﻿Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-01-2015 02
Ran by Semerak (administrator) on PRACOVNA2 on 13-01-2015 18:08:17
Running from C:\Users\Semerak\Desktop
Loaded Profile: Semerak (Available profiles: Semerak)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\ramaint.exe
(Oki Data Corporation) C:\Windows\System32\spool\drivers\x64\3\OPHDLDCS.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(TrueCrypt Foundation) C:\Program Files\TrueCrypt\TrueCrypt.exe
(OLYMPUS IMAGING CORP.) C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.2.0.17\Lightshot.exe
(Almico Software (www.almico.com)) C:\Program Files (x86)\SpeedFan\speedfan.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(forum.viry.cz) C:\Users\Semerak\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2011-09-16] (LogMeIn, Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [976832 2009-12-17] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [OV3_Monitor] => C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\FirstStart.exe [55664 2014-09-09] (OLYMPUS IMAGING CORP.)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3730243165-907656754-2530024790-1000\...\Run: [TrueCrypt] => C:\Program Files\TrueCrypt\TrueCrypt.exe [1517520 2011-10-24] (TrueCrypt Foundation)
HKU\S-1-5-21-3730243165-907656754-2530024790-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3514176 2011-11-10] (DT Soft Ltd)
HKU\S-1-5-21-3730243165-907656754-2530024790-1000\...\Run: [LightShot] => C:\Users\Semerak\AppData\Local\Skillbrains\lightshot\Lightshot.exe
HKU\S-1-5-21-3730243165-907656754-2530024790-1000\...\Run: [OV3_Monitor] => C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe [420208 2014-09-09] (OLYMPUS IMAGING CORP.)
HKU\S-1-5-21-3730243165-907656754-2530024790-1000\...\MountPoints2: {6e3d0097-0dd5-11e1-ab27-f46d047b04f6} - K:\unlock.exe autoplay=true
Startup: C:\Users\Semerak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\speedfan – zástupce.lnk
ShortcutTarget: speedfan – zástupce.lnk -> C:\Program Files (x86)\SpeedFan\speedfan.exe (Almico Software (www.almico.com))

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} ->  No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {62789780-B744-11D0-986B-00609731A21D} http://195.28.70.134/kapor2/lib/mgaxctrl.cab

FireFox:
========
FF ProfilePath: C:\Users\Semerak\AppData\Roaming\Mozilla\Firefox\Profiles\r1pxg21r.default
FF Homepage: hxxp://www.novinky.cz/
FF NetworkProxy: "no_proxies_on", "localhost,127.0.0.1"
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: DownloadHelper - C:\Users\Semerak\AppData\Roaming\Mozilla\Firefox\Profiles\r1pxg21r.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-05]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Semerak\AppData\Roaming\Mozilla\Firefox\Profiles\r1pxg21r.default\Extensions\adblockpopups@jessehakanen.net.xpi [2011-11-01]
FF Extension: Classic Theme Restorer - C:\Users\Semerak\AppData\Roaming\Mozilla\Firefox\Profiles\r1pxg21r.default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-05-01]
FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\Semerak\AppData\Roaming\Mozilla\Firefox\Profiles\r1pxg21r.default\Extensions\elemhidehelper@adblockplus.org.xpi [2011-11-01]
FF Extension: Tab Utilities - C:\Users\Semerak\AppData\Roaming\Mozilla\Firefox\Profiles\r1pxg21r.default\Extensions\tabutils@ithinc.cn.xpi [2011-11-01]
FF Extension: Adblock Plus - C:\Users\Semerak\AppData\Roaming\Mozilla\Firefox\Profiles\r1pxg21r.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-10-23]
FF Extension: Greasemonkey - C:\Users\Semerak\AppData\Roaming\Mozilla\Firefox\Profiles\r1pxg21r.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-05-20]

