Dobrý den, prosím o kontrolu logu a pomoc. Už pár dní zlobí prohlížení internetu - každou chvíli se na cca 2 sekundy sekne a celkově je pomalé. Díky moc. Přikládám log z FRST.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-07-2016
Ran by Jiří (administrator) on SOULALMIGHTY (05-07-2016 10:35:07)
Running from C:\Users\Jiří\Desktop
Loaded Profiles: Jiří (Available Profiles: Jiří & majer_000)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
() C:\Windows\SysWOW64\netupdsrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Gemfor s.r.o.) C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(VŠB-TU Ostrava) C:\Program Files (x86)\SafeQ\SafeQ_cli.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Inc.) C:\Program Files (x86)\PTC\Mathcad PDSi\Acrobat\acrotray.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Autodesk Inc.) C:\Users\Jiří\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\PercussionStudio3\PercussionStudio.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Alexander Roshal) C:\Program Files\WinRAR\WinRAR.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Adobe Illustrator CC 2014\Support Files\Contents\Windows\Illustrator.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(forum.viry.cz) C:\Users\Jiří\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-09-04] (Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595848 2015-07-08] (ESET)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161728 2015-08-09] (IvoSoft)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [488328 2014-09-04] (Autodesk Inc.)
HKLM-x32\...\Run: [Andy] => C:\Program Files\Andy\HandyAndy.exe
HKLM-x32\...\Run: [SafeQClient] => C:\Program Files (x86)\SafeQ\SafeQ_cli.exe [493056 2014-08-22] (VŠB-TU Ostrava)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2292912 2015-09-17] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\PTC\Mathcad PDSi\Acrobat\Acrotray.exe [640376 2008-10-01] (Adobe Systems Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-04-29] (Qualcomm®Atheros®)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Run: [Pokki] => C:\Users\Jiří\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe [6403912 2014-08-30] (Pokki)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2740440 2016-04-20] (Acer)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Run: [T-Mobile CManager] => C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe [2162152 2015-08-06] (Gemfor s.r.o.)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [48145024 2015-10-14] (Skype Technologies S.A.)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Run: [Google Update] => C:\Users\Jiří\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2016-02-22] (Google Inc.)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Policies\Explorer: []
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92d62-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92d8d-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92db7-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92dd6-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a93196-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a93c59-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a93ff7-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a94347-2e1f-11e5-8279-206a8ae02486} - "E:\Autorun.exe"
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-08-09] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-08-09] (IvoSoft)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.10.21.1
Tcpip\..\Interfaces\{A94AE5CC-A2C6-4786-B66C-F6B39F587ED6}: [DhcpNameServer] 10.10.21.1
Internet Explorer:
==================
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4070543363-202812814-1921377734-1001 -> DefaultScope {AE1091CE-F7A5-43A1-B94C-4388C8309938} URL =
SearchScopes: HKU\S-1-5-21-4070543363-202812814-1921377734-1001 -> {AE1091CE-F7A5-43A1-B94C-4388C8309938} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-08-09] (IvoSoft)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-08-09] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2016-03-09] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2016-03-09] (Oracle Corporation)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-08-09] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-08-09] (IvoSoft)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\k2xd0t5c.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-18] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-09-17] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.4.0 -> C:\Windows\SysWOW64\npDeployJava1.dll [2016-03-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.4.0 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2016-03-09] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-10-15] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-09-17] (Adobe Systems)
FF Plugin HKU\S-1-5-21-4070543363-202812814-1921377734-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Jiří\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-04-25] (Citrix Online)
FF Plugin HKU\S-1-5-21-4070543363-202812814-1921377734-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Jiří\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-4070543363-202812814-1921377734-1001: @talk.google.com/O1DPlugin -> C:\Users\Jiří\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-4070543363-202812814-1921377734-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Jiří\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin HKU\S-1-5-21-4070543363-202812814-1921377734-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Jiří\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Jiří\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Jiří\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Extension: CinemaPlus-3.3c - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\k2xd0t5c.default\Extensions\AVJYFVOD75109374@HCDE39471360.com [2015-12-18] [not signed]
FF Extension: Seznam lištička - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\k2xd0t5c.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2016-03-10]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-08]
CHR Extension: (Dokumenty Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-08]
CHR Extension: (Disk Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-15]
CHR Extension: (YouTube) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-08]
CHR Extension: (Vyhledávání Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-15]
CHR Extension: (Tabulky Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-08]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-08]
CHR Extension: (Gmail) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-08]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [597896 2014-09-04] (Autodesk Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [669872 2015-09-15] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-04-29] (Windows (R) Win 7 DDK provider) [File not signed]
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2016-04-18] (Acer Incorporated)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1353720 2015-07-08] (ESET)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-06-16] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 MbnExt; C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\MbnExt.dll [419096 2015-08-25] (Gemfor s.r.o.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [966336 2014-10-10] (@ByELDI) [File not signed]
R2 ServiceUpdater; C:\Windows\SysWOW64\netupdsrv.exe [190976 2015-07-30] () [File not signed]
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-24] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\siteadvisor\mcsacore.exe [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 anvsnddrv; C:\Windows\system32\drivers\anvsnddrv.sys [33872 2012-05-17] (AnvSoft Inc.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3893248 2014-04-03] (Qualcomm Atheros Communications, Inc.)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-04-29] (Qualcomm Atheros)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [255240 2015-07-14] (ESET)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [251632 2015-07-14] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [178520 2015-07-14] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [168208 2015-07-14] (ESET)
S3 huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [246272 2013-06-29] (Huawei Technologies Co., Ltd.)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-08-09] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-05 10:35 - 2016-07-05 10:35 - 00026882 _____ C:\Users\Jiří\Desktop\FRST.txt
2016-07-05 10:34 - 2016-07-05 10:35 - 00000000 ____D C:\FRST
2016-07-05 10:34 - 2016-07-05 10:34 - 00112640 _____ (forum.viry.cz) C:\Users\Jiří\Desktop\FRSTLauncher.exe
2016-07-05 10:32 - 2016-07-05 10:32 - 02390016 _____ (Farbar) C:\Users\Jiří\Desktop\FRST64.exe
2016-07-01 09:45 - 2012-10-09 16:12 - 00090154 _____ C:\Users\Jiří\Desktop\CZ - Logo český výrobek.ai
2016-07-01 09:43 - 2016-07-01 09:44 - 04041660 _____ C:\Users\Jiří\Desktop\logomanual.zip
2016-06-28 13:47 - 2016-06-28 13:47 - 00200704 _____ C:\Users\Jiří\Desktop\Ceník_VVISS(1).XLS
2016-06-28 12:22 - 2016-06-28 12:22 - 00321174 _____ C:\Users\Jiří\Desktop\My Paying Ads Calculator_v1.02.xlsx
2016-06-26 19:40 - 2016-06-26 19:40 - 00001104 _____ C:\Users\Jiří\Desktop\PercussionStudio (2).lnk
2016-06-18 12:11 - 2016-06-18 12:11 - 09717952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-06-15 21:21 - 2016-06-06 21:16 - 15634781 ____N C:\Users\Jiří\Desktop\Fefo 6.6.2016.3gpp
2016-06-15 21:21 - 2016-06-06 19:32 - 08185101 ____N C:\Users\Jiří\Desktop\Sunu 6.6.2016.3gpp
2016-06-14 13:04 - 2016-06-14 13:04 - 00200704 _____ C:\Users\Jiří\Desktop\Ceník_VVISS.XLS
2016-06-12 11:24 - 2016-06-12 11:25 - 31119896 _____ C:\Users\Jiří\Desktop\haj ve slezsku.3gpp
2016-06-09 23:03 - 2016-06-22 11:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-08 08:54 - 2016-06-08 08:54 - 00200704 _____ C:\Users\Jiří\Desktop\Ceník_VVISS(3).XLS
2016-06-07 21:42 - 2016-06-06 21:44 - 25431549 _____ C:\Users\Jiří\Desktop\kassa 6.6.2016.3gpp
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-05 10:35 - 2015-05-16 13:33 - 00000986 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08fcc30f4f346.job
2016-07-05 10:33 - 2014-11-07 00:13 - 00000986 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-05 10:23 - 2014-11-06 16:42 - 00000000 ____D C:\Users\Jiří\AppData\Local\Adobe
2016-07-05 10:21 - 2014-08-28 15:52 - 00739924 _____ C:\Windows\system32\perfh005.dat
2016-07-05 10:21 - 2014-08-28 15:52 - 00151610 _____ C:\Windows\system32\perfc005.dat
