msserm

[celeron]

Asi týden mi proces msserm zabírá trvale a přesně 25% procesoru. Pokud ho ve správci úloh vypnu, provede se restart driveru Nvidia a vše jede dál OK. Hledal jsem na netu a nic k "msserm" jsem nenašel, pouze "msser". V registry jsem taky nic nenašel, MSE taky nic. Netušíte prosím někdo, co to je za svinčík? W7/32 home, IE9. Mám poslat RSIT?
Díky
Jirka

[vyosek]

Zdravim a vitam vas u nas

Jak psal kolega, proc myslite ze nahore je ten veeeeelkej oranzovej obdelnik a v nem napsano, co se ma udelat, pokud chcete pomoci...Takze se jej drzte a ja si pockam na prislusny log...

[celeron]

Díky za uvítání. Omlouvám se za neposlání log, tady je:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Jirka at 2013-08-28 20:26:23
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 286 GB (82%) free of 350 GB
Total RAM: 3070 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:26:26, on 28.8.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16502)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Gigabyte\SmartRecovery2_x86\RPMDaemon.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\PixArt\Pac7302\Monitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Users\Jirka\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Jirka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6G3RMCDM\RSIT.exe
C:\Program Files\trend micro\Jirka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.simplesearches.info/?p ... Z&unqvl=31
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O2 - BHO: ssafe suavee - {02D86D6B-26DA-E614-E92C-5E73958A5BAF} - C:\ProgramData\ssafe suavee\52165c1d35839.dll
O2 - BHO: saafEE soave - {1A6ADB0D-DF86-0894-4DDC-ED9347F84E52} - C:\ProgramData\saafEE soave\52182bf784f61.dll
O2 - BHO: ssafE isiavue - {21C74C98-1EC3-48F6-EF15-78FA749533B5} - C:\ProgramData\ssafE isiavue\521683f2f24af.dll
O2 - BHO: saafee saeve - {281D3452-5D93-BCA0-D841-AE2FC9FBDCCD} - C:\ProgramData\saafee saeve\52190a83ec32a.dll
O2 - BHO: SAAfe saVea - {42302287-E1B9-051F-8BDC-16474C85D03F} - C:\ProgramData\SAAfe saVea\52154fe4a0392.dll
O2 - BHO: syafe saVe - {42EA8DE4-B361-E911-EF32-94204E537441} - C:\ProgramData\syafe saVe\5215b6f6d209b.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: syafe saVe - {7A77A960-38D0-FD30-7C3C-A5D8DCDFF142} - C:\ProgramData\syafe saVe\52155dd839872.dll
O2 - BHO: saafEE soave - {8B04A11B-1593-3FBD-7EDC-99DA79DC9BD6} - C:\ProgramData\saafEE soave\5217cea963957.dll
O2 - BHO: syafe saVe - {94A13419-57A0-E78F-5E20-E458F9D05E8E} - C:\ProgramData\syafe saVe\5215bc57d27b7.dll
O2 - BHO: syafe saVe - {95D32360-681F-C493-C339-BEE6369EA233} - C:\ProgramData\syafe saVe\5215c369c118f.dll
O2 - BHO: saafee saeve - {97A75469-C817-8405-0975-3834C65DF511} - C:\ProgramData\saafee saeve\521919aba88c0.dll
O2 - BHO: ssafe suavee - {B18FBFF1-E054-4382-6E9E-E11D621734CB} - C:\ProgramData\ssafe suavee\521652090259e.dll
O2 - BHO: GBHO.BHO - {c20391ee-b6fd-4a35-9f1b-2892dda5b107} - mscoree.dll (file missing)
O2 - BHO: SAAfe saVea - {C7936515-B4A9-0202-79E6-98FEC035DDA1} - C:\ProgramData\SAAfe saVea\5215fdb242a3a.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: saafEE soave - {E1757F2B-2B9F-786D-2F4D-69D480696D2D} - C:\ProgramData\saafEE soave\5217b94ded56a.dll
O2 - BHO: SAAfe saVea - {FA6B71E7-DBA2-18C0-473A-EC52FEE94600} - C:\ProgramData\SAAfe saVea\5215bc9fa8e0a.dll
O3 - Toolbar: Smart Recovery 2 - {a011d643-4a67-4934-a775-46139847d7f2} - mscoree.dll (file missing)
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [KONICA MINOLTA magicolor 2500W STD] C:\Windows\system32\MSTMON02.EXE STARTUP
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\Windows\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NtVdmSrv] C:\Windows\inf\ntvdm.vbe
O4 - HKLM\..\RunOnce: [GBTUpd] C:\Program Files\Gigabyte\UpdManager\PreRun.exe
O4 - HKLM\..\RunOnce: [RPMKickstart] C:\Program Files\Gigabyte\SmartRecovery2_x86\RPMKickstart.exe
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Jirka\AppData\Roaming\Dropbox\bin\Dropbox.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{79CFCC3D-1125-4AB6-BF17-D3D5191A6513}: NameServer = 10.0.0.138,8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{79CFCC3D-1125-4AB6-BF17-D3D5191A6513}: NameServer = 10.0.0.138,8.8.8.8
O17 - HKLM\System\CS2\Services\Tcpip\..\{79CFCC3D-1125-4AB6-BF17-D3D5191A6513}: NameServer = 10.0.0.138,8.8.8.8
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~1\movies~1\datamngr\mgrldr.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe
O23 - Service: DraftSight API Service - Dassault Systemes - C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

--
End of file - 8954 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02D86D6B-26DA-E614-E92C-5E73958A5BAF}]
ssafe suavee - C:\ProgramData\ssafe suavee\52165c1d35839.dll [2013-08-22 118784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1A6ADB0D-DF86-0894-4DDC-ED9347F84E52}]
saafEE soave - C:\ProgramData\saafEE soave\52182bf784f61.dll [2013-08-24 118784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{21C74C98-1EC3-48F6-EF15-78FA749533B5}]
ssafE isiavue - C:\ProgramData\ssafE isiavue\521683f2f24af.dll [2013-08-22 118784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{281D3452-5D93-BCA0-D841-AE2FC9FBDCCD}]
saafee saeve - C:\ProgramData\saafee saeve\52190a83ec32a.dll [2013-08-24 118784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42302287-E1B9-051F-8BDC-16474C85D03F}]
SAAfe saVea - C:\ProgramData\SAAfe saVea\52154fe4a0392.dll [2013-08-22 118784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42EA8DE4-B361-E911-EF32-94204E537441}]
syafe saVe - C:\ProgramData\syafe saVe\5215b6f6d209b.dll [2013-08-22 118784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-07-12 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7A77A960-38D0-FD30-7C3C-A5D8DCDFF142}]
syafe saVe - C:\ProgramData\syafe saVe\52155dd839872.dll [2013-08-22 118784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8B04A11B-1593-3FBD-7EDC-99DA79DC9BD6}]
saafEE soave - C:\ProgramData\saafEE soave\5217cea963957.dll [2013-08-23 118784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{94A13419-57A0-E78F-5E20-E458F9D05E8E}]
syafe saVe - C:\ProgramData\syafe saVe\5215bc57d27b7.dll [2013-08-22 118784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95D32360-681F-C493-C339-BEE6369EA233}]
syafe saVe - C:\ProgramData\syafe saVe\5215c369c118f.dll [2013-08-22 118784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{97A75469-C817-8405-0975-3834C65DF511}]
saafee saeve - C:\ProgramData\saafee saeve\521919aba88c0.dll [2013-08-24 118784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B18FBFF1-E054-4382-6E9E-E11D621734CB}]
ssafe suavee - C:\ProgramData\ssafe suavee\521652090259e.dll [2013-08-22 118784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c20391ee-b6fd-4a35-9f1b-2892dda5b107}]
GBHO.BHO - C:\Windows\system32\mscoree.dll [2010-11-20 297808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7936515-B4A9-0202-79E6-98FEC035DDA1}]
SAAfe saVea - C:\ProgramData\SAAfe saVea\5215fdb242a3a.dll [2013-08-22 118784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-07-12 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E1757F2B-2B9F-786D-2F4D-69D480696D2D}]
saafEE soave - C:\ProgramData\saafEE soave\5217b94ded56a.dll [2013-08-23 118784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FA6B71E7-DBA2-18C0-473A-EC52FEE94600}]
SAAfe saVea - C:\ProgramData\SAAfe saVea\5215bc9fa8e0a.dll [2013-08-22 118784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{a011d643-4a67-4934-a775-46139847d7f2} - Smart Recovery 2 - C:\Windows\system32\mscoree.dll [2010-11-20 297808]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-10-17 11430504]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-02-17 81920]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-06-20 995176]
"KONICA MINOLTA magicolor 2500W STD"=C:\Windows\system32\MSTMON02.EXE [2006-03-20 192512]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"PAC7302_Monitor"=C:\Windows\PixArt\PAC7302\Monitor.exe [2006-11-03 319488]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"NtVdmSrv"=C:\Windows\inf\ntvdm.vbe [2013-06-20 1219]
""= []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"GBTUpd"=C:\Program Files\Gigabyte\UpdManager\PreRun.exe [2008-04-03 297480]
"RPMKickstart"=C:\Program Files\Gigabyte\SmartRecovery2_x86\RPMKickstart.exe [2013-01-22 1785856]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2005-02-17 221184]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-01-08 18706176]
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2013-07-02 248208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater]
C:\Program Files\Ask.com\Updater\Updater.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PAC7302_Monitor]
C:\Windows\PixArt\PAC7302\Monitor.exe [2006-11-03 319488]

