Právě je 10 pro 2019 01:58

Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Všechny časy jsou v UTC + 1 hodina


Pravidla fóra


Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz



Odeslat nové téma Toto téma je zamknuté. Nemůžete posílat nové příspěvky ani odpovídat na starší.  [ Příspěvků: 16 ]  Přejít na stránku 1, 2  Další
Autor Zpráva
PříspěvekNapsal: 10 pro 2014 10:29 
Offline
Návštěvník
Návštěvník

Registrován: 10 pro 2014 07:49
Příspěvky: 9
Dobrý den,
chtěl bych poprosil o pomoc s řešením problému - nenačítajících se stránek v mozilla i chrome a také se někdy nejde stáhnout poštu do mozilla thunderbird - účtu mám několik (firemní, quick i gmail) a problém je u všech.

Přikládám log a předem moc děkuji za pomoc

Logfile of random's system information tool 1.10 (written by random/random)
Run by Michal at 2014-12-10 08:13:22
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 5 GB (4%) free of 102 GB
Total RAM: 3990 MB (30% free)

HijackThis download failed

======Listing Processes======



\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\AVG2015\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-3b9f-9e1c1095fa54 /binaryPath="C:\Program Files (x86)\AVG\AVG2015\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
winlogon.exe
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\WLANExt.exe 34646736
\??\C:\windows\system32\conhost.exe "-9082417091451920822613260945755136335-100432562419445713552017475889-424264812
C:\windows\System32\spoolsv.exe
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe" -service
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\FileOpen\Services\FileOpenManager64.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
C:\windows\SysWOW64\irstrtsv.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\PDF Architect\HelperService.exe"
"C:\Program Files (x86)\PDF Architect\ConversionService.exe"
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgemca.exe"
"C:\Program Files (x86)\SolidDocuments\Solid PDF Tools\SPDFT\SolidPdfToolsServicex64.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe"
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\TOSHIBA\Mobile Broadband Device\WMCore\mini_WMCore.exe" servicemode
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties"
\??\C:\windows\system32\conhost.exe "397325354799740052-3400853382039300364920981616-7116304343038167742125448980
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
WLIDSvcM.exe 3756
C:\windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
C:\windows\system32\wbem\wmiprvse.exe
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe" /f="C:\Program Files\SRS Labs\SRS Control Panel\SRS_Premium_Sound_PS3D.zip" /h
"C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe"
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
"C:\Program Files\TOSHIBA\Power Saver\TBatmgrTrayicon.exe"
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer10_Logfile.log
"C:\Program Files\TOSHIBA\TECO\Teco.exe" /r
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer10_Logfile.log
"C:\Program Files\TOSHIBA\FlashCards\Hotkey\TcrdKBB.exe"
"C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe"
"C:\Program Files\FileOpen\Services\FileOpenBroker64.exe"
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe" /STAR
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe"
"C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
"C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
ctfmon.exe
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosLeSrvUseMng.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosLeBtMng.exe" -Embedding
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosLeSrvProvider.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosA2dp.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHid.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHsp.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
taskeng.exe {DEF95E35-C784-418F-B1E5-D7EDF744CBEA}
"C:\Program Files (x86)\TOSHIBA\widimon\widimon.exe"
C:\windows\system32\igfxext.exe -Embedding
C:\windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files\TOSHIBA\TECO\TecoHook.exe"
"C:\windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-3c42a058-651a-4ac4-8d98-fb78fab857e7 -SystemEventPortName:HostProcess-78500171-3580-4ad5-a5b2-f9d097a3d29a -IoCancelEventPortName:HostProcess-91acad47-8257-491b-9638-a63579a39c76 -NonStateChangingEventPortName:HostProcess-6282f045-4046-41bd-95b7-500948a8e5f3 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:5aa2b21a-ed7e-4076-8dcb-4a706e8d0fa4 -DeviceGroupId:
C:\windows\system32\wbem\wmiprvse.exe

"C:\totalcmd\TOTALCMD64.EXE"
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe12_ Global\UsGthrCtrlFltPipeMssGthrPipe12 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
C:\windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Michal\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe --domain-id 4e00205a-2ab1-4423-8f77-cc25b82cde1d --caller winlogon-impersonate
C:\windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe --domain-id 4e00205a-2ab1-4423-8f77-cc25b82cde1d --caller scheduler-impersonate

=========Mozilla firefox=========

ProfilePath - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\z5l5coz4.default

prefs.js - "browser.startup.homepage" - "http://www.google.com/"
prefs.js - "keyword.URL" - ""

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.239 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=Software602 Form Filler Plugin
"Path"=C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.239 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL


C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\z5l5coz4.default\extensions\
{2d3fbcf7-be69-4433-8858-c621a8d0e58d}
{E0B8C461-F8FB-49b4-8373-FE32E9252800}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}]
TOSHIBA Media Controller Plug-in - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll [2011-11-03 700800]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}]
PDF Architect Helper - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08 92208]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-05-22 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-03-03 583520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG SafeGuard toolbar - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll [2014-11-10 3627032]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-05-22 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}]
TOSHIBA Media Controller Plug-in - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2011-11-03 534400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{25A3A431-30BB-47C8-AD6A-E1063801134F} - PDF Architect Toolbar - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll [2013-04-08 654384]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG SafeGuard toolbar - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll [2014-11-10 3627032]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"IgfxTray"=C:\windows\system32\igfxtray.exe [2012-04-02 170264]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2012-04-02 398616]
"Persistence"=C:\windows\system32\igfxpers.exe [2012-04-02 439064]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-09-30 2832168]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-03-13 12452968]
"SRS Premium Sound 3D"=C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2012-03-22 2165120]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2012-03-02 595840]
"TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2012-03-16 989056]
"BatteryManager"=C:\Program Files\TOSHIBA\Power Saver\TBatmgrTrayIcon.EXE [2011-11-24 286632]
"Teco"=C:\Program Files\TOSHIBA\TECO\Teco.exe [2012-02-28 1562032]
"TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2011-12-14 712096]
"TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2012-04-11 710560]
"TosVolRegulator"=C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [2009-11-11 24376]
"Toshiba TEMPRO"=C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2011-02-10 1546720]
"Toshiba Registration"=C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [2012-05-22 150992]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2012-02-05 415680]
"FileOpenBroker"=C:\Program Files\FileOpen\Services\FileOpenBroker64.exe [2013-03-26 1589104]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TOPI.EXE"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [2012-03-06 847960]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2014-10-21 22869088]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-10-01 22065760]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-11-21 7063832]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NBAgent"=C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe [2011-11-18 1492264]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-02-27 291608]
"ToshibaServiceStation"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2011-07-11 1298816]
"TSleepSrv"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [2011-11-21 253312]
"McAfee Anti Theft Setup"=C:\Program Files (x86)\McAfee Inc\McAfee Anti Theft Setup\McAfeeAntiTheftSetup.exe [2012-02-11 363520]
"KeePass 2 PreLoad"=C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2013-07-20 2010624]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2014-11-09 3653136]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"vProt"=C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2014-11-10 2640408]
"Bonus.SSR.FR11"=C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [2013-06-28 1364496]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
Toshiba Places Icon Utility.lnk - C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe

