Prosím o preventivní kontrolu

[MartinaZ.]

Moc děkuji za reakci .

Logfile of random's system information tool 1.10 (written by random/random)
Run by Matýskovo at 2016-05-04 10:42:12
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 1 GB (4%) free of 36 GB
Total RAM: 3574 MB (27% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:43:10, on 4.5.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\HP\HP Wireless Comfort Mouse\TSR\xDaemon.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
C:\Program Files\BlueStacks\HD-Agent.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Matýskovo\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Matýskovo\Desktop\RSIT.exe
C:\Program Files\trend micro\Matýskovo.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [HP Input Device Main Program] C:\Program Files\HP\HP Wireless Comfort Mouse\TSR\xDaemon.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE
O4 - HKCU\..\Run: [BlueStacks Agent] C:\Program Files\BlueStacks\HD-Agent.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} (DellSystem.Scanner) - http://xserv.dell.com/DellDriverScanner/DellSystem.CAB
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} (DellSystemLite.Scanner) - http://support.dell.com/systemprofiler/ ... emLite.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{8BBDB41C-BBFD-47B1-B513-30E88972C475}: NameServer = 8.8.8.8
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor V11 (AdobeActiveFileMonitor11.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Plus Android Service (BstHdPlusAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-Plus-Service.exe
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-UpdaterService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Dell Internal Network Card Power Management (nicconfigsvc) - Dell Inc. - C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe

--
End of file - 7252 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-865838362-2213805808-1713012779-1000Core.job - C:\Users\Matýskovo\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-865838362-2213805808-1713012779-1000UA.job - C:\Users\Matýskovo\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Matýskovo\AppData\Roaming\Mozilla\Firefox\Profiles\h36qg3sw.default-1413621193659

prefs.js - "browser.startup.homepage" - "https://mail.google.com/mail/u/0/#inbox"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.213 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_213.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


C:\Users\Matýskovo\AppData\Roaming\Mozilla\Firefox\Profiles\h36qg3sw.default-1413621193659\extensions\
adbhelper@mozilla.org
fxdevtools-adapters@mozilla.org
{6AC85730-7D0F-4de0-B3FA-21142DD85326}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 974432]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2007-07-02 159744]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552]
"HP Input Device Main Program"=C:\Program Files\HP\HP Wireless Comfort Mouse\TSR\xDaemon.exe [2008-10-17 356352]
"SigmatelSysTrayApp"=C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [2007-09-13 405504]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-06-16 499608]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2011-06-16 1500160]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [2013-06-07 774680]
"BlueStacks Agent"=C:\Program Files\BlueStacks\HD-Agent.exe [2016-04-26 957976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Matýskovo\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-30 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2011-06-16 1500160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [2013-06-07 774680]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
QuickSet.lnk - C:\Program Files\Dell\QuickSet\quickset.exe

C:\Users\Matýskovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-05-04 10:42:13 ----D---- C:\Program Files\trend micro
2016-05-04 10:42:12 ----D---- C:\rsit
2016-05-03 19:55:05 ----D---- C:\ProgramData\BlueStacksGameManager
2016-05-03 19:53:14 ----D---- C:\ProgramData\BlueStacks
2016-05-03 19:53:14 ----D---- C:\Program Files\BlueStacks
2016-04-21 17:41:03 ----D---- C:\Users\Matýskovo\AppData\Roaming\HD Tune Pro
2016-04-21 17:40:52 ----D---- C:\Program Files\HD Tune Pro
2016-04-20 12:56:25 ----D---- C:\Program Files\WOW Slider
2016-04-19 15:26:47 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2016-04-19 14:44:30 ----D---- C:\Program Files\Common Files\PX Storage Engine
2016-04-13 20:12:49 ----A---- C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2016-04-13 20:12:49 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-04-13 20:12:49 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-04-13 20:12:49 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-04-13 20:12:49 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-04-13 20:12:49 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-04-13 20:12:49 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-04-13 20:12:49 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-04-13 20:12:48 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-04-13 20:12:48 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-04-13 20:12:48 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-04-13 20:12:46 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-04-13 20:12:46 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-04-13 20:12:46 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-04-13 20:12:46 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-04-13 20:12:46 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-04-13 20:12:46 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-04-13 20:12:46 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-04-13 20:12:46 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-04-13 20:12:45 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-04-13 20:12:45 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-04-13 20:12:45 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-04-13 20:12:45 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-04-13 20:12:42 ----A---- C:\Windows\system32\ucrtbase.dll
2016-04-13 14:02:45 ----D---- C:\ProgramData\Package Cache
2016-04-12 17:48:57 ----D---- C:\60be7b7a37f3afaff0
2016-04-11 21:02:03 ----D---- C:\Program Files\Common Files\Skype
2016-04-11 21:02:02 ----RD---- C:\Program Files\Skype
2016-04-11 20:07:23 ----D---- C:\83e8c50d1ec752ec3e42a298
2016-04-10 20:44:20 ----D---- C:\Program Files\Koala