Chrome: 
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-08-16] (Hewlett-Packard Company) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [376168 2014-11-26] (LogMeIn, Inc.)
R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226152 2014-11-26] (LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2011-09-16] (LogMeIn, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 OKI OPHD DCS Loader; C:\Windows\system32\spool\DRIVERS\x64\3\OPHDLDCS.EXE [20480 2011-10-23] (Oki Data Corporation) [File not signed]
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2011-11-12] (DT Soft Ltd)
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-05-31] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-13 18:08 - 2015-01-13 18:08 - 00012146 _____ () C:\Users\Semerak\Desktop\FRST.txt
2015-01-13 18:07 - 2015-01-13 18:08 - 00000000 ____D () C:\FRST
2015-01-13 18:04 - 2015-01-12 08:42 - 00112640 _____ (forum.viry.cz) C:\Users\Semerak\Desktop\FRSTLauncher.exe
2015-01-13 18:04 - 2015-01-12 08:38 - 02124288 _____ (Farbar) C:\Users\Semerak\Desktop\FRST64.exe
2015-01-13 17:10 - 2015-01-13 17:11 - 00000000 ____D () C:\AdwCleaner
2015-01-13 17:09 - 2015-01-12 07:54 - 02191360 _____ () C:\Users\Semerak\Desktop\adwcleaner_4.107.exe
2015-01-13 13:45 - 2015-01-13 13:45 - 00038440 _____ () C:\Users\Semerak\Desktop\info.txt
2015-01-13 13:36 - 2015-01-12 03:59 - 01222144 _____ () C:\Users\Semerak\Desktop\RSITx64.exe
2015-01-13 13:35 - 2015-01-13 13:35 - 00000000 ____D () C:\rsit
2015-01-13 13:35 - 2015-01-13 13:35 - 00000000 ____D () C:\Program Files\trend micro
2015-01-12 21:26 - 2015-01-12 21:26 - 00000000 ____D () C:\Users\Semerak\Documents\Nová složka (4)
2015-01-12 21:19 - 2015-01-12 21:19 - 00001103 _____ () C:\Users\Semerak\Desktop\Mapa Maršov a Libňatov 2012.pdf – zástupce.lnk
2015-01-12 21:09 - 2015-01-12 21:09 - 00001121 _____ () C:\Users\Semerak\Desktop\Vyhláška 441-2013 Sb ocenění .pdf – zástupce.lnk
2015-01-12 20:36 - 2015-01-12 21:27 - 00000000 ____D () C:\Users\Semerak\Documents\PODKLADY sro,sdr
2015-01-10 09:24 - 2015-01-10 09:24 - 00353186 _____ () C:\Users\Semerak\Downloads\export.xls
2015-01-09 20:27 - 2015-01-09 20:27 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-01-04 15:43 - 2015-01-04 15:43 - 03290112 ____N () C:\Users\Semerak\Desktop\Doktorské.pps
2015-01-02 18:50 - 2015-01-02 18:51 - 00001391 _____ () C:\Users\Semerak\Desktop\2015 Faktury a výkaz OZE .xlsx – zástupce.lnk
2014-12-18 10:21 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 10:21 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-17 13:19 - 2014-12-17 13:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2014-12-14 15:36 - 2014-12-14 15:36 - 03540144 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-12-14 05:53 - 2014-12-14 05:53 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-14 05:33 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-14 05:33 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-13 18:04 - 2011-10-23 17:41 - 01177112 _____ () C:\Windows\WindowsUpdate.log
2015-01-13 17:35 - 2013-05-22 07:56 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-13 17:19 - 2009-07-14 05:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-13 17:19 - 2009-07-14 05:45 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-13 17:14 - 2014-01-25 13:05 - 00001029 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
2015-01-13 17:14 - 2014-01-25 13:05 - 00001013 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2015-01-13 17:14 - 2011-11-12 23:11 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2015-01-13 17:13 - 2014-07-10 19:16 - 00004190 _____ () C:\Windows\setupact.log
2015-01-13 17:13 - 2013-05-22 07:56 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-13 17:13 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-13 17:12 - 2014-07-26 19:00 - 00010656 _____ () C:\Windows\PFRO.log
2015-01-13 17:09 - 2013-05-28 07:16 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-13 17:09 - 2011-12-13 06:33 - 00000000 ____D () C:\Users\Semerak\Documents\AA Outlook upraveno
2015-01-13 16:13 - 2014-02-10 10:53 - 00000000 ____D () C:\Users\Semerak\Documents\Faktury sro 2014
2015-01-13 15:55 - 2011-11-13 12:40 - 00000000 ____D () C:\Users\Semerak\Documents\Soubory aplikace Outlook
