﻿Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-12-2014
Ran by Acer (administrator) on ACER-1F5ADAF30F on 14-12-2014 15:21:13
Running from C:\Documents and Settings\Acer\Plocha
Loaded Profile: Acer (Available profiles: Acer)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\WINDOWS\System32\wltrysvc.exe
(Broadcom Corporation) C:\WINDOWS\System32\bcmwltry.exe
(Broadcom Corporation) C:\WINDOWS\System32\WLTRAY.exe
() C:\Program Files\Launch Manager\LaunchAp.exe
(Wistron) C:\Program Files\Launch Manager\HotkeyApp.exe
() C:\Program Files\Launch Manager\OSDCtrl.exe
() C:\Program Files\Launch Manager\WButton.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\SOUNDMAN.EXE
(Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\IEXPLORE.EXE
(forum.viry.cz) C:\Documents and Settings\Acer\Plocha\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\WINDOWS\system32\WLTRAY
HKLM\...\Run: [LaunchAp] => C:\Program Files\Launch Manager\LaunchAp.exe [32768 2005-03-30] ()
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\HotkeyApp.exe [69632 2005-05-19] (Wistron)
HKLM\...\Run: [CtrlVol] => C:\Program Files\Launch Manager\CtrlVol.exe [20480 2003-09-16] (Wistron)
HKLM\...\Run: [LMgrOSD] => C:\Program Files\Launch Manager\OSDCtrl.exe [245760 2004-10-11] ()
HKLM\...\Run: [Wbutton] => C:\Program Files\Launch Manager\Wbutton.exe [81920 2005-04-18] ()
HKLM\...\Run: [SoundMan] => C:\WINDOWS\SOUNDMAN.EXE [90112 2005-08-17] (Realtek Semiconductor Corp.)
HKLM\...\Run: [BluetoothAuthenticationAgent] => rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
HKLM Group Policy restriction on software: C:\Program Files\Common Files\Symantec Shared <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Trend Micro <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Trend Micro <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Symantec <====== ATTENTION
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKU\S-1-5-21-1520742225-1900393973-1292726236-1005\...\Run: [AodwOfosd] => regsvr32.exe "C:\Documents and Settings\All Users\Data aplikací\AodwOfosd\VihgoXuhli.xri"
HKU\S-1-5-21-1520742225-1900393973-1292726236-1005\...\MountPoints2: {ef1c186d-5fe6-11de-8fa7-0014a44e0ea0} - F:\Launcher.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1520742225-1900393973-1292726236-1005\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1520742225-1900393973-1292726236-1005\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKU\S-1-5-21-1520742225-1900393973-1292726236-1005\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1520742225-1900393973-1292726236-1005 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1520742225-1900393973-1292726236-1005 -> {06107180-110a-4c26-a010-9eaa9c69e440} URL = http://www.mapy.cz/?query={searchTerms}&sourceid=IE_5
SearchScopes: HKU\S-1-5-21-1520742225-1900393973-1292726236-1005 -> {279945BC-2362-4016-963D-6FC48A585344} URL = http://www.bing.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1520742225-1900393973-1292726236-1005 -> {2c948b42-e855-43a8-90d1-fda678acf41e} URL = http://www.firmy.cz/phr/{searchTerms}?sourceid=IE_5
SearchScopes: HKU\S-1-5-21-1520742225-1900393973-1292726236-1005 -> {f9e36b1e-ecf4-495b-9693-50a90cd70e82} URL = http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=IE_5
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: SSVHelper Class -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKU\S-1-5-21-1520742225-1900393973-1292726236-1005 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} http://kitchenplanner.ikea.com/CZ/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1520742225-1900393973-1292726236-1005: @Google.com/GoogleEarthPlugin -> C:\Documents and Settings\Acer\Local Settings\Data aplikací\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF HKLM\...\Firefox\Extensions: [bkmrksync@nokia.com] - C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync
FF Extension: PC Sync 2 Synchronisation Extension - C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync [2009-07-24]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-02-12]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome: 
=======
CHR Profile: C:\Documents and Settings\Acer\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\Acer\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-12]
CHR Extension: (Gmail) - C:\Documents and Settings\Acer\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-12]
CHR Extension: (Disk Google) - C:\Documents and Settings\Acer\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-12]
CHR Extension: (Vyhledávání Google) - C:\Documents and Settings\Acer\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-12]
CHR Extension: (Peněženka Google) - C:\Documents and Settings\Acer\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-12]
CHR Extension: (YouTube) - C:\Documents and Settings\Acer\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-12]
CHR Extension: (Tabulky Google) - C:\Documents and Settings\Acer\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-12]
CHR Extension: (Prezentace Google) - C:\Documents and Settings\Acer\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-12]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [51712 2007-10-11] (ArcSoft)
S4 anbmService; C:\Acer\eManager\anbmServ.exe [1287168 2004-08-16] (OSA Technologies Inc.) [File not signed]
S4 ccEvtMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108392 2008-12-18] (Symantec Corporation)
S4 ccSetMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108392 2008-12-18] (Symantec Corporation)
S4 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-02-10] ()
S4 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [637952 2009-06-02] (Nokia.) [File not signed]
S4 SmcService; C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe [1799496 2009-02-26] (Symantec Corporation)
S4 SNAC; C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE [320840 2009-02-01] (Symantec Corporation)
S4 Symantec AntiVirus; C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe [2440120 2009-02-01] (Symantec Corporation)
R2 wltrysvc; C:\WINDOWS\System32\bcmwltry.exe [827499 2004-12-22] (Broadcom Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 abp480n5; C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [17801 2005-04-11] (Meetinghouse Data Communications) [File not signed]
R3 Afc; C:\WINDOWS\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.) [File not signed]
R3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [3644800 2005-08-19] (Realtek Semiconductor Corp.)
S3 AR5211; C:\WINDOWS\System32\DRIVERS\ar5211.sys [449888 2005-01-10] (Atheros Communications, Inc.)
R3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [369024 2004-12-22] (Broadcom Corporation)
S3 COH_Mon; C:\WINDOWS\system32\Drivers\COH_Mon.sys [23888 2008-11-18] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [374392 2011-07-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [105592 2011-07-28] (Symantec Corporation)
S3 FETNDIS; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [27165 2001-08-17] (VIA Technologies, Inc.              )
R1 Hotkey; C:\WINDOWS\system32\Drivers\Hotkey.sys [9867 2003-04-28] () [File not signed]
R3 HSFHWATI; C:\WINDOWS\System32\DRIVERS\HSFHWATI.sys [200192 2004-12-15] (Conexant Systems, Inc.)
S3 int15.sys; C:\Program Files\acer\eRecovery\int15.sys [69632 2005-01-13] () [File not signed]
R3 NAVENG; C:\Program Files\Common Files\Symantec Shared\VirusDefs\20111012.017\NAVENG.SYS [86136 2011-08-04] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Common Files\Symantec Shared\VirusDefs\20111012.017\NAVEX15.SYS [1576312 2011-08-04] (Symantec Corporation)
R3 NTIDrvr; C:\WINDOWS\System32\DRIVERS\NTIDrvr.sys [6144 2007-03-23] (NewTech Infosystems, Inc.) [File not signed]
S3 pfc; C:\WINDOWS\System32\drivers\pfc.sys [10368 2003-12-05] (Padus, Inc.) [File not signed]
S3 POWERKEY; C:\Program Files\Launch Manager\POWERKEY.sys [2343 2000-12-19] () [File not signed]
R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
R3 RTL8023xp; C:\WINDOWS\System32\DRIVERS\Rtlnicxp.sys [70912 2004-12-02] (Realtek Semiconductor Corporation                           )
S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
S3 SPBBCDrv; C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [421424 2008-09-09] (Symantec Corporation)
R1 SRTSP; C:\WINDOWS\System32\Drivers\SRTSP.SYS [280112 2008-12-19] (Symantec Corporation)
S3 SRTSPL; C:\WINDOWS\System32\Drivers\SRTSPL.SYS [319792 2008-12-19] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\System32\Drivers\SRTSPX.SYS [43824 2008-12-19] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [123952 2009-05-14] (Symantec Corporation)
S3 SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [27696 2008-08-21] (Symantec Corporation)
R1 SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [191536 2008-08-21] (Symantec Corporation)
S4 SysPlant; C:\WINDOWS\SYSTEM32\Drivers\SysPlant.sys [91976 2009-02-26] (Symantec Corporation)
R3 Teefer2; C:\WINDOWS\System32\DRIVERS\teefer2.sys [49536 2008-10-14] (Symantec Corporation)
R0 UBHelper; C:\WINDOWS\system32\Drivers\UBHelper.sys [13952 2004-12-17] () [File not signed]
R1 VRVD302; C:\WINDOWS\System32\DRIVERS\VRVD302.sys [11296 2008-01-25] (Rsupport Corporation)
R1 WPS; C:\WINDOWS\system32\drivers\wpsdrvnt.sys [42312 2009-02-26] (Symantec Corporation)
S3 WpsHelper; C:\WINDOWS\system32\drivers\WpsHelper.sys [167936 2011-06-22] (Symantec Corporation)
S2 11277; \??\C:\DOCUME~1\Acer\LOCALS~1\Temp\11277.sys [X]
S1 mailKmd; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 SI15CI; \??\c:\elements\1stboot\SI15CI.SYS [X]
S1 Wbutton; \SystemRoot\system32\drivers\Wbutton.sys [X]
U1 WS2IFSL; No ImagePath