2016-07-05 10:21 - 2014-03-18 12:03 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-05 10:21 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-07-05 10:20 - 2015-07-09 09:50 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\Skype
2016-07-04 23:11 - 2014-11-06 16:43 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-04 23:06 - 2015-12-20 01:28 - 00000582 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-4070543363-202812814-1921377734-1001.job
2016-07-04 22:59 - 2016-02-22 16:48 - 00000984 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001UA.job
2016-07-04 22:59 - 2016-02-22 16:48 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001Core.job
2016-07-04 22:51 - 2015-12-20 01:28 - 00000678 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-4070543363-202812814-1921377734-1001.job
2016-07-04 22:37 - 2015-12-20 01:28 - 00003684 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-4070543363-202812814-1921377734-1001
2016-07-04 22:37 - 2015-12-20 01:28 - 00003588 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-4070543363-202812814-1921377734-1001
2016-07-04 22:08 - 2015-11-20 11:08 - 00002464 _____ C:\Windows\Tasks\40db1533-f551-4998-8bca-934da85073e3-5.job
2016-07-04 21:38 - 2014-11-07 00:12 - 00000982 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-04 02:03 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-04 02:03 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-07-01 10:38 - 2015-06-19 10:21 - 00000034 _____ C:\Users\Jiří\AppData\Roaming\AdobeWLCMCache.dat
2016-07-01 10:38 - 2014-11-06 21:02 - 03946496 ___SH C:\Users\Jiří\Desktop\Thumbs.db
2016-07-01 09:39 - 2014-12-11 19:46 - 00000368 _____ C:\Windows\Tasks\AmiUpdXp.job
2016-07-01 09:35 - 2015-05-16 13:33 - 00000982 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08fcc30d5a5c8.job
2016-06-29 23:44 - 2015-10-22 22:29 - 00000000 ____D C:\Users\Jiří\AppData\Local\ClassicShell
2016-06-28 13:47 - 2014-11-07 06:08 - 00000000 ____D C:\Users\Jiří\AppData\Local\Packages
2016-06-27 17:56 - 2014-11-07 06:14 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4070543363-202812814-1921377734-1001
2016-06-27 17:29 - 2014-08-28 15:57 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-06-27 17:27 - 2014-11-07 06:09 - 00000000 ____D C:\Users\Jiří\AppData\Local\clear.fi
2016-06-26 19:40 - 2014-11-08 14:43 - 00000000 ___RD C:\Users\Jiří\Desktop\Programy
2016-06-26 17:10 - 2015-06-19 09:39 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-06-26 17:09 - 2014-11-07 06:11 - 00000000 ___DO C:\Users\Jiří\OneDrive
2016-06-26 17:08 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-22 11:08 - 2014-11-07 06:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-22 07:54 - 2014-11-07 06:07 - 00000000 ____D C:\Users\Jiří
2016-06-20 15:20 - 2014-11-07 07:29 - 00000000 ____D C:\Users\Jiří\AppData\Local\CrashDumps
2016-06-18 12:11 - 2014-11-06 16:43 - 00003802 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-06-18 11:17 - 2014-11-07 00:22 - 00002179 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-15 09:15 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-06-14 14:24 - 2016-04-03 10:44 - 00000000 ____D C:\Users\Jiří\Desktop\foto
2016-06-12 13:15 - 2015-07-13 17:00 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-06-12 13:14 - 2015-10-07 08:44 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-06-09 16:12 - 2016-06-03 15:34 - 00000000 ____D C:\Users\Jiří\Desktop\ff
2016-06-09 14:59 - 2015-10-26 14:53 - 00000000 ____D C:\Users\Jiří\Desktop\Frýdecká bramborárna
==================== Files in the root of some directories =======
2015-06-19 10:21 - 2016-07-01 10:38 - 0000034 _____ () C:\Users\Jiří\AppData\Roaming\AdobeWLCMCache.dat
2015-01-17 00:14 - 2015-01-17 00:14 - 0740775 _____ () C:\ProgramData\AndyDrivers.zip
2014-08-28 15:36 - 2014-08-28 15:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-09-14 08:04 - 2015-09-14 08:04 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Some files in TEMP:
====================
C:\Users\majer_000\AppData\Local\Temp\octC6B6.tmp.exe
C:\Users\majer_000\AppData\Local\Temp\octFFAC.tmp.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\40db1533-f551-4998-8bca-934da85073e3-5.job => C:\Program Files (x86)\CinemaP-1.9cV09.11\40db1533-f551-4998-8bca-934da85073e3-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\40db1533-f551-4998-8bca-934da85073e3-5_user.job => C:\Program Files (x86)\CinemaP-1.9cV09.11\40db1533-f551-4998-8bca-934da85073e3-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Jiří\AppData\Local\10592\Updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-4070543363-202812814-1921377734-1001.job => C:\Users\Jiří\AppData\Local\Citrix\GoToMeeting\5174\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-4070543363-202812814-1921377734-1001.job => C:\Users\Jiří\AppData\Local\Citrix\GoToMeeting\5174\g2mupload.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d04183396bbb9.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08fcc30d5a5c8.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfff242a67aa96.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08fcc30f4f346.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001Core.job => C:\Users\Jiří\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001UA.job => C:\Users\Jiří\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Ji��\Desktop" je 39636 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-07-2016
Ran by Jiří (administrator) on SOULALMIGHTY (05-07-2016 10:37:53)
Running from C:\Users\Jiří\Desktop
Loaded Profiles: Jiří (Available Profiles: Jiří & majer_000)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
() C:\Windows\SysWOW64\netupdsrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Gemfor s.r.o.) C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(VŠB-TU Ostrava) C:\Program Files (x86)\SafeQ\SafeQ_cli.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Inc.) C:\Program Files (x86)\PTC\Mathcad PDSi\Acrobat\acrotray.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Autodesk Inc.) C:\Users\Jiří\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\PercussionStudio3\PercussionStudio.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Alexander Roshal) C:\Program Files\WinRAR\WinRAR.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Adobe Illustrator CC 2014\Support Files\Contents\Windows\Illustrator.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(forum.viry.cz) C:\Users\Jiří\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-09-04] (Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595848 2015-07-08] (ESET)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161728 2015-08-09] (IvoSoft)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [488328 2014-09-04] (Autodesk Inc.)
HKLM-x32\...\Run: [Andy] => C:\Program Files\Andy\HandyAndy.exe
HKLM-x32\...\Run: [SafeQClient] => C:\Program Files (x86)\SafeQ\SafeQ_cli.exe [493056 2014-08-22] (VŠB-TU Ostrava)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2292912 2015-09-17] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\PTC\Mathcad PDSi\Acrobat\Acrotray.exe [640376 2008-10-01] (Adobe Systems Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-04-29] (Qualcomm®Atheros®)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Run: [Pokki] => C:\Users\Jiří\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe [6403912 2014-08-30] (Pokki)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2740440 2016-04-20] (Acer)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Run: [T-Mobile CManager] => C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe [2162152 2015-08-06] (Gemfor s.r.o.)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [48145024 2015-10-14] (Skype Technologies S.A.)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Run: [Google Update] => C:\Users\Jiří\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2016-02-22] (Google Inc.)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Policies\Explorer: []
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92d62-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92d8d-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92db7-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92dd6-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a93196-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a93c59-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a93ff7-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a94347-2e1f-11e5-8279-206a8ae02486} - "E:\Autorun.exe"
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-08-09] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-08-09] (IvoSoft)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.10.21.1
Tcpip\..\Interfaces\{A94AE5CC-A2C6-4786-B66C-F6B39F587ED6}: [DhcpNameServer] 10.10.21.1
Internet Explorer:
==================
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4070543363-202812814-1921377734-1001 -> DefaultScope {AE1091CE-F7A5-43A1-B94C-4388C8309938} URL =
SearchScopes: HKU\S-1-5-21-4070543363-202812814-1921377734-1001 -> {AE1091CE-F7A5-43A1-B94C-4388C8309938} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-08-09] (IvoSoft)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-08-09] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2016-03-09] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2016-03-09] (Oracle Corporation)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-08-09] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-08-09] (IvoSoft)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\k2xd0t5c.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-18] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-09-17] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.4.0 -> C:\Windows\SysWOW64\npDeployJava1.dll [2016-03-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.4.0 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2016-03-09] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-10-15] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-09-17] (Adobe Systems)
FF Plugin HKU\S-1-5-21-4070543363-202812814-1921377734-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Jiří\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-04-25] (Citrix Online)