2015-01-13 14:21 - 2011-11-13 13:01 - 00000000 ____D () C:\Users\Semerak\Documents\Jirka
2015-01-13 10:56 - 2011-10-23 17:49 - 00000000 ____D () C:\Users\Semerak
2015-01-13 09:51 - 2011-10-23 15:58 - 00000000 ____D () C:\ProgramData\LogMeIn
2015-01-12 21:38 - 2011-11-13 13:02 - 00000000 ____D () C:\Users\Semerak\Documents\Vánoční stromky
2015-01-12 21:37 - 2011-12-23 05:43 - 00000000 ____D () C:\Users\Semerak\Documents\Staženo zábava
2015-01-12 21:37 - 2011-11-13 13:01 - 00000000 ____D () C:\Users\Semerak\Documents\Osobní
2015-01-12 21:30 - 2011-11-13 13:01 - 00000000 ____D () C:\Users\Semerak\Documents\Iva
2015-01-12 21:26 - 2013-04-11 10:07 - 00000000 ____D () C:\Users\Semerak\Documents\sro návody
2015-01-12 21:25 - 2011-11-13 13:01 - 00000000 ____D () C:\Users\Semerak\Documents\Návody
2015-01-12 21:22 - 2011-11-13 10:02 - 00000000 ___RD () C:\Users\Semerak\Fotky pracovní
2015-01-12 21:20 - 2011-11-13 13:01 - 00000000 ____D () C:\Users\Semerak\Documents\Libňatov
2015-01-12 21:19 - 2011-11-13 13:01 - 00000000 ____D () C:\Users\Semerak\Documents\Maršov
2015-01-12 21:13 - 2011-11-13 13:00 - 00000000 ____D () C:\Users\Semerak\Documents\Dotace
2015-01-12 21:11 - 2012-01-20 07:23 - 00001069 _____ () C:\Users\Semerak\Desktop\TISK – zástupce.lnk
2015-01-12 21:09 - 2011-11-13 13:02 - 00000000 ____D () C:\Users\Semerak\Documents\zákony
2015-01-12 20:54 - 2014-07-12 08:08 - 00001573 _____ () C:\Users\Semerak\Desktop\Osnovy Maršov odd 115.pdf – zástupce.lnk
2015-01-12 20:53 - 2011-11-13 13:02 - 00000000 ____D () C:\Users\Semerak\Documents\Reklamace a pojistky
2015-01-12 20:51 - 2012-01-20 07:19 - 00000000 ____D () C:\Users\Semerak\Documents\AA TISK
2015-01-12 20:51 - 2011-11-13 13:02 - 00000000 ____D () C:\Users\Semerak\Documents\zeleň
2015-01-12 20:35 - 2011-11-13 13:02 - 00000000 ____D () C:\Users\Semerak\Documents\sro doklady
2015-01-09 20:29 - 2011-04-12 09:34 - 00672136 _____ () C:\Windows\system32\perfh005.dat
2015-01-09 20:29 - 2011-04-12 09:34 - 00142732 _____ () C:\Windows\system32\perfc005.dat
2015-01-09 20:29 - 2009-07-14 06:13 - 01593214 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-31 12:14 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-30 14:07 - 2011-11-13 13:02 - 00000000 ____D () C:\Users\Semerak\Documents\sdružení evidence
2014-12-21 20:11 - 2011-11-13 13:02 - 00000000 ____D () C:\Users\Semerak\Documents\vzory
2014-12-20 09:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-17 13:19 - 2013-02-01 09:58 - 00000425 _____ () C:\Users\Semerak\AppData\Local\UserProducts.xml
2014-12-17 04:49 - 2013-01-09 16:33 - 00000000 ____D () C:\Users\Semerak\Documents\Faktury sro 2013
2014-12-15 05:22 - 2014-10-30 07:43 - 00001402 _____ () C:\Users\Semerak\Desktop\TG-3 Návod k použití.lnk
2014-12-14 15:36 - 2013-05-28 07:16 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-14 15:36 - 2012-04-12 05:21 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-14 15:36 - 2011-10-23 13:03 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-14 09:44 - 2014-08-26 10:07 - 00000000 ____D () C:\Users\Semerak\AppData\Local\Adobe
2014-12-14 05:53 - 2014-05-07 02:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-14 05:53 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-14 05:53 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-14 05:38 - 2011-11-12 23:44 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-14 05:37 - 2013-08-05 02:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-14 05:35 - 2011-11-01 19:33 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-14 05:27 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-12-14 05:26 - 2012-05-02 13:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-14 00:23 - 2014-05-01 14:30 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-14 00:22 - 2014-05-01 14:29 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-12-14 00:22 - 2014-05-01 14:29 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-12-14 00:22 - 2014-05-01 14:29 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-12-14 00:21 - 2014-05-01 14:29 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-12-14 00:21 - 2013-04-17 15:57 - 00000000 ____D () C:\Program Files (x86)\Java