======List of files/folders modified in the last 1 month======

2016-05-04 10:43:10 ----D---- C:\Windows\Temp
2016-05-04 10:42:13 ----RD---- C:\Program Files
2016-05-04 09:49:39 ----D---- C:\Windows\system32\config
2016-05-04 09:49:27 ----D---- C:\Windows\winsxs
2016-05-04 09:39:32 ----D---- C:\Windows\System32
2016-05-04 09:39:32 ----D---- C:\Windows\inf
2016-05-04 09:39:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-05-04 09:38:55 ----D---- C:\ProgramData\BlueStacksSetup
2016-05-03 23:30:01 ----SHD---- C:\Windows\Installer
2016-05-03 23:30:01 ----D---- C:\Windows\Microsoft.NET
2016-05-03 23:27:13 ----SHD---- C:\System Volume Information
2016-05-03 20:37:38 ----RSD---- C:\Windows\assembly
2016-05-03 19:55:05 ----HD---- C:\ProgramData
2016-05-03 19:35:55 ----D---- C:\Windows\system32\drivers
2016-05-03 19:34:38 ----D---- C:\Program Files\Common Files
2016-05-03 19:27:41 ----D---- C:\Windows\system32\catroot
2016-05-03 19:27:40 ----D---- C:\Windows\system32\catroot2
2016-05-02 19:17:39 ----D---- C:\Program Files\Google
2016-05-02 19:17:18 ----D---- C:\Windows\Tasks
2016-05-02 19:17:18 ----D---- C:\Windows\system32\Tasks
2016-04-29 10:49:41 ----D---- C:\Users\Matýskovo\AppData\Roaming\Skype
2016-04-29 00:55:44 ----D---- C:\Users\Matýskovo\AppData\Roaming\vlc
2016-04-22 09:57:44 ----N---- C:\Windows\system32\MpSigStub.exe
2016-04-19 15:27:18 ----D---- C:\Users\Matýskovo\AppData\Roaming\Adobe
2016-04-19 15:02:52 ----D---- C:\Program Files\Common Files\Adobe
2016-04-19 15:01:51 ----D---- C:\ProgramData\Adobe
2016-04-19 14:52:47 ----RSD---- C:\Windows\Fonts
2016-04-19 14:51:33 ----D---- C:\Program Files\Adobe
2016-04-19 12:12:10 ----D---- C:\Program Files\ActiveState Komodo Edit 8
2016-04-19 10:43:00 ----D---- C:\Windows\Prefetch
2016-04-13 20:14:46 ----D---- C:\Windows
2016-04-11 21:01:47 ----D---- C:\ProgramData\Skype
2016-04-11 19:59:35 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2016-04-11 19:57:52 ----D---- C:\Program Files\Mozilla Maintenance Service
2016-04-11 19:16:54 ----D---- C:\Program Files\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 231800]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2012-08-10 46096]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 MpKsl83831c06;MpKsl83831c06; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C87A6516-E842-40DD-8738-31D32EF9C276}\MpKsl83831c06.sys [2016-05-04 39168]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [2016-04-26 140856]
R2 BstkDrv;BlueStacks Plus Hypervisor; \??\C:\Program Files\BlueStacks\BstkDrv.sys [2016-04-06 220216]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 95920]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 117760]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP/Vista; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-06-25 155136]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2009-07-08 2506232]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-14 207360]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-14 980992]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-14 661504]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\Windows\system32\drivers\stwrt.sys [2007-09-13 330240]
R3 WinUsb;Ovladač WinUSB; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\C:\Program Files\FinalWire\AIDA64 Extreme\kerneld.x32 [2014-10-06 33616]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 HpStm001;USB Style Packet Filter Driver; C:\Windows\system32\DRIVERS\HpStm001.SYS [2008-08-28 11264]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-05-18 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-05-18 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2011-05-18 8192]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-05-18 8192]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11; C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [2012-09-23 171600]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [2016-04-26 417304]
R2 BstHdUpdaterSvc;BlueStacks Updater Service; C:\Program Files\BlueStacks\HD-UpdaterService.exe [2016-04-26 921112]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 22192]
R2 nicconfigsvc;Dell Internal Network Card Power Management; C:\Program Files\Dell\QuickSet\NicConfigSvc.exe [2008-02-22 390424]
R2 STacSV;SigmaTel Audio Service; C:\Windows\system32\STacSV.exe [2007-09-13 102400]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 288120]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-05-02 154440]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2016-01-29 327296]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2014-09-10 72704]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 BstHdAndroidSvc;BlueStacks Android Service; C:\Program Files\BlueStacks\HD-Service.exe [2016-04-26 437784]
S3 BstHdPlusAndroidSvc;BlueStacks Plus Android Service; C:\Program Files\BlueStacks\HD-Plus-Service.exe [2016-04-26 437784]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-05-02 154440]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 108032]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-04-11 146888]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-05-04 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[Márty84]