FF Plugin HKU\S-1-5-21-4070543363-202812814-1921377734-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Jiří\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-4070543363-202812814-1921377734-1001: @talk.google.com/O1DPlugin -> C:\Users\Jiří\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-4070543363-202812814-1921377734-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Jiří\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin HKU\S-1-5-21-4070543363-202812814-1921377734-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Jiří\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Jiří\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Jiří\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Extension: CinemaPlus-3.3c - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\k2xd0t5c.default\Extensions\AVJYFVOD75109374@HCDE39471360.com [2015-12-18] [not signed]
FF Extension: Seznam lištička - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\k2xd0t5c.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2016-03-10]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-08]
CHR Extension: (Dokumenty Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-08]
CHR Extension: (Disk Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-15]
CHR Extension: (YouTube) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-08]
CHR Extension: (Vyhledávání Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-15]
CHR Extension: (Tabulky Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-08]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-08]
CHR Extension: (Gmail) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-08]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [597896 2014-09-04] (Autodesk Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [669872 2015-09-15] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-04-29] (Windows (R) Win 7 DDK provider) [File not signed]
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2016-04-18] (Acer Incorporated)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1353720 2015-07-08] (ESET)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-06-16] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 MbnExt; C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\MbnExt.dll [419096 2015-08-25] (Gemfor s.r.o.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [966336 2014-10-10] (@ByELDI) [File not signed]
R2 ServiceUpdater; C:\Windows\SysWOW64\netupdsrv.exe [190976 2015-07-30] () [File not signed]
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-24] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\siteadvisor\mcsacore.exe [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 anvsnddrv; C:\Windows\system32\drivers\anvsnddrv.sys [33872 2012-05-17] (AnvSoft Inc.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3893248 2014-04-03] (Qualcomm Atheros Communications, Inc.)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-04-29] (Qualcomm Atheros)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [255240 2015-07-14] (ESET)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [251632 2015-07-14] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [178520 2015-07-14] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [168208 2015-07-14] (ESET)
S3 huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [246272 2013-06-29] (Huawei Technologies Co., Ltd.)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-08-09] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-05 10:37 - 2016-07-05 10:38 - 00026744 _____ C:\Users\Jiří\Desktop\FRST.txt
2016-07-05 10:36 - 2016-07-05 10:36 - 00039273 _____ C:\Users\Jiří\Desktop\FRST3.txt
2016-07-05 10:34 - 2016-07-05 10:37 - 00000000 ____D C:\FRST
2016-07-05 10:34 - 2016-07-05 10:34 - 00112640 _____ (forum.viry.cz) C:\Users\Jiří\Desktop\FRSTLauncher.exe
2016-07-05 10:32 - 2016-07-05 10:32 - 02390016 _____ (Farbar) C:\Users\Jiří\Desktop\FRST64.exe
2016-07-01 09:45 - 2012-10-09 16:12 - 00090154 _____ C:\Users\Jiří\Desktop\CZ - Logo český výrobek.ai
2016-07-01 09:43 - 2016-07-01 09:44 - 04041660 _____ C:\Users\Jiří\Desktop\logomanual.zip
2016-06-28 13:47 - 2016-06-28 13:47 - 00200704 _____ C:\Users\Jiří\Desktop\Ceník_VVISS(1).XLS
2016-06-28 12:22 - 2016-06-28 12:22 - 00321174 _____ C:\Users\Jiří\Desktop\My Paying Ads Calculator_v1.02.xlsx
2016-06-26 19:40 - 2016-06-26 19:40 - 00001104 _____ C:\Users\Jiří\Desktop\PercussionStudio (2).lnk
2016-06-18 12:11 - 2016-06-18 12:11 - 09717952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-06-15 21:21 - 2016-06-06 21:16 - 15634781 ____N C:\Users\Jiří\Desktop\Fefo 6.6.2016.3gpp
2016-06-15 21:21 - 2016-06-06 19:32 - 08185101 ____N C:\Users\Jiří\Desktop\Sunu 6.6.2016.3gpp
2016-06-14 13:04 - 2016-06-14 13:04 - 00200704 _____ C:\Users\Jiří\Desktop\Ceník_VVISS.XLS
2016-06-12 11:24 - 2016-06-12 11:25 - 31119896 _____ C:\Users\Jiří\Desktop\haj ve slezsku.3gpp
2016-06-09 23:03 - 2016-06-22 11:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-08 08:54 - 2016-06-08 08:54 - 00200704 _____ C:\Users\Jiří\Desktop\Ceník_VVISS(3).XLS
2016-06-07 21:42 - 2016-06-06 21:44 - 25431549 _____ C:\Users\Jiří\Desktop\kassa 6.6.2016.3gpp
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-05 10:35 - 2015-05-16 13:33 - 00000986 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08fcc30f4f346.job
2016-07-05 10:33 - 2014-11-07 00:13 - 00000986 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-05 10:23 - 2014-11-06 16:42 - 00000000 ____D C:\Users\Jiří\AppData\Local\Adobe
2016-07-05 10:21 - 2014-08-28 15:52 - 00739924 _____ C:\Windows\system32\perfh005.dat
2016-07-05 10:21 - 2014-08-28 15:52 - 00151610 _____ C:\Windows\system32\perfc005.dat
2016-07-05 10:21 - 2014-03-18 12:03 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-05 10:21 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-07-05 10:20 - 2015-07-09 09:50 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\Skype
2016-07-04 23:11 - 2014-11-06 16:43 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-04 23:06 - 2015-12-20 01:28 - 00000582 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-4070543363-202812814-1921377734-1001.job
2016-07-04 22:59 - 2016-02-22 16:48 - 00000984 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001UA.job
2016-07-04 22:59 - 2016-02-22 16:48 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001Core.job
2016-07-04 22:51 - 2015-12-20 01:28 - 00000678 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-4070543363-202812814-1921377734-1001.job
2016-07-04 22:37 - 2015-12-20 01:28 - 00003684 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-4070543363-202812814-1921377734-1001
2016-07-04 22:37 - 2015-12-20 01:28 - 00003588 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-4070543363-202812814-1921377734-1001
2016-07-04 22:08 - 2015-11-20 11:08 - 00002464 _____ C:\Windows\Tasks\40db1533-f551-4998-8bca-934da85073e3-5.job
2016-07-04 21:38 - 2014-11-07 00:12 - 00000982 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-04 02:03 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-04 02:03 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-07-01 10:38 - 2015-06-19 10:21 - 00000034 _____ C:\Users\Jiří\AppData\Roaming\AdobeWLCMCache.dat
2016-07-01 10:38 - 2014-11-06 21:02 - 03946496 ___SH C:\Users\Jiří\Desktop\Thumbs.db
2016-07-01 09:39 - 2014-12-11 19:46 - 00000368 _____ C:\Windows\Tasks\AmiUpdXp.job
2016-07-01 09:35 - 2015-05-16 13:33 - 00000982 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08fcc30d5a5c8.job
2016-06-29 23:44 - 2015-10-22 22:29 - 00000000 ____D C:\Users\Jiří\AppData\Local\ClassicShell
2016-06-28 13:47 - 2014-11-07 06:08 - 00000000 ____D C:\Users\Jiří\AppData\Local\Packages
2016-06-27 17:56 - 2014-11-07 06:14 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4070543363-202812814-1921377734-1001
2016-06-27 17:29 - 2014-08-28 15:57 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-06-27 17:27 - 2014-11-07 06:09 - 00000000 ____D C:\Users\Jiří\AppData\Local\clear.fi
2016-06-26 19:40 - 2014-11-08 14:43 - 00000000 ___RD C:\Users\Jiří\Desktop\Programy
2016-06-26 17:10 - 2015-06-19 09:39 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-06-26 17:09 - 2014-11-07 06:11 - 00000000 ___DO C:\Users\Jiří\OneDrive
2016-06-26 17:08 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-22 11:08 - 2014-11-07 06:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-22 07:54 - 2014-11-07 06:07 - 00000000 ____D C:\Users\Jiří
2016-06-20 15:20 - 2014-11-07 07:29 - 00000000 ____D C:\Users\Jiří\AppData\Local\CrashDumps
2016-06-18 12:11 - 2014-11-06 16:43 - 00003802 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-06-18 11:17 - 2014-11-07 00:22 - 00002179 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-15 09:15 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-06-14 14:24 - 2016-04-03 10:44 - 00000000 ____D C:\Users\Jiří\Desktop\foto
2016-06-12 13:15 - 2015-07-13 17:00 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-06-12 13:14 - 2015-10-07 08:44 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-06-09 16:12 - 2016-06-03 15:34 - 00000000 ____D C:\Users\Jiří\Desktop\ff
2016-06-09 14:59 - 2015-10-26 14:53 - 00000000 ____D C:\Users\Jiří\Desktop\Frýdecká bramborárna
==================== Files in the root of some directories =======
2015-06-19 10:21 - 2016-07-01 10:38 - 0000034 _____ () C:\Users\Jiří\AppData\Roaming\AdobeWLCMCache.dat
2015-01-17 00:14 - 2015-01-17 00:14 - 0740775 _____ () C:\ProgramData\AndyDrivers.zip
2014-08-28 15:36 - 2014-08-28 15:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-09-14 08:04 - 2015-09-14 08:04 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Some files in TEMP:
====================
C:\Users\majer_000\AppData\Local\Temp\octC6B6.tmp.exe
C:\Users\majer_000\AppData\Local\Temp\octFFAC.tmp.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\40db1533-f551-4998-8bca-934da85073e3-5.job => C:\Program Files (x86)\CinemaP-1.9cV09.11\40db1533-f551-4998-8bca-934da85073e3-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\40db1533-f551-4998-8bca-934da85073e3-5_user.job => C:\Program Files (x86)\CinemaP-1.9cV09.11\40db1533-f551-4998-8bca-934da85073e3-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Jiří\AppData\Local\10592\Updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-4070543363-202812814-1921377734-1001.job => C:\Users\Jiří\AppData\Local\Citrix\GoToMeeting\5174\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-4070543363-202812814-1921377734-1001.job => C:\Users\Jiří\AppData\Local\Citrix\GoToMeeting\5174\g2mupload.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d04183396bbb9.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08fcc30d5a5c8.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfff242a67aa96.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08fcc30f4f346.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001Core.job => C:\Users\Jiří\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001UA.job => C:\Users\Jiří\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Ji��\Desktop" je 39637 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zpomalená a sekající se Mozilla Firefox