C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe
EvernoteClipper.lnk - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2012-03-26 434688]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-12-10 08:13:22 ----D---- C:\rsit
2014-12-10 08:13:22 ----D---- C:\Program Files\trend micro
2014-11-26 22:10:07 ----D---- C:\Users\Michal\AppData\Roaming\WMCore
2014-11-26 22:10:06 ----D---- C:\Users\Michal\AppData\Roaming\WirelessManager
2014-11-26 21:56:22 ----A---- C:\ProgramData\Ntuser.dat
2014-11-26 21:48:35 ----D---- C:\ProgramData\TOSHIBA Tempro
2014-11-26 21:48:35 ----D---- C:\ProgramData\IsolatedStorage
2014-11-23 16:42:56 ----D---- C:\KMPlayer
2014-11-19 08:13:21 ----A---- C:\windows\SYSWOW64\pku2u.dll
2014-11-19 08:13:21 ----A---- C:\windows\SYSWOW64\kerberos.dll
2014-11-19 08:13:21 ----A---- C:\windows\system32\pku2u.dll
2014-11-19 08:13:21 ----A---- C:\windows\system32\kerberos.dll
2014-11-12 09:55:54 ----A---- C:\windows\system32\generaltel.dll
2014-11-12 09:55:53 ----A---- C:\windows\system32\aepdu.dll
2014-11-12 09:55:53 ----A---- C:\windows\system32\aeinv.dll
2014-11-12 09:55:51 ----A---- C:\windows\SYSWOW64\sspicli.dll
2014-11-12 09:55:51 ----A---- C:\windows\SYSWOW64\secur32.dll
2014-11-12 09:55:51 ----A---- C:\windows\SYSWOW64\msaudite.dll
2014-11-12 09:55:51 ----A---- C:\windows\SYSWOW64\adtschema.dll
2014-11-12 09:55:51 ----A---- C:\windows\system32\termsrv.dll
2014-11-12 09:55:51 ----A---- C:\windows\system32\msaudite.dll
2014-11-12 09:55:51 ----A---- C:\windows\system32\lsasrv.dll
2014-11-12 09:55:51 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2014-11-12 09:55:51 ----A---- C:\windows\system32\adtschema.dll
2014-11-12 09:55:47 ----A---- C:\windows\SYSWOW64\urlmon.dll
2014-11-12 09:55:47 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2014-11-12 09:55:47 ----A---- C:\windows\SYSWOW64\mshtml.dll
2014-11-12 09:55:47 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2014-11-12 09:55:47 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-11-12 09:55:47 ----A---- C:\windows\SYSWOW64\iernonce.dll
2014-11-12 09:55:47 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2014-11-12 09:55:47 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2014-11-12 09:55:47 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2014-11-12 09:55:47 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 09:55:47 ----A---- C:\windows\system32\iernonce.dll
2014-11-12 09:55:47 ----A---- C:\windows\system32\ieetwproxystub.dll
2014-11-12 09:55:47 ----A---- C:\windows\system32\ieetwcollector.exe
2014-11-12 09:55:47 ----A---- C:\windows\system32\ie4uinit.exe
2014-11-12 09:55:46 ----A---- C:\windows\SYSWOW64\iesetup.dll
2014-11-12 09:55:46 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2014-11-12 09:55:46 ----A---- C:\windows\system32\iedkcs32.dll
2014-11-12 09:55:45 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2014-11-12 09:55:45 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2014-11-12 09:55:45 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2014-11-12 09:55:45 ----A---- C:\windows\SYSWOW64\ieui.dll
2014-11-12 09:55:45 ----A---- C:\windows\SYSWOW64\iertutil.dll
2014-11-12 09:55:45 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2014-11-12 09:55:45 ----A---- C:\windows\system32\urlmon.dll
2014-11-12 09:55:45 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2014-11-12 09:55:45 ----A---- C:\windows\system32\msfeeds.dll
2014-11-12 09:55:45 ----A---- C:\windows\system32\ieetwcollectorres.dll
2014-11-12 09:55:45 ----A---- C:\windows\system32\dxtrans.dll
2014-11-12 09:55:44 ----A---- C:\windows\SYSWOW64\ieframe.dll
2014-11-12 09:55:44 ----A---- C:\windows\system32\iesetup.dll
2014-11-12 09:55:44 ----A---- C:\windows\system32\ieapfltr.dll
2014-11-12 09:55:43 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2014-11-12 09:55:43 ----A---- C:\windows\SYSWOW64\jscript9.dll
2014-11-12 09:55:43 ----A---- C:\windows\system32\iertutil.dll
2014-11-12 09:55:42 ----A---- C:\windows\SYSWOW64\wininet.dll
2014-11-12 09:55:42 ----A---- C:\windows\SYSWOW64\vbscript.dll
2014-11-12 09:55:42 ----A---- C:\windows\SYSWOW64\msrating.dll
2014-11-12 09:55:42 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2014-11-12 09:55:42 ----A---- C:\windows\system32\jsproxy.dll
2014-11-12 09:55:42 ----A---- C:\windows\system32\ieUnatt.exe
2014-11-12 09:55:42 ----A---- C:\windows\system32\ieui.dll
2014-11-12 09:55:42 ----A---- C:\windows\system32\ieframe.dll
2014-11-12 09:55:42 ----A---- C:\windows\system32\dxtmsft.dll
2014-11-12 09:55:41 ----A---- C:\windows\system32\mshtmlmedia.dll
2014-11-12 09:55:41 ----A---- C:\windows\system32\mshtmled.dll
2014-11-12 09:55:41 ----A---- C:\windows\system32\jscript9diag.dll
2014-11-12 09:55:41 ----A---- C:\windows\system32\jscript9.dll
2014-11-12 09:55:40 ----A---- C:\windows\system32\wininet.dll
2014-11-12 09:55:40 ----A---- C:\windows\system32\vbscript.dll
2014-11-12 09:55:40 ----A---- C:\windows\system32\msrating.dll
2014-11-12 09:55:40 ----A---- C:\windows\system32\MshtmlDac.dll
2014-11-12 09:55:39 ----A---- C:\windows\system32\mshtml.dll
2014-11-12 09:55:09 ----A---- C:\windows\SYSWOW64\msxml3.dll
2014-11-12 09:55:09 ----A---- C:\windows\system32\msxml3.dll
2014-11-12 09:55:08 ----A---- C:\windows\SYSWOW64\msxml3r.dll
2014-11-12 09:55:08 ----A---- C:\windows\SYSWOW64\IMJP10K.DLL
2014-11-12 09:55:08 ----A---- C:\windows\SYSWOW64\AUDIOKSE.dll
2014-11-12 09:55:08 ----A---- C:\windows\system32\msxml3r.dll
2014-11-12 09:55:08 ----A---- C:\windows\system32\IMJP10K.DLL
2014-11-12 09:55:08 ----A---- C:\windows\system32\audiosrv.dll
2014-11-12 09:55:08 ----A---- C:\windows\system32\AUDIOKSE.dll
2014-11-12 09:55:08 ----A---- C:\windows\system32\AudioEng.dll
2014-11-12 09:55:07 ----A---- C:\windows\SYSWOW64\AudioSes.dll
2014-11-12 09:55:07 ----A---- C:\windows\SYSWOW64\AudioEng.dll
2014-11-12 09:55:07 ----A---- C:\windows\system32\EncDump.dll
2014-11-12 09:55:07 ----A---- C:\windows\system32\AudioSes.dll
2014-11-12 09:55:04 ----A---- C:\windows\SYSWOW64\wdigest.dll
2014-11-12 09:55:04 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2014-11-12 09:55:04 ----A---- C:\windows\SYSWOW64\schannel.dll
2014-11-12 09:55:04 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2014-11-12 09:55:04 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2014-11-12 09:55:04 ----A---- C:\windows\SYSWOW64\credssp.dll
2014-11-12 09:55:04 ----A---- C:\windows\system32\wdigest.dll
2014-11-12 09:55:04 ----A---- C:\windows\system32\TSpkg.dll
2014-11-12 09:55:04 ----A---- C:\windows\system32\schannel.dll
2014-11-12 09:55:04 ----A---- C:\windows\system32\ncrypt.dll
2014-11-12 09:55:04 ----A---- C:\windows\system32\msv1_0.dll
2014-11-12 09:55:04 ----A---- C:\windows\system32\credssp.dll
2014-11-12 09:54:59 ----A---- C:\windows\SYSWOW64\packager.dll
2014-11-12 09:54:59 ----A---- C:\windows\system32\win32k.sys
2014-11-12 09:54:59 ----A---- C:\windows\system32\packager.dll
2014-11-12 09:54:57 ----A---- C:\windows\SYSWOW64\msi.dll
2014-11-12 09:54:57 ----A---- C:\windows\system32\msi.dll
2014-11-12 09:54:55 ----A---- C:\windows\SYSWOW64\oleaut32.dll
2014-11-12 09:54:55 ----A---- C:\windows\system32\oleaut32.dll
2014-11-11 00:02:23 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2014-12-10 08:13:22 ----RD---- C:\Program Files
2014-12-10 08:09:24 ----D---- C:\windows\Temp
2014-12-10 08:01:16 ----D---- C:\ProgramData\MFAData
2014-12-10 07:19:30 ----D---- C:\windows\system32\config
2014-12-10 07:14:32 ----D---- C:\Users\Michal\AppData\Roaming\TeamViewer
2014-12-10 07:14:21 ----AD---- C:\Windows
2014-12-10 07:14:01 ----D---- C:\windows\inf
2014-12-10 07:14:01 ----AD---- C:\windows\System32
2014-12-10 07:14:01 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-12-10 07:12:40 ----D---- C:\Users\Michal\AppData\Roaming\Skype
2014-12-10 07:11:27 ----A---- C:\windows\SYSWOW64\log.txt
2014-12-10 07:09:41 ----D---- C:\Users\Michal\AppData\Roaming\Dropbox
2014-12-09 16:13:57 ----D---- C:\Program Files (x86)\TeamViewer
2014-12-09 12:58:10 ----D---- C:\windows\Prefetch
2014-12-04 21:11:29 ----RD---- C:\Program Files (x86)
2014-12-04 21:11:22 ----SHD---- C:\windows\Installer
2014-12-04 21:11:18 ----D---- C:\Program Files (x86)\Google
2014-12-04 09:11:54 ----SHD---- C:\System Volume Information
2014-12-04 08:57:55 ----D---- C:\Program Files (x86)\Rizika na PC
2014-12-03 16:52:44 ----D---- C:\windows\system32\Tasks
2014-12-03 13:23:48 ----D---- C:\Users\Michal\AppData\Roaming\SolidDocuments
2014-12-02 14:08:56 ----SHD---- C:\$Recycle.Bin
2014-12-02 14:08:54 ----RD---- C:\Users
2014-12-01 08:27:14 ----D---- C:\Program Files\CCleaner
2014-11-29 10:02:31 ----D---- C:\windows\system32\catroot2
2014-11-26 22:02:17 ----D---- C:\Users\Michal\AppData\Roaming\Toshiba
2014-11-26 22:00:21 ----D---- C:\ProgramData\Toshiba
2014-11-26 21:56:23 ----D---- C:\Program Files (x86)\TOSHIBA
2014-11-26 21:56:22 ----HD---- C:\ProgramData
2014-11-26 21:56:22 ----D---- C:\Program Files\TOSHIBA
2014-11-26 14:37:40 ----D---- C:\Users\Michal\AppData\Roaming\uTorrent
2014-11-26 07:28:08 ----D---- C:\windows\SysWOW64
2014-11-26 07:28:06 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2014-11-25 08:52:03 ----D---- C:\Users\Michal\AppData\Roaming\KeePass
2014-11-19 22:31:33 ----D---- C:\windows\winsxs
2014-11-19 08:13:08 ----D---- C:\windows\system32\catroot
2014-11-16 09:07:39 ----D---- C:\windows\debug
2014-11-15 09:37:42 ----D---- C:\Users\Michal\AppData\Roaming\vlc
2014-11-15 08:47:20 ----D---- C:\Program Files (x86)\AVG
2014-11-15 08:45:28 ----D---- C:\windows\system32\drivers
2014-11-15 05:35:53 ----D---- C:\windows\Tasks
2014-11-15 00:36:47 ----D---- C:\windows\rescache
2014-11-13 15:07:46 ----D---- C:\windows\Microsoft.NET
2014-11-13 15:07:05 ----RSD---- C:\windows\assembly
2014-11-13 02:16:45 ----SD---- C:\windows\system32\CompatTel
2014-11-13 02:16:45 ----D---- C:\windows\SYSWOW64\en-US
2014-11-13 02:16:45 ----D---- C:\windows\SYSWOW64\cs-CZ
2014-11-13 02:16:45 ----D---- C:\windows\system32\en-US
2014-11-13 02:16:45 ----D---- C:\windows\system32\cs-CZ
2014-11-13 02:16:45 ----D---- C:\Program Files\Internet Explorer
2014-11-13 02:16:44 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-13 02:03:45 ----D---- C:\ProgramData\Microsoft Help
2014-11-13 02:02:20 ----RSD---- C:\windows\Fonts
2014-11-13 02:01:44 ----D---- C:\windows\system32\MRT
2014-11-13 01:59:35 ----A---- C:\windows\system32\MRT.exe
2014-11-12 09:17:11 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-11 00:10:26 ----D---- C:\windows\system32\FxsTmp

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\windows\system32\DRIVERS\avgidsha.sys [2014-06-18 190744]
R0 Avgloga;AVG Logging Driver; C:\windows\system32\DRIVERS\avgloga.sys [2014-07-18 313624]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\windows\system32\DRIVERS\avgmfx64.sys [2014-10-05 124184]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\windows\system32\DRIVERS\avgrkx64.sys [2014-06-18 31512]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-11-29 568600]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\windows\system32\DRIVERS\iusb3hcs.sys [2012-02-27 16152]
R0 NBVol;Nero Backup Volume Filter Driver; C:\windows\system32\DRIVERS\NBVol.sys [2011-12-01 72240]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver; C:\windows\system32\DRIVERS\NBVolUp.sys [2011-12-01 15920]
R0 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2011-05-23 213888]
R0 tos_sps64;TOSHIBA tos_sps64 Service; C:\windows\system32\DRIVERS\tos_sps64.sys [2009-06-24 482384]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\windows\system32\DRIVERS\TVALZ.SYS [2009-07-14 26840]
R1 Avgdiska;AVG Disk Driver; C:\windows\system32\DRIVERS\avgdiska.sys [2014-06-18 153368]
R1 AVGIDSDriver;AVGIDSDriver; C:\windows\system32\DRIVERS\avgidsdrivera.sys [2014-10-29 263960]
R1 Avgldx64;AVG AVI Loader Driver; C:\windows\system32\DRIVERS\avgldx64.sys [2014-08-28 243480]
R1 Avgtdia;AVG TDI Driver; C:\windows\system32\DRIVERS\avgtdia.sys [2014-10-10 274200]
R1 avgtp;avgtp; \??\C:\windows\system32\drivers\avgtpx64.sys [2014-08-12 50976]
R1 Tosrfcom;Bluetooth RFCOMM; C:\windows\System32\Drivers\tosrfcom.sys [2010-11-29 82224]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 risdxc;risdxc; C:\windows\system32\DRIVERS\risdxc64.sys [2011-05-25 101888]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\windows\system32\DRIVERS\e1c62x64.sys [2012-02-22 360624]
R3 ecnssndis; Mobile Broadband Driver; C:\windows\System32\Drivers\wwuss64.sys [2011-10-05 26664]
R3 ecnssndisfltr; Mobile Broadband Driver Filter; C:\windows\System32\Drivers\wwussf64.sys [2011-10-05 29736]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2012-03-26 14748416]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2012-03-13 4766952]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
R3 irstrtdv;Intel(R) Rapid Start Technology Driver; C:\windows\system32\DRIVERS\irstrtdv.sys [2012-02-22 26504]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\windows\system32\DRIVERS\iusb3hub.sys [2012-02-27 356120]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\windows\system32\DRIVERS\iusb3xhc.sys [2012-02-27 788760]
R3 iwdbus;IWD Bus Enumerator; C:\windows\system32\DRIVERS\iwdbus.sys [2012-01-26 25496]
R3 Mbm3CBus;Ericsson H5321gw for TOSHIBA Mobile Broadband Device (WDM); C:\windows\system32\DRIVERS\Mbm3CBus.sys [2011-10-05 419400]
R3 Mbm3DevMt;TOSHIBA Mobile Broadband Device Management Driver (WDM); C:\windows\system32\DRIVERS\Mbm3DevMt.sys [2011-10-05 430664]
R3 Mbm3mdfl;TOSHIBA Mobile Broadband Modem Filter; C:\windows\system32\DRIVERS\Mbm3mdfl.sys [2011-10-05 19528]
R3 Mbm3Mdm;TOSHIBA Mobile Broadband Modem Driver; C:\windows\system32\DRIVERS\Mbm3Mdm.sys [2011-10-05 483400]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\windows\system32\DRIVERS\HECIx64.sys [2011-11-10 60184]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\windows\system32\DRIVERS\Netwsw00.sys [2012-03-14 11472384]
R3 PGEffect;Pangu effect driver; C:\windows\system32\DRIVERS\pgeffect.sys [2011-02-08 38096]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2011-09-30 393264]
R3 t36wgps;TOSHIBA Mobile Broadband GPS Port; C:\windows\system32\DRIVERS\t36wgps64.sys [2011-10-05 102440]
R3 tosporte;Bluetooth COM Port; C:\windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664]
R3 tosrfec;Bluetooth ACPI; C:\windows\system32\DRIVERS\tosrfec.sys [2011-07-12 19904]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 HPEWSFXBULK;HPEWSFXBULK; C:\windows\system32\drivers\hpfx64bulk.sys [2009-02-25 20504]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\windows\system32\drivers\intelaud.sys [2012-01-26 34200]
S3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
S3 tosrfbd;Bluetooth RFBUS; C:\windows\system32\DRIVERS\tosrfbd.sys [2012-01-30 304696]
S3 tosrfbnp;Bluetooth RFBNEP; C:\windows\System32\Drivers\tosrfbnp.sys [2010-11-11 50864]
S3 Tosrfhid;Bluetooth RFHID; C:\windows\system32\DRIVERS\Tosrfhid.sys [2010-08-30 94528]
S3 tosrfnds;Bluetooth Personal Area Network; C:\windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472]
S3 TosRfSnd;Bluetooth Audio; C:\windows\system32\drivers\tosrfsnd.sys [2010-04-26 63488]
S3 Tosrfusb;Bluetooth USB Controller; C:\windows\system32\DRIVERS\tosrfusb.sys [2011-12-16 79040]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 ABBYY.Licensing.FineReader.Professional.11.0;ABBYY FineReader 11 PE Licensing Service; C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe [2013-06-17 821048]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2014-11-09 3488784]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2014-11-09 298080]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2012-02-26 626960]
R2 FileOpenManager;FileOpen Manager Service; C:\Program Files\FileOpen\Services\FileOpenManager64.exe [2013-03-19 337264]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-02-02 628448]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-02-21 128280]
R2 irstrtsv;Intel(R) Rapid Start Technology Service; C:\windows\SysWOW64\irstrtsv.exe [2012-02-24 192856]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-21 161560]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-02-28 277784]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-04 687400]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [2013-04-08 1320496]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [2013-04-08 799280]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2009-07-24 189728]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2012-02-26 148752]
R2 SPDFToolsReadSpool;SolidPDFToolsCreatorReadSpool; C:\Program Files (x86)\SolidDocuments\Solid PDF Tools\SPDFT\SolidPdfToolsServicex64.exe [2009-10-21 320512]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2014-11-28 5419792]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2011-02-10 112080]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2012-03-29 586624]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2012-02-28 342464]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-28 363800]
R2 vToolbarUpdater18.1.9;vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [2014-08-12 1820184]
R3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-07-11 57216]
R3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2011-04-01 198064]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2012-04-11 138152]
R3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2012-03-16 846208]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22 107912]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2011-03-01 27648]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2011-03-01 27648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-26 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2012-04-02 276248]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-10-22 1432400]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-11-06 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-11 114288]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-02-26 273168]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2013-10-23 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------


Nahoru
 Profil  
 
PříspěvekNapsal: 10 pro 2014 10:40 
Offline
Návštěvník
Návštěvník

Registrován: 10 pro 2014 07:49
Příspěvky: 9
Zjistil jsem, že log který jsem vygeneroval, je asi chybný tak jsem pro urychlení zkusil i druhý postup v návodu.
Tady je ten druhý...