C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Jirka\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" c:\progra~1\movies~1\datamngr\mgrldr.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux1"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux2"=wdmaud.drv
"msacm.l3pacm"=l3codecp.acm
"msacm.aacacm"=AACACM.acm
"msacm.lameacm"=lameACM.acm
"msacm.ac3acm"=ac3acm.acm
"VIDC.LAGS"=lagarith.dll
"msacm.ac3filter"=ac3filter.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2013-08-28 12:45:12 ----D---- C:\rsit
2013-08-28 12:45:12 ----D---- C:\Program Files\trend micro
2013-08-27 23:00:10 ----D---- C:\Program Files\HDDGURU LLF Tool
2013-08-27 22:10:03 ----A---- C:\Windows\wininit.ini
2013-08-26 01:04:33 ----D---- C:\Users\Jirka\AppData\Roaming\Broad Intelligence
2013-08-26 01:04:30 ----D---- C:\Program Files\MediaCoder
2013-08-24 21:33:27 ----D---- C:\ProgramData\saafee saeve
2013-08-24 00:21:22 ----D---- C:\ProgramData\saofee ssaive
2013-08-23 21:34:43 ----D---- C:\ProgramData\saafEE soave
2013-08-22 23:34:51 ----D---- C:\ProgramData\ssafE isiavue
2013-08-22 20:01:52 ----D---- C:\ProgramData\ssafe suavee
2013-08-22 15:22:37 ----D---- C:\ProgramData\TomTom
2013-08-22 14:08:34 ----D---- C:\Users\Jirka\AppData\Roaming\TomTom
2013-08-22 14:08:34 ----D---- C:\Users\Jirka\AppData\Roaming\Mozilla
2013-08-22 14:08:16 ----D---- C:\Program Files\TomTom HOME 2
2013-08-22 12:25:04 ----HD---- C:\Windows\PIF
2013-08-22 02:40:00 ----D---- C:\ProgramData\syafe saVe
2013-08-22 01:40:28 ----D---- C:\ProgramData\SAAfe saVea
2013-08-17 14:12:16 ----SHD---- C:\Windows\system32\AI_RecycleBin
2013-08-17 14:06:49 ----D---- C:\Program Files\Win7codecs
2013-08-17 14:06:38 ----D---- C:\Users\Jirka\AppData\Roaming\vlc
2013-08-17 14:06:31 ----D---- C:\Users\Jirka\AppData\Roaming\Seznam.cz
2013-08-17 14:06:15 ----D---- C:\ProgramData\Win7codecs
2013-08-17 14:01:09 ----D---- C:\Program Files\VideoLAN
2013-08-17 14:00:44 ----D---- C:\Users\Jirka\AppData\Roaming\TV Online
2013-08-17 13:58:46 ----D---- C:\ProgramData\GRETECH
2013-08-17 13:58:46 ----D---- C:\Program Files\Common Files\Gretech Corporation
2013-08-17 13:57:57 ----D---- C:\Users\Jirka\AppData\Roaming\GRETECH
2013-08-17 13:57:51 ----D---- C:\Program Files\GRETECH
2013-08-17 13:54:52 ----D---- C:\Program Files\FreeTime
2013-08-17 13:36:23 ----D---- C:\ProgramData\Spybot - Search & Destroy
2013-08-17 13:33:59 ----A---- C:\Windows\system32\drivers\teamviewervpn.sys
2013-08-17 13:33:56 ----D---- C:\Program Files\TeamViewer
2013-08-15 17:06:24 ----D---- C:\Program Files\DjVu Viewer
2013-08-14 14:28:39 ----A---- C:\Windows\system32\vbscript.dll
2013-08-14 14:28:39 ----A---- C:\Windows\system32\mshtmled.dll
2013-08-14 14:28:38 ----A---- C:\Windows\system32\msfeeds.dll
2013-08-14 14:28:38 ----A---- C:\Windows\system32\jsproxy.dll
2013-08-14 14:28:38 ----A---- C:\Windows\system32\ieUnatt.exe
2013-08-14 14:28:38 ----A---- C:\Windows\system32\ieui.dll
2013-08-14 14:28:37 ----A---- C:\Windows\system32\wininet.dll
2013-08-14 14:28:37 ----A---- C:\Windows\system32\jscript.dll
2013-08-14 14:28:36 ----A---- C:\Windows\system32\url.dll
2013-08-14 14:28:36 ----A---- C:\Windows\system32\jscript9.dll
2013-08-14 14:28:36 ----A---- C:\Windows\system32\iertutil.dll
2013-08-14 14:28:35 ----A---- C:\Windows\system32\urlmon.dll
2013-08-14 14:28:35 ----A---- C:\Windows\system32\ieframe.dll
2013-08-14 14:28:34 ----A---- C:\Windows\system32\mshtml.dll
2013-08-14 14:12:41 ----A---- C:\Windows\system32\rpcrt4.dll
2013-08-14 14:12:39 ----A---- C:\Windows\system32\wintrust.dll
2013-08-14 14:12:39 ----A---- C:\Windows\system32\cryptsvc.dll
2013-08-14 14:12:39 ----A---- C:\Windows\system32\cryptnet.dll
2013-08-14 14:12:39 ----A---- C:\Windows\system32\crypt32.dll
2013-08-14 14:12:36 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-08-14 14:12:36 ----A---- C:\Windows\system32\ntkrnlpa.exe
2013-08-14 14:12:35 ----A---- C:\Windows\system32\ntdll.dll
2013-08-14 14:12:33 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-08-14 14:12:32 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-08-14 14:12:28 ----A---- C:\Windows\system32\tzres.dll
2013-08-14 14:12:25 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2013-08-11 21:36:15 ----D---- C:\OEM51
2013-08-11 00:54:13 ----D---- C:\AX51
2013-08-09 14:29:10 ----D---- C:\Users\Jirka\AppData\Roaming\TFP
2013-08-09 14:29:10 ----A---- C:\Windows\system32\VB6STKIT.DLL
2013-08-09 14:29:10 ----A---- C:\Windows\system32\VB6FR.DLL
2013-08-09 14:29:10 ----A---- C:\Windows\system32\MSCMCFR.DLL
2013-08-09 14:29:10 ----A---- C:\Windows\system32\CMDLGFR.DLL
2013-08-07 20:36:09 ----A---- C:\Windows\IsUninst.exe
2013-07-31 13:33:34 ----D---- C:\Users\Jirka\AppData\Roaming\.ceskejparan
2013-07-29 08:37:47 ----D---- C:\ProgramData\SearchNewTab
2013-07-29 08:37:44 ----D---- C:\Program Files\WebSearch
2013-07-29 08:37:01 ----D---- C:\ProgramData\seavenshayree
2013-07-29 08:34:01 ----D---- C:\Users\Jirka\AppData\Roaming\ExpressFiles
2013-07-29 08:29:48 ----D---- C:\ProgramData\Babylon
2013-07-29 08:29:47 ----D---- C:\Users\Jirka\AppData\Roaming\Babylon
2013-07-29 08:29:46 ----D---- C:\ProgramData\Tarma Installer
2013-07-29 08:29:39 ----D---- C:\Users\Jirka\AppData\Roaming\GoforFiles
2013-07-29 08:27:13 ----D---- C:\ProgramData\StarApp
2013-07-29 08:08:08 ----D---- C:\Users\Jirka\AppData\Roaming\WinRAR

======List of files/folders modified in the last 1 month======

2013-08-28 20:26:20 ----D---- C:\Windows\Temp
2013-08-28 20:25:39 ----D---- C:\Windows\Prefetch
2013-08-28 19:06:26 ----D---- C:\Windows\system32\config
2013-08-28 13:00:28 ----D---- C:\Windows\inf
2013-08-28 13:00:28 ----D---- C:\Windows
2013-08-28 13:00:14 ----D---- C:\Users\Jirka\AppData\Roaming\Skype
2013-08-28 12:45:12 ----RD---- C:\Program Files
2013-08-28 12:14:07 ----D---- C:\Users\Jirka\AppData\Roaming\Dropbox
2013-08-28 12:12:49 ----D---- C:\ProgramData\NVIDIA
2013-08-27 22:55:32 ----HD---- C:\Program Files\InstallShield Installation Information
2013-08-27 22:50:52 ----D---- C:\Windows\Speech
2013-08-27 22:45:18 ----D---- C:\Windows\system32\Tasks
2013-08-27 22:45:17 ----SHD---- C:\Windows\Installer
2013-08-27 22:45:17 ----D---- C:\Windows\Tasks
2013-08-27 22:14:21 ----SHD---- C:\System Volume Information
2013-08-27 22:10:05 ----SD---- C:\ProgramData\Microsoft
2013-08-27 22:10:05 ----D---- C:\Windows\System32
2013-08-26 01:25:12 ----A---- C:\Windows\win.ini
2013-08-25 22:56:01 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-08-25 18:47:48 ----D---- C:\Windows\system32\catroot2
2013-08-25 15:50:22 ----D---- C:\Windows\LiveKernelReports
2013-08-24 23:55:32 ----D---- C:\Users\Jirka\AppData\Roaming\NVIDIA
2013-08-24 23:50:48 ----HD---- C:\ProgramData
2013-08-24 23:50:41 ----D---- C:\ProgramData\InstallMate
2013-08-24 22:33:28 ----AD---- C:\ProgramData\TEMP
2013-08-23 12:22:51 ----D---- C:\Windows\SoftwareDistribution
2013-08-22 13:49:00 ----D---- C:\Program Files\Common Files
2013-08-20 21:19:53 ----D---- C:\Windows\system32\NDF
2013-08-19 14:01:31 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-08-17 15:40:56 ----D---- C:\Windows\system32\catroot
2013-08-17 13:34:24 ----D---- C:\Windows\system32\DriverStore
2013-08-17 13:34:17 ----D---- C:\Windows\system32\drivers
2013-08-17 13:34:02 ----RSD---- C:\Windows\Fonts
2013-08-17 13:27:50 ----D---- C:\Program Files\OpenOffice.org 3
2013-08-17 13:17:53 ----D---- C:\Windows\debug
2013-08-17 13:16:24 ----D---- C:\Program Files\Microsoft Security Client
2013-08-15 16:26:57 ----D---- C:\Windows\rescache
2013-08-15 13:42:04 ----RSD---- C:\Windows\assembly
2013-08-15 13:42:04 ----D---- C:\Windows\Microsoft.NET
2013-08-15 13:09:40 ----D---- C:\Windows\winsxs
2013-08-15 13:08:15 ----D---- C:\Windows\system32\migration
2013-08-15 13:08:15 ----D---- C:\Windows\system32\cs-CZ
2013-08-15 13:08:15 ----D---- C:\Program Files\Internet Explorer
2013-08-14 14:28:26 ----D---- C:\Windows\system32\MRT
2013-08-14 14:27:03 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-06-18 211560]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2011-11-02 19056]
R1 MpKsle169a140;MpKsle169a140; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{13502130-3724-448D-BB30-27826A2F0B9C}\MpKsle169a140.sys [2013-08-28 29904]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 107392]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R2 RtNdPt60;Realtek NDIS Protocol Driver; C:\Windows\system32\DRIVERS\RtNdPt60.sys [2011-06-15 33056]
R3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2013-08-28 17488]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-10-18 3546664]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2012-07-03 149352]
R3 PAC7302;Eye 312; C:\Windows\system32\DRIVERS\PAC7302.SYS [2007-06-14 457856]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-08-23 414824]
R3 teamviewervpn;TeamViewer VPN Adapter; C:\Windows\system32\DRIVERS\teamviewervpn.sys [2013-06-06 25088]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 AODDriver;AODDriver; \??\C:\Program Files\Gigabyte\ET6\i386\AODDriver.sys [2013-03-05 49248]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 cpuz130;cpuz130; \??\C:\Users\Jirka\AppData\Local\Temp\cpuz130\cpuz_x32.sys []
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys [2007-09-25 15152]
S3 DrvAgent32;DrvAgent32; \??\C:\Windows\system32\Drivers\DrvAgent32.sys [2013-07-16 23456]
S3 GVTDrv;GVTDrv; \??\C:\Windows\system32\Drivers\GVTDrv.sys [2013-01-22 24944]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192cu.sys [2010-08-10 629760]
S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2); C:\Windows\system32\DRIVERS\RtTeam60.sys [2011-06-15 40736]
S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2); C:\Windows\system32\DRIVERS\RtVlan620.sys [2011-09-16 27752]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2); C:\Windows\system32\DRIVERS\RtTeam60.sys [2011-06-15 40736]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 DraftSight API Service;DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [2012-12-27 86016]
R2 ES lite Service;ES lite Service for program management.; C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE [2009-08-24 68136]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-06-20 22208]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 639776]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-06-22 413984]
R2 TeamViewer8;TeamViewer 8; C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [2013-08-07 4308320]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2013-07-02 93072]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-06-20 295376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-12-29 1260472]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-19 257416]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2011-08-30 160256]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-01-22 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Díky
Jirka

