Zdravím,
prosím Vás o pomoc, můj notebook je poslední dobou velice zpomalený, otevírání programů je nejméně dvojnásobné. Předem děkuji za pomoc.
log RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Admin_ at 2014-03-26 19:04:21
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 45 GB (10%) free of 432 GB
Total RAM: 4091 MB (77% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:04:24, on 26.3.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16521)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\eInstruction\Device Manager\Launch.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Garena Plus\ggdllhost.exe
C:\Program Files\trend micro\Admin_.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: CrossriderApp0035578 - {11111111-1111-1111-1111-110311551178} - C:\Program Files (x86)\Torntv 2\Torntv 2-bho.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [NextLive] C:\windows\SysWOW64\rundll32.exe "C:\Users\Admin_\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: eInstruction Device Manager.lnk = C:\Program Files (x86)\eInstruction\Device Manager\Launch.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - (no file)
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Autodesk Content Service - Unknown owner - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: KMService - Unknown owner - C:\windows\system32\srvany.exe
O23 - Service: McNeel Update Service 5.0 (McNeelUpdate) - Robert McNeel & Associates - C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10723 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
atieclxx
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe"
C:\windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\windows\SysWOW64\srvany.exe
C:\windows\KMService.exe
"C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe"
\??\C:\windows\system32\conhost.exe "1614510798-977861472933199914-6476398281664717856-1294043291-1480858363760217740
C:\windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1232
C:\windows\system32\svchost.exe -k HPService
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k WindowsMobile
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Windows\WindowsMobile\wmdcBase.exe"
"C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe"
taskeng.exe {3FF18328-0316-47AA-BC17-9F98DAE5ADDD}
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\eInstruction\Device Manager\Launch.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP psc 1600 series#1334078108" -Startup
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding
"C:\Program Files (x86)\Garena Plus\ggdllhost.exe" "C:\Program Files (x86)\Garena Plus\ggspawn.dll",rundll_entry
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe11_ Global\UsGthrCtrlFltPipeMssGthrPipe11 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"c:\program files\windows defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey 0F41FA5D-2B64-B970-70AC-53DABC3DA91B -Reinvoke
"C:\Users\Admin_\Desktop\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1446954214-2930582283-825936318-1000Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1446954214-2930582283-825936318-1000UA.job
C:\windows\tasks\Torntv 2-codedownloader.job
C:\windows\tasks\Torntv 2-enabler.job
C:\windows\tasks\Torntv 2-updater.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-12-14 256080]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311551178}]
Torntv 2 - C:\Program Files (x86)\Torntv 2\Torntv 2-bho.dll [2013-09-12 748032]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-03-15 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-14 194128]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-03-15 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-12-14 256080]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-14 194128]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-08-20 11448424]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2010-08-20 2120808]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-01-07 1894696]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [2010-04-12 4462496]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2010-03-18 7056800]