Moc děkuji

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-12-2014
Ran by Michal (administrator) on MICHAL-TOSH on 10-12-2014 10:36:39
Running from C:\Users\Michal\Desktop
Loaded Profiles: Michal & Míšové (Available profiles: Michal & Míšové & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(ABBYY InfoPoisk LLC) C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenManager64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Solid Documents, LLC) C:\Program Files (x86)\SolidDocuments\Solid PDF Tools\SPDFT\SolidPdfToolsServicex64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Ericsson AB) C:\Program Files (x86)\TOSHIBA\Mobile Broadband Device\WMCore\mini_WMCore.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
() C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA Corporation ) C:\Program Files\TOSHIBA\Power Saver\TBatmgrTrayicon.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
() C:\Program Files\TOSHIBA\FlashCards\Hotkey\TCrdKBB.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenBroker64.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
(Toshiba) C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dropbox, Inc.) C:\Users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosLeSrvUseMng.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosLeBtMng.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosLeSrvProvider.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\widimon\widimon.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Společnost TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoHook.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(forum.viry.cz) C:\Users\Michal\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2832168 2011-09-30] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12452968 2012-03-13] (Realtek Semiconductor)
HKLM\...\Run: [SRS Premium Sound 3D] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2165120 2012-03-22] (SRS Labs, Inc.)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [595840 2012-03-02] ()
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [989056 2012-03-16] (TOSHIBA Corporation)
HKLM\...\Run: [BatteryManager] => C:\Program Files\TOSHIBA\Power Saver\TBatmgrTrayIcon.EXE [286632 2011-11-24] (TOSHIBA Corporation )
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1562032 2012-02-28] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [712096 2011-12-14] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710560 2012-04-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1546720 2011-02-10] (Toshiba Europe GmbH)
HKLM\...\Run: [Toshiba Registration] => C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [150992 2012-05-22] (Toshiba Europe GmbH)
HKLM\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [415680 2012-02-05] (Autodesk, Inc.)
HKLM\...\Run: [FileOpenBroker] => C:\Program Files\FileOpen\Services\FileOpenBroker64.exe [1589104 2013-03-26] (FileOpen Systems Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe [1492264 2011-11-18] (Nero AG)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1298816 2011-07-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [253312 2011-11-21] (TOSHIBA)
HKLM-x32\...\Run: [McAfee Anti Theft Setup] => C:\Program Files (x86)\McAfee Inc\McAfee Anti Theft Setup\McAfeeAntiTheftSetup.exe [363520 2012-02-11] (McAfee, Inc.)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2010624 2013-07-20] (Dominik Reichl)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3653136 2014-11-09] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2640408 2014-11-10] ()
HKLM-x32\...\Run: [Bonus.SSR.FR11] => C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [1364496 2013-06-28] (ABBYY Production LLC)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [847960 2012-03-06] (TOSHIBA)
HKU\S-1-5-20\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [847960 2012-03-06] (TOSHIBA)
HKU\S-1-5-21-137860298-2108945655-7312621-1000\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [847960 2012-03-06] (TOSHIBA)
HKU\S-1-5-21-137860298-2108945655-7312621-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-137860298-2108945655-7312621-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-137860298-2108945655-7312621-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-137860298-2108945655-7312621-1000\...\Policies\Explorer: []
HKU\S-1-5-21-137860298-2108945655-7312621-1000\...\MountPoints2: {f4904546-5388-11e3-8baa-028037ec0200} - D:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2088.1.A02B06 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
HKU\S-1-5-21-137860298-2108945655-7312621-1003\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [847960 2012-03-06] (TOSHIBA)
HKU\S-1-5-18\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [847960 2012-03-06] (TOSHIBA)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Toshiba Places Icon Utility.lnk
ShortcutTarget: Toshiba Places Icon Utility.lnk -> C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe (Toshiba)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Míšové\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-137860298-2108945655-7312621-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain ... &bmod=TEUA
HKU\S-1-5-21-137860298-2108945655-7312621-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=TEUA
SearchScopes: HKLM -> DefaultScope {8675509A-E276-4692-B1D4-08B9355B4188} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TEUA;
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {8675509A-E276-4692-B1D4-08B9355B4188} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TEUA;
SearchScopes: HKLM-x32 -> DefaultScope {8675509A-E276-4692-B1D4-08B9355B4188} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TEUA;
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {8675509A-E276-4692-B1D4-08B9355B4188} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TEUA;
SearchScopes: HKU\S-1-5-21-137860298-2108945655-7312621-1000 -> DefaultScope {8675509A-E276-4692-B1D4-08B9355B4188} URL =
SearchScopes: HKU\S-1-5-21-137860298-2108945655-7312621-1000 -> {8675509A-E276-4692-B1D4-08B9355B4188} URL =
SearchScopes: HKU\S-1-5-21-137860298-2108945655-7312621-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={751F3491-FD11-4C5A-B8FC-0BD14D2D4C04}&mid=cef8dc856d7647d3a440d3c97108ebf3-460f8aeeb64fab07f4a273dec10d4c3b46595802&lang=cs&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2013-12-18 17:34:26&v=18.1.9.799&pid=safeguard&sg=&sap=dsp&q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: AVG SafeGuard toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKU\S-1-5-21-137860298-2108945655-7312621-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\z5l5coz4.default
FF Homepage: hxxp://www.google.com/
FF Keyword.URL:
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-137860298-2108945655-7312621-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Michal\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
FF Extension: Widevine Media Optimizer - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\z5l5coz4.default\Extensions\{2d3fbcf7-be69-4433-8858-c621a8d0e58d} [2014-10-05]
FF Extension: Evernote Web Clipper - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\z5l5coz4.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800} [2014-01-15]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-10-23]
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799
FF Extension: AVG SafeGuard toolbar - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799 [2014-09-04]