[vyosek]

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

[celeron]

Mezitím doběhl po 4 hodinách úplný scan MSE. Našel a odstranil Trojan:W32/Dynametr!dtc. Rychlý scan ho před tím nenašel. Zkusil jsem vymazat msserm.exe včetně jeho adresáře, po restartu vše maká a msserm z procesů zmizel. V registry také není. Kdyby se znova objevil, budu zde pokračovat.
Díky za pomoc.
Jirka

[vyosek]

Bud si to lecte sam a delejte si kroky jake chcete, nebo delejte co pisu ja...dva lidi odvirovavat PC nemuzou...

Je tam jeste spousta bordelu, tak prosim udelejte kroky co jsem psal...

[cernohous13]

omluva za vstup

to celeron
nemůžeš svůj problém řešit zároveň na dvou fórech
http://www.ebastlirna.cz/modules.php?na ... ic&t=59832

tak se rozhodni

[celeron]

To cernohous13: Podívej se prosím na datumy a časy. Na Nuke jsem se zeptal co to je, a jelikož jsem tam nedostal uspokojivou odpověď, tak jsem se na doporučení kámoše přihlásil zde. Co je na tom špatnýho?

To vyosek:
Obojí doporučení jsem provedl:

# AdwCleaner v3.001 - Report created 28/08/2013 at 21:54:50
# Updated 24/08/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Jirka - AMD
# Running from : C:\Users\Jirka\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\StarApp
Folder Deleted : C:\Users\Jirka\AppData\Roaming\ExpressFiles

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EC2BAE47-25AF-4CE9-9E78-10627A49C9EA}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\ExpressFiles
Key Deleted : HKLM\Software\ExpressFiles
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16502


*************************

AdwCleaner[R0].txt - [2028 octets] - [28/08/2013 21:53:20]
AdwCleaner[S0].txt - [1878 octets] - [28/08/2013 21:54:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1938 octets] ##########

Pak jsem to zkusil ještě jednou:

# AdwCleaner v3.001 - Report created 28/08/2013 at 22:03:27
# Updated 24/08/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Jirka - AMD
# Running from : C:\Users\Jirka\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16502


*************************

AdwCleaner[R0].txt - [2028 octets] - [28/08/2013 21:53:20]
AdwCleaner[R1].txt - [868 octets] - [28/08/2013 22:02:57]
AdwCleaner[S0].txt - [2018 octets] - [28/08/2013 21:54:50]
AdwCleaner[S1].txt - [790 octets] - [28/08/2013 22:03:27]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [849 octets] ##########

Zjistil jsem, že jsem první JRT log někde zasel, tohle je ze druhýho.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.4 (08.22.2013:1)
OS: Windows 7 Home Premium x86
Ran by Jirka on st 28.08.2013 at 22:26:50,89
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 28.08.2013 at 22:28:13,21
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Když už v log nic není, mám považovat PC za čistý?
Díky
Jirka

[vyosek]

Poprosim o spusteni nasledujiciho

Aplikace ke stažení:

• http://tharifas.sweb.cz/FRSTLauncher.exe
• http://vyosek.ic.cz/pro_usery/FRSTLauncher.exe

Po stažení FRSTLauncher spustte, objevi se mozna varovani od antiviru, ignorujte a nechte FRSTL spustit

Následně dojde ke stažení FRST a inicializaci

• Po spuštění FRST odsouhlasíme licenční podmínky kliknutím na Ano.
• Dooznačíme položku Addition.txt - viz obrázek.
  
• Klikneme na tlačítko Scan čímž spustíme skenování.
• Počkáme na dokončení skenování FRST a vytvoření doplňkových informací naší nástavbou.
• Otevře se nám textový soubor FRST.txt, což je požadovaný log a jehož obsah vložíme do svého tématu na fóru.
• Po uzavření logu se FRSTLauncher.exe ukončí a na ploše nám zbyde utilta FRST a dva logy FRST.txt a Addition.txt - nic z toho zatím nemažeme.

[celeron]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-08-2013
Ran by Jirka (administrator) on 29-08-2013 23:38:07
Running from C:\Users\Jirka\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(IObit) C:\Program Files\IObit\Advanced SystemCare Ultimate\ascsvc.exe
(IOBit) C:\Program Files\IObit\Advanced SystemCare Ultimate\ascavsvc.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Spigot, Inc.) C:\Program Files\Application Updater\ApplicationUpdater.exe
(Dassault Systèmes) C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
(IObit) C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
() C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Gigabyte Technology CO.) C:\Program Files\Gigabyte\SmartRecovery2_x86\RPMDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Spigot, Inc.) C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare Ultimate\ASCTray.exe
(Dropbox, Inc.) C:\Users\Jirka\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11430504 2011-10-17] (Realtek Semiconductor)
HKLM\...\Run: [ISUSScheduler] - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-17] (InstallShield Software

Corporation)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [995176 2013-06-20] (Microsoft Corporation)
HKLM\...\Run: [KONICA MINOLTA magicolor 2500W STD] - C:\Windows\system32\MSTMON02.EXE [192512 2006-03-20] (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [SearchSettings] - C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [1303360 2013-08-08] (Spigot, Inc.)
HKLM\...\RunOnce: [GBTUpd] - C:\Program Files\Gigabyte\UpdManager\PreRun.exe [297480 2008-04-03] (PreRun)
HKLM\...\RunOnce: [RPMKickstart] - C:\Program Files\Gigabyte\SmartRecovery2_x86\RPMKickstart.exe [1785856 2013-01-22] (Gigabyte Technology CO., LTD.)
HKCU\...\Run: [ISUSPM Startup] - C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [221184 2005-02-17] (InstallShield Software Corporation)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [18706176 2013-01-08] (Skype Technologies S.A.)
HKCU\...\Run: [TomTomHOME.exe] - C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-07-02] (TomTom)
HKCU\...\Run: [Advanced SystemCare Ultimate] - C:\Program Files\IObit\Advanced SystemCare Ultimate\ASCTray.exe [512384 2012-11-07] (IObit)
Startup: C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Jirka\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

ProxyServer: :0
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE9MSE&PC=UP09
URLSearchHook: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\7.4\iobitappsToolbarIE.dll

(Spigot, Inc.)
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {842FA497-A777-4179-BFEB-6E290C988C9E} URL = http://search.yahoo.com/search?fr=chr-g ... =902615&p=

{searchTerms}
BHO: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\7.4\iobitappsToolbarIE.dll (Spigot, Inc.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\ADVANC~1\BROWER~1\ASCPLU~1.DLL (IObit)
BHO: GBHO.BHO - {c20391ee-b6fd-4a35-9f1b-2892dda5b107} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Smart Recovery 2 - {a011d643-4a67-4934-a775-46139847d7f2} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\7.4\iobitappsToolbarIE.dll

(Spigot, Inc.)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\..\Interfaces\{79CFCC3D-1125-4AB6-BF17-D3D5191A6513}: [NameServer]10.0.0.138,8.8.8.8

========================== Services (Whitelisted) =================

R2 AdvancedSystemCareService6; C:\Program Files\IObit\Advanced SystemCare Ultimate\ascsvc.exe [1051088 2012-12-13] (IObit)
R2 Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [807800 2013-08-08] (Spigot, Inc.)
R2 ASCAntivirusSrv; C:\Program Files\IObit\Advanced SystemCare Ultimate\ascavsvc.exe [623936 2013-07-08] (IOBit)
R2 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [86016 2012-12-27] (Dassault Systèmes)
R2 ES lite Service; C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] ()
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-06-20] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [19056 2011-11-02] ()
R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [211560 2013-06-18] (Microsoft Corporation)
R1 MpKsl1d093d5f; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{85D080A9-E0BA-40A8-AE7B-DC7841BEE913}\MpKsl1d093d5f.sys [29904