Some content of TEMP:
====================
C:\Users\Semerak\AppData\Local\Temp\233332692.exe
C:\Users\Semerak\AppData\Local\Temp\KMP_3.9.0.125.exe
C:\Users\Semerak\AppData\Local\Temp\KMP_3.9.0.127.exe
C:\Users\Semerak\AppData\Local\Temp\Quarantine.exe
C:\Users\Semerak\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Semerak\AppData\Local\Temp\sfareca00001.dll
C:\Users\Semerak\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-26 00:01




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (Systémový a pracovní disk) (Fixed) (Total:300 GB) (Free:207.38 GB) NTFS
Drive d: (Data) (Fixed) (Total:631.41 GB) (Free:567.87 GB) NTFS
Drive f: () (Removable) (Total:14.83 GB) (Free:13.13 GB) FAT32

Available physical RAM: 7001.12 MB
Total physical RAM: 8103.21 MB
Percentage of memory in use: 13%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 931.5 GB) (Disk ID: C099E35C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=300 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=631.4 GB) - (Type=OF Extended)
Disk: 2 (Size: 14.8 GB) (Disk ID: 00000000)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

  
***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Semerak\Desktop" je 905 MB.
 
 
***** Startup Programs *****
 
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" 

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe 

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" 

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Update 3400C
C:\sj652\hpupdate.exe 3400C [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Infium
"C:\Program Files (x86)\QIP 2012\qip.exe" /autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LGODDFU
"C:\Program Files (x86)\lg_fwupdate\fwupdate.exe" blrun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mouseElf
C:\PROGRA~2\GAMING~1\MouseElf.EXE  

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" 

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu
"C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut
"C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut
"C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut
"C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Semerak^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^V��ezy obrazovky a spu�t�n� aplikace OneNote 2010.lnk
C:\PROGRA~2\MICROS~2\Office14\ONENOTEM.EXE /tsr [x]

 
***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    EnableFirewall    REG_DWORD    0x1
    DisableNotifications    REG_DWORD    0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    EnableFirewall    REG_DWORD    0x1
    DisableNotifications    REG_DWORD    0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
 
***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

 
==================== End Of Log ==============================