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomalená a sekající se Mozilla Firefox
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zpomalená a sekající se Mozilla Firefox
Posílám log:
# AdwCleaner v5.201 - Log vytvořen 06/07/2016 v 22:31:21
# Aktualizováno 30/06/2016 by ToolsLib
# Databáze : 2016-07-06.1 [Server]
# Operační system : Windows 8.1 (X64)
# Uživatelské jméno : Jiří - SOULALMIGHTY
# Spuštěno z : C:\Users\Jiří\Desktop\adwcleaner_5.201.exe
# Nastavení : Čištění
# Podpora : https://toolslib.net/forum
***** [ Služby ] *****
[-] Služba Smazáno : ServiceUpdater
***** [ Složky ] *****
[-] Složka Smazáno : C:\ProgramData\pokki
[#] Složka Smazáno : C:\ProgramData\Application Data\pokki
[-] Složka Smazáno : C:\Program Files (x86)\CinemaP-1.9cV09.11
[-] Složka Smazáno : C:\Users\Jiří\AppData\Local\pokki
[-] Složka Smazáno : C:\Users\Jiří\AppData\Local\10592
[-] Složka Smazáno : C:\Users\majer_000\AppData\Local\pokki
[-] Složka Smazáno : C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\k2xd0t5c.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[-] Složka Smazáno : C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\k2xd0t5c.default\extensions\AVJYFVOD75109374@HCDE39471360.com
[-] Složka Smazáno : C:\Program Files\Booking.com
[-] Složka Smazáno : C:\Users\Default User\AppData\Local\Pokki
[#] Složka Smazáno : C:\Users\Default\AppData\Local\Pokki
***** [ Soubory ] *****
[-] Soubor Smazáno : C:\Program Files (x86)\Common Files\config\uninstinethnfd.exe
[-] Soubor Smazáno : C:\Windows\SysWOW64\installd.exe
[-] Soubor Smazáno : C:\Windows\SysWOW64\nethtsrv.exe
[-] Soubor Smazáno : C:\Windows\SysWOW64\netupdsrv.exe
[-] Soubor Smazáno : C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
[-] Soubor Smazáno : C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
[-] Soubor Smazáno : C:\Users\majer_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Pokki Start Menu.lnk
[-] Soubor Smazáno : C:\Users\majer_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
[-] Soubor Smazáno : C:\Users\majer_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
[-] Úloha Smazáno : AmiUpdXp
[-] Úloha Smazáno : amiupdaterExd
[-] Úloha Smazáno : amiupdaterExi
[-] Úloha Smazáno : ACC
[-] Úloha Smazáno : Software Update Application
[-] Úloha Smazáno : 40db1533-f551-4998-8bca-934da85073e3-5
[-] Úloha Smazáno : 40db1533-f551-4998-8bca-934da85073e3-5_user
[-] Úloha Smazáno : 40db1533-f551-4998-8bca-934da85073e3-5
***** [ Registry ] *****
[-] Klíč Smazáno : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
[-] Klíč Smazáno : HKCU\Software\Classes\Directory\shell\pokki
[-] Klíč Smazáno : HKCU\Software\Classes\Drive\shell\pokki
[-] Klíč Smazáno : HKCU\Software\Classes\lnkfile\shell\pokki
[-] Klíč Smazáno : HKCU\Software\Classes\pokki
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\dream.capture
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\dream.capture.1
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{117270FA-48AC-45BB-9171-B63D1B42A910}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}
[-] Klíč Smazáno : HKCU\Software\ArenaHD
[-] Klíč Smazáno : HKCU\Software\HighDefAction
[-] Klíč Smazáno : HKCU\Software\InstalledBrowserExtensions
[-] Klíč Smazáno : HKCU\Software\Pokki
[-] Klíč Smazáno : HKCU\Software\Softonic
[-] Klíč Smazáno : HKCU\Software\YorkNewCin
[-] Klíč Smazáno : HKCU\Software\AppDataLow\Software\Crossrider
[-] Klíč Smazáno : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
[-] Klíč Smazáno : HKLM\SOFTWARE\ArenaHD
[-] Klíč Smazáno : HKLM\SOFTWARE\HighDefAction
[-] Klíč Smazáno : HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Klíč Smazáno : HKLM\SOFTWARE\YorkNewCin
[-] Klíč Smazáno : HKLM\SOFTWARE\CinemaP-1.9cV09.11
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\inethnfd
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CinemaP-1.9cV09.11
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\ArenaHD
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\HighDefAction
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\YorkNewCin
[-] Hodnota Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
[#] Hodnota Smazáno : HKU\S-1-5-21-4070543363-202812814-1921377734-1001\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
[-] Hodnota Smazáno : HKU\S-1-5-21-4070543363-202812814-1921377734-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Pokki]
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Nastavení Winsock vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [5242 bytů] - [06/07/2016 22:31:21]
C:\AdwCleaner\AdwCleaner[S1].txt - [6182 bytů] - [06/07/2016 22:27:25]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [5388 bytů] ##########
# AdwCleaner v5.201 - Log vytvořen 06/07/2016 v 22:31:21
# Aktualizováno 30/06/2016 by ToolsLib
# Databáze : 2016-07-06.1 [Server]
# Operační system : Windows 8.1 (X64)
# Uživatelské jméno : Jiří - SOULALMIGHTY
# Spuštěno z : C:\Users\Jiří\Desktop\adwcleaner_5.201.exe
# Nastavení : Čištění
# Podpora : https://toolslib.net/forum
***** [ Služby ] *****
[-] Služba Smazáno : ServiceUpdater
***** [ Složky ] *****
[-] Složka Smazáno : C:\ProgramData\pokki
[#] Složka Smazáno : C:\ProgramData\Application Data\pokki
[-] Složka Smazáno : C:\Program Files (x86)\CinemaP-1.9cV09.11
[-] Složka Smazáno : C:\Users\Jiří\AppData\Local\pokki
[-] Složka Smazáno : C:\Users\Jiří\AppData\Local\10592
[-] Složka Smazáno : C:\Users\majer_000\AppData\Local\pokki
[-] Složka Smazáno : C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\k2xd0t5c.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[-] Složka Smazáno : C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\k2xd0t5c.default\extensions\AVJYFVOD75109374@HCDE39471360.com
[-] Složka Smazáno : C:\Program Files\Booking.com
[-] Složka Smazáno : C:\Users\Default User\AppData\Local\Pokki
[#] Složka Smazáno : C:\Users\Default\AppData\Local\Pokki
***** [ Soubory ] *****
[-] Soubor Smazáno : C:\Program Files (x86)\Common Files\config\uninstinethnfd.exe
[-] Soubor Smazáno : C:\Windows\SysWOW64\installd.exe
[-] Soubor Smazáno : C:\Windows\SysWOW64\nethtsrv.exe
[-] Soubor Smazáno : C:\Windows\SysWOW64\netupdsrv.exe
[-] Soubor Smazáno : C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
[-] Soubor Smazáno : C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
[-] Soubor Smazáno : C:\Users\majer_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Pokki Start Menu.lnk
[-] Soubor Smazáno : C:\Users\majer_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
[-] Soubor Smazáno : C:\Users\majer_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
[-] Úloha Smazáno : AmiUpdXp
[-] Úloha Smazáno : amiupdaterExd
[-] Úloha Smazáno : amiupdaterExi
[-] Úloha Smazáno : ACC
[-] Úloha Smazáno : Software Update Application
[-] Úloha Smazáno : 40db1533-f551-4998-8bca-934da85073e3-5
[-] Úloha Smazáno : 40db1533-f551-4998-8bca-934da85073e3-5_user
[-] Úloha Smazáno : 40db1533-f551-4998-8bca-934da85073e3-5
***** [ Registry ] *****
[-] Klíč Smazáno : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
[-] Klíč Smazáno : HKCU\Software\Classes\Directory\shell\pokki
[-] Klíč Smazáno : HKCU\Software\Classes\Drive\shell\pokki
[-] Klíč Smazáno : HKCU\Software\Classes\lnkfile\shell\pokki
[-] Klíč Smazáno : HKCU\Software\Classes\pokki
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\dream.capture
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\dream.capture.1
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{117270FA-48AC-45BB-9171-B63D1B42A910}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}
[-] Klíč Smazáno : HKCU\Software\ArenaHD
[-] Klíč Smazáno : HKCU\Software\HighDefAction
[-] Klíč Smazáno : HKCU\Software\InstalledBrowserExtensions
[-] Klíč Smazáno : HKCU\Software\Pokki
[-] Klíč Smazáno : HKCU\Software\Softonic
[-] Klíč Smazáno : HKCU\Software\YorkNewCin
[-] Klíč Smazáno : HKCU\Software\AppDataLow\Software\Crossrider
[-] Klíč Smazáno : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
[-] Klíč Smazáno : HKLM\SOFTWARE\ArenaHD
[-] Klíč Smazáno : HKLM\SOFTWARE\HighDefAction
[-] Klíč Smazáno : HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Klíč Smazáno : HKLM\SOFTWARE\YorkNewCin
[-] Klíč Smazáno : HKLM\SOFTWARE\CinemaP-1.9cV09.11
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\inethnfd
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CinemaP-1.9cV09.11
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\ArenaHD
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\HighDefAction
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\YorkNewCin
[-] Hodnota Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
[#] Hodnota Smazáno : HKU\S-1-5-21-4070543363-202812814-1921377734-1001\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
[-] Hodnota Smazáno : HKU\S-1-5-21-4070543363-202812814-1921377734-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Pokki]
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Nastavení Winsock vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [5242 bytů] - [06/07/2016 22:31:21]
C:\AdwCleaner\AdwCleaner[S1].txt - [6182 bytů] - [06/07/2016 22:27:25]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [5388 bytů] ##########
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomalená a sekající se Mozilla Firefox
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zpomalená a sekající se Mozilla Firefox
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-07-2016 01
Ran by Jiří (administrator) on SOULALMIGHTY (11-07-2016 18:37:05)
Running from C:\Users\Jiří\Desktop
Loaded Profiles: Jiří (Available Profiles: Jiří & majer_000)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Gemfor s.r.o.) C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(VŠB-TU Ostrava) C:\Program Files (x86)\SafeQ\SafeQ_cli.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Inc.) C:\Program Files (x86)\PTC\Mathcad PDSi\Acrobat\acrotray.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Autodesk Inc.) C:\Users\Jiří\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(forum.viry.cz) C:\Users\Jiří\Desktop\FRST-OlderVersion\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-09-04] (Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595848 2015-07-08] (ESET)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161728 2015-08-09] (IvoSoft)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [488328 2014-09-04] (Autodesk Inc.)