Chrome:
=======
CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Disk Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-11]
CHR Extension: (AVG Secure Search) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2013-12-18]
CHR Extension: (Peněženka Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-22]
CHR HKU\S-1-5-21-137860298-2108945655-7312621-1000\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Michal\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-02-04]
CHR HKU\S-1-5-21-137860298-2108945655-7312621-1000\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 ABBYY.Licensing.FineReader.Professional.11.0; C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe [821048 2013-06-17] (ABBYY InfoPoisk LLC)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3488784 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 FileOpenManager; C:\Program Files\FileOpen\Services\FileOpenManager64.exe [337264 2013-03-19] (FileOpen Systems Inc.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] ()
R2 irstrtsv; C:\windows\SysWOW64\irstrtsv.exe [192856 2012-02-24] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] ()
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2014-04-28] (Hewlett-Packard) [File not signed]
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2014-04-28] (Hewlett-Packard) [File not signed]
R2 SPDFToolsReadSpool; C:\Program Files (x86)\SolidDocuments\Solid PDF Tools\SPDFT\SolidPdfToolsServicex64.exe [320512 2009-10-21] (Solid Documents, LLC) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5419792 2014-11-28] (TeamViewer GmbH)
R2 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)
R2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-12] (AVG Secure Search)
R2 WMCoreService; C:\Program Files (x86)\TOSHIBA\Mobile Broadband Device\WMCore\mini_WMCore.exe [655912 2011-11-18] (Ericsson AB)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [263960 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-10-10] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\windows\system32\drivers\avgtpx64.sys [50976 2014-08-12] (AVG Technologies)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2011-10-05] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [29736 2011-10-05] (Ericsson AB)
S3 HPEWSFXBULK; C:\Windows\System32\drivers\hpfx64bulk.sys [20504 2009-02-25] (Hewlett Packard)
R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2012-02-22] (Intel Corporation)
R3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [419400 2011-10-05] (MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [430664 2011-10-05] (MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [19528 2011-10-05] (MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [483400 2011-10-05] (MCCI Corporation)
R3 t36wgps; C:\Windows\System32\DRIVERS\t36wgps64.sys [102440 2011-10-05] (Ericsson AB)
R3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [282152 2011-12-07] (Ericsson AB)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-10 10:36 - 2014-12-10 10:36 - 00029734 _____ () C:\Users\Michal\Desktop\FRST.txt
2014-12-10 10:36 - 2014-12-10 10:36 - 00000000 ____D () C:\FRST
2014-12-10 10:34 - 2014-12-10 10:34 - 00112640 _____ (forum.viry.cz) C:\Users\Michal\Desktop\FRSTLauncher.exe
2014-12-10 08:30 - 2014-12-10 08:30 - 02119680 _____ (Farbar) C:\Users\Michal\Desktop\FRST64.exe
2014-12-10 08:13 - 2014-12-10 08:13 - 00000000 ____D () C:\rsit
2014-12-10 08:13 - 2014-12-10 08:13 - 00000000 ____D () C:\Program Files\trend micro
2014-12-10 08:13 - 2014-12-10 08:11 - 01222144 _____ () C:\Users\Michal\Desktop\RSITx64.exe
2014-12-10 08:11 - 2014-12-10 08:11 - 01222144 _____ () C:\Users\Michal\Downloads\RSITx64.exe
2014-12-04 21:11 - 2014-12-04 21:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2014-12-04 21:10 - 2014-12-04 21:10 - 00880784 _____ (Google Inc.) C:\Users\Michal\Downloads\GoogleEarthPluginSetup.exe
2014-12-02 14:09 - 2014-12-02 14:09 - 00126080 _____ () C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-02 14:09 - 2014-12-02 14:09 - 00001396 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-02 14:09 - 2014-12-02 14:09 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Toshiba
2014-12-02 14:09 - 2014-12-02 14:09 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\AVG2015
2014-12-02 14:09 - 2014-12-02 14:09 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Adobe
2014-12-02 14:09 - 2014-12-02 14:09 - 00000000 ____D () C:\Users\Guest\AppData\Local\TOSHIBA
2014-12-02 14:09 - 2014-12-02 14:09 - 00000000 ____D () C:\Users\Guest\AppData\Local\SRS Labs
2014-12-02 14:09 - 2014-12-02 14:09 - 00000000 ____D () C:\Users\Guest\AppData\Local\McAfee,_Inc
2014-12-02 14:09 - 2014-12-02 14:09 - 00000000 ____D () C:\Users\Guest\AppData\Local\Avg2015
2014-12-02 14:09 - 2014-12-02 14:09 - 00000000 ____D () C:\Users\Guest\AppData\Local\AVG SafeGuard toolbar
2014-12-02 14:09 - 2014-12-02 14:09 - 00000000 ____D () C:\Users\Guest\AppData\Local\Autodesk
2014-12-02 14:09 - 2014-12-02 14:09 - 00000000 _____ () C:\Users\Guest\agent.log
2014-12-02 14:08 - 2014-12-02 14:09 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-12-02 14:08 - 2014-12-02 14:09 - 00000000 ____D () C:\Users\Guest
2014-12-02 14:08 - 2014-12-02 14:08 - 00000020 ___SH () C:\Users\Guest\ntuser.ini
2014-12-02 14:08 - 2014-12-02 14:08 - 00000000 _SHDL () C:\Users\Guest\Šablony
2014-12-02 14:08 - 2014-12-02 14:08 - 00000000 _SHDL () C:\Users\Guest\Soubory cookie
2014-12-02 14:08 - 2014-12-02 14:08 - 00000000 _SHDL () C:\Users\Guest\Poslední
2014-12-02 14:08 - 2014-12-02 14:08 - 00000000 _SHDL () C:\Users\Guest\Okolní tiskárny
2014-12-02 14:08 - 2014-12-02 14:08 - 00000000 _SHDL () C:\Users\Guest\Okolní síť
2014-12-02 14:08 - 2014-12-02 14:08 - 00000000 _SHDL () C:\Users\Guest\Nabídka Start
2014-12-02 14:08 - 2014-12-02 14:08 - 00000000 _SHDL () C:\Users\Guest\Dokumenty
2014-12-02 14:08 - 2014-12-02 14:08 - 00000000 _SHDL () C:\Users\Guest\Documents\Obrázky
2014-12-02 14:08 - 2014-12-02 14:08 - 00000000 _SHDL () C:\Users\Guest\Documents\Hudba
2014-12-02 14:08 - 2014-12-02 14:08 - 00000000 _SHDL () C:\Users\Guest\Documents\Filmy
2014-12-02 14:08 - 2014-12-02 14:08 - 00000000 _SHDL () C:\Users\Guest\Data aplikací
2014-12-02 14:08 - 2014-12-02 14:08 - 00000000 _SHDL () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2014-12-02 14:08 - 2014-12-02 14:08 - 00000000 _SHDL () C:\Users\Guest\AppData\Local\Data aplikací
2014-12-02 14:08 - 2014-12-02 14:08 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Intel
2014-12-02 14:08 - 2014-12-02 14:08 - 00000000 ____D () C:\Users\Guest\AppData\Local\VirtualStore
2014-12-02 14:08 - 2013-11-27 09:17 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\TuneUp Software
2014-12-02 14:08 - 2013-10-24 07:35 - 00000000 ____D () C:\Users\Guest\Documents\Visual Studio 2008
2014-12-02 14:08 - 2013-10-23 08:46 - 00000000 ____D () C:\Users\Guest\AppData\Local\Microsoft Help
2014-12-02 14:08 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-02 14:08 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-12-01 09:53 - 2014-12-01 09:53 - 00126080 _____ () C:\Users\Míšové\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-01 09:53 - 2014-12-01 09:53 - 00001400 _____ () C:\Users\Míšové\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-01 09:53 - 2014-12-01 09:53 - 00000000 ____D () C:\Users\Míšové\AppData\Roaming\Toshiba
2014-12-01 09:53 - 2014-12-01 09:53 - 00000000 ____D () C:\Users\Míšové\AppData\Roaming\Mozilla
2014-12-01 09:53 - 2014-12-01 09:53 - 00000000 ____D () C:\Users\Míšové\AppData\Roaming\AVG2015
2014-12-01 09:53 - 2014-12-01 09:53 - 00000000 ____D () C:\Users\Míšové\AppData\Roaming\Adobe
2014-12-01 09:53 - 2014-12-01 09:53 - 00000000 ____D () C:\Users\Míšové\AppData\Local\TOSHIBA
2014-12-01 09:53 - 2014-12-01 09:53 - 00000000 ____D () C:\Users\Míšové\AppData\Local\SRS Labs
2014-12-01 09:53 - 2014-12-01 09:53 - 00000000 ____D () C:\Users\Míšové\AppData\Local\Mozilla
2014-12-01 09:53 - 2014-12-01 09:53 - 00000000 ____D () C:\Users\Míšové\AppData\Local\McAfee,_Inc
2014-12-01 09:53 - 2014-12-01 09:53 - 00000000 ____D () C:\Users\Míšové\AppData\Local\Avg2015
2014-12-01 09:53 - 2014-12-01 09:53 - 00000000 ____D () C:\Users\Míšové\AppData\Local\AVG SafeGuard toolbar
2014-12-01 09:53 - 2014-12-01 09:53 - 00000000 ____D () C:\Users\Míšové\AppData\Local\Autodesk
2014-12-01 09:53 - 2014-12-01 09:53 - 00000000 _____ () C:\Users\Míšové\agent.log
2014-12-01 09:52 - 2014-12-01 09:53 - 00000000 ____D () C:\Users\Míšové\AppData\Local\Google
2014-12-01 09:52 - 2014-12-01 09:53 - 00000000 ____D () C:\Users\Míšové
2014-12-01 09:52 - 2014-12-01 09:52 - 00000020 ___SH () C:\Users\Míšové\ntuser.ini
2014-12-01 09:52 - 2014-12-01 09:52 - 00000000 _SHDL () C:\Users\Míšové\Šablony
2014-12-01 09:52 - 2014-12-01 09:52 - 00000000 _SHDL () C:\Users\Míšové\Soubory cookie
2014-12-01 09:52 - 2014-12-01 09:52 - 00000000 _SHDL () C:\Users\Míšové\Poslední
2014-12-01 09:52 - 2014-12-01 09:52 - 00000000 _SHDL () C:\Users\Míšové\Okolní tiskárny
2014-12-01 09:52 - 2014-12-01 09:52 - 00000000 _SHDL () C:\Users\Míšové\Okolní síť
2014-12-01 09:52 - 2014-12-01 09:52 - 00000000 _SHDL () C:\Users\Míšové\Nabídka Start
2014-12-01 09:52 - 2014-12-01 09:52 - 00000000 _SHDL () C:\Users\Míšové\Dokumenty
2014-12-01 09:52 - 2014-12-01 09:52 - 00000000 _SHDL () C:\Users\Míšové\Documents\Obrázky
2014-12-01 09:52 - 2014-12-01 09:52 - 00000000 _SHDL () C:\Users\Míšové\Documents\Hudba
2014-12-01 09:52 - 2014-12-01 09:52 - 00000000 _SHDL () C:\Users\Míšové\Documents\Filmy
2014-12-01 09:52 - 2014-12-01 09:52 - 00000000 _SHDL () C:\Users\Míšové\Data aplikací
2014-12-01 09:52 - 2014-12-01 09:52 - 00000000 _SHDL () C:\Users\Míšové\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2014-12-01 09:52 - 2014-12-01 09:52 - 00000000 _SHDL () C:\Users\Míšové\AppData\Local\Data aplikací
2014-12-01 09:52 - 2014-12-01 09:52 - 00000000 ____D () C:\Users\Míšové\AppData\Roaming\Intel
2014-12-01 09:52 - 2014-12-01 09:52 - 00000000 ____D () C:\Users\Míšové\AppData\Local\VirtualStore
2014-12-01 09:52 - 2013-11-27 09:17 - 00000000 ____D () C:\Users\Míšové\AppData\Roaming\TuneUp Software
2014-12-01 09:52 - 2013-10-24 07:35 - 00000000 ____D () C:\Users\Míšové\Documents\Visual Studio 2008
2014-12-01 09:52 - 2013-10-23 08:46 - 00000000 ____D () C:\Users\Míšové\AppData\Local\Microsoft Help
2014-12-01 09:52 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\Míšové\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-01 09:52 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\Míšové\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-11-26 22:10 - 2014-11-26 22:10 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\WMCore
2014-11-26 22:10 - 2014-11-26 22:10 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\WirelessManager
2014-11-26 22:08 - 2014-11-26 22:08 - 00000000 ____D () C:\Users\Michal\AppData\Local\Toshiba Corporation
2014-11-26 21:59 - 2014-11-26 21:59 - 03844443 _____ () C:\Users\Michal\Downloads\bios-20140423123757.zip
2014-11-26 21:55 - 2014-11-26 21:55 - 16620898 _____ () C:\Users\Michal\Downloads\eco-20120710162836.zip
2014-11-26 21:48 - 2014-11-26 21:48 - 00000000 ____D () C:\ProgramData\TOSHIBA Tempro
2014-11-26 21:48 - 2014-11-26 21:48 - 00000000 ____D () C:\ProgramData\IsolatedStorage
2014-11-26 19:15 - 2014-11-26 19:15 - 00000000 ____D () C:\Users\Michal\Downloads\batteryinfoview_czech
2014-11-26 19:14 - 2014-11-26 19:19 - 00000000 ____D () C:\Users\Michal\Downloads\batteryinfoview
2014-11-26 19:14 - 2014-11-26 19:14 - 00117507 _____ () C:\Users\Michal\Downloads\batteryinfoview.zip
2014-11-26 19:14 - 2014-11-26 19:14 - 00001693 _____ () C:\Users\Michal\Downloads\batteryinfoview_czech.zip
2014-11-24 08:41 - 2014-11-24 08:41 - 00028672 _____ () C:\Users\Michal\Downloads\Kopie - Turnaj Arbesák přihláška.xls
2014-11-23 16:43 - 2014-11-23 16:43 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
2014-11-23 16:42 - 2014-12-09 09:24 - 00000000 ____D () C:\KMPlayer
2014-11-23 16:37 - 2014-11-23 16:38 - 00000000 ____D () C:\Users\Michal\Downloads\[ www.Speed.cd ] Eat.Pray.Love[2010]DvDrip-aXXo
2014-11-23 16:29 - 2014-11-23 16:30 - 35862096 _____ (PandoraTV) C:\Users\Michal\Downloads\3.9.1.130_20141103045254.exe
2014-11-19 08:13 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-11-19 08:13 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll
2014-11-19 08:13 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-11-19 08:13 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\windows\SysWOW64\pku2u.dll
2014-11-12 09:55 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-11-12 09:55 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-11-12 09:55 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-11-12 09:55 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-11-12 09:55 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-11-12 09:55 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-11-12 09:55 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-11-12 09:55 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-11-12 09:55 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-11-12 09:55 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-11-12 09:55 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-11-12 09:55 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-11-12 09:55 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-11-12 09:55 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-11-12 09:55 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-11-12 09:55 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-11-12 09:55 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-11-12 09:55 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-11-12 09:55 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-11-12 09:55 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-11-12 09:55 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-11-12 09:55 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-11-12 09:55 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-11-12 09:55 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-11-12 09:55 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-11-12 09:55 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 09:55 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-11-12 09:55 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-11-12 09:55 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-11-12 09:55 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-11-12 09:55 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-11-12 09:55 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-11-12 09:55 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-11-12 09:55 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-11-12 09:55 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-11-12 09:55 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-11-12 09:55 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 09:55 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-11-12 09:55 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-11-12 09:55 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-11-12 09:55 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-11-12 09:55 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-11-12 09:55 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-11-12 09:55 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-11-12 09:55 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-11-12 09:55 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-11-12 09:55 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-11-12 09:55 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-11-12 09:55 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-11-12 09:55 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-11-12 09:55 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-11-12 09:55 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-11-12 09:55 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-11-12 09:55 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-11-12 09:55 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-11-12 09:55 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-11-12 09:55 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-11-12 09:55 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-11-12 09:55 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-11-12 09:55 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-11-12 09:55 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-11-12 09:55 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-11-12 09:55 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2014-11-12 09:55 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2014-11-12 09:55 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-11-12 09:55 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-11-12 09:55 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2014-11-12 09:55 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2014-11-12 09:55 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2014-11-12 09:55 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2014-11-12 09:55 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2014-11-12 09:55 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2014-11-12 09:55 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2014-11-12 09:55 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2014-11-12 09:55 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2014-11-12 09:55 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2014-11-12 09:55 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-11-12 09:55 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-11-12 09:55 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2014-11-12 09:55 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-11-12 09:55 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-11-12 09:55 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-11-12 09:55 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-11-12 09:55 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-11-12 09:55 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2014-11-12 09:55 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-11-12 09:55 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-11-12 09:55 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-11-12 09:55 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-11-12 09:55 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-11-12 09:55 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-11-12 09:55 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2014-11-12 09:55 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\windows\system32\IMJP10K.DLL
2014-11-12 09:55 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\windows\SysWOW64\IMJP10K.DLL
2014-11-12 09:54 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-11-12 09:54 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-11-12 09:54 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2014-11-12 09:54 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2014-11-12 09:54 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-11-12 09:54 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-11-12 09:54 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-11-11 13:53 - 2014-11-11 13:53 - 00000000 ____D () C:\Users\Michal\AppData\Local\TeamViewer
2014-11-11 00:06 - 2014-12-03 16:52 - 00000982 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2014-11-11 00:06 - 2014-12-03 16:52 - 00000970 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
2014-11-11 00:02 - 2014-11-11 00:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-10 10:28 - 2012-05-22 02:23 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-12-10 09:40 - 2012-05-22 02:24 - 00000952 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-10 08:55 - 2013-10-22 21:52 - 00000000 ____D () C:\Users\Michal\AppData\Local\GHISLER
2014-12-10 08:54 - 2013-10-22 23:40 - 00000000 ____D () C:\Users\Michal\Documents\ALLIMIT - rozpracováno
2014-12-10 08:53 - 2014-08-19 23:41 - 00000000 ____D () C:\Users\Michal\Documents\AZBEST
2014-12-10 08:30 - 2013-10-22 19:20 - 01397341 _____ () C:\windows\WindowsUpdate.log
2014-12-10 08:01 - 2013-10-22 23:45 - 00000000 ____D () C:\ProgramData\MFAData
2014-12-10 07:16 - 2009-07-14 05:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-10 07:16 - 2009-07-14 05:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-10 07:14 - 2014-04-14 12:08 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\TeamViewer
2014-12-10 07:14 - 2011-02-14 09:37 - 00669116 _____ () C:\windows\system32\perfh005.dat
2014-12-10 07:14 - 2011-02-14 09:37 - 00141744 _____ () C:\windows\system32\perfc005.dat
2014-12-10 07:14 - 2009-07-14 06:13 - 01584554 _____ () C:\windows\system32\PerfStringBackup.INI
2014-12-10 07:12 - 2013-10-22 22:54 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Skype
2014-12-10 07:09 - 2014-06-25 16:57 - 00000000 ___RD () C:\Users\Michal\Disk google 2
2014-12-10 07:09 - 2013-10-22 23:09 - 00000000 ___RD () C:\Users\Michal\Dropbox
2014-12-10 07:09 - 2013-10-22 23:08 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Dropbox
2014-12-10 07:09 - 2013-10-22 19:19 - 00000828 _____ () C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2014-12-10 07:09 - 2012-05-22 02:24 - 00000948 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-10 07:09 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-12-09 16:13 - 2014-04-14 12:09 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-12-09 12:52 - 2013-10-22 19:19 - 00000830 _____ () C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2014-12-04 21:11 - 2012-05-22 02:24 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-04 08:57 - 2013-11-05 12:05 - 00000000 ____D () C:\Program Files (x86)\Rizika na PC
2014-12-01 08:27 - 2014-06-06 00:26 - 00000833 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-12-01 08:27 - 2014-06-06 00:26 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-26 22:02 - 2013-10-22 20:06 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Toshiba
2014-11-26 22:00 - 2013-10-22 19:38 - 00000000 ____D () C:\ProgramData\Toshiba
2014-11-26 21:56 - 2012-05-22 02:15 - 00000000 ____D () C:\Program Files (x86)\TOSHIBA
2014-11-26 21:56 - 2012-05-22 02:14 - 00000000 ____D () C:\Program Files\TOSHIBA
2014-11-26 19:44 - 2012-05-22 02:24 - 00002194 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-26 14:37 - 2014-05-26 21:53 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\uTorrent
2014-11-26 07:28 - 2012-05-22 02:23 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-11-26 07:28 - 2012-05-22 02:23 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-26 07:28 - 2012-05-22 02:23 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-11-25 08:52 - 2013-10-22 23:00 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\KeePass
2014-11-22 23:52 - 2014-08-27 06:26 - 00000000 ____D () C:\Users\Michal\AppData\Local\Adobe
2014-11-21 14:10 - 2013-10-22 20:05 - 00000000 ____D () C:\Users\Michal\AppData\Local\VirtualStore
2014-11-19 11:45 - 2013-10-22 21:22 - 00000000 ____D () C:\Users\Michal\AppData\Local\cache
2014-11-19 10:28 - 2013-10-23 13:11 - 00000058 _____ () C:\Users\Michal\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2014-11-15 17:18 - 2013-10-22 23:09 - 00001035 _____ () C:\Users\Michal\Desktop\Dropbox.lnk
2014-11-15 17:18 - 2013-10-22 23:08 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-15 09:37 - 2013-10-22 23:18 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\vlc
2014-11-15 08:47 - 2014-03-31 13:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-11-15 08:47 - 2013-10-22 23:46 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-11-15 08:45 - 2014-10-18 16:05 - 00000988 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2014-11-15 05:35 - 2012-05-22 02:24 - 00003948 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-15 05:35 - 2012-05-22 02:24 - 00003696 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-15 00:36 - 2014-09-29 12:34 - 00000000 ____D () C:\windows\rescache
2014-11-13 02:18 - 2013-10-22 20:06 - 00126080 _____ () C:\Users\Michal\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-13 02:17 - 2009-07-14 05:45 - 00436960 _____ () C:\windows\system32\FNTCACHE.DAT
2014-11-13 02:16 - 2014-05-06 15:39 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-11-13 02:03 - 2013-10-22 22:47 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-13 02:01 - 2013-10-25 08:31 - 00000000 ____D () C:\windows\system32\MRT
2014-11-13 01:59 - 2013-10-25 08:30 - 103374192 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-11-12 09:40 - 2013-10-23 07:58 - 00000000 ____D () C:\Users\Michal\Documents\ALLIMIT - archiv
2014-11-12 09:17 - 2013-10-22 21:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-11 00:10 - 2009-07-14 06:32 - 00000000 ____D () C:\windows\system32\FxsTmp
2014-11-10 10:10 - 2013-12-18 17:34 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar

