmcom.sys [X]
S3 BTMNET; system32\DRIVERS\btmnet.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X]
2015-12-19 14:09 - 2015-12-20 11:46 - 00000000 ____D C:\AdwCleaner
2015-12-19 14:07 - 2015-12-19 14:07 - 01740288 _____ C:\Users\Tereza\Desktop\adwcleaner_5.025.exe
2015-12-19 12:13 - 2015-12-19 13:25 - 00000000 ____D C:\Program Files\trend micro
2015-12-19 12:13 - 2015-12-19 12:14 - 00000000 ____D C:\rsit
2015-12-19 12:11 - 2015-12-19 12:11 - 01107968 _____ C:\Users\Tereza\Desktop\RSIT.exe
2015-12-19 11:43 - 2015-12-19 11:44 - 00017758 _____ C:\Users\Tereza\Desktop\Addition.txt
2015-12-19 11:40 - 2015-12-20 17:11 - 00010466 _____ C:\Users\Tereza\Desktop\FRST.txt
2015-12-19 11:40 - 2015-12-19 11:40 - 00015327 _____ C:\Users\Tereza\Desktop\LM.bat
Task: {0C4CCA31-1751-4A3A-8734-9A68B9159F00} - System32\Tasks\{B05D195C-3EE4-4A37-96E5-D78A22D6F42A} => C:\Users\Tereza\Documents\Mé přijaté soubory\launcher.exe
Task: {13094684-A668-4D53-A249-60278A253354} - System32\Tasks\Opera scheduled Autoupdate 1439398403 => C:\Users\Tereza\Desktop\launcher.exe
Task: {171913EA-D60F-474A-A024-761EA3F24B69} - System32\Tasks\{45C2B743-24B2-4AF7-9F12-3BE9C9C6D00E} => pcalua.exe -a C:\Users\Tereza\Downloads\wmp11-windowsxp-x86-CS-CZ.exe -d C:\Users\Tereza\Desktop
Task: {2E7B1CA3-AF5E-45B7-B97A-AEE4D597857C} - System32\Tasks\{54E3CAB5-727E-4FDD-8438-DC8B28A9F001} => pcalua.exe -a C:\Users\Tereza\Desktop\KrizInst.exe -d C:\Users\Tereza\Desktop
Task: {70B1F426-A549-42BD-B221-E30755A002BA} - System32\Tasks\{6B74B2D2-3D9C-4142-BD59-B8667B82A2C5} => pcalua.exe -a C:\Users\Tereza\Desktop\trial_musicmaker2013_dlm\setup.exe -d C:\Users\Tereza\Desktop\trial_musicmaker2013_dlm
Task: {7BC48A5D-10FD-4C57-93E8-323A0C3473F2} - System32\Tasks\{B6672E20-B16F-46C6-8078-0F05309002F2} => C:\Users\Tereza\Desktop\kodek016cz.exe
Task: {8CABAD23-4DA4-4056-AC81-77F909A9CF51} - \{F9B3DE60-81F9-48F5-92EA-4A559F227CD8} -> No File <==== ATTENTION
Task: {99E8CCA6-ECB0-4DE3-B8FC-A354E92D305D} - \{BB108338-6042-417C-989F-2BBE0C35085B} -> No File <==== ATTENTION
Task: {9A4DEF08-91F2-4A75-A973-8660E5FCE17B} - System32\Tasks\{9D78EECB-4C76-46C8-9132-785D3726D538} => D:\setup.exe
Task: {A650CC9C-3259-4E0B-B4C0-E16BDFD00616} - System32\Tasks\Opera scheduled Autoupdate 1439396857 => C:\Users\Tereza\Desktop\launcher.exe
Task: {B2447344-ED8C-4ED7-A511-52194348F69B} - System32\Tasks\{D544D72F-483B-4089-9061-40DE06E075AA} => C:\Users\Tereza\Desktop\launcher.exe
Task: {B35D6265-94BE-4BC7-A7D9-90F45EDD5438} - \{39D71523-7FA0-45E8-86A5-CE4FE66ED080} -> No File <==== ATTENTION
Task: {B9A16F1D-1EB8-4C56-B5EE-9638D3B58E76} - \{EFBC9688-3A81-4A81-9775-14470489210A} -> No File <==== ATTENTION
Task: {D0806D37-626D-42DB-B304-3044A6D7201B} - System32\Tasks\{22898181-FE0A-4171-A50B-12D6CD034F9C} => C:\Users\Tereza\Desktop\kodek016cz.exe
Task: {F3502A7B-1A18-4BBD-A943-FCBBAD539497} - System32\Tasks\{4057EC0F-0332-4E9C-A437-8CC5EF8B0CD9} =>
Task: {F97D2186-2BD8-44A7-B598-F0D8F5066057} - System32\Tasks\{87905E85-A0E8-4A61-896F-47156A44FDD6} => pcalua.exe -a D:\DX81cze.exe -d D:\
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
HKU\S-1-5-21-3548167528-2827145398-2739216196-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully.
HKU\S-1-5-21-3548167528-2827145398-2739216196-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigURL => value not found.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
"HKU\S-1-5-21-3548167528-2827145398-2739216196-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
HKU\S-1-5-21-3548167528-2827145398-2739216196-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