Zdravim

Uvolnete nejake misto na disku, system se dusi.

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

[MartinaZ.]

Ad disk - jedu na záložním, starém, nový mi crashnul, připravuju se na reklamaci
Log níže:

# AdwCleaner v5.115 - Log soubor vytvořen 04/05/2016 o 11:38:04
# Aktualizováno 01/05/2016 by Xplode
# Databáze : 2016-05-04.2 [Server]
# Operační systém : Windows 7 Professional Service Pack 1 (X86)
# Jméno uživatele : Matýskovo - MATYSKOVO
# Spuštěno z : C:\Users\Matýskovo\Desktop\adwcleaner_5.115.exe
# Volba : Čištění
# Podpora : http://toolslib.net/forum

***** [ Služby ] *****


***** [ Složky ] *****


***** [ Soubory ] *****


***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Zástupci ] *****


***** [ Naplánované úkoly ] *****


***** [ Registr ] *****

[-] Klávesa smazáno : HKCU\Software\Conduit
[-] Klávesa smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
[-] Klávesa smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\icq.com
[-] Klávesa smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\wlogin.icq.com

***** [ Webové prohlížeče ] *****

[Márty84]

Ad disk - jedu na záložním, starém, nový mi crashnul, připravuju se na reklamaci

OK, treba po docisteni jeste nejake ziskame


Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[MartinaZ.]

Jednotka D: byla OK - omylem jsem to vypla, test je jenom z jednotky C: - což je systémový oddíl.

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 4.5.2016
Čas skenování: 13:24
Protokol: mmm.txt
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.05.04.03
Databáze rootkitů: v2016.04.17.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: Matýskovo

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 497089
Uplynulý čas: 2 hod, 4 min, 17 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 1
PUP.Optional.Hicosmea, HKU\S-1-5-21-865838362-2213805808-1713012779-1000_Classes\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}, , [3fa4dff2c3d63501792e27f958ac7987],

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Márty84]

Nalez nechte odstranit, pak MBAM odinstalujte.

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

[MartinaZ.]