HKLM-x32\...\Run: [Andy] => C:\Program Files\Andy\HandyAndy.exe
HKLM-x32\...\Run: [SafeQClient] => C:\Program Files (x86)\SafeQ\SafeQ_cli.exe [493056 2014-08-22] (VŠB-TU Ostrava)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2292912 2015-09-17] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\PTC\Mathcad PDSi\Acrobat\Acrotray.exe [640376 2008-10-01] (Adobe Systems Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-04-29] (Qualcomm®Atheros®)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2740440 2016-04-20] (Acer)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Run: [T-Mobile CManager] => C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe [2162152 2015-08-06] (Gemfor s.r.o.)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [48145024 2015-10-14] (Skype Technologies S.A.)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Run: [Google Update] => C:\Users\Jiří\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2016-02-22] (Google Inc.)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Policies\Explorer: []
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92d62-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92d8d-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92db7-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92dd6-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a93196-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a93c59-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a93ff7-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a94347-2e1f-11e5-8279-206a8ae02486} - "E:\Autorun.exe"
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-08-09] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-08-09] (IvoSoft)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.10.21.1
Tcpip\..\Interfaces\{A94AE5CC-A2C6-4786-B66C-F6B39F587ED6}: [DhcpNameServer] 10.10.21.1
Internet Explorer:
==================
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4070543363-202812814-1921377734-1001 -> DefaultScope {AE1091CE-F7A5-43A1-B94C-4388C8309938} URL =
SearchScopes: HKU\S-1-5-21-4070543363-202812814-1921377734-1001 -> {AE1091CE-F7A5-43A1-B94C-4388C8309938} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-08-09] (IvoSoft)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-08-09] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2016-03-09] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2016-03-09] (Oracle Corporation)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-08-09] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-08-09] (IvoSoft)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\k2xd0t5c.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-18] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-09-17] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.4.0 -> C:\Windows\SysWOW64\npDeployJava1.dll [2016-03-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.4.0 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2016-03-09] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-10-15] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-09-17] (Adobe Systems)
FF Plugin HKU\S-1-5-21-4070543363-202812814-1921377734-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Jiří\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-04-25] (Citrix Online)
FF Plugin HKU\S-1-5-21-4070543363-202812814-1921377734-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Jiří\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-4070543363-202812814-1921377734-1001: @talk.google.com/O1DPlugin -> C:\Users\Jiří\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-4070543363-202812814-1921377734-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Jiří\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin HKU\S-1-5-21-4070543363-202812814-1921377734-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Jiří\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Jiří\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Jiří\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-08]
CHR Extension: (Dokumenty Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-08]
CHR Extension: (Disk Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-15]
CHR Extension: (YouTube) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-08]
CHR Extension: (Vyhledávání Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-15]
CHR Extension: (Tabulky Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-08]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-08]
CHR Extension: (Gmail) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-08]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [597896 2014-09-04] (Autodesk Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [669872 2015-09-15] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-04-29] (Windows (R) Win 7 DDK provider) [File not signed]
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2016-04-18] (Acer Incorporated)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1353720 2015-07-08] (ESET)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-06-16] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 MbnExt; C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\MbnExt.dll [419096 2015-08-25] (Gemfor s.r.o.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [966336 2014-10-10] (@ByELDI) [File not signed]
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-24] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\siteadvisor\mcsacore.exe [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 anvsnddrv; C:\Windows\system32\drivers\anvsnddrv.sys [33872 2012-05-17] (AnvSoft Inc.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3893248 2014-04-03] (Qualcomm Atheros Communications, Inc.)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-04-29] (Qualcomm Atheros)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [255240 2015-07-14] (ESET)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [251632 2015-07-14] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [178520 2015-07-14] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [168208 2015-07-14] (ESET)
S3 huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [246272 2013-06-29] (Huawei Technologies Co., Ltd.)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-08-09] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-11 18:37 - 2016-07-11 18:37 - 00025728 _____ C:\Users\Jiří\Desktop\FRST.txt
2016-07-11 18:36 - 2016-07-11 18:36 - 00000000 ____D C:\Users\Jiří\Desktop\FRST-OlderVersion
2016-07-10 11:24 - 2016-07-10 11:32 - 08463343 _____ C:\Users\Jiří\Desktop\MontyRich---Duben-2015.pdf.part
2016-07-09 19:33 - 2016-07-09 19:33 - 00053275 _____ C:\Users\Jiří\Desktop\Dark Matter - 02x02 - Kill Them All.FLEET.English.HI.C.orig.Addic7ed.com.srt
2016-07-06 22:27 - 2016-07-06 22:31 - 00000000 ____D C:\AdwCleaner
2016-07-06 22:26 - 2016-07-06 22:26 - 03712064 _____ C:\Users\Jiří\Desktop\adwcleaner_5.201.exe
2016-07-06 12:49 - 2016-07-06 13:25 - 00000552 _____ C:\Windows\smrpro.INI
2016-07-06 12:49 - 2016-07-06 12:49 - 02276644 _____ (AdmireSoft Co., Ltd. ) C:\Users\Jiří\Desktop\smrpro.exe
2016-07-06 12:49 - 2016-07-06 12:49 - 00001149 _____ C:\Users\majer_000\Desktop\Super Mp3 Recorder Professional.lnk
2016-07-06 12:49 - 2016-07-06 12:49 - 00001149 _____ C:\Users\Jiří\Desktop\Super Mp3 Recorder Professional.lnk
2016-07-06 12:49 - 2016-07-06 12:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Mp3 Recorder Professional
2016-07-06 12:49 - 2016-07-06 12:49 - 00000000 ____D C:\Program Files (x86)\Admiresoft
2016-07-06 12:47 - 2016-07-06 12:47 - 00000949 _____ C:\Users\majer_000\Desktop\Free MP3 Recorder.lnk
2016-07-05 10:34 - 2016-07-11 18:37 - 00000000 ____D C:\FRST
2016-07-05 10:32 - 2016-07-11 18:36 - 02390528 _____ (Farbar) C:\Users\Jiří\Desktop\FRST64.exe
2016-07-01 09:45 - 2012-10-09 16:12 - 00090154 _____ C:\Users\Jiří\Desktop\CZ - Logo český výrobek.ai
2016-07-01 09:43 - 2016-07-01 09:44 - 04041660 _____ C:\Users\Jiří\Desktop\logomanual.zip
2016-06-28 13:47 - 2016-06-28 13:47 - 00200704 _____ C:\Users\Jiří\Desktop\Ceník_VVISS(1).XLS
2016-06-28 12:22 - 2016-06-28 12:22 - 00321174 _____ C:\Users\Jiří\Desktop\My Paying Ads Calculator_v1.02.xlsx
2016-06-26 19:40 - 2016-06-26 19:40 - 00001104 _____ C:\Users\Jiří\Desktop\PercussionStudio (2).lnk
2016-06-18 12:11 - 2016-06-18 12:11 - 09717952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-06-15 21:21 - 2016-06-06 21:16 - 15634781 ____N C:\Users\Jiří\Desktop\Fefo 6.6.2016.3gpp
2016-06-15 21:21 - 2016-06-06 19:32 - 08185101 ____N C:\Users\Jiří\Desktop\Sunu 6.6.2016.3gpp
2016-06-14 13:04 - 2016-06-14 13:04 - 00200704 _____ C:\Users\Jiří\Desktop\Ceník_VVISS.XLS
2016-06-12 11:24 - 2016-06-12 11:25 - 31119896 _____ C:\Users\Jiří\Desktop\haj ve slezsku.3gpp
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-11 18:35 - 2015-05-16 13:33 - 00000986 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08fcc30f4f346.job
2016-07-11 18:33 - 2014-11-07 00:13 - 00000986 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-11 18:11 - 2014-11-06 16:43 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-11 18:08 - 2016-03-20 13:30 - 00000000 ____D C:\Users\Jiří\Desktop\Osobní
2016-07-11 18:06 - 2015-12-20 01:28 - 00000582 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-4070543363-202812814-1921377734-1001.job
2016-07-11 17:59 - 2016-02-22 16:48 - 00000984 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001UA.job
2016-07-11 16:51 - 2015-12-20 01:28 - 00000678 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-4070543363-202812814-1921377734-1001.job
2016-07-11 16:45 - 2014-11-06 16:42 - 00000000 ____D C:\Users\Jiří\AppData\Local\Adobe
2016-07-11 16:44 - 2014-08-28 15:52 - 00739924 _____ C:\Windows\system32\perfh005.dat
2016-07-11 16:44 - 2014-08-28 15:52 - 00151610 _____ C:\Windows\system32\perfc005.dat
2016-07-11 16:44 - 2014-03-18 12:03 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-11 16:44 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-07-10 21:38 - 2014-11-07 00:12 - 00000982 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-10 18:39 - 2015-07-09 09:50 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\Skype
2016-07-08 11:50 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-07-07 10:36 - 2014-11-07 06:14 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4070543363-202812814-1921377734-1001
2016-07-06 22:35 - 2015-06-19 09:39 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-07-06 22:34 - 2014-11-07 06:11 - 00000000 ___DO C:\Users\Jiří\OneDrive
2016-07-06 22:34 - 2014-11-06 21:02 - 03946496 ___SH C:\Users\Jiří\Desktop\Thumbs.db
2016-07-06 22:33 - 2015-05-16 13:33 - 00000982 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08fcc30d5a5c8.job
2016-07-06 22:33 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-06 22:32 - 2013-08-22 15:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2016-07-06 12:47 - 2015-03-17 01:22 - 00000949 _____ C:\Users\Jiří\Desktop\Free MP3 Recorder.lnk
2016-07-06 12:47 - 2015-03-17 01:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free MP3 Recorder
2016-07-06 12:47 - 2015-03-17 01:22 - 00000000 ____D C:\Program Files (x86)\MP3Recorder