"HKU\S-1-5-21-3548167528-2827145398-2739216196-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{059BFEDB-4384-49BA-9F75-2EEB6203D173}" => key removed successfully.
HKCR\CLSID\{059BFEDB-4384-49BA-9F75-2EEB6203D173} => key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully.
"HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0" => key removed successfully.
"HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3" => key removed successfully.
"HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9" => key removed successfully.
C:\Users\Tereza\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions => moved successfully
FF Extension: No Name - C:\Users\Tereza\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2015-04-26] [not signed] => not found
C:\Users\Tereza\AppData\Roaming\Mozilla\Firefox\profiles\extensions\suggestor@suggestor.pirrit.com.xpi => moved successfully
FF Extension: Pirrit Suggestor - C:\Users\Tereza\AppData\Roaming\Mozilla\Firefox\profiles\extensions\suggestor@suggestor.pirrit.com.xpi [2014-02-20] [not signed] => not found
OPR StartupUrls: "hxxp://www.istartsurf.com/?type=hp&ts=14395632 ... 3804738047" => removed successfully.
btmaudio => service removed successfully.
BTMCOM => service removed successfully.
BTMMODEM => service removed successfully.
BTMNET => service removed successfully.
IntcAzAudAddService => service removed successfully.
C:\AdwCleaner => moved successfully
C:\Users\Tereza\Desktop\adwcleaner_5.025.exe => moved successfully
C:\Program Files\trend micro => moved successfully
C:\rsit => moved successfully
C:\Users\Tereza\Desktop\RSIT.exe => moved successfully
C:\Users\Tereza\Desktop\Addition.txt => moved successfully
C:\Users\Tereza\Desktop\FRST.txt => moved successfully
C:\Users\Tereza\Desktop\LM.bat => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0C4CCA31-1751-4A3A-8734-9A68B9159F00}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C4CCA31-1751-4A3A-8734-9A68B9159F00}" => key removed successfully.
C:\Windows\System32\Tasks\{B05D195C-3EE4-4A37-96E5-D78A22D6F42A} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B05D195C-3EE4-4A37-96E5-D78A22D6F42A}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{13094684-A668-4D53-A249-60278A253354}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{13094684-A668-4D53-A249-60278A253354}" => key removed successfully.
C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1439398403 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1439398403" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{171913EA-D60F-474A-A024-761EA3F24B69}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{171913EA-D60F-474A-A024-761EA3F24B69}" => key removed successfully.
C:\Windows\System32\Tasks\{45C2B743-24B2-4AF7-9F12-3BE9C9C6D00E} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{45C2B743-24B2-4AF7-9F12-3BE9C9C6D00E}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2E7B1CA3-AF5E-45B7-B97A-AEE4D597857C}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2E7B1CA3-AF5E-45B7-B97A-AEE4D597857C}" => key removed successfully.
C:\Windows\System32\Tasks\{54E3CAB5-727E-4FDD-8438-DC8B28A9F001} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{54E3CAB5-727E-4FDD-8438-DC8B28A9F001}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{70B1F426-A549-42BD-B221-E30755A002BA}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{70B1F426-A549-42BD-B221-E30755A002BA}" => key removed successfully.
C:\Windows\System32\Tasks\{6B74B2D2-3D9C-4142-BD59-B8667B82A2C5} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6B74B2D2-3D9C-4142-BD59-B8667B82A2C5}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7BC48A5D-10FD-4C57-93E8-323A0C3473F2}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BC48A5D-10FD-4C57-93E8-323A0C3473F2}" => key removed successfully.