Odstraněno
log:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:04-05-2016
Ran by Matýskovo (administrator) on MATYSKOVO (04-05-2016 22:04:43)
Running from C:\Users\Matýskovo\Desktop
Loaded Profiles: Matýskovo (Available Profiles: Matýskovo)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-UpdaterService.exe
(IDT, Inc.) C:\Windows\System32\stacsv.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
() C:\Program Files\HP\HP Wireless Comfort Mouse\TSR\xDaemon.exe
(IDT, Inc.) C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Nokia) C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
(Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-Agent.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamresearch.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(forum.viry.cz) C:\Users\Matýskovo\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [159744 2007-07-02] (Alps Electric Co., Ltd.)
HKLM\...\Run: [HP Input Device Main Program] => C:\Program Files\HP\HP Wireless Comfort Mouse\TSR\xDaemon.exe [356352 2008-10-17] ()
HKLM\...\Run: [SigmatelSysTrayApp] => C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [405504 2007-09-13] (IDT, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-865838362-2213805808-1713012779-1000\...\Run: [PC Suite Tray] => C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [1500160 2011-06-16] (Nokia)
HKU\S-1-5-21-865838362-2213805808-1713012779-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [774680 2013-06-07] (ZONER software)
HKU\S-1-5-21-865838362-2213805808-1713012779-1000\...\Run: [BlueStacks Agent] => C:\Program Files\BlueStacks\HD-Agent.exe [957976 2016-04-26] (BlueStack Systems, Inc.)
HKU\S-1-5-21-865838362-2213805808-1713012779-1000\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION
HKU\S-1-5-21-865838362-2213805808-1713012779-1000\...A8F59079A8D5}\localserver32: <==== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnk [2012-09-12]
ShortcutTarget: QuickSet.lnk -> C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
Startup: C:\Users\Matýskovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2014-09-10]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8BBDB41C-BBFD-47B1-B513-30E88972C475}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{8BBDB41C-BBFD-47B1-B513-30E88972C475}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D5F668E0-561E-4AD3-9A70-B5D5D51B9F74}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
DPF: {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} hxxp://xserv.dell.com/DellDriverScanner/DellSystem.CAB
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Matýskovo\AppData\Roaming\Mozilla\Firefox\Profiles\h36qg3sw.default-1413621193659
FF Homepage: hxxps://mail.google.com/mail/u/0/#inbox
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-11] ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2012-05-04] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-05-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-05-02] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-02-16] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-865838362-2213805808-1713012779-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Matýskovo\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2014-06-06] (Google)
FF Plugin HKU\S-1-5-21-865838362-2213805808-1713012779-1000: @talk.google.com/O1DPlugin -> C:\Users\Matýskovo\AppData\Roaming\Mozilla\plugins\npo1d.dll [2014-06-06] (Google)
FF Plugin HKU\S-1-5-21-865838362-2213805808-1713012779-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Matýskovo\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll [2014-06-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-865838362-2213805808-1713012779-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Matýskovo\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll [2014-06-18] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Matýskovo\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2014-06-06] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Matýskovo\AppData\Roaming\mozilla\plugins\npo1d.dll [2014-06-06] (Google)
FF Extension: ColorZilla - C:\Users\Matýskovo\AppData\Roaming\Mozilla\Firefox\Profiles\h36qg3sw.default-1413621193659\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2016-04-11]
FF Extension: MeasureIt - C:\Users\Matýskovo\AppData\Roaming\Mozilla\Firefox\Profiles\h36qg3sw.default-1413621193659\extensions\{75CEEE46-9B64-46f8-94BF-54012DE155F0}.xpi [2016-04-11]
FF Extension: ADB Helper - C:\Users\Matýskovo\AppData\Roaming\Mozilla\Firefox\Profiles\h36qg3sw.default-1413621193659\Extensions\adbhelper@mozilla.org [2016-05-02]
FF Extension: Valence - C:\Users\Matýskovo\AppData\Roaming\Mozilla\Firefox\Profiles\h36qg3sw.default-1413621193659\Extensions\fxdevtools-adapters@mozilla.org [2016-05-02]
FF Extension: Adblock Plus - C:\Users\Matýskovo\AppData\Roaming\Mozilla\Firefox\Profiles\h36qg3sw.default-1413621193659\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]