2016-07-05 23:10 - 2014-11-07 07:29 - 00000000 ____D C:\Users\Jiří\AppData\Local\CrashDumps
2016-07-05 22:59 - 2016-02-22 16:48 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001Core.job
2016-07-04 22:37 - 2015-12-20 01:28 - 00003684 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-4070543363-202812814-1921377734-1001
2016-07-04 22:37 - 2015-12-20 01:28 - 00003588 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-4070543363-202812814-1921377734-1001
2016-07-04 02:03 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-01 10:38 - 2015-06-19 10:21 - 00000034 _____ C:\Users\Jiří\AppData\Roaming\AdobeWLCMCache.dat
2016-06-29 23:44 - 2015-10-22 22:29 - 00000000 ____D C:\Users\Jiří\AppData\Local\ClassicShell
2016-06-28 13:47 - 2014-11-07 06:08 - 00000000 ____D C:\Users\Jiří\AppData\Local\Packages
2016-06-27 17:29 - 2014-08-28 15:57 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-06-27 17:27 - 2014-11-07 06:09 - 00000000 ____D C:\Users\Jiří\AppData\Local\clear.fi
2016-06-26 19:40 - 2014-11-08 14:43 - 00000000 ___RD C:\Users\Jiří\Desktop\Programy
2016-06-22 11:08 - 2016-06-09 23:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-22 11:08 - 2014-11-07 06:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-22 07:54 - 2014-11-07 06:07 - 00000000 ____D C:\Users\Jiří
2016-06-18 12:11 - 2014-11-06 16:43 - 00003802 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-06-18 11:17 - 2014-11-07 00:22 - 00002179 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-15 09:15 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-06-14 14:24 - 2016-04-03 10:44 - 00000000 ____D C:\Users\Jiří\Desktop\foto
2016-06-12 13:15 - 2015-07-13 17:00 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-06-12 13:14 - 2015-10-07 08:44 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Files in the root of some directories =======
2015-06-19 10:21 - 2016-07-01 10:38 - 0000034 _____ () C:\Users\Jiří\AppData\Roaming\AdobeWLCMCache.dat
2015-01-17 00:14 - 2015-01-17 00:14 - 0740775 _____ () C:\ProgramData\AndyDrivers.zip
2014-08-28 15:36 - 2014-08-28 15:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-09-14 08:04 - 2015-09-14 08:04 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Some files in TEMP:
====================
C:\Users\Jiří\AppData\Local\Temp\libeay32.dll
C:\Users\Jiří\AppData\Local\Temp\msvcr120.dll
C:\Users\Jiří\AppData\Local\Temp\sqlite3.dll
C:\Users\majer_000\AppData\Local\Temp\octC6B6.tmp.exe
C:\Users\majer_000\AppData\Local\Temp\octFFAC.tmp.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-4070543363-202812814-1921377734-1001.job => C:\Users\Jiří\AppData\Local\Citrix\GoToMeeting\5174\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-4070543363-202812814-1921377734-1001.job => C:\Users\Jiří\AppData\Local\Citrix\GoToMeeting\5174\g2mupload.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d04183396bbb9.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08fcc30d5a5c8.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfff242a67aa96.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08fcc30f4f346.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001Core.job => C:\Users\Jiří\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001UA.job => C:\Users\Jiří\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Ji��\Desktop" je 39653 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Ran by Jiří (administrator) on SOULALMIGHTY (11-07-2016 18:37:05)
Running from C:\Users\Jiří\Desktop
Loaded Profiles: Jiří (Available Profiles: Jiří & majer_000)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Gemfor s.r.o.) C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(VŠB-TU Ostrava) C:\Program Files (x86)\SafeQ\SafeQ_cli.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Inc.) C:\Program Files (x86)\PTC\Mathcad PDSi\Acrobat\acrotray.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Autodesk Inc.) C:\Users\Jiří\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(forum.viry.cz) C:\Users\Jiří\Desktop\FRST-OlderVersion\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-09-04] (Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595848 2015-07-08] (ESET)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161728 2015-08-09] (IvoSoft)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [488328 2014-09-04] (Autodesk Inc.)
HKLM-x32\...\Run: [Andy] => C:\Program Files\Andy\HandyAndy.exe
HKLM-x32\...\Run: [SafeQClient] => C:\Program Files (x86)\SafeQ\SafeQ_cli.exe [493056 2014-08-22] (VŠB-TU Ostrava)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2292912 2015-09-17] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\PTC\Mathcad PDSi\Acrobat\Acrotray.exe [640376 2008-10-01] (Adobe Systems Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-04-29] (Qualcomm®Atheros®)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2740440 2016-04-20] (Acer)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Run: [T-Mobile CManager] => C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe [2162152 2015-08-06] (Gemfor s.r.o.)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [48145024 2015-10-14] (Skype Technologies S.A.)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Run: [Google Update] => C:\Users\Jiří\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2016-02-22] (Google Inc.)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\Policies\Explorer: []
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92d62-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92d8d-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92db7-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92dd6-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a93196-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a93c59-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a93ff7-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a94347-2e1f-11e5-8279-206a8ae02486} - "E:\Autorun.exe"
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-08-09] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-08-09] (IvoSoft)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.10.21.1
Tcpip\..\Interfaces\{A94AE5CC-A2C6-4786-B66C-F6B39F587ED6}: [DhcpNameServer] 10.10.21.1
Internet Explorer:
==================
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4070543363-202812814-1921377734-1001 -> DefaultScope {AE1091CE-F7A5-43A1-B94C-4388C8309938} URL =
SearchScopes: HKU\S-1-5-21-4070543363-202812814-1921377734-1001 -> {AE1091CE-F7A5-43A1-B94C-4388C8309938} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-08-09] (IvoSoft)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-08-09] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2016-03-09] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2016-03-09] (Oracle Corporation)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-08-09] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-08-09] (IvoSoft)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\k2xd0t5c.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-18] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-09-17] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.4.0 -> C:\Windows\SysWOW64\npDeployJava1.dll [2016-03-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.4.0 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2016-03-09] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-10-15] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-09-17] (Adobe Systems)
FF Plugin HKU\S-1-5-21-4070543363-202812814-1921377734-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Jiří\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-04-25] (Citrix Online)
FF Plugin HKU\S-1-5-21-4070543363-202812814-1921377734-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Jiří\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-4070543363-202812814-1921377734-1001: @talk.google.com/O1DPlugin -> C:\Users\Jiří\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-4070543363-202812814-1921377734-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Jiří\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin HKU\S-1-5-21-4070543363-202812814-1921377734-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Jiří\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Jiří\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Jiří\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-08]
CHR Extension: (Dokumenty Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-08]
CHR Extension: (Disk Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-15]
CHR Extension: (YouTube) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-08]
CHR Extension: (Vyhledávání Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-15]
CHR Extension: (Tabulky Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-08]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-08]
CHR Extension: (Gmail) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-08]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [597896 2014-09-04] (Autodesk Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [669872 2015-09-15] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-04-29] (Windows (R) Win 7 DDK provider) [File not signed]
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2016-04-18] (Acer Incorporated)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1353720 2015-07-08] (ESET)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-06-16] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 MbnExt; C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\MbnExt.dll [419096 2015-08-25] (Gemfor s.r.o.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [966336 2014-10-10] (@ByELDI) [File not signed]
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-24] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\siteadvisor\mcsacore.exe [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 anvsnddrv; C:\Windows\system32\drivers\anvsnddrv.sys [33872 2012-05-17] (AnvSoft Inc.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3893248 2014-04-03] (Qualcomm Atheros Communications, Inc.)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-04-29] (Qualcomm Atheros)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [255240 2015-07-14] (ESET)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [251632 2015-07-14] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [178520 2015-07-14] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [168208 2015-07-14] (ESET)
S3 huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [246272 2013-06-29] (Huawei Technologies Co., Ltd.)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-08-09] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-11 18:37 - 2016-07-11 18:37 - 00025728 _____ C:\Users\Jiří\Desktop\FRST.txt
2016-07-11 18:36 - 2016-07-11 18:36 - 00000000 ____D C:\Users\Jiří\Desktop\FRST-OlderVersion
2016-07-10 11:24 - 2016-07-10 11:32 - 08463343 _____ C:\Users\Jiří\Desktop\MontyRich---Duben-2015.pdf.part
2016-07-09 19:33 - 2016-07-09 19:33 - 00053275 _____ C:\Users\Jiří\Desktop\Dark Matter - 02x02 - Kill Them All.FLEET.English.HI.C.orig.Addic7ed.com.srt
2016-07-06 22:27 - 2016-07-06 22:31 - 00000000 ____D C:\AdwCleaner