C:\Windows\System32\Tasks\{B6672E20-B16F-46C6-8078-0F05309002F2} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B6672E20-B16F-46C6-8078-0F05309002F2}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8CABAD23-4DA4-4056-AC81-77F909A9CF51}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8CABAD23-4DA4-4056-AC81-77F909A9CF51}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F9B3DE60-81F9-48F5-92EA-4A559F227CD8}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{99E8CCA6-ECB0-4DE3-B8FC-A354E92D305D}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{99E8CCA6-ECB0-4DE3-B8FC-A354E92D305D}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BB108338-6042-417C-989F-2BBE0C35085B}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9A4DEF08-91F2-4A75-A973-8660E5FCE17B}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A4DEF08-91F2-4A75-A973-8660E5FCE17B}" => key removed successfully.
C:\Windows\System32\Tasks\{9D78EECB-4C76-46C8-9132-785D3726D538} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9D78EECB-4C76-46C8-9132-785D3726D538}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{A650CC9C-3259-4E0B-B4C0-E16BDFD00616}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A650CC9C-3259-4E0B-B4C0-E16BDFD00616}" => key removed successfully.
C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1439396857 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1439396857" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B2447344-ED8C-4ED7-A511-52194348F69B}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B2447344-ED8C-4ED7-A511-52194348F69B}" => key removed successfully.
C:\Windows\System32\Tasks\{D544D72F-483B-4089-9061-40DE06E075AA} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D544D72F-483B-4089-9061-40DE06E075AA}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B35D6265-94BE-4BC7-A7D9-90F45EDD5438}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B35D6265-94BE-4BC7-A7D9-90F45EDD5438}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{39D71523-7FA0-45E8-86A5-CE4FE66ED080}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B9A16F1D-1EB8-4C56-B5EE-9638D3B58E76}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9A16F1D-1EB8-4C56-B5EE-9638D3B58E76}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{EFBC9688-3A81-4A81-9775-14470489210A}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D0806D37-626D-42DB-B304-3044A6D7201B}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0806D37-626D-42DB-B304-3044A6D7201B}" => key removed successfully.
C:\Windows\System32\Tasks\{22898181-FE0A-4171-A50B-12D6CD034F9C} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{22898181-FE0A-4171-A50B-12D6CD034F9C}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3502A7B-1A18-4BBD-A943-FCBBAD539497}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3502A7B-1A18-4BBD-A943-FCBBAD539497}" => key removed successfully.
C:\Windows\System32\Tasks\{4057EC0F-0332-4E9C-A437-8CC5EF8B0CD9} => => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4057EC0F-0332-4E9C-A437-8CC5EF8B0CD9} => => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F97D2186-2BD8-44A7-B598-F0D8F5066057}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F97D2186-2BD8-44A7-B598-F0D8F5066057}" => key removed successfully.
C:\Windows\System32\Tasks\{87905E85-A0E8-4A61-896F-47156A44FDD6} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{87905E85-A0E8-4A61-896F-47156A44FDD6}" => key removed successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
EmptyTemp: => 49.1 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 14:22:29 ====