"Windows Mobile-based device management"=C:\windows\WindowsMobile\wmdcBase.exe [2007-05-31 660360]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NextLive"=C:\windows\SysWOW64\rundll32.exe [2009-07-14 44544]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-07-19 98304]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\qttask.exe [2006-09-01 282624]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
eInstruction Device Manager.lnk - C:\Program Files (x86)\eInstruction\Device Manager\Launch.exe
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoRun"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"msacm.ac3filter"=ac3filter64.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2014-03-26 19:04:21 ----D---- C:\Program Files\trend micro
2014-03-15 06:23:46 ----A---- C:\windows\SYSWOW64\javaws.exe
2014-03-15 06:23:37 ----A---- C:\windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-03-15 06:23:37 ----A---- C:\windows\SYSWOW64\javaw.exe
2014-03-15 06:23:37 ----A---- C:\windows\SYSWOW64\java.exe
2014-03-15 06:23:27 ----D---- C:\Program Files (x86)\Java
2014-03-13 20:48:22 ----A---- C:\windows\system32\wwansvc.dll
2014-03-13 20:48:21 ----A---- C:\windows\SYSWOW64\wer.dll
2014-03-13 20:48:21 ----A---- C:\windows\system32\wer.dll
2014-03-13 20:48:20 ----A---- C:\windows\system32\win32k.sys
2014-03-13 20:48:19 ----A---- C:\windows\SYSWOW64\iertutil.dll
2014-03-13 20:48:19 ----A---- C:\windows\SYSWOW64\iernonce.dll
2014-03-13 20:48:19 ----A---- C:\windows\system32\iertutil.dll
2014-03-13 20:48:19 ----A---- C:\windows\system32\ieetwcollectorres.dll
2014-03-13 20:48:18 ----A---- C:\windows\SYSWOW64\urlmon.dll
2014-03-13 20:48:18 ----A---- C:\windows\SYSWOW64\mshtml.dll
2014-03-13 20:48:18 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2014-03-13 20:48:18 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2014-03-13 20:48:17 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2014-03-13 20:48:17 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2014-03-13 20:48:17 ----A---- C:\windows\SYSWOW64\iesetup.dll
2014-03-13 20:48:17 ----A---- C:\windows\system32\urlmon.dll
2014-03-13 20:48:17 ----A---- C:\windows\system32\iernonce.dll
2014-03-13 20:48:17 ----A---- C:\windows\system32\ieetwproxystub.dll
2014-03-13 20:48:16 ----A---- C:\windows\SYSWOW64\ieui.dll
2014-03-13 20:48:16 ----A---- C:\windows\SYSWOW64\ieframe.dll
2014-03-13 20:48:16 ----A---- C:\windows\system32\msfeeds.dll
2014-03-13 20:48:15 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2014-03-13 20:48:15 ----A---- C:\windows\system32\iesetup.dll
2014-03-13 20:48:15 ----A---- C:\windows\system32\ie4uinit.exe
2014-03-13 20:48:14 ----A---- C:\windows\SYSWOW64\wininet.dll
2014-03-13 20:48:14 ----A---- C:\windows\SYSWOW64\msrating.dll
2014-03-13 20:48:14 ----A---- C:\windows\SYSWOW64\jscript9.dll
2014-03-13 20:48:14 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2014-03-13 20:48:14 ----A---- C:\windows\system32\jsproxy.dll
2014-03-13 20:48:14 ----A---- C:\windows\system32\ieui.dll
2014-03-13 20:48:14 ----A---- C:\windows\system32\ieframe.dll
2014-03-13 20:48:14 ----A---- C:\windows\system32\ieetwcollector.exe
2014-03-13 20:48:13 ----A---- C:\windows\system32\jscript9diag.dll
2014-03-13 20:48:13 ----A---- C:\windows\system32\jscript9.dll
2014-03-13 20:48:13 ----A---- C:\windows\system32\ieUnatt.exe
2014-03-13 20:48:12 ----A---- C:\windows\system32\wininet.dll
2014-03-13 20:48:12 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2014-03-13 20:48:12 ----A---- C:\windows\system32\msrating.dll
2014-03-13 20:48:12 ----A---- C:\windows\system32\mshtml.dll
2014-03-13 20:48:12 ----A---- C:\windows\system32\ieapfltr.dll
2014-03-13 20:47:52 ----A---- C:\windows\SYSWOW64\qedit.dll
2014-03-13 20:47:52 ----A---- C:\windows\system32\qedit.dll
2014-03-13 20:47:51 ----A---- C:\windows\SYSWOW64\WindowsCodecs.dll
2014-03-13 20:47:51 ----A---- C:\windows\system32\WindowsCodecs.dll
2014-03-13 09:33:24 ----A---- C:\windows\SYSWOW64\FlashPlayerInstaller.exe
2014-03-06 19:56:59 ----D---- C:\Users\Admin_\AppData\Roaming\LibreOffice
======List of files/folders modified in the last 1 month======