Chrome:
=======
CHR DefaultSearchURL: Default -> hxxp://fitrecepty.info/recept/506/pernikove-muffiny/
CHR Plugin: (Shockwave Flash) - C:\Users\Matýskovo\AppData\Local\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll => No File
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\50.0.2661.94\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\50.0.2661.94\pdf.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Users\Matýskovo\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll => No File
CHR Plugin: (Windows Activation Technologies) - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
CHR Profile: C:\Users\Matýskovo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Matýskovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-18]
CHR Extension: (Vyhledávání Google) - C:\Users\Matýskovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-10]
CHR Extension: (AdBlock) - C:\Users\Matýskovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-04-29]
CHR Extension: (Responsive Site View) - C:\Users\Matýskovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\igfgkigklekkapmkhianeahnkfddkjbm [2014-03-25]
CHR Extension: (Responsive Inspector) - C:\Users\Matýskovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\memcdolmmnmnleeiodllgpibdjlkbpim [2014-02-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Matýskovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-18]
CHR Extension: (Instagram for Chrome) - C:\Users\Matýskovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb [2016-05-03]
CHR Extension: (Gmail) - C:\Users\Matýskovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-18]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-09-10] (Adobe Systems) [File not signed]
R2 AdobeActiveFileMonitor11.0; C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-23] (Adobe Systems Incorporated)
S3 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [437784 2016-04-26] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [417304 2016-04-26] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files\BlueStacks\HD-Plus-Service.exe [437784 2016-04-26] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files\BlueStacks\HD-UpdaterService.exe [921112 2016-04-26] (BlueStack Systems, Inc.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation)
R2 nicconfigsvc; C:\Program Files\Dell\QuickSet\NicConfigSvc.exe [390424 2008-02-22] (Dell Inc.)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation)
R3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [633856 2011-06-08] (Nokia) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AIDA64Driver; C:\Program Files\FinalWire\AIDA64 Extreme\kerneld.x32 [33616 2014-10-06] ()
R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [140856 2016-04-26] (BlueStack Systems)
R2 BstkDrv; C:\Program Files\BlueStacks\BstkDrv.sys [220216 2016-04-06] (Bluestack System Inc. )
S3 HpStm001; C:\Windows\System32\DRIVERS\HpStm001.SYS [11264 2008-08-28] (Primax Electronics Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24448 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-05-04] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [53120 2016-03-10] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation)
R1 MpKsl6c56afb6; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C87A6516-E842-40DD-8738-31D32EF9C276}\MpKsl6c56afb6.sys [39168 2016-05-04] (Microsoft Corporation)
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [46096 2012-08-10] (Corel Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-04 22:04 - 2016-05-04 22:05 - 00015190 _____ C:\Users\Matýskovo\Desktop\FRST.txt
2016-05-04 22:02 - 2016-05-04 22:03 - 00112640 _____ (forum.viry.cz) C:\Users\Matýskovo\Desktop\FRSTLauncher.exe
2016-05-04 21:18 - 2016-05-04 22:04 - 00000000 ____D C:\FRST
2016-05-04 21:17 - 2016-05-04 21:17 - 01728000 _____ (Farbar) C:\Users\Matýskovo\Desktop\FRST.exe
2016-05-04 11:52 - 2016-05-04 21:25 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-05-04 11:51 - 2016-05-04 11:51 - 00001060 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-05-04 11:50 - 2016-05-04 11:51 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-05-04 11:50 - 2016-05-04 11:50 - 22851472 _____ (Malwarebytes ) C:\Users\Matýskovo\Desktop\mbam-setup-2.2.1.1043.exe
2016-05-04 11:50 - 2016-05-04 11:50 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-05-04 11:50 - 2016-03-10 14:09 - 00053120 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-05-04 11:50 - 2016-03-10 14:08 - 00126336 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-05-04 11:50 - 2016-03-10 14:08 - 00024448 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-05-04 11:31 - 2016-05-04 11:38 - 00000000 ____D C:\AdwCleaner
2016-05-04 11:13 - 2016-05-04 11:14 - 03615296 _____ C:\Users\Matýskovo\Desktop\adwcleaner_5.115.exe
2016-05-04 10:42 - 2016-05-04 10:43 - 00000000 ____D C:\rsit
2016-05-04 10:42 - 2016-05-04 10:43 - 00000000 ____D C:\Program Files\trend micro
2016-05-04 10:41 - 2016-05-04 10:41 - 01107968 _____ C:\Users\Matýskovo\Desktop\RSIT.exe
2016-05-03 19:55 - 2016-05-03 19:56 - 00000000 ____D C:\ProgramData\BlueStacksGameManager