2013-08-29] (Microsoft Corporation)
R2 RtNdPt60; C:\Windows\System32\DRIVERS\RtNdPt60.sys [33056 2011-06-15] (Realtek )
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [15672 2010-11-26] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-29 23:37 - 2013-08-29 23:37 - 00000000 ____D C:\FRST
2013-08-29 23:37 - 2013-08-27 21:11 - 01072975 _____ (Farbar) C:\Users\Jirka\Desktop\FRST.exe
2013-08-29 16:13 - 2013-08-29 16:13 - 00001267 _____ C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2013-08-29 16:13 - 2013-08-29 16:13 - 00001228 _____ C:\Users\Public\Desktop\Advanced SystemCare Ultimate.lnk
2013-08-29 16:13 - 2013-08-29 16:13 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\Apple Computer
2013-08-29 16:13 - 2013-08-29 16:13 - 00000000 ____D C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2013-08-29 16:13 - 2013-08-29 16:13 - 00000000 ____D C:\ProgramData\{5A85B23A-4B58-47D1-9B9C-DFBD7866099F}
2013-08-29 16:13 - 2013-08-29 16:13 - 00000000 ____D C:\IObit
2013-08-29 16:12 - 2013-08-29 16:13 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\IObit
2013-08-29 16:12 - 2013-08-29 16:13 - 00000000 ____D C:\ProgramData\IObit
2013-08-29 16:12 - 2013-08-29 16:12 - 00001128 _____ C:\Users\Public\Desktop\Smart Defrag 2.lnk
2013-08-29 16:12 - 2013-08-29 16:12 - 00000000 ____D C:\Program Files\IObit Apps Toolbar
2013-08-29 16:12 - 2013-08-29 16:12 - 00000000 ____D C:\Program Files\IObit
2013-08-29 16:12 - 2013-08-29 16:12 - 00000000 ____D C:\Program Files\Common Files\Spigot
2013-08-29 16:12 - 2013-08-29 16:12 - 00000000 ____D C:\Program Files\Application Updater
2013-08-29 16:12 - 2013-08-29 16:12 - 00000000 _____ C:\search.sqlite
2013-08-29 16:12 - 2013-08-29 16:12 - 00000000 _____ C:\prefs.js
2013-08-29 16:12 - 2012-05-08 18:35 - 00029528 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe
2013-08-29 16:12 - 2010-11-26 18:02 - 00015672 _____ C:\Windows\system32\Drivers\SmartDefragDriver.sys
2013-08-29 11:57 - 2013-08-29 23:33 - 00000168 _____ C:\Windows\setupact.log
2013-08-29 11:57 - 2013-08-29 11:57 - 00000000 _____ C:\Windows\setuperr.log
2013-08-28 22:28 - 2013-08-28 22:28 - 00000631 _____ C:\Users\Jirka\Desktop\JRT.txt
2013-08-28 22:00 - 2013-08-29 23:37 - 00051169 _____ C:\Windows\WindowsUpdate.log
2013-08-28 21:53 - 2013-08-28 22:03 - 00000000 ____D C:\AdwCleaner
2013-08-28 21:52 - 2013-08-28 21:52 - 00009685 _____ C:\Users\Public\Documents\JRT.txt
2013-08-28 21:49 - 2013-08-28 21:49 - 00000000 ____D C:\Windows\ERUNT
2013-08-28 21:48 - 2013-08-28 21:48 - 00994642 _____ C:\Users\Jirka\Desktop\adwcleaner.exe
2013-08-28 21:47 - 2013-08-28 21:47 - 01021434 _____ (Thisisu) C:\Users\Jirka\Desktop\JRT.exe
2013-08-28 13:44 - 2013-08-28 13:44 - 00000000 _____ C:\Users\Jirka\Documents\output-client.log.lck
2013-08-28 13:43 - 2013-08-28 13:43 - 00000000 ____D C:\Users\Jirka\Documents\crash-reports
2013-08-28 13:26 - 2013-08-28 13:26 - 00000082 _____ C:\Users\Jirka\Desktop\MOL_Properties.properties
2013-08-28 12:45 - 2013-08-28 20:26 - 00000000 ____D C:\Program Files\trend micro
2013-08-28 12:45 - 2013-08-28 12:45 - 00000000 ____D C:\rsit
2013-08-27 23:00 - 2013-08-27 23:00 - 00001014 _____ C:\Users\Jirka\Desktop\Hard Disk Low Level Format Tool.lnk
2013-08-27 23:00 - 2013-08-27 23:00 - 00000001 _____ C:\Users\Jirka\AppData\Local\llftool.4.05.agreement
2013-08-27 23:00 - 2013-08-27 23:00 - 00000000 ____D C:\Program Files\HDDGURU LLF Tool
2013-08-27 22:10 - 2013-08-27 22:10 - 00000079 _____ C:\Windows\wininit.ini
2013-08-26 23:16 - 2013-08-26 23:17 - 00000000 ____D C:\Users\Jirka\Documents\EXPORTY FVE
2013-08-26 01:05 - 2013-08-26 01:05 - 00000989 _____ C:\Users\Jirka\Desktop\MediaCoder.lnk
2013-08-26 01:05 - 2013-08-26 01:05 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaCoder
2013-08-26 01:04 - 2013-08-26 01:05 - 00000000 ____D C:\Program Files\MediaCoder
2013-08-26 01:04 - 2013-08-26 01:04 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\Broad Intelligence
2013-08-26 01:03 - 2013-08-26 01:04 - 67797351 _____ C:\Users\Jirka\Downloads\MediaCoder-0.8.25.5553.exe
\winrar.exe
2013-08-24 23:55 - 2013-08-24 23:55 - 00234010 _____ C:\Windows\system32\poclbm130302GeForce GT 440gv1w256l4.bin
2013-08-24 23:55 - 2013-08-24 23:55 - 00000000 _____ C:\Users\Jirka\regbcm
\AppData\Local\llftool.4.30.agreement
2013-08-22 18:50 - 2013-08-22 18:50 - 00002727 _____ C:\Users\Jirka\Desktop\TomTom HOME 2.lnk
2013-08-22 15:22 - 2013-08-22 15:22 - 00000000 ____D C:\ProgramData\TomTom
2013-08-22 14:08 - 2013-08-22 14:08 - 00000000 ____D C:\Users\Jirka\Documents\TomTom
2013-08-22 14:08 - 2013-08-22 14:08 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\TomTom
2013-08-22 14:08 - 2013-08-22 14:08 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\Mozilla
2013-08-22 14:08 - 2013-08-22 14:08 - 00000000 ____D C:\Users\Jirka\AppData\Local\TomTom
2013-08-22 14:08 - 2013-08-22 14:08 - 00000000 ____D C:\Program Files\TomTom HOME 2
2013-08-22 14:07 - 2013-08-22 14:07 - 00000000 ____D C:\Users\Jirka\AppData\Local\Downloaded Installations
2013-08-17 14:06 - 2013-08-22 13:43 - 00000000 ____D C:\ProgramData\Win7codecs
2013-08-17 14:06 - 2013-08-22 13:43 - 00000000 ____D C:\Program Files\Win7codecs
2013-08-17 14:06 - 2013-08-22 13:42 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\Seznam.cz
2013-08-17 14:06 - 2013-08-17 14:13 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\vlc
2013-08-17 14:03 - 2013-08-17 14:06 - 27958458 _____ C:\Users\Jirka\Downloads\Win7codecs_v412.exe
2013-08-17 14:01 - 2013-08-17 14:11 - 00001024 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-08-17 14:01 - 2013-08-17 14:01 - 00000000 ____D C:\Program Files\VideoLAN
2013-08-17 14:00 - 2013-08-17 14:00 - 02735188 _____ (TV Online) C:\Users\Jirka\Downloads\tvonline.exe
2013-08-17 14:00 - 2013-08-17 14:00 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\TV Online
2013-08-17 13:58 - 2013-08-17 13:58 - 00001179 _____ C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2013-08-17 13:58 - 2013-08-17 13:58 - 00001155 _____ C:\Users\Public\Desktop\GOM Player.lnk
2013-08-17 13:58 - 2013-08-17 13:58 - 00001083 _____ C:\Users\Public\Desktop\GOM Audio.lnk
2013-08-17 13:58 - 2013-08-17 13:58 - 00000000 ____D C:\ProgramData\GRETECH
2013-08-17 13:58 - 2013-08-17 13:58 - 00000000 ____D C:\Program Files\Common Files\Gretech Corporation
2013-08-17 13:57 - 2013-08-17 13:58 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\GRETECH
2013-08-17 13:57 - 2013-08-17 13:58 - 00000000 ____D C:\Program Files\GRETECH
2013-08-17 13:56 - 2013-08-17 13:57 - 11158200 _____ (Gretech Corporation) C:\Users\Jirka\Downloads\GOMPLAYERENSETUP.EXE
2013-08-17 13:55 - 2013-08-17 13:55 - 00001156 _____ C:\Users\Jirka\Desktop\Format Factory.lnk
2013-08-17 13:55 - 2013-08-17 13:55 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2013-08-17 13:54 - 2013-08-17 13:54 - 56866424 _____ C:\Users\Jirka\Downloads\ffactory-setup.exe
2013-08-17 13:54 - 2013-08-17 13:54 - 00000000 ____D C:\Program Files\FreeTime
2013-08-17 13:47 - 2013-08-17 13:47 - 00612889 _____ C:\Users\Jirka\Downloads\wcx_7zip_0.7.6.5a.bin.zip
2013-08-17 13:45 - 2013-08-17 13:45 - 05949260 _____ C:\Users\Jirka\Downloads\Freeware_pdfunlocker.zip
2013-08-17 13:43 - 2013-08-17 13:43 - 08885012 _____ C:\Users\Jirka\Downloads\vidalia-bundle-0.2.1.30-0.2.12.exe
2013-08-17 13:40 - 2013-08-17 13:40 - 10777554 _____ C:\Users\Jirka\Downloads\installspeedfan.exe
2013-08-17 13:36 - 2013-08-17 13:40 - 621283886 _____ C:\Users\Jirka\Downloads\Hirens.BootCD.15.2.zip
2013-08-17 13:34 - 2013-08-17 13:34 - 00001120 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-08-17 13:33 - 2013-08-17 13:33 - 00000000 ____D C:\Program Files\TeamViewer
2013-08-17 13:33 - 2013-06-06 08:24 - 00025088 _____ (TeamViewer GmbH) C:\Windows\system32\Drivers\teamviewervpn.sys
2013-08-17 13:31 - 2013-08-17 13:33 - 05539360 _____ (TeamViewer GmbH) C:\Users\Jirka\Downloads\TeamViewer_Setup_cs.exe
2013-08-16 23:01 - 2013-08-16 23:01 - 02945192 _____ (Safe Download Ltd. ) C:\Users\Jirka\Downloads