2014-03-26 19:04:24 ----D---- C:\windows\Prefetch
2014-03-26 19:04:22 ----D---- C:\windows\Temp
2014-03-26 19:04:21 ----RD---- C:\Program Files
2014-03-26 18:56:37 ----D---- C:\Program Files (x86)\Steam
2014-03-26 18:56:02 ----D---- C:\Windows
2014-03-26 18:10:00 ----D---- C:\windows\system32\Tasks
2014-03-26 08:37:10 ----D---- C:\windows\system32\config
2014-03-26 08:26:07 ----SHD---- C:\System Volume Information
2014-03-26 08:14:47 ----D---- C:\windows\System32
2014-03-26 08:14:47 ----D---- C:\windows\inf
2014-03-26 08:14:47 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-03-25 20:51:26 ----D---- C:\Users\Admin_\AppData\Roaming\newnext.me
2014-03-24 23:06:51 ----RD---- C:\Program Files (x86)
2014-03-24 20:25:16 ----D---- C:\Program Files\CCleaner
2014-03-24 06:16:34 ----D---- C:\Users\Admin_\AppData\Roaming\uTorrent
2014-03-24 06:16:17 ----D---- C:\windows\debug
2014-03-19 22:46:47 ----D---- C:\windows\system32\MRT
2014-03-19 22:46:43 ----A---- C:\windows\system32\MRT.exe
2014-03-15 06:24:21 ----D---- C:\ProgramData\Oracle
2014-03-15 06:24:15 ----SHD---- C:\windows\Installer
2014-03-15 06:24:15 ----HD---- C:\Config.Msi
2014-03-15 06:24:15 ----D---- C:\Program Files (x86)\Common Files
2014-03-15 06:23:46 ----D---- C:\windows\SysWOW64
2014-03-15 06:15:03 ----D---- C:\Program Files (x86)\Google
2014-03-14 05:36:35 ----D---- C:\windows\winsxs
2014-03-14 05:34:09 ----D---- C:\Program Files\Microsoft Silverlight
2014-03-14 05:34:07 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-03-14 05:33:15 ----D---- C:\Program Files\Internet Explorer
2014-03-14 05:33:15 ----D---- C:\Program Files (x86)\Internet Explorer
2014-03-13 20:47:48 ----D---- C:\windows\system32\catroot
2014-03-13 20:47:42 ----D---- C:\windows\system32\catroot2
2014-03-13 09:33:29 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2014-03-06 15:49:02 ----D---- C:\windows\system32\wdi
2014-02-28 03:02:53 ----A---- C:\windows\SYSWOW64\PerfStringBackup.INI
2014-02-27 19:04:06 ----D---- C:\windows\Microsoft.NET
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\windows\system32\DRIVERS\AtiPcie64.sys [2010-06-17 16440]
R0 LHDmgr;LHDmgr; C:\windows\System32\DRIVERS\LhdX64.sys [2010-01-15 39008]
R0 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-06-27 283200]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys [2009-10-19 28176]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2010-07-19 7448576]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2010-07-19 268288]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2009-12-14 1573888]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2010-08-20 2470248]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C62x64.sys [2010-02-22 75304]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2010-01-07 302128]
R3 usbsmi;Lenovo EasyCamera; C:\windows\system32\DRIVERS\SMIksdrv.sys [2010-04-20 200704]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btusbflt;Bluetooth USB Filter; C:\windows\system32\drivers\btusbflt.sys [2009-07-01 52264]
S3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2009-07-01 98344]
S3 btwavdt;Bluetooth AVDT; C:\windows\system32\drivers\btwavdt.sys [2009-07-01 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2009-07-01 21160]
S3 Dot4;MS IEEE-1284.4 Driver; C:\windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys []
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2010-03-12 242720]
S3 s117bus;Sony Ericsson Device 117 driver (WDM); C:\windows\system32\DRIVERS\s117bus.sys [2007-06-25 108072]
S3 s117mdfl;Sony Ericsson Device 117 USB WMC Modem Filter; C:\windows\system32\DRIVERS\s117mdfl.sys [2007-06-25 19496]
S3 s117mdm;Sony Ericsson Device 117 USB WMC Modem Driver; C:\windows\system32\DRIVERS\s117mdm.sys [2007-06-25 144424]
S3 s117mgmt;Sony Ericsson Device 117 USB WMC Device Management Drivers (WDM); C:\windows\system32\DRIVERS\s117mgmt.sys [2007-06-25 125992]
S3 s117nd5;Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (NDIS); C:\windows\system32\DRIVERS\s117nd5.sys [2007-06-25 31272]
S3 s117obex;Sony Ericsson Device 117 USB WMC OBEX Interface; C:\windows\system32\DRIVERS\s117obex.sys [2007-06-25 123432]