Some content of TEMP:
====================
C:\Users\Michal\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptdm66b.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-25 09:26




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (TI30921800A) (Fixed) (Total:99.54 GB) (Free:4.16 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive z: () (Network) (Total:914.43 GB) (Free:750.54 GB)

Available physical RAM: 1406.3 MB
Total physical RAM: 3990.17 MB
Percentage of memory in use: 64%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 119.2 GB) (Disk ID: 9928B575)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=99.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=4 GB) - (Type=84)
Partition 4: (Not Active) - (Size=14.2 GB) - (Type=17)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\TEMP:A1EDB939

==================== Security Center ==================

AV: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Michal\Desktop" je 33 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================


Nahoru
 Profil  
 
PříspěvekNapsal: 10 pro 2014 19:33 
Offline
VIP
VIP

Registrován: 05 pro 2009 20:08
Příspěvky: 21686
Bydliště: Ostrava
Zdravim :)

:arrow: Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

_________________
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).


Nahoru
 Profil  
 
PříspěvekNapsal: 11 pro 2014 06:03 
Offline
Návštěvník
Návštěvník

Registrován: 10 pro 2014 07:49
Příspěvky: 9
Zdravím,
provedl jsem dle pokynu a takto vypadá log po čístění. Naslouchám dalším instrukcím... Děkuji

# AdwCleaner v4.105 - Report created 11/12/2014 at 05:59:20
# Updated 08/12/2014 by Xplode
# Database : 2014-12-08.2 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Michal - MICHAL-TOSH
# Running from : C:\Users\Michal\Desktop\adwcleaner_4.105.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : vToolbarUpdater18.1.9

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files (x86)\AVG Security Toolbar
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\Guest\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Guest\AppData\LocalLow\AVG SafeGuard toolbar
[!] Folder Deleted : C:\Users\Michal\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Michal\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Michal\AppData\Roaming\pdfforge
Folder Deleted : C:\Users\Míšové\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Míšové\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17420


-\\ Mozilla Firefox v33.1 (x86 cs)


-\\ Google Chrome v39.0.2171.71


*************************

AdwCleaner[R0].txt - [6627 octets] - [11/12/2014 05:57:15]
AdwCleaner[S0].txt - [6425 octets] - [11/12/2014 05:59:20]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6485 octets] ##########


Nahoru
 Profil  
 
PříspěvekNapsal: 11 pro 2014 12:22 
Offline
VIP
VIP

Registrován: 05 pro 2009 20:08
Příspěvky: 21686
Bydliště: Ostrava
:arrow: Postupujte podle navodu kolegy
vyosek píše:
:arrow: Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
  • Ulozte nejlepe na plochu
  • Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
  • Probehne vytvoreni zalohy a nasledne prohledavani
  • Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte



:arrow: Postupujte podle navodu kolegy
vyosek píše:
:arrow: Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do okna vlozte skript nize
  • Kód:
    autoclean;
    autoclean;
    resethosts;
    emptyclsid;
    IEdefaults;
    FFdefaults;
    CHRdefaults;
    emptyIEcache;
    emptyFFcache;
    emptyCHRcache;
    emptyalltemp;
    emptyflash;
    emptyjava;
    emptyrecycle.bin;
  • Nasledne kliknete na Run Script
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

_________________
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).


Nahoru
 Profil  
 
PříspěvekNapsal: 12 pro 2014 08:43 
Offline
Návštěvník
Návštěvník

Registrován: 10 pro 2014 07:49
Příspěvky: 9
Tak tady je první log...