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-14 15:21 - 2014-12-14 15:21 - 00015296 _____ () C:\Documents and Settings\Acer\Plocha\FRST.txt
2014-12-14 15:20 - 2014-12-14 15:20 - 00000000 ____D () C:\FRST
2014-12-14 15:14 - 2014-12-14 15:14 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Acer\Plocha\FRSTLauncher.exe
2014-12-14 15:13 - 2014-12-14 15:13 - 01111552 _____ (Farbar) C:\Documents and Settings\Acer\Plocha\FRST.exe
2014-12-14 15:11 - 2014-12-14 15:11 - 00000137 _____ () C:\Documents and Settings\Acer\Plocha\VIRY.CZ • Zobrazit téma - Návod na vytvoření logu z FRST (FRSTLauncher).url
2014-12-14 13:57 - 2014-12-14 13:57 - 00000000 ____D () C:\Documents and Settings\Acer\Local Settings\Temp
2014-12-14 13:57 - 2014-12-14 12:46 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2014-12-14 12:49 - 2014-12-14 12:45 - 00000613 _____ () C:\zoek-results2014-12-14-114532.log
2014-12-14 12:37 - 2014-12-14 14:01 - 00008044 _____ () C:\zoek-results.log
2014-12-14 12:33 - 2014-12-14 12:33 - 01295360 _____ () C:\Documents and Settings\Acer\Plocha\zoek.exe
2014-12-14 12:33 - 2014-12-14 12:33 - 00000000 ____D () C:\zoek_backup
2014-12-14 12:16 - 2014-12-14 12:16 - 00000000 ____D () C:\AdwCleaner
2014-12-14 12:13 - 2014-12-14 12:13 - 02166272 _____ () C:\Documents and Settings\Acer\Plocha\adwcleaner_4.105.exe
2014-12-14 10:32 - 2014-12-14 10:32 - 00000000 ____D () C:\rsit
2014-12-14 10:32 - 2014-12-14 10:32 - 00000000 ____D () C:\Program Files\trend micro
2014-12-14 10:31 - 2014-12-14 10:31 - 00000000 ____D () C:\Seznam_vir
2014-12-12 20:44 - 2014-12-12 20:44 - 00001721 _____ () C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
2014-12-12 20:44 - 2014-12-12 20:44 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Chrome
2014-12-12 20:16 - 2014-12-12 20:16 - 00000000 __SHD () C:\Documents and Settings\Acer\IECompatCache
2014-12-12 08:12 - 2014-12-14 15:11 - 00000323 _____ () C:\Documents and Settings\Acer\Plocha\Seznam E-mail – Login.url
2014-12-11 19:41 - 2014-12-11 19:41 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\AodwOfosd