\RegistryExpert_d6f6744b338f4ffbb4757ed530e344d7_.exe
2013-08-15 17:06 - 2013-08-15 17:06 - 00000938 _____ C:\Users\Public\Desktop\DjVu Viewer.lnk
2013-08-15 17:06 - 2013-08-15 17:06 - 00000000 ____D C:\Program Files\DjVu Viewer
2013-08-14 14:28 - 2013-07-25 04:40 - 12334080 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-14 14:28 - 2013-07-25 04:32 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-14 14:28 - 2013-07-25 04:30 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-14 14:28 - 2013-07-25 04:26 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-14 14:28 - 2013-07-25 04:26 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-14 14:28 - 2013-07-25 04:25 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-08-14 14:28 - 2013-07-25 04:24 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-08-14 14:28 - 2013-07-25 04:24 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-14 14:28 - 2013-07-25 04:23 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-14 14:28 - 2013-07-25 04:23 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-14 14:28 - 2013-07-25 04:23 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-14 14:28 - 2013-07-25 04:23 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-08-14 14:28 - 2013-07-25 04:23 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-08-14 14:28 - 2013-07-25 04:22 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-14 14:28 - 2013-07-25 04:22 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-14 14:28 - 2013-07-25 04:22 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-08-14 14:12 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-14 14:12 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 14:12 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-08-14 14:12 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 14:12 - 2013-07-09 06:53 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 14:12 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 14:12 - 2013-07-09 06:50 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 14:12 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 14:12 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 14:12 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-14 14:12 - 2013-07-06 07:05 - 01293760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 14:12 - 2013-06-15 05:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-14 13:04 - 2013-08-14 13:35 - 00002012 _____ C:\Users\Jirka\Documents\output-server.log.1
2013-08-14 13:04 - 2013-08-14 13:04 - 00000000 _____ C:\Users\Jirka\Documents\output-server.log.1.lck
2013-08-14 12:59 - 2013-08-14 13:02 - 00000000 _____ C:\Users\Jirka\Documents\output-server.log.lck
2013-08-14 12:32 - 2013-08-28 13:53 - 00000154 _____ C:\Users\Jirka\Documents\servers.dat
2013-08-14 12:19 - 2013-08-28 13:56 - 00193799 _____ C:\Users\Jirka\Documents\output-client.log
2013-08-14 12:19 - 2013-08-28 13:56 - 00000000 ____D C:\Users\Jirka\Documents\stats
2013-08-14 12:19 - 2013-08-28 13:47 - 00000963 _____ C:\Users\Jirka\Documents\options.txt
2013-08-14 12:19 - 2013-08-28 13:44 - 00000322 _____ C:\Users\Jirka\Documents\launcher_profiles.json
2013-08-14 12:19 - 2013-08-14 13:04 - 00006521 _____ C:\Users\Jirka\Documents\output-server.log
2013-08-14 12:19 - 2013-08-14 13:02 - 00000000 ____D C:\Users\Jirka\Documents\saves
2013-08-14 12:19 - 2013-08-14 12:19 - 00000000 ____D C:\Users\Jirka\Documents\resourcepacks
2013-08-14 12:19 - 2013-08-14 12:19 - 00000000 ____D C:\Users\Jirka\Documents\libraries
2013-08-14 12:18 - 2013-08-14 12:19 - 00000000 ____D C:\Users\Jirka\Documents\versions
2013-08-11 21:36 - 2013-08-11 21:36 - 00000000 ____D C:\OEM51
2013-08-11 21:32 - 2013-08-11 21:32 - 00000967 _____ C:\Users\Jirka\Desktop\AX51.PIF
2013-08-11 00:54 - 2013-08-11 21:35 - 00000000 ____D C:\AX51
2013-08-09 14:29 - 2013-08-09 14:29 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\TFP
2013-08-09 14:29 - 2012-05-11 15:47 - 01081616 _____ (Microsoft Corporation) C:\Windows\system32\mscomctl.ocx
2013-08-09 14:29 - 2012-05-11 15:47 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\MSCMCFR.DLL
2013-08-09 14:29 - 2012-05-11 15:47 - 00119568 _____ (Microsoft Corporation) C:\Windows\system32\VB6FR.DLL
2013-08-09 14:29 - 2012-05-11 15:47 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\VB6STKIT.DLL
2013-08-09 14:29 - 2012-05-11 15:47 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\CMDLGFR.DLL
2013-08-09 14:26 - 2013-08-09 14:26 - 01624064 _____ (Bandoo Media Inc) C:\Users\Jirka\Downloads\iLividSetup-r484-n-bc.exe
2013-08-09 14:06 - 2013-08-09 14:06 - 03010440 _____ (Allin1Convert) C:\Users\Jirka\Downloads\Allin1ConvertCrxSetup.B2611DBB-471D-423D-9796-

25D8A360E2FA.exe
2013-08-07 23:58 - 2013-08-22 00:16 - 00000000 ____D C:\Users\Jirka\Documents\Schémata PC zdrojů AT a ATX_soubory
2013-08-07 23:58 - 2013-08-07 23:58 - 00018665 _____ C:\Users\Jirka\Documents\Schémata PC zdrojů AT a ATX.htm
2013-08-07 22:35 - 2013-08-15 15:07 - 00000000 ____D C:\Users\Jirka

==================== One Month Modified Files and Folders =======

2013-08-29 23:37 - 2013-08-29 23:37 - 00000000 ____D C:\Users\Jirka\AppData\Local\qb03734B.8E
2013-08-29 23:37 - 2013-08-29 23:37 - 00000000 ____D C:\FRST
2013-08-29 23:37 - 2013-08-28 22:00 - 00051169 _____ C:\Windows\WindowsUpdate.log
2013-08-29 23:35 - 2013-01-26 22:48 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\Dropbox
2013-08-29 23:34 - 2013-01-26 22:53 - 00000000 ___RD C:\Users\Jirka\Dropbox
2013-08-29 23:34 - 2013-01-22 10:52 - 00017488 _____ (Windows (R) 2000 DDK provider) C:\Windows\gdrv.sys
2013-08-29 23:34 - 2013-01-22 01:35 - 00000144 _____ C:\service.log
2013-08-29 23:33 - 2013-08-29 11:57 - 00000168 _____ C:\Windows\setupact.log
2013-08-29 23:33 - 2013-01-22 10:26 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-29 23:33 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-29 20:48 - 2013-03-16 13:24 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-29 20:17 - 2009-07-14 06:34 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-

601632D005A0
2013-08-29 20:17 - 2009-07-14 06:34 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-

601632D005A0
2013-08-29 16:13 - 2013-08-29 16:13 - 00001267 _____ C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2013-08-29 16:13 - 2013-08-29 16:13 - 00001228 _____ C:\Users\Public\Desktop\Advanced SystemCare Ultimate.lnk
2013-08-29 16:13 - 2013-08-29 16:13 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\Apple Computer
2013-08-29 16:13 - 2013-08-29 16:13 - 00000000 ____D C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2013-08-29 16:13 - 2013-08-29 16:13 - 00000000 ____D C:\ProgramData\{5A85B23A-4B58-47D1-9B9C-DFBD7866099F}
2013-08-29 16:13 - 2013-08-29 16:13 - 00000000 ____D C:\IObit
2013-08-29 16:13 - 2013-08-29 16:12 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\IObit
2013-08-29 16:13 - 2013-08-29 16:12 - 00000000 ____D C:\ProgramData\IObit
2013-08-29 16:12 - 2013-08-29 16:12 - 00001128 _____ C:\Users\Public\Desktop\Smart Defrag 2.lnk
2013-08-29 16:12 - 2013-08-29 16:12 - 00000000 ____D C:\Program Files\IObit Apps Toolbar
2013-08-29 16:12 - 2013-08-29 16:12 - 00000000 ____D C:\Program Files\IObit
2013-08-29 16:12 - 2013-08-29 16:12 - 00000000 ____D C:\Program Files\Common Files\Spigot
2013-08-29 16:12 - 2013-08-29 16:12 - 00000000 ____D C:\Program Files\Application Updater
2013-08-29 16:12 - 2013-08-29 16:12 - 00000000 _____ C:\search.sqlite
2013-08-29 16:12 - 2013-08-29 16:12 - 00000000 _____ C:\prefs.js
2013-08-29 11:57 - 2013-08-29 11:57 - 00000000 _____ C:\Windows\setuperr.log
2013-08-28 22:28 - 2013-08-28 22:28 - 00000631 _____ C:\Users\Jirka\Desktop\JRT.txt
2013-08-28 22:03 - 2013-08-28 21:53 - 00000000 ____D C:\AdwCleaner
2013-08-28 21:52 - 2013-08-28 21:52 - 00009685 _____ C:\Users\Public\Documents\JRT.txt
2013-08-28 21:49 - 2013-08-28 21:49 - 00000000 ____D C:\Windows\ERUNT
2013-08-28 21:48 - 2013-08-28 21:48 - 00994642 _____ C:\Users\Jirka\Desktop\adwcleaner.exe
2013-08-28 21:47 - 2013-08-28 21:47 - 01021434 _____ (Thisisu) C:\Users\Jirka\Desktop\JRT.exe
2013-08-28 20:59 - 2013-01-26 22:57 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\Skype
2013-08-28 20:26 - 2013-08-28 12:45 - 00000000 ____D C:\Program Files\trend micro
2013-08-28 13:56 - 2013-08-14 12:19 - 00193799 _____ C:\Users\Jirka\Documents\output-client.log
2013-08-28 13:56 - 2013-08-14 12:19 - 00000000 ____D C:\Users\Jirka\Documents\stats
2013-08-28 13:53 - 2013-08-14 12:32 - 00000154 _____ C:\Users\Jirka\Documents\servers.dat
2013-08-28 13:47 - 2013-08-14 12:19 - 00000963 _____ C:\Users\Jirka\Documents\options.txt
2013-08-28 13:44 - 2013-08-28 13:44 - 00000000 _____ C:\Users\Jirka\Documents\output-client.log.lck
2013-08-28 13:44 - 2013-08-14 12:19 - 00000322 _____ C:\Users\Jirka\Documents\launcher_profiles.json
2013-08-28 13:43 - 2013-08-28 13:43 - 00000000 ____D C:\Users\Jirka\Documents\crash-reports
2013-08-28 13:26 - 2013-08-28 13:26 - 00000082 _____ C:\Users\Jirka\Desktop\MOL_Properties.properties
2013-08-28 13:22 - 2013-01-22 15:41 - 00000000 ____D C:\Users\Jirka\AppData\Local\Adobe
2013-08-28 12:45 - 2013-08-28 12:45 - 00000000 ____D C:\rsit
2013-08-27 23:00 - 2013-08-27 23:00 - 00001014 _____ C:\Users\Jirka\Desktop\Hard Disk Low Level Format Tool.lnk
2013-08-27 23:00 - 2013-08-27 23:00 - 00000001 _____ C:\Users\Jirka\AppData\Local\llftool.4.05.agreement
2013-08-27 23:00 - 2013-08-27 23:00 - 00000000 ____D C:\Program Files\HDDGURU LLF Tool
2013-08-27 22:55 - 2013-01-22 10:25 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-08-27 22:50 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Speech
2013-08-27 22:45 - 2013-04-06 13:10 - 00000000 ____D C:\Users\Jirka\AppData\Local\Google
2013-08-27 22:10 - 2013-08-27 22:10 - 00000079 _____ C:\Windows\wininit.ini
2013-08-27 21:11 - 2013-08-29 23:37 - 01072975 _____ (Farbar) C:\Users\Jirka\Desktop\FRST.exe
2013-08-26 23:17 - 2013-08-26 23:16 - 00000000 ____D C:\Users\Jirka\Documents\EXPORTY FVE
2013-08-26 01:25 - 2009-07-14 04:04 - 00000797 _____ C:\Windows\win.ini
2013-08-26 01:05 - 2013-08-26 01:05 - 00000989 _____ C:\Users\Jirka\Desktop\MediaCoder.lnk
2013-08-26 01:05 - 2013-08-26 01:05 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaCoder
2013-08-26 01:05 - 2013-08-26 01:04 - 00000000 ____D C:\Program Files\MediaCoder
2013-08-26 01:04 - 2013-08-26 01:04 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\Broad Intelligence
2013-08-26 01:04 - 2013-08-26 01:03 - 67797351 _____ C:\Users\Jirka\Downloads\MediaCoder-0.8.25.5553.exe
2013-08-26 00:59 - 2013-08-26 00:45 - 00000061 _____ C:\Windows\system32\epos.err
2013-08-25 15:50 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\LiveKernelReports
2013-08-24 23:56 - 2013-08-24 23:55 - 05331526 _____ ( ) C:\Users\Jirka\Downloads