2016-05-03 19:55 - 2016-05-03 19:55 - 00001701 _____ C:\Users\Matýskovo\AppData\Roaming\Microsoft\Windows\Start Menu\BlueStacks.lnk
2016-05-03 19:55 - 2016-05-03 19:55 - 00001677 _____ C:\Users\Public\Desktop\BlueStacks.lnk
2016-05-03 19:53 - 2016-05-03 19:54 - 00000000 ____D C:\Program Files\BlueStacks
2016-05-03 19:53 - 2016-05-03 19:53 - 00000000 ____D C:\ProgramData\BlueStacks
2016-05-03 19:52 - 2016-05-03 19:52 - 00000000 ____D C:\Users\Matýskovo\AppData\Local\Bluestacks
2016-05-02 19:18 - 2016-05-02 19:18 - 00002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-02 19:18 - 2016-05-02 19:18 - 00002201 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-05-02 19:17 - 2016-05-04 21:22 - 00000946 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-02 19:17 - 2016-05-04 21:17 - 00000942 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-25 12:29 - 2016-04-25 12:29 - 00000000 ____D C:\Users\Matýskovo\Documents\WOW Slider
2016-04-21 17:41 - 2016-04-21 18:22 - 00000000 ____D C:\Users\Matýskovo\AppData\Roaming\HD Tune Pro
2016-04-21 17:40 - 2016-04-21 17:40 - 00000991 _____ C:\Users\Matýskovo\Desktop\HD Tune Pro.lnk
2016-04-21 17:40 - 2016-04-21 17:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune Pro
2016-04-21 17:40 - 2016-04-21 17:40 - 00000000 ____D C:\Program Files\HD Tune Pro
2016-04-20 12:57 - 2016-04-20 12:57 - 00000984 _____ C:\Users\Public\Desktop\WOW Slider.lnk
2016-04-20 12:57 - 2016-04-20 12:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WOW Slider
2016-04-20 12:56 - 2016-04-20 12:57 - 00000000 ____D C:\Program Files\WOW Slider
2016-04-19 15:26 - 2016-04-19 15:26 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-04-19 14:46 - 2016-04-19 14:46 - 00001882 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 11.lnk
2016-04-19 14:46 - 2016-04-19 14:46 - 00001866 _____ C:\Users\Public\Desktop\Adobe Photoshop Elements 11.lnk
2016-04-19 14:44 - 2016-04-19 14:44 - 00000000 ____D C:\Program Files\Common Files\PX Storage Engine
2016-04-13 20:12 - 2015-06-07 01:08 - 00883712 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-04-13 20:12 - 2015-06-07 01:08 - 00064352 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-04-13 20:12 - 2015-06-07 01:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-04-13 20:12 - 2015-06-07 01:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-04-13 20:12 - 2015-06-07 01:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-04-13 20:12 - 2015-06-07 01:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-04-13 20:12 - 2015-06-07 01:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-04-13 20:12 - 2015-06-07 01:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-04-13 20:12 - 2015-06-07 01:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-04-13 20:12 - 2015-06-07 01:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-04-13 20:12 - 2015-06-07 01:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-04-13 20:12 - 2015-06-07 01:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-04-13 20:12 - 2015-06-07 01:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-04-13 20:12 - 2015-06-07 01:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-04-13 20:12 - 2015-06-07 01:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-04-13 20:12 - 2015-06-07 01:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-04-13 20:12 - 2015-06-07 01:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-04-13 20:12 - 2015-06-07 01:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-04-13 20:12 - 2015-06-07 01:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-04-13 20:12 - 2015-06-07 01:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2016-04-13 20:12 - 2015-06-07 01:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-04-13 20:12 - 2015-06-07 01:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-04-13 20:12 - 2015-06-07 01:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-04-13 20:12 - 2015-06-07 01:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-04-13 18:24 - 2016-04-13 18:24 - 00107334 _____ C:\Users\Matýskovo\Documents\output_1460564540.txt
2016-04-13 14:02 - 2016-04-13 14:02 - 00000000 ____D C:\ProgramData\Package Cache
2016-04-12 17:48 - 2016-04-12 17:48 - 00000000 ____D C:\60be7b7a37f3afaff0
2016-04-11 21:02 - 2016-04-11 21:02 - 00002719 _____ C:\Users\Public\Desktop\Skype.lnk
2016-04-11 21:02 - 2016-04-11 21:02 - 00000000 ___RD C:\Program Files\Skype
2016-04-11 21:02 - 2016-04-11 21:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-04-11 21:02 - 2016-04-11 21:02 - 00000000 ____D C:\Program Files\Common Files\Skype
2016-04-11 20:07 - 2016-04-11 20:07 - 00000000 ____D C:\83e8c50d1ec752ec3e42a298
2016-04-10 20:49 - 2016-05-03 00:03 - 00000000 ____D C:\Users\Matýskovo\AppData\Local\Koala
2016-04-10 20:49 - 2016-04-10 21:48 - 00000000 ____D C:\Users\Matýskovo\.koala
2016-04-10 20:46 - 2016-04-10 20:46 - 00001867 _____ C:\Users\Public\Desktop\Koala.lnk
2016-04-10 20:46 - 2016-04-10 20:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Koala
2016-04-10 20:44 - 2016-04-10 20:46 - 00000000 ____D C:\Program Files\Koala