S3 s117unic;Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (WDM); C:\windows\system32\DRIVERS\s117unic.sys [2007-06-25 130088]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 127488]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\windows\system32\DRIVERS\sscdbus.sys [2010-11-11 136264]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\windows\system32\DRIVERS\sscdmdfl.sys [2010-11-11 19016]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\windows\system32\DRIVERS\sscdmdm.sys [2010-11-11 172104]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 usb_rndisx;Adaptér USB RNDIS; C:\windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WimFltr;WimFltr; C:\windows\system32\DRIVERS\wimfltr.sys [2008-08-06 151656]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 wsvd;wsvd; C:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2010-07-19 203264]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2009-08-11 864032]
R2 Capture Device Service;Capture Device Service; C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe [2007-03-06 198168]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\windows\system32\svchost.exe [2009-07-14 27136]
R2 HPSLPSVC;HP Network Devices Support; C:\windows\system32\svchost.exe [2009-07-14 27136]
R2 KMService;KMService; C:\windows\syswow64\srvany.exe [2012-04-23 8192]
R2 McNeelUpdate;McNeel Update Service 5.0; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [2012-10-25 67752]
R2 PnkBstrA;PnkBstrA; C:\windows\syswow64\PnkBstrA.exe [2013-12-19 76888]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\windows\system32\svchost.exe [2009-07-14 27136]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\windows\system32\svchost.exe [2009-07-14 27136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 hpqcxs08;hpqcxs08; C:\windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-17 136176]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 27136]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 27136]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-13 257928]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-01-30 1431888]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-17 136176]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-14 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-03-01 111616]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-02-25 568512]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-12-21 1255736]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
-----------------EOF-----------------
log FRST:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Admin_ (administrator) on IVANA-PC on 26-03-2014 19:08:02
Running from C:\Users\Admin_\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(AMD) C:\windows\system32\atiesrxx.exe
(AMD) C:\windows\system32\atieclxx.exe
() C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(InterVideo Inc.) C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe
(Microsoft Corporation) C:\windows\SysWOW64\svchost.exe
() C:\windows\SysWOW64\srvany.exe
() C:\windows\KMService.exe
(Robert McNeel & Associates) C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
() C:\windows\SysWOW64\PnkBstrA.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdcBase.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(eInstruction Corporation) C:\Program Files (x86)\eInstruction\Device Manager\Launch.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
() C:\Program Files (x86)\Garena Plus\ggdllhost.exe
(forum.viry.cz) C:\Users\Admin_\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11448424 2010-08-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2120808 2010-08-20] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1894696 2010-01-07] (Synaptics Incorporated)
HKLM\...\Run: [EnergyUtility] - C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [4462496 2010-04-12] (Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] - C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [7056800 2010-03-18] (Lenovo (Beijing) Limited)