a omlouvám se za komplikace

Nic se nedeje. Ted jste pouzival i nami overene nastroje (ikdyz CF dokaze velice prekvapit). Priste se alespon zminte o tom, co jste pouzil a co jste pomoci jinych nastroju odstranil. Poprosim jeste o obsah logu C:\ComboFix.txt

ComboFix 15-12-16.01 - Tereza 20.12.2015 17:38:01.2.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.1013.312 [GMT 1:00]
Spuštěný z: c:\users\Tereza\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-11-20 do 2015-12-20 )))))))))))))))))))))))))))))))
.
.
2015-12-20 16:57 . 2015-12-20 16:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-12-20 16:45 . 2015-12-20 16:45 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F4B926F2-9BB3-477D-A53A-3F0F66DF724B}\offreg.2004.dll
2015-12-20 03:51 . 2015-11-25 10:43 9014120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F4B926F2-9BB3-477D-A53A-3F0F66DF724B}\mpengine.dll
2015-12-19 22:26 . 2015-12-19 22:26 -------- d-----w- c:\program files\Microsoft.NET
2015-12-19 22:26 . 2015-12-19 22:26 -------- d-----w- c:\windows\Migration
2015-12-19 15:19 . 2015-12-19 15:48 -------- d-----w- C:\$WINDOWS.~BT
2015-12-19 14:30 . 2015-12-19 14:30 -------- d-----w- C:\$Windows.~WS
2015-12-19 13:09 . 2015-12-20 10:46 -------- d-----w- C:\AdwCleaner
2015-12-19 12:23 . 2015-12-20 16:57 -------- d-----w- c:\users\Tereza\AppData\Local\temp
2015-12-19 11:13 . 2015-12-19 12:25 -------- d-----w- c:\program files\trend micro
2015-12-19 11:13 . 2015-12-19 11:14 -------- d-----w- C:\rsit
2015-12-19 10:40 . 2015-12-20 16:13 -------- d-----w- C:\FRST
2015-12-18 20:50 . 2015-12-18 20:51 -------- d-----w- c:\users\Tereza\AppData\Roaming\Maxthon3
2015-12-18 20:50 . 2015-12-18 20:50 -------- d-----w- c:\program files\Maxthon
2015-12-17 16:18 . 2015-12-17 16:18 -------- d-----w- c:\program files\HD Tune
2015-12-17 09:17 . 2015-12-17 09:17 -------- d-----w- c:\windows\CheckSur
2015-12-16 22:40 . 2015-12-19 15:08 -------- d-----w- C:\ESD
2015-12-16 22:26 . 2015-12-19 15:47 -------- d-----w- c:\windows\Panther
2015-12-16 21:56 . 2015-12-16 21:42 322760 ----a-w- c:\windows\system32\aswBoot.exe
2015-12-16 21:42 . 2015-12-16 21:42 43112 ----a-w- c:\windows\avastSS.scr
2015-12-16 21:23 . 2015-12-16 21:23 -------- d-----w- c:\program files\Common Files\AV
2015-12-16 19:37 . 2015-12-18 21:39 -------- d-----w- c:\program files\CCleaner
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-12-18 18:46 . 2014-02-19 16:11 436360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2015-12-18 18:46 . 2014-02-19 16:11 81168 ----a-w- c:\windows\system32\drivers\aswmonflt.sys
2015-12-17 16:30 . 2014-02-20 17:42 796864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-12-17 16:30 . 2014-02-20 17:42 142528 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-12-16 21:42 . 2014-02-19 16:11 117712 ----a-w- c:\windows\system32\drivers\aswStm.sys
2015-12-16 21:42 . 2014-02-19 16:11 209432 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-12-16 21:42 . 2014-02-19 16:11 49776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-12-16 21:42 . 2014-02-19 16:11 81728 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2015-12-16 21:42 . 2008-03-14 16:00 24016 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-12-16 21:41 . 2014-02-19 16:11 794952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-12-02 12:25 . 2014-01-25 19:22 247976 ------w- c:\windows\system32\MpSigStub.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2014-03-06 . E4E829EE073E046B0EB19B5FECB19B8C . 1789440 . . [11.00.9600.16428] . . c:\windows\System32\wininet.dll
[7] 2014-02-19 . B5EB5BD3066959611E1F7A80FD6CC172 . 1818112 . . [11.00.9600.16428] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16428_none_88216b07fe83d256\wininet.dll
[7] 2014-02-19 . BA15504FA59A8DC304F1CBAEBA6252A1 . 1766912 . . [10.00.9200.16521] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16521_none_23a3f18e59e93e73\wininet.dll
[7] 2014-02-06 . 9C89246184979A070B0C6CCF61C68136 . 1820160 . . [11.00.9600.16428] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16518_none_88159ad1fe8cd4f0\wininet.dll
[7] 2014-02-05 . 5EDAA4D8E5E762B4487813DC4053F244 . 1130496 . . [9.00.8112.20644] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20644_none_1adf95f2d5448433\wininet.dll
[7] 2014-02-05 . 679EAED8E703235BA81AA2E58F4E2D16 . 1129472 . . [9.00.8112.16533] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16533_none_1a5fc8c9bc1faf21\wininet.dll