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-04 11:47 - 2009-07-14 06:34 - 00017120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-04 11:47 - 2009-07-14 06:34 - 00017120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-04 11:44 - 2014-10-15 23:09 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2016-05-04 11:44 - 2012-05-03 00:13 - 01525756 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-04 11:44 - 2009-07-14 10:44 - 00648242 _____ C:\Windows\system32\perfh005.dat
2016-05-04 11:44 - 2009-07-14 10:44 - 00133570 _____ C:\Windows\system32\perfc005.dat
2016-05-04 11:44 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\inf
2016-05-04 11:39 - 2012-07-12 01:23 - 00000436 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2016-05-04 11:39 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-04 11:29 - 2012-05-22 14:53 - 00000600 _____ C:\Users\Matýskovo\AppData\Roaming\winscp.rnd
2016-05-03 19:54 - 2009-07-14 04:37 - 00000000 __RHD C:\Users\Public\Libraries
2016-05-03 18:08 - 2012-05-03 00:11 - 00000000 ____D C:\Users\Matýskovo
2016-05-03 10:00 - 2012-09-30 01:21 - 00002231 _____ C:\Users\Matýskovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-03 10:00 - 2012-09-30 01:21 - 00002201 _____ C:\Users\Matýskovo\Desktop\Google Chrome.lnk
2016-05-02 19:55 - 2012-05-08 17:51 - 00000000 ____D C:\Users\Matýskovo\AppData\Local\Google
2016-05-02 19:17 - 2012-05-08 17:50 - 00000000 ____D C:\Program Files\Google
2016-05-02 19:15 - 2013-05-24 23:05 - 00000000 ____D C:\Users\Matýskovo\AppData\Local\CrashDumps
2016-04-29 10:49 - 2013-10-02 21:20 - 00000000 ____D C:\Users\Matýskovo\AppData\Roaming\Skype
2016-04-29 00:55 - 2013-02-01 19:00 - 00000000 ____D C:\Users\Matýskovo\AppData\Roaming\vlc
2016-04-22 09:57 - 2012-05-03 15:41 - 00374944 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-04-19 23:51 - 2009-07-14 06:33 - 01599656 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-19 15:28 - 2014-08-21 16:29 - 00000000 ____D C:\Users\Matýskovo\AppData\Local\Adobe
2016-04-19 15:27 - 2012-05-05 14:03 - 00000000 ____D C:\Users\Matýskovo\AppData\Roaming\Adobe
2016-04-19 15:26 - 2012-05-03 15:42 - 00071560 _____ C:\Users\Matýskovo\AppData\Local\GDIPFONTCACHEV1.DAT
2016-04-19 15:02 - 2012-10-19 14:07 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-04-19 15:01 - 2012-05-05 17:30 - 00000000 ____D C:\ProgramData\Adobe
2016-04-19 14:51 - 2012-10-19 14:07 - 00000000 ____D C:\Program Files\Adobe
2016-04-19 12:12 - 2014-08-19 00:09 - 00000000 ____D C:\Program Files\ActiveState Komodo Edit 8
2016-04-11 21:02 - 2014-03-07 18:11 - 00000000 ____D C:\Users\Matýskovo\AppData\Local\Skype
2016-04-11 21:01 - 2013-10-02 21:19 - 00000000 ____D C:\ProgramData\Skype
2016-04-11 19:59 - 2012-05-05 13:58 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-04-11 19:59 - 2012-05-05 13:58 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-04-11 19:57 - 2012-06-19 17:15 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-04-11 19:16 - 2014-10-18 10:50 - 00000000 ____D C:\Program Files\Mozilla Firefox