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Home Premium x64
Ran by Michal on p  12.12.2014 at 8:34:04,29
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\ytd"
Successfully deleted: [Empty Folder] C:\Users\Michal\appdata\local\{08FA207A-56C2-4016-A0EF-D3C0ECF6F7B4}
Successfully deleted: [Empty Folder] C:\Users\Michal\appdata\local\{370475E8-92C2-481E-A293-E9D1E50F0FAC}
Successfully deleted: [Empty Folder] C:\Users\Michal\appdata\local\{40F3C3E2-224C-44FD-B9A3-99A0C06A0B0A}
Successfully deleted: [Empty Folder] C:\Users\Michal\appdata\local\{4575CA58-6925-44A4-87C1-A4851BAB06EE}
Successfully deleted: [Empty Folder] C:\Users\Michal\appdata\local\{68EED99B-2AE4-4DBC-B079-69035198F216}
Successfully deleted: [Empty Folder] C:\Users\Michal\appdata\local\{9FFB506C-71F1-4F70-8971-78B1C95C5759}
Successfully deleted: [Empty Folder] C:\Users\Michal\appdata\local\{BD1B6146-37EF-4046-B647-9ECB97FEBD99}
Successfully deleted: [Empty Folder] C:\Users\Michal\appdata\local\{D43A76CA-C1BD-4426-A8B1-A7128B45BB8E}
Successfully deleted: [Empty Folder] C:\Users\Michal\appdata\local\{EA82E483-F6E7-4753-BE02-8D04B66E91F8}



~~~ FireFox

Emptied folder: C:\Users\Michal\AppData\Roaming\mozilla\firefox\profiles\z5l5coz4.default\minidumps [123 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p  12.12.2014 at 8:38:54,18
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Nahoru
 Profil  
 
PříspěvekNapsal: 12 pro 2014 09:22 
Offline
Návštěvník
Návštěvník

Registrován: 10 pro 2014 07:49
Příspěvky: 9
A tady to mi "vyskočilo" z druhého programu...
P.S. Stejně obdivuji všechny, co se v tom vyznají...

Díky


Zoek.exe v5.0.0.0 Updated 12-December-2014
Tool run by Michal on p 12.12.2014 at 8:44:03,55.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Michal\Desktop\zoek.exe [Scan all users] [Script inserted]

===== Runcheck 8:44:25,24 =====

--- Create Environment Variables 8:44:26,66
--- Create System Restore Point 8:44:35,23
--- Checking Input 8:44:46,41
--- Reset Hosts File 8:44:53,03
--- AU AppData Check 8:44:53,63
--- Remove From Windows Installer 8:44:58,66
--- Empty Folders Check 8:47:29,86
--- Registry HKLM Software Check 8:47:29,88
--- Quick Launch Shortcut Check 8:47:47,84
--- IE Startpage Check 8:47:53,10
--- Program Files DB Check 8:48:23,28
--- C:\Users\Default\AppData\Roaming DB Check 8:49:10,22
--- C:\Users\Default User\AppData\Roaming DB Check 8:49:10,22
--- C:\Users\Guest\AppData\Roaming DB Check 8:49:10,22
--- C:\Users\Michal\AppData\Roaming DB Check 8:49:10,22
--- C:\Users\MOV~1\AppData\Roaming DB Check 8:49:10,22
--- C:\windows\SysNative\config\systemprofile\AppData\Roaming DB Check 8:49:10,22
--- C:\windows\sysWoW64\config\systemprofile\AppData\Roaming DB Check 8:49:10,22
--- C:\windows\serviceprofiles\networkservice\AppData\Roaming DB Check 8:49:10,22
--- C:\windows\serviceprofiles\Localservice\AppData\Roaming DB Check 8:49:10,22
--- C:\Users\Michal DB Check 8:51:57,32
--- C:\PROGRA~3 DB Check 8:52:16,80
--- C:\Users\Default\AppData\Local DB Check 8:52:25,05
--- C:\Users\Default User\AppData\Local DB Check 8:52:25,05
--- C:\Users\Guest\AppData\Local DB Check 8:52:25,05
--- C:\Users\Michal\AppData\Local DB Check 8:52:25,05
--- C:\Users\MOV~1\AppData\Local DB Check 8:52:25,05
--- C:\windows\SysNative\config\systemprofile\AppData\Local DB Check 8:52:25,05
--- C:\windows\sysWoW64\config\systemprofile\AppData\Local DB Check 8:52:25,05
--- C:\windows\serviceprofiles\networkservice\AppData\Local DB Check 8:52:25,05
--- C:\windows\serviceprofiles\Localservice\AppData\Local DB Check 8:52:25,05
--- C:\ProgramData\Microsoft\Windows\Start Menu\Programs DB Check 8:54:19,06
--- C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs DB Check 8:54:27,57
--- Tasks DB Check 8:54:33,09
--- Downloads DB Check 8:54:36,76
--- C:\Users\Guest\AppData\LocalLow DB Check 8:54:41,26
--- C:\Users\Michal\AppData\LocalLow DB Check 8:54:41,26
--- C:\Users\MOV~1\AppData\LocalLow DB Check 8:54:41,26
--- C:\windows\SysNative\config\systemprofile\AppData\LocalLow DB Check 8:54:41,26
--- C:\windows\sysWoW64\config\systemprofile\AppData\LocalLow DB Check 8:54:41,26
--- C:\windows\serviceprofiles\networkservice\AppData\LocalLow DB Check 8:54:41,26
--- C:\windows\serviceprofiles\Localservice\AppData\LocalLow DB Check 8:54:41,26
--- Tasks2 DB Check 8:55:56,28
--- Documents DB Check 8:56:23,29
--- C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\z5l5coz4.default DB Check 8:56:30,42
--- C:\Users\Michal\AppData\Roaming\Thunderbird\Profiles\j88psz3q.default DB Check 8:56:30,42
--- C:\Users\MOV~1\AppData\Roaming\Mozilla\Firefox\Profiles\d27loe95.default DB Check 8:56:30,42
--- C:\Users\Public\Desktop DB Check 8:56:37,15
--- C:\Users\Michal\Desktop DB Check 8:56:42,11
--- Services DB Check 8:56:51,71
--- FF prefs.js DB Check 8:57:33,43
--- Emptyclsid 8:59:45,79
--- Del by CLSID 8:59:50,54


Nahoru
 Profil  
 
PříspěvekNapsal: 12 pro 2014 11:28 
Offline
VIP
VIP

Registrován: 05 pro 2009 20:08
Příspěvky: 21686
Bydliště: Ostrava
Zkuste Zoek spustit v nouzovem rezimu, neprobehlo to jak melo :)

_________________
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).


Nahoru
 Profil  
 
PříspěvekNapsal: 15 pro 2014 07:50 
Offline
Návštěvník
Návštěvník

Registrován: 10 pro 2014 07:49
Příspěvky: 9
Zdravím,
tak jsem to udělal dle rady ještě jednou v nouzovém režimu

Zoek.exe v5.0.0.0 Updated 14-December-2014
Tool run by Michal on po 15.12.2014 at 0:18:19,10.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Safe Mode NETWORK Internet Access Detected
Launched: C:\Users\Michal\Desktop\zoek.exe [Scan all users] [Script inserted]

===== Runcheck 0:18:31,74 =====

--- Create Environment Variables 0:18:32,85
--- Checking Input 0:18:40,91
--- Reset Hosts File 0:18:44,33
--- AU AppData Check 0:18:44,59
--- Remove From Windows Installer 0:18:48,62
--- Registry HKLM Software Check 0:19:57,43
--- Quick Launch Shortcut Check 0:20:12,87
--- IE Startpage Check 0:20:14,78
--- Program Files DB Check 0:20:30,39
--- C:\Users\Default\AppData\Roaming DB Check 0:21:16,71
--- C:\Users\Default User\AppData\Roaming DB Check 0:21:16,71
--- C:\Users\Guest\AppData\Roaming DB Check 0:21:16,71
--- C:\Users\Michal\AppData\Roaming DB Check 0:21:16,71
--- C:\Users\MOV~1\AppData\Roaming DB Check 0:21:16,71
--- C:\windows\SysNative\config\systemprofile\AppData\Roaming DB Check 0:21:16,71
--- C:\windows\sysWoW64\config\systemprofile\AppData\Roaming DB Check 0:21:16,71
--- C:\windows\serviceprofiles\networkservice\AppData\Roaming DB Check 0:21:16,71
--- C:\windows\serviceprofiles\Localservice\AppData\Roaming DB Check 0:21:16,71
--- C:\Users\Michal DB Check 0:24:05,61
--- C:\PROGRA~3 DB Check 0:24:24,36
--- C:\Users\Default\AppData\Local DB Check 0:24:31,85
--- C:\Users\Default User\AppData\Local DB Check 0:24:31,85
--- C:\Users\Guest\AppData\Local DB Check 0:24:31,85
--- C:\Users\Michal\AppData\Local DB Check 0:24:31,85
--- C:\Users\MOV~1\AppData\Local DB Check 0:24:31,85
--- C:\windows\SysNative\config\systemprofile\AppData\Local DB Check 0:24:31,85
--- C:\windows\sysWoW64\config\systemprofile\AppData\Local DB Check 0:24:31,85
--- C:\windows\serviceprofiles\networkservice\AppData\Local DB Check 0:24:31,85
--- C:\windows\serviceprofiles\Localservice\AppData\Local DB Check 0:24:31,85
--- C:\ProgramData\Microsoft\Windows\Start Menu\Programs DB Check 0:26:25,06
--- C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs DB Check 0:26:34,03
--- Tasks DB Check 0:26:39,86
--- Downloads DB Check 0:26:43,83
--- C:\Users\Guest\AppData\LocalLow DB Check 0:26:48,46
--- C:\Users\Michal\AppData\LocalLow DB Check 0:26:48,46
--- C:\Users\MOV~1\AppData\LocalLow DB Check 0:26:48,46
--- C:\windows\SysNative\config\systemprofile\AppData\LocalLow DB Check 0:26:48,46
--- C:\windows\sysWoW64\config\systemprofile\AppData\LocalLow DB Check 0:26:48,46
--- C:\windows\serviceprofiles\networkservice\AppData\LocalLow DB Check 0:26:48,46
--- C:\windows\serviceprofiles\Localservice\AppData\LocalLow DB Check 0:26:48,46
--- Tasks2 DB Check 0:28:03,39
--- Documents DB Check 0:28:30,31
--- C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\z5l5coz4.default DB Check 0:28:37,49
--- C:\Users\Michal\AppData\Roaming\Thunderbird\Profiles\j88psz3q.default DB Check 0:28:37,49
--- C:\Users\MOV~1\AppData\Roaming\Mozilla\Firefox\Profiles\d27loe95.default DB Check 0:28:37,49
--- C:\Users\Public\Desktop DB Check 0:28:44,62
--- C:\Users\Michal\Desktop DB Check 0:28:48,77
--- Services DB Check 0:28:57,42
--- FF prefs.js DB Check 0:29:14,83
--- Emptyclsid 0:31:06,66
--- Del by CLSID 0:31:08,79


Nahoru
 Profil  
 
PříspěvekNapsal: 15 pro 2014 09:10 
Offline
VIP
VIP

Registrován: 05 pro 2009 20:08
Příspěvky: 21686
Bydliště: Ostrava
Stejne to asi neprobehlo jak melo, protoze log nevypada tak jak by mel. Ale nevadi. Udelame to jinak.


:arrow: Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

_________________
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).


Nahoru
 Profil  
 
PříspěvekNapsal: 15 pro 2014 23:19 
Offline
Návštěvník
Návštěvník

Registrován: 10 pro 2014 07:49
Příspěvky: 9
Tak jsem provedl a zdá se že to nic nenašlo... (Třeba už nějaká havěť odešla k někomu jinému???:):) Pokus o vtip :happy: )

Co s tím dál???


Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 15.12.2014
Scan Time: 22:17:42
Logfile: log.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2014.12.15.05
Rootkit Database: v2014.12.14.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Michal

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 633991
Time Elapsed: 57 min, 55 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)


Nahoru
 Profil  
 
PříspěvekNapsal: 16 pro 2014 07:46 
Offline
VIP
VIP

Registrován: 05 pro 2009 20:08
Příspěvky: 21686
Bydliště: Ostrava
MBAM odinstalujte a dejte novy log z FRST viewtopic.php?f=13&t=133100 :)

_________________
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).


Nahoru
 Profil  
 
PříspěvekNapsal: 17 pro 2014 08:07 
Offline
Návštěvník
Návštěvník

Registrován: 10 pro 2014 07:49
Příspěvky: 9
Provedeno dle pokynů......

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-12-2014 01
Ran by Michal (administrator) on MICHAL-TOSH on 17-12-2014 08:05:11
Running from C:\Users\Michal\Desktop
Loaded Profile: Michal (Available profiles: Michal & Míšové & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(ABBYY InfoPoisk LLC) C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenManager64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Solid Documents, LLC) C:\Program Files (x86)\SolidDocuments\Solid PDF Tools\SPDFT\SolidPdfToolsServicex64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Ericsson AB) C:\Program Files (x86)\TOSHIBA\Mobile Broadband Device\WMCore\mini_WMCore.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\widimon\widimon.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
() C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA Corporation ) C:\Program Files\TOSHIBA\Power Saver\TBatmgrTrayicon.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
() C:\Program Files\TOSHIBA\FlashCards\Hotkey\TCrdKBB.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenBroker64.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
(Toshiba) C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dropbox, Inc.) C:\Users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoHook.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosLeSrvUseMng.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosLeBtMng.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosLeSrvProvider.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(Společnost TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(forum.viry.cz) C:\Users\Michal\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2832168 2011-09-30] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12452968 2012-03-13] (Realtek Semiconductor)
HKLM\...\Run: [SRS Premium Sound 3D] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2165120 2012-03-22] (SRS Labs, Inc.)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [595840 2012-03-02] ()
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [989056 2012-03-16] (TOSHIBA Corporation)
HKLM\...\Run: [BatteryManager] => C:\Program Files\TOSHIBA\Power Saver\TBatmgrTrayIcon.EXE [286632 2011-11-24] (TOSHIBA Corporation )
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1562032 2012-02-28] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [712096 2011-12-14] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710560 2012-04-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1546720 2011-02-10] (Toshiba Europe GmbH)
HKLM\...\Run: [Toshiba Registration] => C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [150992 2012-05-22] (Toshiba Europe GmbH)
HKLM\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [415680 2012-02-05] (Autodesk, Inc.)
HKLM\...\Run: [FileOpenBroker] => C:\Program Files\FileOpen\Services\FileOpenBroker64.exe [1589104 2013-03-26] (FileOpen Systems Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe [1492264 2011-11-18] (Nero AG)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1298816 2011-07-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [253312 2011-11-21] (TOSHIBA)
HKLM-x32\...\Run: [McAfee Anti Theft Setup] => C:\Program Files (x86)\McAfee Inc\McAfee Anti Theft Setup\McAfeeAntiTheftSetup.exe [363520 2012-02-11] (McAfee, Inc.)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2010624 2013-07-20] (Dominik Reichl)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3653136 2014-11-09] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Bonus.SSR.FR11] => C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [1364496 2013-06-28] (ABBYY Production LLC)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [847960 2012-03-06] (TOSHIBA)
HKU\S-1-5-20\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [847960 2012-03-06] (TOSHIBA)
HKU\S-1-5-21-137860298-2108945655-7312621-1000\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [847960 2012-03-06] (TOSHIBA)
HKU\S-1-5-21-137860298-2108945655-7312621-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-137860298-2108945655-7312621-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30524520 2014-11-27] (Skype Technologies S.A.)
HKU\S-1-5-21-137860298-2108945655-7312621-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-137860298-2108945655-7312621-1000\...\RunOnce: [Adobe Speed Launcher] => 1418799730
HKU\S-1-5-21-137860298-2108945655-7312621-1000\...\Policies\Explorer: []
HKU\S-1-5-21-137860298-2108945655-7312621-1000\...\MountPoints2: {f4904546-5388-11e3-8baa-028037ec0200} - D:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2088.1.A02B06 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
HKU\S-1-5-18\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [847960 2012-03-06] (TOSHIBA)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Toshiba Places Icon Utility.lnk
ShortcutTarget: Toshiba Places Icon Utility.lnk -> C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe (Toshiba)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Michal\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Míšové\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-137860298-2108945655-7312621-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain ... &bmod=TEUA
HKU\S-1-5-21-137860298-2108945655-7312621-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=TEUA
SearchScopes: HKLM -> {8675509A-E276-4692-B1D4-08B9355B4188} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TEUA;
SearchScopes: HKLM-x32 -> {8675509A-E276-4692-B1D4-08B9355B4188} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TEUA;
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-137860298-2108945655-7312621-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-137860298-2108945655-7312621-1000 -> {8675509A-E276-4692-B1D4-08B9355B4188} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
Toolbar: HKU\S-1-5-21-137860298-2108945655-7312621-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.255.255.10 10.255.255.20

FireFox:
========
FF ProfilePath: C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\z5l5coz4.default
FF Homepage: hxxp://www.google.com/
FF Keyword.URL:
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-137860298-2108945655-7312621-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Michal\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: Widevine Media Optimizer - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\z5l5coz4.default\Extensions\{2d3fbcf7-be69-4433-8858-c621a8d0e58d} [2014-10-05]
FF Extension: Evernote Web Clipper - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\z5l5coz4.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800} [2014-01-15]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-10-23]

Chrome:
=======
CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-13]
CHR Extension: (Dokumenty Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-13]
CHR Extension: (Disk Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-11]