[7] 2013-02-06 . 44214C94911C7CFB1D52CB64D5E8368D . 980992 . . [8.00.7601.17514] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17514_none_1eaaa4a07717236e\wininet.dll
[7] 2013-02-05 . 0635D714351F842D43EA184E75C4A3FF . 1129472 . . [9.00.8112.20565] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20565_none_1acaf47ed553d845\wininet.dll
[7] 2013-02-05 . 7FA3A810F383588D46220967DE8B64FF . 1129472 . . [9.00.8112.16457] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16457_none_1a4e2833bc2c4f38\wininet.dll
[7] 2009-07-14 . 0D874F3BC751CC2198AF2E6783FB8B35 . 977920 . . [8.00.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16385_none_1c7990d87a289fd4\wininet.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-12-16 21:42 750216 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2015-11-16 6602152]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-04-22 1725736]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-04-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-04-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-04-23 150552]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-12-16 7021880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSystemDetect]
c:\users\Tereza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-12-21 06:04 959904 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
2015-03-12 07:14 39376 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SFAUpdater]
2015-03-18 15:45 656144 ----a-w- c:\program files\Smart File Advisor\SFAUpdater.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Smart File Advisor]
2015-03-22 06:06 282384 ----a-w- c:\program files\Smart File Advisor\sfa.exe
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2015-12-16 117712]
R2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2015-03-12 39376]
R2 SetupARService;SetupARService;c:\program files\Realtek\Audio\SetupAfterRebootService.exe [2014-02-20 24576]
R3 btmaudio;Motorola Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys [x]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys [x]
R3 BTMMODEM;Bluetooth Modem Device;c:\windows\system32\DRIVERS\btmcom.sys [x]
R3 BTMNET;Motorola Bluetooth Network Adapter Service;c:\windows\system32\DRIVERS\btmnet.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-02-06 108032]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-03-24 191008]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-02-06 52224]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\DRIVERS\TsUsbGD.sys [2013-02-06 27264]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2014-02-19 1343400]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2015-12-16 794952]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2015-12-18 436360]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2015-12-16 24016]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2015-12-18 81168]
S2 MaxthonUpdateSvc;Maxthon Core Update Service;c:\program files\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [2015-12-18 1872808]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-12-19 411936]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2015-01-17 47360]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-06-15 275048]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [2010-06-11 853536]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2015-12-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-20 16:31]
.
2008-03-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-02-19 16:11]
.
2008-02-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-02-19 16:11]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyServer = http=hxxp://127.0.0.1:9880
uInternet Settings,ProxyOverride = <local>
Trusted Zone: dell.com
TCP: DhcpNameServer = 213.46.172.37 213.46.172.36
TCP: Interfaces\{BB53FAD7-AECC-431C-A94F-5A1F2DA1CDC1}\D656E6F567F5C647D6: NameServer = 127.0.0.0,127.0.0.1
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_20_0_0_228_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_20_0_0_228_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2015-12-20 18:03:34
ComboFix-quarantined-files.txt 2015-12-20 17:03
ComboFix2.txt 2015-12-19 12:23
.
Před spuštěním: Volných bajtů: 162 078 793 728
Po spuštění: Volných bajtů: 161 741 922 304
.
- - End Of File - - 7DD7FCF0DD2382BFD68865A14570AC91
A36C5E4F47E84449FF07ED3517B43A31