2016-07-06 22:26 - 2016-07-06 22:26 - 03712064 _____ C:\Users\Jiří\Desktop\adwcleaner_5.201.exe
2016-07-06 12:49 - 2016-07-06 13:25 - 00000552 _____ C:\Windows\smrpro.INI
2016-07-06 12:49 - 2016-07-06 12:49 - 02276644 _____ (AdmireSoft Co., Ltd. ) C:\Users\Jiří\Desktop\smrpro.exe
2016-07-06 12:49 - 2016-07-06 12:49 - 00001149 _____ C:\Users\majer_000\Desktop\Super Mp3 Recorder Professional.lnk
2016-07-06 12:49 - 2016-07-06 12:49 - 00001149 _____ C:\Users\Jiří\Desktop\Super Mp3 Recorder Professional.lnk
2016-07-06 12:49 - 2016-07-06 12:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Mp3 Recorder Professional
2016-07-06 12:49 - 2016-07-06 12:49 - 00000000 ____D C:\Program Files (x86)\Admiresoft
2016-07-06 12:47 - 2016-07-06 12:47 - 00000949 _____ C:\Users\majer_000\Desktop\Free MP3 Recorder.lnk
2016-07-05 10:34 - 2016-07-11 18:37 - 00000000 ____D C:\FRST
2016-07-05 10:32 - 2016-07-11 18:36 - 02390528 _____ (Farbar) C:\Users\Jiří\Desktop\FRST64.exe
2016-07-01 09:45 - 2012-10-09 16:12 - 00090154 _____ C:\Users\Jiří\Desktop\CZ - Logo český výrobek.ai
2016-07-01 09:43 - 2016-07-01 09:44 - 04041660 _____ C:\Users\Jiří\Desktop\logomanual.zip
2016-06-28 13:47 - 2016-06-28 13:47 - 00200704 _____ C:\Users\Jiří\Desktop\Ceník_VVISS(1).XLS
2016-06-28 12:22 - 2016-06-28 12:22 - 00321174 _____ C:\Users\Jiří\Desktop\My Paying Ads Calculator_v1.02.xlsx
2016-06-26 19:40 - 2016-06-26 19:40 - 00001104 _____ C:\Users\Jiří\Desktop\PercussionStudio (2).lnk
2016-06-18 12:11 - 2016-06-18 12:11 - 09717952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-06-15 21:21 - 2016-06-06 21:16 - 15634781 ____N C:\Users\Jiří\Desktop\Fefo 6.6.2016.3gpp
2016-06-15 21:21 - 2016-06-06 19:32 - 08185101 ____N C:\Users\Jiří\Desktop\Sunu 6.6.2016.3gpp
2016-06-14 13:04 - 2016-06-14 13:04 - 00200704 _____ C:\Users\Jiří\Desktop\Ceník_VVISS.XLS
2016-06-12 11:24 - 2016-06-12 11:25 - 31119896 _____ C:\Users\Jiří\Desktop\haj ve slezsku.3gpp
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-11 18:35 - 2015-05-16 13:33 - 00000986 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08fcc30f4f346.job
2016-07-11 18:33 - 2014-11-07 00:13 - 00000986 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-11 18:11 - 2014-11-06 16:43 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-11 18:08 - 2016-03-20 13:30 - 00000000 ____D C:\Users\Jiří\Desktop\Osobní
2016-07-11 18:06 - 2015-12-20 01:28 - 00000582 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-4070543363-202812814-1921377734-1001.job
2016-07-11 17:59 - 2016-02-22 16:48 - 00000984 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001UA.job
2016-07-11 16:51 - 2015-12-20 01:28 - 00000678 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-4070543363-202812814-1921377734-1001.job
2016-07-11 16:45 - 2014-11-06 16:42 - 00000000 ____D C:\Users\Jiří\AppData\Local\Adobe
2016-07-11 16:44 - 2014-08-28 15:52 - 00739924 _____ C:\Windows\system32\perfh005.dat
2016-07-11 16:44 - 2014-08-28 15:52 - 00151610 _____ C:\Windows\system32\perfc005.dat
2016-07-11 16:44 - 2014-03-18 12:03 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-11 16:44 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-07-10 21:38 - 2014-11-07 00:12 - 00000982 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-10 18:39 - 2015-07-09 09:50 - 00000000 ____D C:\Users\Jiří\AppData\Roaming\Skype
2016-07-08 11:50 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-07-07 10:36 - 2014-11-07 06:14 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4070543363-202812814-1921377734-1001
2016-07-06 22:35 - 2015-06-19 09:39 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-07-06 22:34 - 2014-11-07 06:11 - 00000000 ___DO C:\Users\Jiří\OneDrive
2016-07-06 22:34 - 2014-11-06 21:02 - 03946496 ___SH C:\Users\Jiří\Desktop\Thumbs.db
2016-07-06 22:33 - 2015-05-16 13:33 - 00000982 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08fcc30d5a5c8.job
2016-07-06 22:33 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-06 22:32 - 2013-08-22 15:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2016-07-06 12:47 - 2015-03-17 01:22 - 00000949 _____ C:\Users\Jiří\Desktop\Free MP3 Recorder.lnk
2016-07-06 12:47 - 2015-03-17 01:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free MP3 Recorder
2016-07-06 12:47 - 2015-03-17 01:22 - 00000000 ____D C:\Program Files (x86)\MP3Recorder
2016-07-05 23:10 - 2014-11-07 07:29 - 00000000 ____D C:\Users\Jiří\AppData\Local\CrashDumps
2016-07-05 22:59 - 2016-02-22 16:48 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001Core.job
2016-07-04 22:37 - 2015-12-20 01:28 - 00003684 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-4070543363-202812814-1921377734-1001
2016-07-04 22:37 - 2015-12-20 01:28 - 00003588 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-4070543363-202812814-1921377734-1001
2016-07-04 02:03 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-01 10:38 - 2015-06-19 10:21 - 00000034 _____ C:\Users\Jiří\AppData\Roaming\AdobeWLCMCache.dat
2016-06-29 23:44 - 2015-10-22 22:29 - 00000000 ____D C:\Users\Jiří\AppData\Local\ClassicShell
2016-06-28 13:47 - 2014-11-07 06:08 - 00000000 ____D C:\Users\Jiří\AppData\Local\Packages
2016-06-27 17:29 - 2014-08-28 15:57 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-06-27 17:27 - 2014-11-07 06:09 - 00000000 ____D C:\Users\Jiří\AppData\Local\clear.fi
2016-06-26 19:40 - 2014-11-08 14:43 - 00000000 ___RD C:\Users\Jiří\Desktop\Programy
2016-06-22 11:08 - 2016-06-09 23:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-22 11:08 - 2014-11-07 06:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-22 07:54 - 2014-11-07 06:07 - 00000000 ____D C:\Users\Jiří
2016-06-18 12:11 - 2014-11-06 16:43 - 00003802 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-06-18 11:17 - 2014-11-07 00:22 - 00002179 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-15 09:15 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-06-14 14:24 - 2016-04-03 10:44 - 00000000 ____D C:\Users\Jiří\Desktop\foto
2016-06-12 13:15 - 2015-07-13 17:00 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-06-12 13:14 - 2015-10-07 08:44 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Files in the root of some directories =======
2015-06-19 10:21 - 2016-07-01 10:38 - 0000034 _____ () C:\Users\Jiří\AppData\Roaming\AdobeWLCMCache.dat
2015-01-17 00:14 - 2015-01-17 00:14 - 0740775 _____ () C:\ProgramData\AndyDrivers.zip
2014-08-28 15:36 - 2014-08-28 15:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-09-14 08:04 - 2015-09-14 08:04 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Some files in TEMP:
====================
C:\Users\Jiří\AppData\Local\Temp\libeay32.dll
C:\Users\Jiří\AppData\Local\Temp\msvcr120.dll
C:\Users\Jiří\AppData\Local\Temp\sqlite3.dll
C:\Users\majer_000\AppData\Local\Temp\octC6B6.tmp.exe
C:\Users\majer_000\AppData\Local\Temp\octFFAC.tmp.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-4070543363-202812814-1921377734-1001.job => C:\Users\Jiří\AppData\Local\Citrix\GoToMeeting\5174\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-4070543363-202812814-1921377734-1001.job => C:\Users\Jiří\AppData\Local\Citrix\GoToMeeting\5174\g2mupload.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d04183396bbb9.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08fcc30d5a5c8.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfff242a67aa96.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08fcc30f4f346.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001Core.job => C:\Users\Jiří\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001UA.job => C:\Users\Jiří\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Ji��\Desktop" je 39653 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomalená a sekající se Mozilla Firefox
Otevřte poznámkový blok a zkopírujte do něj:
Z logu:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
C:\Program Files\KMSpico
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92d62-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92d8d-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92db7-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92dd6-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a93196-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a93c59-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a93ff7-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a94347-2e1f-11e5-8279-206a8ae02486} - "E:\Autorun.exe"
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4070543363-202812814-1921377734-1001 -> DefaultScope {AE1091CE-F7A5-43A1-B94C-4388C8309938} URL =
SearchScopes: HKU\S-1-5-21-4070543363-202812814-1921377734-1001 -> {AE1091CE-F7A5-43A1-B94C-4388C8309938} URL =
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08fcc30f4f346.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001UA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08fcc30d5a5c8.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001Core.job
C:\ProgramData\DP45977C.lfl
C:\Users\Jiří\AppData\Local\Temp
C:\Users\majer_000\AppData\Local\Temp
End
Z logu:
To je příliš mnoho a může to zpomalovat start systému. Vytvořte v C:\Users\Jiří novou složku a přesuňte do ní všechna data z plochy (kromě zástupců. Na plochu si pak dejte zástupce té složky pro snazší přístup.Velikost slozky "C:\Users\Jiří\Desktop" je 39653 MB.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zpomalená a sekající se Mozilla Firefox
Fix result of Farbar Recovery Scan Tool (x64) Version: 10-07-2016 01
Ran by Jiří (2016-07-13 08:41:09) Run:1
Running from C:\Users\Jiří\Desktop
Loaded Profiles: Jiří (Available Profiles: Jiří & majer_000)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
C:\Program Files\KMSpico
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92d62-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92d8d-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92db7-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92dd6-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a93196-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a93c59-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a93ff7-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a94347-2e1f-11e5-8279-206a8ae02486} - "E:\Autorun.exe"
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4070543363-202812814-1921377734-1001 -> DefaultScope {AE1091CE-F7A5-43A1-B94C-4388C8309938} URL =
SearchScopes: HKU\S-1-5-21-4070543363-202812814-1921377734-1001 -> {AE1091CE-F7A5-43A1-B94C-4388C8309938} URL =
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08fcc30f4f346.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001UA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08fcc30d5a5c8.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001Core.job
C:\ProgramData\DP45977C.lfl
C:\Users\Jiří\AppData\Local\Temp
C:\Users\majer_000\AppData\Local\Temp
End
*****************
C:\Program Files\KMSpico => moved successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
"HKU\S-1-5-21-4070543363-202812814-1921377734-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21a92d62-2e1f-11e5-8279-206a8ae02486}" => key removed successfully
HKCR\CLSID\{21a92d62-2e1f-11e5-8279-206a8ae02486} => key not found.