HKLM\...\Run: [Windows Mobile-based device management] - C:\Windows\WindowsMobile\wmdcBase.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-07-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [hpqSRMon] - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\qttask.exe [282624 2006-09-01] (Apple Computer, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1446954214-2930582283-825936318-1008\...\Run: [NextLive] - C:\windows\SysWOW64\rundll32.exe "C:\Users\Admin_\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\S-1-5-21-1446954214-2930582283-825936318-1008\...\MountPoints2: {9ff52d1c-5068-11e2-8098-806e6f6e6963} - F:\Autorun.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages =
URLSearchHook: HKCU - (No Name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {866369DD-FD11-4560-A9A3-BA51E337D305} URL = http://www.search.ask.com/web?p2=%5EB7N ... 26ppd%253D
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Torntv 2 - {11111111-1111-1111-1111-110311551178} - C:\Program Files (x86)\Torntv 2\Torntv 2-bho.dll (installdaddy)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: No Name - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - No File
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {434D452D-5637-006A-76A7-7A786E7484D7} - No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @t.garena.com/garenatalk - C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppluginrichmediaplayer.dll ()
FF Extension: Torntv 3 - C:\Users\Admin_\AppData\Roaming\Mozilla\Firefox\profiles\extensions\trtv3@trtv.com.xpi [2013-06-30]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-04-10]
Chrome:
=======
CHR Extension: (Peněženka Google) - C:\Users\Admin_\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-15]
CHR HKLM-x32\...\Chrome\Extension: [bicnnkjibmphdeigoodpjlcklcnaobdj] - C:\Program Files (x86)\TornTV.com\torntv10.crx [2014-03-15]
==================== Services (Whitelisted) =================
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [864032 2009-08-11] (Broadcom Corporation.)
R2 Capture Device Service; C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
R2 KMService; C:\windows\SysWOW64\srvany.exe [8192 2012-04-23] ()
R2 McNeelUpdate; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [67752 2012-10-25] (Robert McNeel & Associates)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2013-12-19] ()
==================== Drivers (Whitelisted) ====================
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-06-27] (DT Soft Ltd)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 usbsmi; C:\Windows\System32\DRIVERS\SMIksdrv.sys [200704 2010-04-20] (SMI)
U3 BcmSqlStartupSvc;
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
U3 SQLWriter;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-26 19:08 - 2014-03-26 19:09 - 00013131 _____ () C:\Users\Admin_\Desktop\FRST.txt
2014-03-26 19:04 - 2014-03-26 19:04 - 00038445 _____ () C:\Users\Admin_\Desktop\risit.txt
2014-03-26 19:04 - 2014-03-26 19:04 - 00000000 ____D () C:\Program Files\trend micro
2014-03-26 19:03 - 2014-03-26 19:03 - 02157056 _____ (Farbar) C:\Users\Admin_\Desktop\FRST64.exe
2014-03-26 19:03 - 2014-03-26 19:03 - 00935175 _____ () C:\Users\Admin_\Desktop\RSITx64.exe
2014-03-26 19:03 - 2014-03-26 19:03 - 00112640 _____ (forum.viry.cz) C:\Users\Admin_\Desktop\FRSTLauncher.exe
2014-03-24 23:06 - 2014-03-24 23:06 - 00000160 _____ () C:\Users\Admin_\Documents\cc_20140324_230619.reg
2014-03-24 20:32 - 2014-03-24 20:32 - 10938635 _____ () C:\Users\Admin_\Downloads\2IV-informacnigramotnost.rar
2014-03-24 08:28 - 2014-03-24 20:20 - 00000000 ___RD () C:\Users\Admin_\Desktop\viry-forum
2014-03-24 07:08 - 2014-03-24 07:09 - 00384488 _____ () C:\Users\Admin_\Downloads\InstallPlus500.exe
2014-03-24 06:18 - 2014-03-24 06:18 - 00001242 _____ () C:\Users\Admin_\Documents\cc_20140324_061800.reg
2014-03-15 08:06 - 2014-03-15 08:06 - 00026840 _____ () C:\Users\Admin_\Documents\cc_20140315_080645.reg
2014-03-15 06:23 - 2014-03-15 06:23 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-03-15 06:23 - 2014-03-15 06:23 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-03-15 06:23 - 2014-03-15 06:23 - 00174504 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-03-15 06:23 - 2014-03-15 06:23 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-03-15 06:23 - 2014-03-15 06:23 - 00000000 ____D () C:\Program Files (x86)\Java