Pokud jeste nemate, presunte ComboFix na plochu.

• Otevrete Poznamkovy blok (Start -> Spustit -> notepad)
• zkopirujte do nej skript nize a ulozte na plochu jako CFScript (Typ souboru: Textovy dokument)

  Kód: Vybrat vše

  KillAll::
  
  RegLock::
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
  
  ClearJavaCache::
  
  Reboot::

• Tento CFScript.txt chytte, doslova pretahnete nad ikonu ComboFixu a pustte.
  
• Po restartu na Vas vyskoci log, jehoz obsah mi vlozte do dalsi odpovedi.

Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit

Muze se stat, ze po aplikaci skriptu nenabehnou Windows. V tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

ComboFix 15-12-16.01 - Tereza 21.12.2015 20:45:23.3.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.1013.271 [GMT 1:00]
Spuštěný z: c:\users\Tereza\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Tereza\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-11-21 do 2015-12-21 )))))))))))))))))))))))))))))))
.
.
2015-12-21 20:04 . 2015-12-21 20:04 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F4B926F2-9BB3-477D-A53A-3F0F66DF724B}\offreg.2088.dll
2015-12-21 20:03 . 2015-12-21 20:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-12-20 03:51 . 2015-11-25 10:43 9014120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F4B926F2-9BB3-477D-A53A-3F0F66DF724B}\mpengine.dll
2015-12-19 22:26 . 2015-12-19 22:26 -------- d-----w- c:\program files\Microsoft.NET
2015-12-19 22:26 . 2015-12-19 22:26 -------- d-----w- c:\windows\Migration
2015-12-19 15:19 . 2015-12-19 15:48 -------- d-----w- C:\$WINDOWS.~BT
2015-12-19 14:30 . 2015-12-19 14:30 -------- d-----w- C:\$Windows.~WS
2015-12-19 12:23 . 2015-12-21 20:06 -------- d-----w- c:\users\Tereza\AppData\Local\temp
2015-12-19 10:40 . 2015-12-21 13:25 -------- d-----w- C:\FRST
2015-12-18 20:50 . 2015-12-18 20:51 -------- d-----w- c:\users\Tereza\AppData\Roaming\Maxthon3
2015-12-18 20:50 . 2015-12-18 20:50 -------- d-----w- c:\program files\Maxthon
2015-12-17 16:18 . 2015-12-17 16:18 -------- d-----w- c:\program files\HD Tune
2015-12-17 09:17 . 2015-12-17 09:17 -------- d-----w- c:\windows\CheckSur
2015-12-16 22:40 . 2015-12-19 15:08 -------- d-----w- C:\ESD
2015-12-16 22:26 . 2015-12-19 15:47 -------- d-----w- c:\windows\Panther
2015-12-16 21:56 . 2015-12-16 21:42 322760 ----a-w- c:\windows\system32\aswBoot.exe
2015-12-16 21:42 . 2015-12-16 21:42 43112 ----a-w- c:\windows\avastSS.scr
2015-12-16 21:23 . 2015-12-16 21:23 -------- d-----w- c:\program files\Common Files\AV
2015-12-16 19:37 . 2015-12-18 21:39 -------- d-----w- c:\program files\CCleaner
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-12-18 18:46 . 2014-02-19 16:11 436360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2015-12-18 18:46 . 2014-02-19 16:11 81168 ----a-w- c:\windows\system32\drivers\aswmonflt.sys
2015-12-17 16:30 . 2014-02-20 17:42 796864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-12-17 16:30 . 2014-02-20 17:42 142528 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-12-16 21:42 . 2014-02-19 16:11 117712 ----a-w- c:\windows\system32\drivers\aswStm.sys
2015-12-16 21:42 . 2014-02-19 16:11 209432 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-12-16 21:42 . 2014-02-19 16:11 49776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-12-16 21:42 . 2014-02-19 16:11 81728 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2015-12-16 21:42 . 2008-03-14 16:00 24016 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-12-16 21:41 . 2014-02-19 16:11 794952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-12-02 12:25 . 2014-01-25 19:22 247976 ------w- c:\windows\system32\MpSigStub.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2014-03-06 . E4E829EE073E046B0EB19B5FECB19B8C . 1789440 . . [11.00.9600.16428] . . c:\windows\System32\wininet.dll
[7] 2014-02-19 . B5EB5BD3066959611E1F7A80FD6CC172 . 1818112 . . [11.00.9600.16428] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16428_none_88216b07fe83d256\wininet.dll
[7] 2014-02-19 . BA15504FA59A8DC304F1CBAEBA6252A1 . 1766912 . . [10.00.9200.16521] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16521_none_23a3f18e59e93e73\wininet.dll
[7] 2014-02-06 . 9C89246184979A070B0C6CCF61C68136 . 1820160 . . [11.00.9600.16428] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16518_none_88159ad1fe8cd4f0\wininet.dll