==================== Files in the root of some directories =======

2012-05-22 14:53 - 2016-05-04 11:29 - 0000600 _____ () C:\Users\Matýskovo\AppData\Roaming\winscp.rnd
2014-09-10 22:51 - 2014-09-10 22:51 - 0010963 _____ () C:\Users\Matýskovo\AppData\Local\recently-used.xbel
2012-09-27 11:58 - 2013-01-14 03:07 - 0007601 _____ () C:\Users\Matýskovo\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
C:\Users\Matýskovo\AppData\Local\Temp\libeay32.dll
C:\Users\Matýskovo\AppData\Local\Temp\msvcr120.dll
C:\Users\Matýskovo\AppData\Local\Temp\readSTILog.dll
C:\Users\Matýskovo\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-865838362-2213805808-1713012779-1000Core.job => C:\Users\Matýskovo\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-865838362-2213805808-1713012779-1000UA.job => C:\Users\Matýskovo\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Mat�skovo\Desktop" je 28 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
"C:\Users\Mat�skovo\AppData\Local\Google\Update\GoogleUpdate.exe" /c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray
"C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate
C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[Márty84]

V logu je jeste videt MBAM. Odinstalujte ho, jelikoz jste aktivovala zkusebni verzi. Muze byt v kolizi s MSE, ktere tam mate



Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKU\S-1-5-21-865838362-2213805808-1713012779-1000\...\Run: [PC Suite Tray] => C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [1500160 2011-06-16] (Nokia)
HKU\S-1-5-21-865838362-2213805808-1713012779-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [774680 2013-06-07] (ZONER software)
HKU\S-1-5-21-865838362-2213805808-1713012779-1000\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION
HKU\S-1-5-21-865838362-2213805808-1713012779-1000\...A8F59079A8D5}\localserver32: <==== ATTENTION

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-865838362-2213805808-1713012779-1000Core.job => C:\Users\Matýskovo\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-865838362-2213805808-1713012779-1000UA.job => C:\Users\Matýskovo\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {21FDACC5-EEDF-4774-BFE9-AAF996DF63A3} - System32\Tasks\{39840AC8-3AA3-44FA-AEF0-564EE4E67712} => pcalua.exe -a C:\Windows\iun6002.exe -c "C:\Program Files\FIFA 2003\irunin.ini" <==== ATTENTION

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate

S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-05-02 154440]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2016-01-29 327296]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-05-02 154440]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

[MartinaZ.]

program smazán
fix níže

Fix result of Farbar Recovery Scan Tool (x86) Version:06-05-2016
Ran by Matýskovo (2016-05-05 11:37:30) Run:1
Running from C:\Users\Matýskovo\Desktop
Loaded Profiles: Matýskovo (Available Profiles: Matýskovo)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKU\S-1-5-21-865838362-2213805808-1713012779-1000\...\Run: [PC Suite Tray] => C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [1500160 2011-06-16] (Nokia)
HKU\S-1-5-21-865838362-2213805808-1713012779-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [774680 2013-06-07] (ZONER software)
HKU\S-1-5-21-865838362-2213805808-1713012779-1000\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION
HKU\S-1-5-21-865838362-2213805808-1713012779-1000\...A8F59079A8D5}\localserver32: <==== ATTENTION

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-865838362-2213805808-1713012779-1000Core.job => C:\Users\Matýskovo\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-865838362-2213805808-1713012779-1000UA.job => C:\Users\Matýskovo\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {21FDACC5-EEDF-4774-BFE9-AAF996DF63A3} - System32\Tasks\{39840AC8-3AA3-44FA-AEF0-564EE4E67712} => pcalua.exe -a C:\Windows\iun6002.exe -c "C:\Program Files\FIFA 2003\irunin.ini" <==== ATTENTION

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate

S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-05-02 154440]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2016-01-29 327296]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-05-02 154440]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]

Hosts:
EmptyTemp:
Reboot:
End

[Márty84]

fix níže

To je okopirovany muj fixlist. Ja potrebuji fixlog, tedy log, ktery se objevil po fixu

[MartinaZ.]

Jéžiš, pardon, to bylo podtím :

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value removed successfully.
HKU\S-1-5-21-865838362-2213805808-1713012779-1000\Software\Microsoft\Windows\CurrentVersion\Run\\PC Suite Tray => value removed successfully.
HKU\S-1-5-21-865838362-2213805808-1713012779-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Autoupdate => value removed successfully.
"HKU\S-1-5-21-865838362-2213805808-1713012779-1000\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}" => key removed successfully.
HKU\S-1-5-21-865838362-2213805808-1713012779-1000\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 => key not found.
"HKU\S-1-5-21-865838362-2213805808-1713012779-1000\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}" => key removed successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-865838362-2213805808-1713012779-1000Core.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-865838362-2213805808-1713012779-1000UA.job => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{21FDACC5-EEDF-4774-BFE9-AAF996DF63A3}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{21FDACC5-EEDF-4774-BFE9-AAF996DF63A3}" => key removed successfully.
C:\Windows\System32\Tasks\{39840AC8-3AA3-44FA-AEF0-564EE4E67712} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{39840AC8-3AA3-44FA-AEF0-564EE4E67712}" => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate => key removed successfully.
gupdate => service removed successfully.
SkypeUpdate => service removed successfully.
gupdatem => service removed successfully.
gusvc => service removed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 1.1 GB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 11:39:56 ====

[Márty84]

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remove disinfection tools
• Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak to s pc vypada.

[MartinaZ.]

Díky, dobré.

[Márty84]

Nemate zac!

Mejte se krasne a treba zase nekdy