CHR Extension: (YouTube) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-13]
CHR Extension: (Vyhledávání Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-13]
CHR Extension: (Tabulky Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-13]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-12-13]
CHR Extension: (Peněženka Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-22]
CHR Extension: (Gmail) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-13]
CHR HKU\S-1-5-21-137860298-2108945655-7312621-1000\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Michal\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-02-04]
CHR HKU\S-1-5-21-137860298-2108945655-7312621-1000\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 ABBYY.Licensing.FineReader.Professional.11.0; C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe [821048 2013-06-17] (ABBYY InfoPoisk LLC)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3488784 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 FileOpenManager; C:\Program Files\FileOpen\Services\FileOpenManager64.exe [337264 2013-03-19] (FileOpen Systems Inc.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] ()
R2 irstrtsv; C:\windows\SysWOW64\irstrtsv.exe [192856 2012-02-24] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2014-04-28] (Hewlett-Packard) [File not signed]
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2014-04-28] (Hewlett-Packard) [File not signed]
R2 SPDFToolsReadSpool; C:\Program Files (x86)\SolidDocuments\Solid PDF Tools\SPDFT\SolidPdfToolsServicex64.exe [320512 2009-10-21] (Solid Documents, LLC) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5419792 2014-11-28] (TeamViewer GmbH)
R2 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)
R2 WMCoreService; C:\Program Files (x86)\TOSHIBA\Mobile Broadband Device\WMCore\mini_WMCore.exe [689560 2012-10-18] (Ericsson AB)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [263960 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-10-10] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\windows\system32\drivers\avgtpx64.sys [50976 2014-08-12] (AVG Technologies)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2011-10-05] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [29736 2011-10-05] (Ericsson AB)
S3 HPEWSFXBULK; C:\Windows\System32\drivers\hpfx64bulk.sys [20504 2009-02-25] (Hewlett Packard)
R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2012-02-22] (Intel Corporation)
R3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [443208 2012-10-02] (MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [453960 2012-10-02] (MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [21832 2012-10-02] (MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [506184 2012-10-02] (MCCI Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 t36wgps; C:\Windows\System32\DRIVERS\t36wgps64.sys [103184 2012-03-01] (Ericsson AB)
R3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [281840 2013-02-19] (Ericsson AB)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-17 08:05 - 2014-12-17 08:05 - 00027994 _____ () C:\Users\Michal\Desktop\FRST.txt
2014-12-17 08:04 - 2014-12-17 08:05 - 00000000 ____D () C:\FRST
2014-12-17 08:03 - 2014-12-17 08:03 - 02119168 _____ (Farbar) C:\Users\Michal\Desktop\FRST64.exe
2014-12-17 08:03 - 2014-12-17 08:03 - 00112640 _____ (forum.viry.cz) C:\Users\Michal\Desktop\FRSTLauncher.exe
2014-12-17 08:00 - 2014-12-17 08:00 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Michal\Downloads\mbam-clean-2.1.1.1001.exe
2014-12-16 18:29 - 2014-12-16 18:56 - 00009824 _____ () C:\Users\Michal\Desktop\měsíční množství odpadu.xlsx
2014-12-16 00:26 - 2014-12-16 00:26 - 01037134 _____ () C:\Users\Michal\Downloads\mozbackup-1-5.exe
2014-12-16 00:26 - 2014-12-16 00:26 - 00001034 _____ () C:\Users\Public\Desktop\MozBackup.lnk
2014-12-16 00:26 - 2014-12-16 00:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup
2014-12-16 00:26 - 2014-12-16 00:26 - 00000000 ____D () C:\Program Files (x86)\MozBackup
2014-12-15 23:30 - 2013-02-19 13:56 - 00281840 _____ (Ericsson AB) C:\windows\system32\Drivers\WwanUsbMp64.sys
2014-12-15 23:30 - 2012-10-02 13:49 - 00506184 _____ (MCCI Corporation) C:\windows\system32\Drivers\Mbm3Mdm.sys
2014-12-15 23:30 - 2012-10-02 13:49 - 00453960 _____ (MCCI Corporation) C:\windows\system32\Drivers\Mbm3DevMt.sys
2014-12-15 23:30 - 2012-10-02 13:49 - 00443208 _____ (MCCI Corporation) C:\windows\system32\Drivers\Mbm3CBus.sys
2014-12-15 23:30 - 2012-10-02 13:49 - 00021832 _____ (MCCI Corporation) C:\windows\system32\Drivers\Mbm3mdfl.sys
2014-12-15 23:30 - 2012-10-02 13:49 - 00017736 _____ (MCCI Corporation) C:\windows\system32\Drivers\Mbm3whnt.sys
2014-12-15 23:30 - 2012-10-02 13:49 - 00017736 _____ (MCCI Corporation) C:\windows\system32\Drivers\Mbm3wh.sys
2014-12-15 23:30 - 2012-10-02 13:49 - 00017224 _____ (MCCI Corporation) C:\windows\system32\Drivers\Mbm3cmnt.sys
2014-12-15 23:30 - 2012-10-02 13:49 - 00017224 _____ (MCCI Corporation) C:\windows\system32\Drivers\Mbm3cm.sys
2014-12-15 23:30 - 2012-03-01 15:10 - 00103184 _____ (Ericsson AB) C:\windows\system32\Drivers\t36wgps64.sys
2014-12-15 23:21 - 2014-12-17 08:01 - 00025054 _____ () C:\windows\PFRO.log
2014-12-15 22:01 - 2014-12-17 08:01 - 00001838 _____ () C:\windows\setupact.log
2014-12-15 22:01 - 2014-12-15 22:01 - 00000000 _____ () C:\windows\setuperr.log
2014-12-15 00:31 - 2014-12-15 00:31 - 00000000 ____D () C:\zoek
2014-12-15 00:18 - 2014-12-12 08:47 - 00001798 _____ () C:\zoek-results2014-12-12-074729.log
2014-12-14 20:57 - 2014-12-14 20:57 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\vlc
2014-12-14 15:47 - 2014-12-14 15:47 - 00000000 ____D () C:\Users\Michal\Desktop\London
2014-12-12 08:59 - 2014-12-15 00:31 - 00000042 _____ () C:\folders.log
2014-12-12 08:44 - 2014-12-15 00:18 - 00001281 _____ () C:\zoek-results.log
2014-12-12 08:43 - 2014-12-15 00:31 - 00003415 _____ () C:\runcheck.txt
2014-12-12 08:34 - 2014-12-12 08:34 - 00000000 ____D () C:\windows\ERUNT
2014-12-11 08:03 - 2014-12-11 08:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-11 07:19 - 2014-12-11 07:19 - 00000000 ____D () C:\windows\system32\appraiser
2014-12-11 05:57 - 2014-12-11 05:59 - 00000000 ____D () C:\AdwCleaner
2014-12-11 05:57 - 2014-12-11 05:59 - 00000000 ____D () C:\418178c31a1cdb763fbf
2014-12-11 05:57 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2014-12-11 05:57 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2014-12-11 05:57 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2014-12-11 05:57 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2014-12-11 05:57 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2014-12-11 05:57 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2014-12-11 05:57 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2014-12-11 05:57 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2014-12-11 05:57 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2014-12-11 05:57 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2014-12-11 05:56 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2014-12-11 05:56 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2014-12-11 05:56 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-12-11 05:56 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2014-12-11 05:56 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-12-11 05:56 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2014-12-11 05:56 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-12-11 05:56 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2014-12-11 05:56 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2014-12-11 05:56 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2014-12-11 05:56 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys
2014-12-11 05:55 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-12-11 05:55 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-12-11 05:55 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-12-11 05:55 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-12-11 05:55 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-12-11 05:55 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-12-11 05:55 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-12-11 05:55 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-12-11 05:55 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-12-11 05:55 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-12-11 05:55 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-12-11 05:55 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-12-11 05:55 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-12-11 05:55 - 2014-11-22 03:35 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-12-11 05:55 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-12-11 05:55 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-12-11 05:55 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-12-11 05:55 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-12-11 05:55 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-12-11 05:55 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-12-11 05:55 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-12-11 05:55 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-12-11 05:55 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-12-11 05:55 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-12-11 05:55 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-12-11 05:55 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-12-11 05:55 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-12-11 05:55 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-12-11 05:55 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-12-11 05:55 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-12-11 05:55 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-12-11 05:55 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-12-11 05:55 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-12-11 05:55 - 2014-11-22 02:55 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-12-11 05:55 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-12-11 05:55 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-12-11 05:55 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-12-11 05:55 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-12-11 05:55 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-12-11 05:55 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-12-11 05:55 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-12-11 05:55 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-11 05:55 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-12-11 05:55 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-12-11 05:55 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-12-11 05:55 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-12-11 05:55 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-12-11 05:55 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-12-11 05:55 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-12-11 05:55 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-12-11 05:55 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-12-11 05:55 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-12-11 05:55 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-12-11 05:55 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-12-11 05:55 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-12-11 05:55 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-12-10 17:03 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2014-12-10 17:03 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2014-12-10 17:03 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\windows\system32\charmap.exe
2014-12-10 17:03 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\windows\SysWOW64\charmap.exe
2014-12-10 17:03 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\windows\system32\WsmSvc.dll
2014-12-10 17:03 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\windows\system32\WSManMigrationPlugin.dll
2014-12-10 17:03 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\windows\system32\WsmWmiPl.dll
2014-12-10 17:03 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\windows\system32\WsmAuto.dll
2014-12-10 17:03 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\windows\system32\WSManHTTPConfig.exe
2014-12-10 17:03 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmSvc.dll
2014-12-10 17:03 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 17:03 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmWmiPl.dll
2014-12-10 17:03 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmAuto.dll
2014-12-10 17:03 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManHTTPConfig.exe
2014-12-10 08:13 - 2014-12-10 08:13 - 00000000 ____D () C:\rsit
2014-12-10 08:11 - 2014-12-10 08:11 - 01222144 _____ () C:\Users\Michal\Downloads\RSITx64.exe
2014-12-04 21:11 - 2014-12-04 21:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2014-12-04 21:10 - 2014-12-04 21:10 - 00880784 _____ (Google Inc.) C:\Users\Michal\Downloads\GoogleEarthPluginSetup.exe
2014-12-02 14:09 - 2014-12-02 14:09 - 00126080 _____ () C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-02 14:09 - 2014-12-02 14:09 - 00001396 _____ () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-02 14:09 - 2014-12-02 14:09 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Toshiba
2014-12-02 14:09 - 2014-12-02 14:09 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\AVG2015
2014-12-02 14:09 - 2014-12-02 14:09 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Adobe
2014-12-02 14:09 - 2014-12-02 14:09 - 00000000 ____D () C:\Users\Guest\AppData\Local\TOSHIBA
2014-12-02 14:09 - 2014-12-02 14:09 - 00000000 ____D () C:\Users\Guest\AppData\Local\SRS Labs
2014-12-02 14:09 - 2014-12-02 14:09 - 00000000 ____D () C:\Users\Guest\AppData\Local\McAfee,_Inc
2014-12-02 14:09 - 2014-12-02 14:09 - 00000000 ____D () C:\Users\Guest\AppData\Local\Avg2015
2014-12-02 14:09 - 2014-12-02 14:09 - 00000000 ____D () C:\Users\Guest\AppData\Local\Autodesk
2014-12-02 14:09 - 2014-12-02 14:09 - 00000000 _____ () C:\Users\Guest\agent.log
2014-12-02 14:08 - 2014-12-02 14:09 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-12-02 14:08 - 2014-12-02 14:09 - 00000000 ____D () C:\Users\Guest
2014-12-02 14:08 - 2014-12-02 14:08 - 00000020 ___SH () C:\Users\Guest\ntuser.ini
2014-12-02 14:08 - 2014-12-02 14:08 - 00000000 _SHDL () C:\Users\Guest\Šablony
2014-12-02 14:08 - 2014-12-02 14:08 - 00000000 _SHDL () C:\Users\Guest\Soubory cookie
2014-12-02 14:08 - 2014-12-02 14:08 - 00000000 _SHDL () C:\Users\Guest\Poslední
2014-12-02 14:08 - 2014-12-02 14:08 - 00000000 _SHDL () C:\Users\Guest\Okolní tiskárny
2014-12-02 14:08 - 2014-12-02 14:08 - 00000000 _SHDL () C:\Users\Guest\Okolní síť
2014-12-02 14:08 - 2014-12-02 14:08 - 00000000 _SHDL () C:\Users\Guest\Nabídka Start
2014-12-02 14:08 - 2014-12-02 14:08 - 00000000 _SHDL () C:\Users\Guest\Dokumenty
2014-12-02 14:08 - 2014-12-02 14:08 - 00000000 _SHDL () C:\Users\Guest\Documents\Obrázky
2014-12-02 14:08 - 2014-12-02 14:08 - 00000000 _SHDL () C:\Users\Guest\Documents\Hudba
2014-12-02 14:08 - 2014-12-02 14:08 - 00000000 _SHDL () C:\Users\Guest\Documents\Filmy
2014-12-02 14:08 - 2014-12-02 14:08 - 00000000 _SHDL () C:\Users\Guest\Data aplikací
2014-12-02 14:08 - 2014-12-02 14:08 - 00000000 _SHDL () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2014-12-02 14:08 - 2014-12-02 14:08 - 00000000 _SHDL () C:\Users\Guest\AppData\Local\Data aplikací
2014-12-02 14:08 - 2014-12-02 14:08 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Intel
2014-12-02 14:08 - 2013-11-27 09:17 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\TuneUp Software
2014-12-02 14:08 - 2013-10-24 07:35 - 00000000 ____D () C:\Users\Guest\Documents\Visual Studio 2008
2014-12-02 14:08 - 2013-10-23 08:46 - 00000000 ____D () C:\Users\Guest\AppData\Local\Microsoft Help
2014-12-02 14:08 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-02 14:08 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-12-01 09:53 - 2014-12-01 09:53 - 00126080 _____ () C:\Users\Míšové\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-01 09:53 - 2014-12-01 09:53 - 00001400 _____ () C:\Users\Míšové\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-01 09:53 - 2014-12-01 09:53 - 00000000 ____D () C:\Users\Míšové\AppData\Roaming\Toshiba
2014-12-01 09:53 - 2014-12-01 09:53 - 00000000 ____D () C:\Users\Míšové\AppData\Roaming\Mozilla
2014-12-01 09:53 - 2014-12-01 09:53 - 00000000 ____D () C:\Users\Míšové\AppData\Roaming\AVG2015
2014-12-01 09:53 - 2014-12-01 09:53 - 00000000 ____D () C:\Users\Míšové\AppData\Roaming\Adobe
2014-12-01 09:53 - 2014-12-01 09:53 - 00000000 ____D () C:\Users\Míšové\AppData\Local\TOSHIBA
2014-12-01 09:53 - 2014-12-01 09:53 - 00000000 ____D () C:\Users\Míšové\AppData\Local\SRS Labs
2014-12-01 09:53 - 2014-12-01 09:53 - 00000000 ____D () C:\Users\Míšové\AppData\Local\Mozilla