[7] 2014-02-05 . 5EDAA4D8E5E762B4487813DC4053F244 . 1130496 . . [9.00.8112.20644] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20644_none_1adf95f2d5448433\wininet.dll
[7] 2014-02-05 . 679EAED8E703235BA81AA2E58F4E2D16 . 1129472 . . [9.00.8112.16533] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16533_none_1a5fc8c9bc1faf21\wininet.dll
[7] 2013-02-06 . 44214C94911C7CFB1D52CB64D5E8368D . 980992 . . [8.00.7601.17514] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17514_none_1eaaa4a07717236e\wininet.dll
[7] 2013-02-05 . 0635D714351F842D43EA184E75C4A3FF . 1129472 . . [9.00.8112.20565] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20565_none_1acaf47ed553d845\wininet.dll
[7] 2013-02-05 . 7FA3A810F383588D46220967DE8B64FF . 1129472 . . [9.00.8112.16457] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16457_none_1a4e2833bc2c4f38\wininet.dll
[7] 2009-07-14 . 0D874F3BC751CC2198AF2E6783FB8B35 . 977920 . . [8.00.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16385_none_1c7990d87a289fd4\wininet.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-12-16 21:42 750216 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2015-11-16 6602152]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-04-22 1725736]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-04-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-04-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-04-23 150552]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-12-16 7021880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSystemDetect]
c:\users\Tereza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-12-21 06:04 959904 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
2015-03-12 07:14 39376 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SFAUpdater]
2015-03-18 15:45 656144 ----a-w- c:\program files\Smart File Advisor\SFAUpdater.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Smart File Advisor]
2015-03-22 06:06 282384 ----a-w- c:\program files\Smart File Advisor\sfa.exe
.
R2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2015-03-12 39376]
R2 SetupARService;SetupARService;c:\program files\Realtek\Audio\SetupAfterRebootService.exe [2014-02-20 24576]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-02-06 108032]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-03-24 191008]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-02-06 52224]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\DRIVERS\TsUsbGD.sys [2013-02-06 27264]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2014-02-19 1343400]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2015-12-16 794952]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2015-12-18 436360]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2015-12-16 24016]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2015-12-18 81168]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2015-12-16 117712]
S2 MaxthonUpdateSvc;Maxthon Core Update Service;c:\program files\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [2015-12-18 1872808]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-12-19 411936]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2015-01-17 47360]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-06-15 275048]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [2010-06-11 853536]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2015-12-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-20 16:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = <local>
uInternet Settings,ProxyServer = http=hxxp://127.0.0.1:9880
Trusted Zone: dell.com
TCP: DhcpNameServer = 213.46.172.37 213.46.172.36
TCP: Interfaces\{BB53FAD7-AECC-431C-A94F-5A1F2DA1CDC1}\D656E6F567F5C647D6: NameServer = 127.0.0.0,127.0.0.1
.
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(3712)
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\windows\system32\conhost.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Celkový čas: 2015-12-21 21:15:01 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-12-21 20:14
ComboFix2.txt 2015-12-20 17:03
ComboFix3.txt 2015-12-19 12:23
.
Před spuštěním: Volných bajtů: 161 461 719 040
Po spuštění: Volných bajtů: 161 153 662 976
.
- - End Of File - - CBCEF1F7CD135C1505EA0658D8E79E79
A36C5E4F47E84449FF07ED3517B43A31

Jake problemy na tomto PC pozorujete ted?

díky za pomoc, byli vánoce. tak jsem to neřešil a nechtěl ani vás otravovat.

nejde nainstalovat aktualizace, ale bez toho se asi obejdeme. je to stabilní. díky