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-14 15:13 - 2012-08-23 16:38 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-12-14 15:06 - 1980-01-01 00:00 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl
2014-12-14 15:04 - 2014-03-28 11:57 - 00000220 _____ () C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2014-12-14 15:04 - 2011-03-20 11:41 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-14 15:04 - 2004-09-17 12:16 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-12-14 15:04 - 2004-09-17 12:06 - 00000157 _____ () C:\WINDOWS\wiadebug.log
2014-12-14 14:25 - 2007-09-27 17:55 - 00000012 _____ () C:\WINDOWS\bthservsdp.dat
2014-12-14 14:25 - 2007-03-23 10:34 - 00000272 ___SH () C:\Documents and Settings\Acer\ntuser.ini
2014-12-14 14:25 - 2004-09-17 12:16 - 00032450 _____ () C:\WINDOWS\SchedLgU.Txt
2014-12-14 14:25 - 2004-09-17 12:10 - 01955197 _____ () C:\WINDOWS\WindowsUpdate.log
2014-12-14 14:25 - 2004-09-17 12:06 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-12-14 13:33 - 2011-03-20 11:41 - 00000940 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-12 08:10 - 2014-08-11 19:29 - 00000172 _____ () C:\Documents and Settings\Acer\Plocha\test rychlosti.url
2014-12-12 07:33 - 2014-08-19 18:38 - 00002283 _____ () C:\Documents and Settings\All Users\Plocha\Skype.lnk
2014-12-11 03:15 - 2007-03-28 14:49 - 109818608 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-11 03:13 - 2012-08-23 16:38 - 00701104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-12-11 03:13 - 2012-08-23 16:38 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-12-10 16:27 - 2010-08-03 14:57 - 00987627 _____ () C:\WINDOWS\setupapi.log
2014-12-08 09:16 - 2004-09-17 12:08 - 00059034 _____ () C:\WINDOWS\wmsetup.log
2014-11-30 17:06 - 2007-03-23 19:53 - 00002503 _____ () C:\Documents and Settings\Acer\Plocha\Microsoft Excel.lnk