2014-03-15 06:15 - 2014-03-15 13:25 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-13 20:48 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-03-13 20:48 - 2014-03-01 06:17 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-03-13 20:48 - 2014-03-01 06:16 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-03-13 20:48 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-03-13 20:48 - 2014-03-01 05:52 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-03-13 20:48 - 2014-03-01 05:51 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-03-13 20:48 - 2014-03-01 05:42 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-03-13 20:48 - 2014-03-01 05:40 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-03-13 20:48 - 2014-03-01 05:37 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-03-13 20:48 - 2014-03-01 05:33 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-03-13 20:48 - 2014-03-01 05:33 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-03-13 20:48 - 2014-03-01 05:32 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-03-13 20:48 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-03-13 20:48 - 2014-03-01 05:23 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-03-13 20:48 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-03-13 20:48 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-03-13 20:48 - 2014-03-01 05:02 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-03-13 20:48 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-03-13 20:48 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-03-13 20:48 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-03-13 20:48 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-03-13 20:48 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-03-13 20:48 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-03-13 20:48 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-03-13 20:48 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-03-13 20:48 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-03-13 20:48 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-03-13 20:48 - 2014-03-01 04:35 - 02041856 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-03-13 20:48 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-03-13 20:48 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-03-13 20:48 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-03-13 20:48 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-03-13 20:48 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-03-13 20:48 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-03-13 20:48 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-03-13 20:48 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-03-13 20:48 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-03-13 20:48 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-03-13 20:48 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-03-13 20:48 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-03-13 20:48 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-03-13 20:48 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2014-03-13 20:48 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2014-03-13 20:48 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2014-03-13 20:47 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2014-03-13 20:47 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-03-13 20:47 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2014-03-13 20:47 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2014-03-13 09:33 - 2014-03-13 09:33 - 05777288 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2014-03-10 10:32 - 2014-03-24 23:05 - 00000000 ____D () C:\Users\Admin_\Desktop\4. semestr 2013-2014
2014-03-06 23:30 - 2014-03-06 23:31 - 00000000 ____D () C:\Users\Admin_\Documents\Moje naskenované obrázky
2014-03-06 19:56 - 2014-03-06 19:56 - 00000000 ____D () C:\Users\Admin_\AppData\Roaming\LibreOffice
2014-03-06 17:29 - 2014-03-21 07:29 - 00000000 ____D () C:\Users\Admin_\Desktop\MATLAB