2014-12-01 09:53 - 2014-12-01 09:53 - 00000000 ____D () C:\Users\Míšové\AppData\Local\McAfee,_Inc
2014-12-01 09:53 - 2014-12-01 09:53 - 00000000 ____D () C:\Users\Míšové\AppData\Local\Avg2015
2014-12-01 09:53 - 2014-12-01 09:53 - 00000000 ____D () C:\Users\Míšové\AppData\Local\Autodesk
2014-12-01 09:53 - 2014-12-01 09:53 - 00000000 _____ () C:\Users\Míšové\agent.log
2014-12-01 09:52 - 2014-12-01 09:53 - 00000000 ____D () C:\Users\Míšové\AppData\Local\Google
2014-12-01 09:52 - 2014-12-01 09:53 - 00000000 ____D () C:\Users\Míšové
2014-12-01 09:52 - 2014-12-01 09:52 - 00000020 ___SH () C:\Users\Míšové\ntuser.ini
2014-12-01 09:52 - 2014-12-01 09:52 - 00000000 _SHDL () C:\Users\Míšové\Šablony
2014-12-01 09:52 - 2014-12-01 09:52 - 00000000 _SHDL () C:\Users\Míšové\Soubory cookie
2014-12-01 09:52 - 2014-12-01 09:52 - 00000000 _SHDL () C:\Users\Míšové\Poslední
2014-12-01 09:52 - 2014-12-01 09:52 - 00000000 _SHDL () C:\Users\Míšové\Okolní tiskárny
2014-12-01 09:52 - 2014-12-01 09:52 - 00000000 _SHDL () C:\Users\Míšové\Okolní síť
2014-12-01 09:52 - 2014-12-01 09:52 - 00000000 _SHDL () C:\Users\Míšové\Nabídka Start
2014-12-01 09:52 - 2014-12-01 09:52 - 00000000 _SHDL () C:\Users\Míšové\Dokumenty
2014-12-01 09:52 - 2014-12-01 09:52 - 00000000 _SHDL () C:\Users\Míšové\Documents\Obrázky
2014-12-01 09:52 - 2014-12-01 09:52 - 00000000 _SHDL () C:\Users\Míšové\Documents\Hudba
2014-12-01 09:52 - 2014-12-01 09:52 - 00000000 _SHDL () C:\Users\Míšové\Documents\Filmy
2014-12-01 09:52 - 2014-12-01 09:52 - 00000000 _SHDL () C:\Users\Míšové\Data aplikací
2014-12-01 09:52 - 2014-12-01 09:52 - 00000000 _SHDL () C:\Users\Míšové\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2014-12-01 09:52 - 2014-12-01 09:52 - 00000000 _SHDL () C:\Users\Míšové\AppData\Local\Data aplikací
2014-12-01 09:52 - 2014-12-01 09:52 - 00000000 ____D () C:\Users\Míšové\AppData\Roaming\Intel
2014-12-01 09:52 - 2013-11-27 09:17 - 00000000 ____D () C:\Users\Míšové\AppData\Roaming\TuneUp Software
2014-12-01 09:52 - 2013-10-24 07:35 - 00000000 ____D () C:\Users\Míšové\Documents\Visual Studio 2008
2014-12-01 09:52 - 2013-10-23 08:46 - 00000000 ____D () C:\Users\Míšové\AppData\Local\Microsoft Help
2014-12-01 09:52 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\Míšové\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-01 09:52 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\Míšové\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-11-26 22:10 - 2014-12-15 23:44 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\WirelessManager
2014-11-26 22:10 - 2014-12-15 23:43 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\WMCore
2014-11-26 22:08 - 2014-11-26 22:08 - 00000000 ____D () C:\Users\Michal\AppData\Local\Toshiba Corporation
2014-11-26 21:55 - 2014-11-26 21:55 - 16620898 _____ () C:\Users\Michal\Downloads\eco-20120710162836.zip
2014-11-26 21:48 - 2014-11-26 21:48 - 00000000 ____D () C:\ProgramData\TOSHIBA Tempro
2014-11-26 21:48 - 2014-11-26 21:48 - 00000000 ____D () C:\ProgramData\IsolatedStorage
2014-11-26 19:15 - 2014-11-26 19:15 - 00000000 ____D () C:\Users\Michal\Downloads\batteryinfoview_czech
2014-11-26 19:14 - 2014-11-26 19:19 - 00000000 ____D () C:\Users\Michal\Downloads\batteryinfoview
2014-11-26 19:14 - 2014-11-26 19:14 - 00117507 _____ () C:\Users\Michal\Downloads\batteryinfoview.zip
2014-11-26 19:14 - 2014-11-26 19:14 - 00001693 _____ () C:\Users\Michal\Downloads\batteryinfoview_czech.zip
2014-11-24 08:41 - 2014-11-24 08:41 - 00028672 _____ () C:\Users\Michal\Downloads\Kopie - Turnaj Arbesák přihláška.xls
2014-11-23 16:43 - 2014-11-23 16:43 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
2014-11-23 16:42 - 2014-12-09 09:24 - 00000000 ____D () C:\KMPlayer
2014-11-23 16:29 - 2014-11-23 16:30 - 35862096 _____ (PandoraTV) C:\Users\Michal\Downloads\3.9.1.130_20141103045254.exe
2014-11-19 08:13 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-11-19 08:13 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll
2014-11-19 08:13 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-11-19 08:13 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\windows\SysWOW64\pku2u.dll
2014-11-19 04:31 - 2014-11-19 04:31 - 01217192 _____ (Microsoft Corporation) C:\windows\SysWOW64\FM20.DLL

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-17 08:04 - 2013-10-22 19:20 - 01242326 _____ () C:\windows\WindowsUpdate.log
2014-12-17 08:03 - 2011-02-14 09:37 - 00669116 _____ () C:\windows\system32\perfh005.dat
2014-12-17 08:03 - 2011-02-14 09:37 - 00141744 _____ () C:\windows\system32\perfc005.dat
2014-12-17 08:03 - 2009-07-14 06:13 - 01584554 _____ () C:\windows\system32\PerfStringBackup.INI
2014-12-17 08:02 - 2014-06-25 16:57 - 00000000 ___RD () C:\Users\Michal\Disk google 2
2014-12-17 08:02 - 2013-10-22 23:09 - 00000000 ___RD () C:\Users\Michal\Dropbox
2014-12-17 08:02 - 2013-10-22 23:08 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Dropbox
2014-12-17 08:02 - 2013-10-22 22:54 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Skype
2014-12-17 08:01 - 2013-10-22 19:19 - 00000828 _____ () C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2014-12-17 08:01 - 2012-05-22 02:24 - 00000948 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-17 08:01 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-12-17 07:40 - 2012-05-22 02:24 - 00000952 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-17 07:37 - 2014-04-14 12:09 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-12-17 07:28 - 2012-05-22 02:23 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-12-17 07:23 - 2013-10-22 23:45 - 00000000 ____D () C:\ProgramData\MFAData
2014-12-16 23:24 - 2009-07-14 05:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-16 23:24 - 2009-07-14 05:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-16 23:17 - 2009-07-14 06:08 - 00032532 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-12-16 12:02 - 2013-10-22 19:19 - 00000830 _____ () C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2014-12-16 00:04 - 2013-10-22 21:52 - 00000000 ____D () C:\Users\Michal\AppData\Local\GHISLER
2014-12-15 23:57 - 2014-03-27 12:18 - 00000000 ____D () C:\Temp
2014-12-15 22:44 - 2013-10-22 23:00 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\KeePass
2014-12-15 20:13 - 2014-04-14 12:08 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\TeamViewer
2014-12-15 07:58 - 2013-10-22 19:38 - 00000000 ____D () C:\ProgramData\Toshiba
2014-12-12 21:57 - 2009-07-14 06:32 - 00000000 ____D () C:\windows\system32\FxsTmp
2014-12-12 09:50 - 2014-10-01 22:00 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-12 09:50 - 2012-05-22 02:46 - 00000000 ____D () C:\ProgramData\Skype
2014-12-12 07:21 - 2013-10-22 21:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-11 22:26 - 2012-05-22 02:24 - 00002194 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-11 18:12 - 2013-11-05 11:10 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-11 11:25 - 2014-09-29 12:34 - 00000000 ____D () C:\windows\rescache
2014-12-11 07:28 - 2012-05-22 02:23 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-12-11 07:28 - 2012-05-22 02:23 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-11 07:28 - 2012-05-22 02:23 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-12-11 07:22 - 2014-08-27 06:26 - 00000000 ____D () C:\Users\Michal\AppData\Local\Adobe
2014-12-11 07:19 - 2014-05-06 15:39 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-12-11 07:19 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-12-11 07:19 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\AppCompat
2014-12-11 07:18 - 2013-10-22 22:47 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-11 05:59 - 2013-12-18 17:34 - 00000000 ____D () C:\Users\Michal\AppData\Local\AVG SafeGuard toolbar
2014-12-11 05:58 - 2013-10-25 08:31 - 00000000 ____D () C:\windows\system32\MRT
2014-12-11 05:57 - 2013-10-25 08:30 - 112710672 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-12-11 05:54 - 2013-10-22 23:09 - 00001035 _____ () C:\Users\Michal\Desktop\Dropbox.lnk
2014-12-11 05:54 - 2013-10-22 23:08 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-10 08:54 - 2013-10-22 23:40 - 00000000 ____D () C:\Users\Michal\Documents\ALLIMIT - rozpracováno
2014-12-10 08:53 - 2014-08-19 23:41 - 00000000 ____D () C:\Users\Michal\Documents\AZBEST
2014-12-04 21:11 - 2012-05-22 02:24 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-04 08:57 - 2013-11-05 12:05 - 00000000 ____D () C:\Program Files (x86)\Rizika na PC
2014-12-03 16:52 - 2014-11-11 00:06 - 00000982 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2014-12-03 16:52 - 2014-11-11 00:06 - 00000970 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
2014-12-01 08:27 - 2014-06-06 00:26 - 00000833 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-12-01 08:27 - 2014-06-06 00:26 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-26 22:02 - 2013-10-22 20:06 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Toshiba
2014-11-26 21:56 - 2012-05-22 02:15 - 00000000 ____D () C:\Program Files (x86)\TOSHIBA
2014-11-26 21:56 - 2012-05-22 02:14 - 00000000 ____D () C:\Program Files\TOSHIBA
2014-11-26 14:37 - 2014-05-26 21:53 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\uTorrent
2014-11-21 14:10 - 2013-10-22 20:05 - 00000000 ____D () C:\Users\Michal\AppData\Local\VirtualStore
2014-11-19 11:45 - 2013-10-22 21:22 - 00000000 ____D () C:\Users\Michal\AppData\Local\cache
2014-11-19 10:28 - 2013-10-23 13:11 - 00000058 _____ () C:\Users\Michal\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat

Some content of TEMP:
====================
C:\Users\Michal\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkqr0ib.dll
C:\Users\Michal\AppData\Local\Temp\NirCmd.exe
C:\Users\Michal\AppData\Local\Temp\PEVZ.EXE
C:\Users\Michal\AppData\Local\Temp\swreg.exe
C:\Users\Michal\AppData\Local\Temp\wget.exe
C:\Users\Michal\AppData\Local\Temp\zoek-delete.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-16 13:14




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (TI30921800A) (Fixed) (Total:99.54 GB) (Free:8.4 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Available physical RAM: 1374.3 MB
Total physical RAM: 3990.17 MB
Percentage of memory in use: 65%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 119.2 GB) (Disk ID: 9928B575)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=99.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=4 GB) - (Type=84)
Partition 4: (Not Active) - (Size=14.2 GB) - (Type=17)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\TEMP:A1EDB939

==================== Security Center ==================

AV: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Michal\Desktop" je 36 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================


Nahoru
 Profil  
 
PříspěvekNapsal: 17 pro 2014 14:44 
Offline
VIP
VIP

Registrován: 05 pro 2009 20:08
Příspěvky: 21686
Bydliště: Ostrava
:arrow: Otevrete si poznamkovy blok a zkopirujte do nej tento skript
Kód:
Start
CloseProcesses:

HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe [1492264 2011-11-18] (Nero AG)
HKLM-x32\...\Run: [McAfee Anti Theft Setup] => C:\Program Files (x86)\McAfee Inc\McAfee Anti Theft Setup\McAfeeAntiTheftSetup.exe [363520 2012-02-11] (McAfee, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Bonus.SSR.FR11] => C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [1364496 2013-06-28] (ABBYY Production LLC)
HKU\S-1-5-21-137860298-2108945655-7312621-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-137860298-2108945655-7312621-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30524520 2014-11-27] (Skype Technologies S.A.)
HKU\S-1-5-21-137860298-2108945655-7312621-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-137860298-2108945655-7312621-1000\...\RunOnce: [Adobe Speed Launcher] => 1418799730
HKU\S-1-5-21-137860298-2108945655-7312621-1000\...\Policies\Explorer: []

Toolbar: HKU\S-1-5-21-137860298-2108945655-7312621-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)

2014-12-17 08:00 - 2014-12-17 08:00 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Michal\Downloads\mbam-clean-2.1.1.1001.exe
2014-12-15 00:31 - 2014-12-15 00:31 - 00000000 ____D () C:\zoek
2014-12-15 00:18 - 2014-12-12 08:47 - 00001798 _____ () C:\zoek-results2014-12-12-074729.log
2014-12-12 08:44 - 2014-12-15 00:18 - 00001281 _____ () C:\zoek-results.log
2014-12-11 05:59 - 2013-12-18 17:34 - 00000000 ____D () C:\Users\Michal\AppData\Local\AVG SafeGuard toolbar

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe

EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

_________________
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).


Nahoru
 Profil  
 
PříspěvekNapsal: 18 pro 2014 08:57 
Offline
Návštěvník
Návštěvník

Registrován: 10 pro 2014 07:49
Příspěvky: 9
Takhle vypadá nyní log po provedeném fixu....

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-12-2014
Ran by Michal at 2014-12-18 08:54:14 Run:1
Running from C:\Users\Michal\Desktop
Loaded Profile: Michal (Available profiles: Michal & Guest)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:

HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe [1492264 2011-11-18] (Nero AG)
HKLM-x32\...\Run: [McAfee Anti Theft Setup] => C:\Program Files (x86)\McAfee Inc\McAfee Anti Theft Setup\McAfeeAntiTheftSetup.exe [363520 2012-02-11] (McAfee, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Bonus.SSR.FR11] => C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [1364496 2013-06-28] (ABBYY Production LLC)
HKU\S-1-5-21-137860298-2108945655-7312621-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-137860298-2108945655-7312621-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30524520 2014-11-27] (Skype Technologies S.A.)
HKU\S-1-5-21-137860298-2108945655-7312621-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-137860298-2108945655-7312621-1000\...\RunOnce: [Adobe Speed Launcher] => 1418799730
HKU\S-1-5-21-137860298-2108945655-7312621-1000\...\Policies\Explorer: []

Toolbar: HKU\S-1-5-21-137860298-2108945655-7312621-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)

2014-12-17 08:00 - 2014-12-17 08:00 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Michal\Downloads\mbam-clean-2.1.1.1001.exe
2014-12-15 00:31 - 2014-12-15 00:31 - 00000000 ____D () C:\zoek
2014-12-15 00:18 - 2014-12-12 08:47 - 00001798 _____ () C:\zoek-results2014-12-12-074729.log
2014-12-12 08:44 - 2014-12-15 00:18 - 00001281 _____ () C:\zoek-results.log
2014-12-11 05:59 - 2013-12-18 17:34 - 00000000 ____D () C:\Users\Michal\AppData\Local\AVG SafeGuard toolbar

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe

EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\NBAgent => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\McAfee Anti Theft Setup => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Bonus.SSR.FR11 => value deleted successfully.
HKU\S-1-5-21-137860298-2108945655-7312621-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleDriveSync => value deleted successfully.
HKU\S-1-5-21-137860298-2108945655-7312621-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value deleted successfully.
HKU\S-1-5-21-137860298-2108945655-7312621-1000\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value deleted successfully.
HKU\S-1-5-21-137860298-2108945655-7312621-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Adobe Speed Launcher => value deleted successfully.
HKU\S-1-5-21-137860298-2108945655-7312621-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => value deleted successfully.
HKU\S-1-5-21-137860298-2108945655-7312621-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => Key not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@Nero.com/KM" => Key not found.
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG) not found.
C:\Users\Michal\Downloads\mbam-clean-2.1.1.1001.exe => Moved successfully.
C:\zoek => Moved successfully.
C:\zoek-results2014-12-12-074729.log => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\Users\Michal\AppData\Local\AVG SafeGuard toolbar => Moved successfully.
C:\windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => Moved successfully.
C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => Moved successfully.
EmptyTemp: => Removed 112.3 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====


Nahoru
 Profil  
 
Zobrazit příspěvky za předchozí:  Seřadit podle  
Odeslat nové téma Toto téma je zamknuté. Nemůžete posílat nové příspěvky ani odpovídat na starší.  [ Příspěvků: 16 ]  Přejít na stránku 1, 2  Další

Všechny časy jsou v UTC + 1 hodina


Kdo je online

Uživatelé procházející toto fórum: Žádní registrovaní uživatelé


Nemůžete zakládat nová témata v tomto fóru
Nemůžete odpovídat v tomto fóru
Nemůžete upravovat své příspěvky v tomto fóru
Nemůžete mazat své příspěvky v tomto fóru
Nemůžete přikládat soubory v tomto fóru

Hledat:
Přejít na:  
Založeno na phpBB® Forum Software © phpBB Group
Český překlad – phpBB.cz
Přispějete na provoz fóra?