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================


Percentage of memory in use: 57%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 55.9 GB) (Disk ID: 34FE34FD)
Partition 1: (Not Active) - (Size=2.3 GB) - (Type=12)
Partition 2: (Active) - (Size=26.6 GB) - (Type=0C)
Partition 3: (Not Active) - (Size=27 GB) - (Type=OF Extended)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Symantec Endpoint Protection (Disabled - Up to date) {FB06448E-52B8-493A-90F3-E43226D3305C}
FW: Symantec Endpoint Protection (Disabled) {BE898FE3-CD0B-4014-85A9-03DB9923DDB6}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

  
***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\Acer\Plocha" je 4 MB.
 
 
***** Startup Programs *****
 

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services
    WMPNetworkSvc	REG_DWORD	0x3
    Symantec AntiVirus	REG_DWORD	0x2
    SNAC	REG_DWORD	0x3
    SmcService	REG_DWORD	0x2
    ServiceLayer	REG_DWORD	0x3
    idsvc	REG_DWORD	0x3
    ccSetMgr	REG_DWORD	0x2
    ccEvtMgr	REG_DWORD	0x2
    anbmService	REG_DWORD	0x2
 
***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    EnableFirewall	REG_DWORD	0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    EnableFirewall	REG_DWORD	0x1
    DoNotAllowExceptions	REG_DWORD	0x0
    DisableNotifications	REG_DWORD	0x0


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Documents and Settings\\All Users\\Data aplikac\\Skype\\Plugins\\Plugins\\289650C9E52C40FE91D947C6D0EB72DA\\remotex.exe"="C:\\Documents and Settings\\All Users\\Data aplikac\\Skype\\Plugins\\Plugins\\289650C9E52C40FE91D947C6D0EB72DA\\remotex.exe:*:Enabled:RemoteX"
"C:\\Documents and Settings\\All Users\\Data aplikac\\Skype\\Plugins\\Plugins\\289650C9E52C40FE91D947C6D0EB72DA\\rcviewer.exe"="C:\\Documents and Settings\\All Users\\Data aplikac\\Skype\\Plugins\\Plugins\\289650C9E52C40FE91D947C6D0EB72DA\\rcviewer.exe:*:Enabled:Rsupport RemoteCall Viewer"
"C:\\Program Files\\ICQ6\\ICQ.exe"="C:\\Program Files\\ICQ6\\ICQ.exe:*:Enabled:ICQ6"
"C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\Smc.exe"="C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\Smc.exe:*:Enabled:SMC Service"
"C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\SNAC.EXE"="C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\SNAC.EXE:*:Enabled:SNAC Service"
"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe"="C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe:*:Enabled:Symantec Email"
"C:\\Program Files\\ICQ6.5\\ICQ.exe"="C:\\Program Files\\ICQ6.5\\ICQ.exe:*:Enabled:ICQ6"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"="C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe:*:Enabled:Google Chrome"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"
"139:TCP"="139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002"
 
 
***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000

 
==================== End Of Log ==============================