"HKU\S-1-5-21-4070543363-202812814-1921377734-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21a92d8d-2e1f-11e5-8279-206a8ae02486}" => key removed successfully
HKCR\CLSID\{21a92d8d-2e1f-11e5-8279-206a8ae02486} => key not found.
"HKU\S-1-5-21-4070543363-202812814-1921377734-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21a92db7-2e1f-11e5-8279-206a8ae02486}" => key removed successfully
HKCR\CLSID\{21a92db7-2e1f-11e5-8279-206a8ae02486} => key not found.
"HKU\S-1-5-21-4070543363-202812814-1921377734-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21a92dd6-2e1f-11e5-8279-206a8ae02486}" => key removed successfully
HKCR\CLSID\{21a92dd6-2e1f-11e5-8279-206a8ae02486} => key not found.
"HKU\S-1-5-21-4070543363-202812814-1921377734-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21a93196-2e1f-11e5-8279-206a8ae02486}" => key removed successfully
HKCR\CLSID\{21a93196-2e1f-11e5-8279-206a8ae02486} => key not found.
"HKU\S-1-5-21-4070543363-202812814-1921377734-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21a93c59-2e1f-11e5-8279-206a8ae02486}" => key removed successfully
HKCR\CLSID\{21a93c59-2e1f-11e5-8279-206a8ae02486} => key not found.
"HKU\S-1-5-21-4070543363-202812814-1921377734-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21a93ff7-2e1f-11e5-8279-206a8ae02486}" => key removed successfully
HKCR\CLSID\{21a93ff7-2e1f-11e5-8279-206a8ae02486} => key not found.
"HKU\S-1-5-21-4070543363-202812814-1921377734-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21a94347-2e1f-11e5-8279-206a8ae02486}" => key removed successfully
HKCR\CLSID\{21a94347-2e1f-11e5-8279-206a8ae02486} => key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-4070543363-202812814-1921377734-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AE1091CE-F7A5-43A1-B94C-4388C8309938}" => key removed successfully
HKCR\CLSID\{AE1091CE-F7A5-43A1-B94C-4388C8309938} => key not found.
HKLM\Software\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => value removed successfully
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => value removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08fcc30f4f346.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001UA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08fcc30d5a5c8.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001Core.job => moved successfully
Could not move "C:\ProgramData\DP45977C.lfl" => Scheduled to move on reboot.
"C:\Users\Jiří\AppData\Local\Temp" folder move:
Could not move "C:\Users\Jiří\AppData\Local\Temp" => Scheduled to move on reboot.
C:\Users\majer_000\AppData\Local\Temp => moved successfully
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-07-13 08:42:35)
C:\ProgramData\DP45977C.lfl => Is moved successfully
C:\Users\Jiří\AppData\Local\Temp => moved successfully
==== End of Fixlog 08:42:36 ====
Ran by Jiří (2016-07-13 08:41:09) Run:1
Running from C:\Users\Jiří\Desktop
Loaded Profiles: Jiří (Available Profiles: Jiří & majer_000)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
C:\Program Files\KMSpico
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.)
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92d62-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92d8d-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92db7-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a92dd6-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a93196-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a93c59-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a93ff7-2e1f-11e5-8279-206a8ae02486} - "D:\Autorun.exe"
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\...\MountPoints2: {21a94347-2e1f-11e5-8279-206a8ae02486} - "E:\Autorun.exe"
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4070543363-202812814-1921377734-1001 -> DefaultScope {AE1091CE-F7A5-43A1-B94C-4388C8309938} URL =
SearchScopes: HKU\S-1-5-21-4070543363-202812814-1921377734-1001 -> {AE1091CE-F7A5-43A1-B94C-4388C8309938} URL =
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08fcc30f4f346.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001UA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08fcc30d5a5c8.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001Core.job
C:\ProgramData\DP45977C.lfl
C:\Users\Jiří\AppData\Local\Temp
C:\Users\majer_000\AppData\Local\Temp
End
*****************
C:\Program Files\KMSpico => moved successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
"HKU\S-1-5-21-4070543363-202812814-1921377734-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21a92d62-2e1f-11e5-8279-206a8ae02486}" => key removed successfully
HKCR\CLSID\{21a92d62-2e1f-11e5-8279-206a8ae02486} => key not found.
"HKU\S-1-5-21-4070543363-202812814-1921377734-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21a92d8d-2e1f-11e5-8279-206a8ae02486}" => key removed successfully
HKCR\CLSID\{21a92d8d-2e1f-11e5-8279-206a8ae02486} => key not found.
"HKU\S-1-5-21-4070543363-202812814-1921377734-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21a92db7-2e1f-11e5-8279-206a8ae02486}" => key removed successfully
HKCR\CLSID\{21a92db7-2e1f-11e5-8279-206a8ae02486} => key not found.
"HKU\S-1-5-21-4070543363-202812814-1921377734-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21a92dd6-2e1f-11e5-8279-206a8ae02486}" => key removed successfully
HKCR\CLSID\{21a92dd6-2e1f-11e5-8279-206a8ae02486} => key not found.
"HKU\S-1-5-21-4070543363-202812814-1921377734-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21a93196-2e1f-11e5-8279-206a8ae02486}" => key removed successfully
HKCR\CLSID\{21a93196-2e1f-11e5-8279-206a8ae02486} => key not found.
"HKU\S-1-5-21-4070543363-202812814-1921377734-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21a93c59-2e1f-11e5-8279-206a8ae02486}" => key removed successfully
HKCR\CLSID\{21a93c59-2e1f-11e5-8279-206a8ae02486} => key not found.
"HKU\S-1-5-21-4070543363-202812814-1921377734-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21a93ff7-2e1f-11e5-8279-206a8ae02486}" => key removed successfully
HKCR\CLSID\{21a93ff7-2e1f-11e5-8279-206a8ae02486} => key not found.
"HKU\S-1-5-21-4070543363-202812814-1921377734-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21a94347-2e1f-11e5-8279-206a8ae02486}" => key removed successfully
HKCR\CLSID\{21a94347-2e1f-11e5-8279-206a8ae02486} => key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKU\S-1-5-21-4070543363-202812814-1921377734-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-4070543363-202812814-1921377734-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AE1091CE-F7A5-43A1-B94C-4388C8309938}" => key removed successfully
HKCR\CLSID\{AE1091CE-F7A5-43A1-B94C-4388C8309938} => key not found.
HKLM\Software\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => value removed successfully
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => value removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08fcc30f4f346.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001UA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08fcc30d5a5c8.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070543363-202812814-1921377734-1001Core.job => moved successfully
Could not move "C:\ProgramData\DP45977C.lfl" => Scheduled to move on reboot.
"C:\Users\Jiří\AppData\Local\Temp" folder move:
Could not move "C:\Users\Jiří\AppData\Local\Temp" => Scheduled to move on reboot.
C:\Users\majer_000\AppData\Local\Temp => moved successfully
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-07-13 08:42:35)
C:\ProgramData\DP45977C.lfl => Is moved successfully
C:\Users\Jiří\AppData\Local\Temp => moved successfully
==== End of Fixlog 08:42:36 ====
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomalená a sekající se Mozilla Firefox
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zpomalená a sekající se Mozilla Firefox
Zdá se to OK. Díky moc!
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomalená a sekající se Mozilla Firefox
Nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?