\winrar.exe
2013-08-24 23:55 - 2013-08-24 23:55 - 00234010 _____ C:\Windows\system32\poclbm130302GeForce GT 440gv1w256l4.bin
2013-08-24 23:55 - 2013-08-24 23:55 - 00000000 _____ C:\Users\Jirka\regbcm
2013-08-24 23:55 - 2013-02-01 14:56 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\NVIDIA
2013-08-22 18:50 - 2013-08-22 18:50 - 00002727 _____ C:\Users\Jirka\Desktop\TomTom HOME 2.lnk
2013-08-22 15:22 - 2013-08-22 15:22 - 00000000 ____D C:\ProgramData\TomTom
2013-08-22 14:08 - 2013-08-22 14:08 - 00000000 ____D C:\Users\Jirka\Documents\TomTom
2013-08-22 14:08 - 2013-08-22 14:08 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\TomTom
2013-08-22 14:08 - 2013-08-22 14:08 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\Mozilla
2013-08-22 14:08 - 2013-08-22 14:08 - 00000000 ____D C:\Users\Jirka\AppData\Local\TomTom
2013-08-22 14:08 - 2013-08-22 14:08 - 00000000 ____D C:\Program Files\TomTom HOME 2
2013-08-22 14:07 - 2013-08-22 14:07 - 00000000 ____D C:\Users\Jirka\AppData\Local\Downloaded Installations
2013-08-22 13:56 - 2013-04-27 14:05 - 00000000 ____D C:\Users\Jirka\AppData\Local\Deployment
2013-08-22 13:43 - 2013-08-17 14:06 - 00000000 ____D C:\ProgramData\Win7codecs
2013-08-22 13:43 - 2013-08-17 14:06 - 00000000 ____D C:\Program Files\Win7codecs
2013-08-22 13:42 - 2013-08-17 14:06 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\Seznam.cz
2013-08-22 12:25 - 2013-08-22 12:25 - 00000000 ___HD C:\Windows\PIF
2013-08-22 00:16 - 2013-08-07 23:58 - 00000000 ____D C:\Users\Jirka\Documents\Schémata PC zdrojů AT a ATX_soubory
2013-08-20 23:11 - 2013-07-29 00:36 - 00000000 ____D C:\Users\Jirka\Downloads\Amatérské rádio
2013-08-20 21:19 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2013-08-19 14:01 - 2013-01-22 11:08 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-08-19 14:01 - 2013-01-22 11:08 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-08-18 00:14 - 2009-07-14 06:33 - 00364848 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-17 14:13 - 2013-08-17 14:06 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\vlc
2013-08-17 14:11 - 2013-08-17 14:01 - 00001024 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-08-17 14:06 - 2013-08-17 14:03 - 27958458 _____ C:\Users\Jirka\Downloads\Win7codecs_v412.exe
2013-08-17 14:01 - 2013-08-17 14:01 - 00000000 ____D C:\Program Files\VideoLAN
2013-08-17 14:00 - 2013-08-17 14:00 - 02735188 _____ (TV Online) C:\Users\Jirka\Downloads\tvonline.exe
2013-08-17 14:00 - 2013-08-17 14:00 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\TV Online
2013-08-17 13:58 - 2013-08-17 13:58 - 00001179 _____ C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2013-08-17 13:58 - 2013-08-17 13:58 - 00001155 _____ C:\Users\Public\Desktop\GOM Player.lnk
2013-08-17 13:58 - 2013-08-17 13:58 - 00001083 _____ C:\Users\Public\Desktop\GOM Audio.lnk
2013-08-17 13:58 - 2013-08-17 13:58 - 00000000 ____D C:\ProgramData\GRETECH
2013-08-17 13:58 - 2013-08-17 13:58 - 00000000 ____D C:\Program Files\Common Files\Gretech Corporation
2013-08-17 13:58 - 2013-08-17 13:57 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\GRETECH
2013-08-17 13:58 - 2013-08-17 13:57 - 00000000 ____D C:\Program Files\GRETECH
2013-08-17 13:58 - 2013-01-22 11:06 - 00094080 _____ C:\Users\Jirka\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-17 13:57 - 2013-08-17 13:56 - 11158200 _____ (Gretech Corporation) C:\Users\Jirka\Downloads\GOMPLAYERENSETUP.EXE
2013-08-17 13:55 - 2013-08-17 13:55 - 00001156 _____ C:\Users\Jirka\Desktop\Format Factory.lnk
2013-08-17 13:55 - 2013-08-17 13:55 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2013-08-17 13:54 - 2013-08-17 13:54 - 56866424 _____ C:\Users\Jirka\Downloads\ffactory-setup.exe
2013-08-17 13:54 - 2013-08-17 13:54 - 00000000 ____D C:\Program Files\FreeTime
2013-08-17 13:47 - 2013-08-17 13:47 - 00612889 _____ C:\Users\Jirka\Downloads\wcx_7zip_0.7.6.5a.bin.zip
2013-08-17 13:45 - 2013-08-17 13:45 - 05949260 _____ C:\Users\Jirka\Downloads\Freeware_pdfunlocker.zip
2013-08-17 13:43 - 2013-08-17 13:43 - 08885012 _____ C:\Users\Jirka\Downloads\vidalia-bundle-0.2.1.30-0.2.12.exe
2013-08-17 13:40 - 2013-08-17 13:40 - 10777554 _____ C:\Users\Jirka\Downloads\installspeedfan.exe
2013-08-17 13:40 - 2013-08-17 13:36 - 621283886 _____ C:\Users\Jirka\Downloads\Hirens.BootCD.15.2.zip
2013-08-17 13:36 - 2013-08-17 13:34 - 36271144 _____ (Safer-Networking Ltd. ) C:\Users\Jirka\Downloads\spybot-

2.1.exe
2013-08-17 13:34 - 2013-08-17 13:34 - 00001120 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-08-17 13:33 - 2013-08-17 13:33 - 00000000 ____D C:\Program Files\TeamViewer
2013-08-17 13:33 - 2013-08-17 13:31 - 05539360 _____ (TeamViewer GmbH) C:\Users\Jirka\Downloads\TeamViewer_Setup_cs.exe
2013-08-17 13:28 - 2013-07-08 00:38 - 00001126 _____ C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
2013-08-17 13:27 - 2013-07-08 00:38 - 00000000 ____D C:\Program Files\OpenOffice.org 3
2013-08-17 13:17 - 2013-01-22 11:06 - 00001912 _____ C:\Windows\epplauncher.mif
2013-08-17 13:16 - 2013-01-22 10:57 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-08-16 23:01 - 2013-08-16 23:01 - 02945192 _____ (Safe Download Ltd. ) C:\Users\Jirka\Downloads

\RegistryExpert_d6f6744b338f4ffbb4757ed530e344d7_.exe
2013-08-15 17:06 - 2013-08-15 17:06 - 00000938 _____ C:\Users\Public\Desktop\DjVu Viewer.lnk
2013-08-15 17:06 - 2013-08-15 17:06 - 00000000 ____D C:\Program Files\DjVu Viewer
2013-08-15 16:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2013-08-15 13:42 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-08-14 14:28 - 2013-07-27 01:58 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 14:27 - 2013-01-22 11:45 - 75778376 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-14 13:35 - 2013-08-14 13:04 - 00002012 _____ C:\Users\Jirka\Documents\output-server.log.1
2013-08-14 13:04 - 2013-08-14 13:04 - 00000000 _____ C:\Users\Jirka\Documents\output-server.log.1.lck
2013-08-14 13:04 - 2013-08-14 12:19 - 00006521 _____ C:\Users\Jirka\Documents\output-server.log
2013-08-14 13:02 - 2013-08-14 12:59 - 00000000 _____ C:\Users\Jirka\Documents\output-server.log.lck
2013-08-14 13:02 - 2013-08-14 12:19 - 00000000 ____D C:\Users\Jirka\Documents\saves
2013-08-14 12:19 - 2013-08-14 12:19 - 00000000 ____D C:\Users\Jirka\Documents\resourcepacks
2013-08-14 12:19 - 2013-08-14 12:19 - 00000000 ____D C:\Users\Jirka\Documents\libraries
2013-08-14 12:19 - 2013-08-14 12:18 - 00000000 ____D C:\Users\Jirka\Documents\versions
2013-08-14 12:18 - 2013-08-14 12:18 - 00000000 ____D C:\Users\Jirka\minecraft
2013-08-14 12:18 - 2013-08-14 12:18 - 00000000 ____D C:\Users\Jirka\Documents\assets
2013-08-11 21:36 - 2013-08-11 21:36 - 00000000 ____D C:\OEM51
2013-08-11 21:35 - 2013-08-11 00:54 - 00000000 ____D C:\AX51
2013-08-11 21:32 - 2013-08-11 21:32 - 00000967 _____ C:\Users\Jirka\Desktop\AX51.PIF
2013-08-09 14:29 - 2013-08-09 14:29 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\TFP
2013-08-09 14:26 - 2013-08-09 14:26 - 01624064 _____ (Bandoo Media Inc) C:\Users\Jirka\Downloads\iLividSetup-r484-n-bc.exe
2013-08-09 14:06 - 2013-08-09 14:06 - 03010440 _____ (Allin1Convert) C:\Users\Jirka\Downloads\Allin1ConvertCrxSetup.B2611DBB-471D-423D-9796-

25D8A360E2FA.exe
2013-08-07 23:58 - 2013-08-07 23:58 - 00018665 _____ C:\Users\Jirka\Documents\Schémata PC zdrojů AT a ATX.htm

Files to move or delete:
====================
C:\Users\Jirka\AppData\Local\Temp\Quarantine.exe
C:\Users\Jirka\AppData\Local\Temp\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\AskPartnerCobrandingTool.exe
C:\Users\Jirka\AppData\Local\Temp\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\instApp.exe
C:\Users\Jirka\AppData\Local\Temp\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\RunIE.exe
C:\Users\Jirka\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
C:\Users\Jirka\AppData\Local\Temp\is-RQ790.tmp\ASCUpgrade.exe
C:\Users\Jirka\AppData\Local\Temp\is-RQ790.tmp\datastate.dll
C:\Users\Jirka\AppData\Local\Temp\is-RQ790.tmp\DownConfig.exe
C:\Users\Jirka\AppData\Local\Temp\is-RQ790.tmp\FileCopy.exe
C:\Users\Jirka\AppData\Local\Temp\is-RQ790.tmp\RdZone.dll
C:\Users\Jirka\AppData\Local\Temp\is-RQ790.tmp\_isetup\_shfoldr.dll
C:\Users\Jirka\AppData\Local\Temp\is-R2A66.tmp\ToolbarAcceptRate.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit



==================== Scheduled Tasks (whitelisted) ===========

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Supplementary Scan (All) ================

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NtVdmSrv
C:\Windows\inf\ntvdm.vbe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PAC7302_Monitor
Re�im ECHO je vypnut.



[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=dword:00000000
"ConsentPromptBehaviorUser"=dword:00000003
"EnableInstallerDetection"=dword:00000001
"EnableLUA"=dword:00000000
"EnableSecureUIAPaths"=dword:00000001
"EnableUIADesktopToggle"=dword:00000000
"EnableVirtualization"=dword:00000001
"PromptOnSecureDesktop"=dword:00000000
"ValidateAdminCodeSignatures"=dword:00000000
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"scforceoption"=dword:00000000
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"FilterAdministratorToken"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval"=dword:00000001
"AntiVirusOverride"=dword:00000000
"AntiSpywareOverride"=dword:00000000
"FirewallOverride"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DefaultOutboundAction REG_DWORD 0x0
DefaultInboundAction REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"="msrle32.dll"
"vidc.msvc"="msvidc32.dll"
"msacm.imaadpcm"="imaadp32.acm"
"msacm.msg711"="msg711.acm"
"msacm.msgsm610"="msgsm32.acm"
"msacm.msadpcm"="msadp32.acm"
"midimapper"="midimap.dll"
"wavemapper"="msacm32.drv"
"VIDC.UYVY"="msyuv.dll"
"VIDC.YUY2"="msyuv.dll"
"VIDC.YVYU"="msyuv.dll"
"VIDC.IYUV"="iyuv_32.dll"
"vidc.i420"="iyuv_32.dll"
"VIDC.YVU9"="tsbyuv.dll"
"msacm.l3acm"="C:\\Windows\\System32\\l3codeca.acm"
"vidc.cvid"="iccvid.dll"
"wave5"="wdmaud.drv"
"midi5"="wdmaud.drv"
"mixer5"="wdmaud.drv"
"aux5"="wdmaud.drv"
"wave"="wdmaud.drv"
"midi"="wdmaud.drv"
"mixer"="wdmaud.drv"
"aux"="wdmaud.drv"
"wave3"="wdmaud.drv"
"midi3"="wdmaud.drv"
"mixer3"="wdmaud.drv"
"wave4"="wdmaud.drv"
"midi4"="wdmaud.drv"
"mixer4"="wdmaud.drv"
"wave1"="wdmaud.drv"
"midi1"="wdmaud.drv"
"mixer1"="wdmaud.drv"
"wave2"="wdmaud.drv"
"midi2"="wdmaud.drv"
"mixer2"="wdmaud.drv"
"MSVideo8"="VfWWDM32.dll"
"wave6"="wdmaud.drv"
"midi6"="wdmaud.drv"
"mixer6"="wdmaud.drv"
"aux1"="wdmaud.drv"
"wave7"="wdmaud.drv"
"midi7"="wdmaud.drv"
"mixer7"="wdmaud.drv"
"aux2"="wdmaud.drv"
"msacm.l3pacm"="l3codecp.acm"
"msacm.aacacm"="AACACM.acm"
"msacm.lameacm"="lameACM.acm"
"msacm.ac3acm"="ac3acm.acm"
"VIDC.LAGS"="lagarith.dll"
"msacm.ac3filter"="ac3filter.acm"


==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:341.8 GB) (Free:285.27 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:589.71 GB) (Free:440.98 GB) NTFS
Drive f: (Místní disk) (Fixed) (Total:38.33 GB) (Free:1.74 GB) NTFS

Available physical RAM: 2005.33 MB
Total physical RAM: 3069.55 MB
Percentage of memory in use: 34%

LastRegBack: 2013-08-22 02:58

==================== End Of Log ==============================

[vyosek]

Odinstalujte Advanced SystemCare 5 a Smart Defrag 2 a nasledne i vse od IOBit - jsou to cinske smejdy a spise jen skodi nez jsou uzitkem. Hledaji nesmyslne a neexistujici problemy, databazi haveti ukradli jine renomovane spolecnosti

NEINSTALUJTE zadne dalsi programy nez dokoncime nase leceni. Ty kramy od IOBit a Spigotu se tam dostaly mezi nasimi kroky a predtim jsme se jich pracne zbavovaly To je pak jak u blbecku na dvorecku

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKLM\...\Run: [ISUSScheduler] - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-17] (InstallShield Software Corporation)
  HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
  HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
  HKLM\...\Run: [] - [x]
  HKLM\...\Run: [SearchSettings] - C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [1303360 2013-08-08] (Spigot, Inc.)
  HKLM\...\RunOnce: [GBTUpd] - C:\Program Files\Gigabyte\UpdManager\PreRun.exe [297480 2008-04-03] (PreRun)
  HKCU\...\Run: [ISUSPM Startup] - C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [221184 2005-02-17] (InstallShield Software Corporation)
  HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [18706176 2013-01-08] (Skype Technologies S.A.)
  HKCU\...\Run: [TomTomHOME.exe] - C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-07-02] (TomTom)
  HKCU\...\Run: [Advanced SystemCare Ultimate] - C:\Program Files\IObit\Advanced SystemCare Ultimate\ASCTray.exe [512384 2012-11-07] (IObit)
  ProxyServer: :0
  HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE9MSE&PC=UP09
  URLSearchHook: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\7.4\iobitappsToolbarIE.dll (Spigot, Inc.)
  SearchScopes: HKLM - DefaultScope value is missing.
  SearchScopes: HKCU - {842FA497-A777-4179-BFEB-6E290C988C9E} URL = http://search.yahoo.com/search?fr=chr-g ... =902615&p= {searchTerms}
  BHO: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\7.4\iobitappsToolbarIE.dll (Spigot, Inc.)
  BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\ADVANC~1\BROWER~1\ASCPLU~1.DLL (IObit)
  Toolbar: HKLM - IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\7.4\iobitappsToolbarIE.dll (Spigot, Inc.)
  R2 AdvancedSystemCareService6; C:\Program Files\IObit\Advanced SystemCare Ultimate\ascsvc.exe [1051088 2012-12-13] (IObit)
  R2 Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [807800 2013-08-08] (Spigot, Inc.)
  R2 ASCAntivirusSrv; C:\Program Files\IObit\Advanced SystemCare Ultimate\ascavsvc.exe [623936 2013-07-08] (IOBit)
  2013-08-29 16:13 - 2013-08-29 16:13 - 00000000 ____D C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
  2013-08-29 16:13 - 2013-08-29 16:13 - 00000000 ____D C:\ProgramData\{5A85B23A-4B58-47D1-9B9C-DFBD7866099F}
  2013-08-29 16:13 - 2013-08-29 16:13 - 00000000 ____D C:\IObit
  2013-08-29 16:12 - 2013-08-29 16:13 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\IObit
  2013-08-29 16:12 - 2013-08-29 16:13 - 00000000 ____D C:\ProgramData\IObit
  2013-08-29 16:13 - 2013-08-29 16:13 - 00001228 _____ C:\Users\Public\Desktop\Advanced SystemCare Ultimate.lnk
  2013-08-29 16:13 - 2013-08-29 16:13 - 00001267 _____ C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
  2013-08-29 16:12 - 2013-08-29 16:12 - 00001128 _____ C:\Users\Public\Desktop\Smart Defrag 2.lnk
  2013-08-29 16:12 - 2013-08-29 16:12 - 00000000 ____D C:\Program Files\IObit Apps Toolbar
  2013-08-29 16:12 - 2013-08-29 16:12 - 00000000 ____D C:\Program Files\IObit
  2013-08-29 16:12 - 2013-08-29 16:12 - 00000000 ____D C:\Program Files\Common Files\Spigot
  2013-08-29 16:12 - 2013-08-29 16:12 - 00000000 ____D C:\Program Files\Application Updater
  2013-08-29 16:12 - 2012-05-08 18:35 - 00029528 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe
  2013-08-29 16:12 - 2010-11-26 18:02 - 00015672 _____ C:\Windows\system32\Drivers\SmartDefragDriver.sys
  C:\Users\Jirka\AppData\Local\Temp\Quarantine.exe
  C:\Users\Jirka\AppData\Local\Temp\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\AskPartnerCobrandingTool.exe
  C:\Users\Jirka\AppData\Local\Temp\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\instApp.exe
  C:\Users\Jirka\AppData\Local\Temp\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\RunIE.exe
  C:\Users\Jirka\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
  C:\Users\Jirka\AppData\Local\Temp\is-RQ790.tmp\ASCUpgrade.exe
  C:\Users\Jirka\AppData\Local\Temp\is-RQ790.tmp\datastate.dll
  C:\Users\Jirka\AppData\Local\Temp\is-RQ790.tmp\DownConfig.exe
  C:\Users\Jirka\AppData\Local\Temp\is-RQ790.tmp\FileCopy.exe
  C:\Users\Jirka\AppData\Local\Temp\is-RQ790.tmp\RdZone.dll
  C:\Users\Jirka\AppData\Local\Temp\is-RQ790.tmp\_isetup\_shfoldr.dll
  C:\Users\Jirka\AppData\Local\Temp\is-R2A66.tmp\ToolbarAcceptRate.exe
  Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NtVdmSrv" /f
  C:\Windows\inf\ntvdm.vbe 
  C:\Program Files\Common Files\Spigot
  C:\Program Files\IObit Apps Toolbar
  C:\Program Files\Application Updater
  C:\Program Files\IObit
  Hosts:
  CMD: shutdown /r /f /t 2
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[celeron]

Tak jsem odinstaloval ty čínský šmejdy a pustil Frst Fix. S tím doporučením nic novýho neinstalovat po dobu léčení je to těžký, musel jsem se přestěhovat na starý PC.
Zatím díky, Jirka

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 02-09-2013 04
Ran by Jirka at 2013-09-02 22:19:29 Run:1
Running from C:\Users\Jirka\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [ISUSScheduler] - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-17] (InstallShield Software Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [SearchSettings] - C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [1303360 2013-08-08] (Spigot, Inc.)
HKLM\...\RunOnce: [GBTUpd] - C:\Program Files\Gigabyte\UpdManager\PreRun.exe [297480 2008-04-03] (PreRun)
HKCU\...\Run: [ISUSPM Startup] - C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [221184 2005-02-17] (InstallShield Software Corporation)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [18706176 2013-01-08] (Skype Technologies S.A.)
HKCU\...\Run: [TomTomHOME.exe] - C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-07-02] (TomTom)
HKCU\...\Run: [Advanced SystemCare Ultimate] - C:\Program Files\IObit\Advanced SystemCare Ultimate\ASCTray.exe [512384 2012-11-07] (IObit)
ProxyServer: :0
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE9MSE&PC=UP09
URLSearchHook: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\7.4\iobitappsToolbarIE.dll (Spigot, Inc.)
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {842FA497-A777-4179-BFEB-6E290C988C9E} URL = http://search.yahoo.com/search?fr=chr-g ... =902615&p= {searchTerms}
BHO: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\7.4\iobitappsToolbarIE.dll (Spigot, Inc.)
BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\ADVANC~1\BROWER~1\ASCPLU~1.DLL (IObit)
Toolbar: HKLM - IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\7.4\iobitappsToolbarIE.dll (Spigot, Inc.)
R2 AdvancedSystemCareService6; C:\Program Files\IObit\Advanced SystemCare Ultimate\ascsvc.exe [1051088 2012-12-13] (IObit)
R2 Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [807800 2013-08-08] (Spigot, Inc.)
R2 ASCAntivirusSrv; C:\Program Files\IObit\Advanced SystemCare Ultimate\ascavsvc.exe [623936 2013-07-08] (IOBit)
2013-08-29 16:13 - 2013-08-29 16:13 - 00000000 ____D C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2013-08-29 16:13 - 2013-08-29 16:13 - 00000000 ____D C:\ProgramData\{5A85B23A-4B58-47D1-9B9C-DFBD7866099F}
2013-08-29 16:13 - 2013-08-29 16:13 - 00000000 ____D C:\IObit
2013-08-29 16:12 - 2013-08-29 16:13 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\IObit
2013-08-29 16:12 - 2013-08-29 16:13 - 00000000 ____D C:\ProgramData\IObit
2013-08-29 16:13 - 2013-08-29 16:13 - 00001228 _____ C:\Users\Public\Desktop\Advanced SystemCare Ultimate.lnk
2013-08-29 16:13 - 2013-08-29 16:13 - 00001267 _____ C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2013-08-29 16:12 - 2013-08-29 16:12 - 00001128 _____ C:\Users\Public\Desktop\Smart Defrag 2.lnk
2013-08-29 16:12 - 2013-08-29 16:12 - 00000000 ____D C:\Program Files\IObit Apps Toolbar
2013-08-29 16:12 - 2013-08-29 16:12 - 00000000 ____D C:\Program Files\IObit
2013-08-29 16:12 - 2013-08-29 16:12 - 00000000 ____D C:\Program Files\Common Files\Spigot
2013-08-29 16:12 - 2013-08-29 16:12 - 00000000 ____D C:\Program Files\Application Updater
2013-08-29 16:12 - 2012-05-08 18:35 - 00029528 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe
2013-08-29 16:12 - 2010-11-26 18:02 - 00015672 _____ C:\Windows\system32\Drivers\SmartDefragDriver.sys
C:\Users\Jirka\AppData\Local\Temp\Quarantine.exe
C:\Users\Jirka\AppData\Local\Temp\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\AskPartnerCobrandingTool.exe
C:\Users\Jirka\AppData\Local\Temp\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\instApp.exe
C:\Users\Jirka\AppData\Local\Temp\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\RunIE.exe
C:\Users\Jirka\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
C:\Users\Jirka\AppData\Local\Temp\is-RQ790.tmp\ASCUpgrade.exe
C:\Users\Jirka\AppData\Local\Temp\is-RQ790.tmp\datastate.dll
C:\Users\Jirka\AppData\Local\Temp\is-RQ790.tmp\DownConfig.exe
C:\Users\Jirka\AppData\Local\Temp\is-RQ790.tmp\FileCopy.exe
C:\Users\Jirka\AppData\Local\Temp\is-RQ790.tmp\RdZone.dll
C:\Users\Jirka\AppData\Local\Temp\is-RQ790.tmp\_isetup\_shfoldr.dll
C:\Users\Jirka\AppData\Local\Temp\is-R2A66.tmp\ToolbarAcceptRate.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NtVdmSrv" /f
C:\Windows\inf\ntvdm.vbe
C:\Program Files\Common Files\Spigot
C:\Program Files\IObit Apps Toolbar
C:\Program Files\Application Updater
C:\Program Files\IObit
Hosts:
CMD: shutdown /r /f /t 2
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ISUSScheduler => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\GBTUpd => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\ISUSPM Startup => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\TomTomHOME.exe => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Advanced SystemCare Ultimate => Value not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} => Value not found.
HKCR\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{842FA497-A777-4179-BFEB-6E290C988C9E} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{842FA497-A777-4179-BFEB-6E290C988C9E} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} => Key not found.
HKCR\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} => Key not found.
HKCR\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} => Value not found.
HKCR\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} => Key not found.
AdvancedSystemCareService6 => Service not found.
Application Updater => Service not found.
ASCAntivirusSrv => Service not found.
C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690} => Moved successfully.
C:\ProgramData\{5A85B23A-4B58-47D1-9B9C-DFBD7866099F} => Moved successfully.
"C:\IObit" => File/Directory not found.
C:\Users\Jirka\AppData\Roaming\IObit => Moved successfully.
C:\ProgramData\IObit => Moved successfully.
"C:\Users\Public\Desktop\Advanced SystemCare Ultimate.lnk" => File/Directory not found.
"C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk" => File/Directory not found.
"C:\Users\Public\Desktop\Smart Defrag 2.lnk" => File/Directory not found.
"C:\Program Files\IObit Apps Toolbar" => File/Directory not found.
C:\Program Files\IObit => Moved successfully.
"C:\Program Files\Common Files\Spigot" => File/Directory not found.
"C:\Program Files\Application Updater" => File/Directory not found.
"C:\Windows\system32\SmartDefragBootTime.exe" => File/Directory not found.
"C:\Windows\system32\Drivers\SmartDefragDriver.sys" => File/Directory not found.
C:\Users\Jirka\AppData\Local\Temp\Quarantine.exe => Moved successfully.
"C:\Users\Jirka\AppData\Local\Temp\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\AskPartnerCobrandingTool.exe" => File/Directory not found.
"C:\Users\Jirka\AppData\Local\Temp\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\instApp.exe" => File/Directory not found.
"C:\Users\Jirka\AppData\Local\Temp\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\RunIE.exe" => File/Directory not found.
C:\Users\Jirka\AppData\Local\Temp\jrt\erunt\ERUNT.EXE => Moved successfully.
"C:\Users\Jirka\AppData\Local\Temp\is-RQ790.tmp\ASCUpgrade.exe" => File/Directory not found.
"C:\Users\Jirka\AppData\Local\Temp\is-RQ790.tmp\datastate.dll" => File/Directory not found.
"C:\Users\Jirka\AppData\Local\Temp\is-RQ790.tmp\DownConfig.exe" => File/Directory not found.
"C:\Users\Jirka\AppData\Local\Temp\is-RQ790.tmp\FileCopy.exe" => File/Directory not found.
"C:\Users\Jirka\AppData\Local\Temp\is-RQ790.tmp\RdZone.dll" => File/Directory not found.
"C:\Users\Jirka\AppData\Local\Temp\is-RQ790.tmp\_isetup\_shfoldr.dll" => File/Directory not found.
"C:\Users\Jirka\AppData\Local\Temp\is-R2A66.tmp\ToolbarAcceptRate.exe" => File/Directory not found.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NtVdmSrv" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========

C:\Windows\inf\ntvdm.vbe => Moved successfully.
"C:\Program Files\Common Files\Spigot" => File/Directory not found.
"C:\Program Files\IObit Apps Toolbar" => File/Directory not found.
"C:\Program Files\Application Updater" => File/Directory not found.
"C:\Program Files\IObit" => File/Directory not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========


========= End of CMD: =========


==== End of Fixlog ====

[vyosek]

Tim instalovanim jsem myslel nejake ruzne odstranovace haveti jako byl ten kram od IOBit apod, jinak smaozrejme kdyz si nainstalujete prehravac hudby, tak OK...

FRST udelalo co melo, jak se chova PC

[celeron]

Pc se o poznání zrychlilo. Vše co jsem zkoušel chodí až na jednu vyjímku. Píšu proto ze starý mašiny. Po spuštění IE9 naběhne jako dřív domovská stránka Google. Vyhledám v něm něco, třeba zrovna Viry.cz, odklapnu a Pc se zrestartuje. Dělá to na více webech, asi tak na polovině, co jsem zkoušel. Viry.cz mi nejdou ani z Oblíbených položek ani přímo zápisem. S tímhle jsem se zatím nikdy nesetkal. Co s tím, zkusit přeinstalovat IE? Chrome to nedělá.
Jirka

[vyosek]

Za bych v prve rade IE vubec nepouzival

Ale zkuste IE preinstalovat pokud se vam tak libi