2014-03-06 00:37 - 2014-03-06 00:56 - 00000000 ____D () C:\Users\Admin_\Downloads\2 & 0.5 men
2014-03-05 08:31 - 2014-03-05 09:11 - 820312064 ____R () C:\Users\Admin_\Downloads\Skyfall CZ 2012.avi
2014-03-05 08:23 - 2014-03-05 09:03 - 00000000 ____D () C:\Users\Admin_\Downloads\Wolverine.2013.Extended.Cut
2014-03-04 17:53 - 2014-03-04 18:52 - 1867552768 ____R () C:\Users\Admin_\Downloads\Návrat na zapomenutý ostrov.avi
2014-03-04 17:48 - 2014-03-04 18:15 - 1554069504 ____R () C:\Users\Admin_\Downloads\Thor.2.Temny.svet.2o13.avi
2014-03-04 17:46 - 2014-03-04 19:45 - 736022528 ____R () C:\Users\Admin_\Downloads\Sucker Punch.avi
2014-03-04 17:44 - 2014-03-04 17:44 - 00000000 ____D () C:\Users\Admin_\Downloads\Gravity,2013.BRRip.XviD,AC3.CZ-Starcross
2014-02-26 07:20 - 2014-02-26 07:20 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-25 15:36 - 2014-02-22 21:20 - 1678292992 _____ () C:\Users\Admin_\Downloads\7.Prepadeni.2.Temne.uzemi.1995.480p.DVDRip.XviD.AC3.CZ.-calibrum2.avi
==================== One Month Modified Files and Folders =======
2014-03-26 19:09 - 2014-03-26 19:08 - 00013131 _____ () C:\Users\Admin_\Desktop\FRST.txt
2014-03-26 19:08 - 2013-07-02 09:55 - 00000000 ____D () C:\FRST
2014-03-26 19:04 - 2014-03-26 19:04 - 00038445 _____ () C:\Users\Admin_\Desktop\risit.txt
2014-03-26 19:04 - 2014-03-26 19:04 - 00000000 ____D () C:\Program Files\trend micro
2014-03-26 19:03 - 2014-03-26 19:03 - 02157056 _____ (Farbar) C:\Users\Admin_\Desktop\FRST64.exe
2014-03-26 19:03 - 2014-03-26 19:03 - 00935175 _____ () C:\Users\Admin_\Desktop\RSITx64.exe
2014-03-26 19:03 - 2014-03-26 19:03 - 00112640 _____ (forum.viry.cz) C:\Users\Admin_\Desktop\FRSTLauncher.exe
2014-03-26 18:56 - 2013-12-16 16:44 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-26 18:33 - 2013-08-21 10:33 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-03-26 18:21 - 2013-08-16 12:29 - 00000962 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1446954214-2930582283-825936318-1000UA.job
2014-03-26 18:20 - 2013-07-08 00:22 - 00000952 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-26 18:10 - 2014-02-16 22:23 - 00003496 _____ () C:\windows\System32\Tasks\gg_uac_daemon_Admin_
2014-03-26 18:09 - 2013-11-23 00:39 - 02026851 ____N () C:\windows\WindowsUpdate.log
2014-03-26 18:09 - 2013-09-12 15:19 - 00001178 _____ () C:\windows\Tasks\Torntv 2-updater.job
2014-03-26 18:09 - 2013-09-12 15:19 - 00001172 _____ () C:\windows\Tasks\Torntv 2-codedownloader.job
2014-03-26 18:09 - 2013-09-12 15:19 - 00001082 _____ () C:\windows\Tasks\Torntv 2-enabler.job
2014-03-26 10:29 - 2013-08-16 12:29 - 00000910 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1446954214-2930582283-825936318-1000Core.job
2014-03-26 08:14 - 2011-06-14 12:45 - 00669116 _____ () C:\windows\system32\perfh005.dat
2014-03-26 08:14 - 2011-06-14 12:45 - 00141744 _____ () C:\windows\system32\perfc005.dat
2014-03-26 08:14 - 2009-07-14 06:13 - 01584554 _____ () C:\windows\system32\PerfStringBackup.INI
2014-03-25 21:20 - 2013-07-08 00:22 - 00000948 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-25 20:51 - 2013-12-19 13:47 - 00000000 ____D () C:\Users\Admin_\AppData\Roaming\newnext.me
2014-03-25 20:51 - 2009-07-14 05:45 - 00013632 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-25 20:51 - 2009-07-14 05:45 - 00013632 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-25 20:44 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-03-24 23:06 - 2014-03-24 23:06 - 00000160 _____ () C:\Users\Admin_\Documents\cc_20140324_230619.reg
2014-03-24 23:05 - 2014-03-10 10:32 - 00000000 ____D () C:\Users\Admin_\Desktop\4. semestr 2013-2014
2014-03-24 20:32 - 2014-03-24 20:32 - 10938635 _____ () C:\Users\Admin_\Downloads\2IV-informacnigramotnost.rar
2014-03-24 20:25 - 2012-11-02 23:16 - 00002774 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-03-24 20:25 - 2012-01-28 19:34 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-24 20:20 - 2014-03-24 08:28 - 00000000 ___RD () C:\Users\Admin_\Desktop\viry-forum
2014-03-24 07:09 - 2014-03-24 07:08 - 00384488 _____ () C:\Users\Admin_\Downloads\InstallPlus500.exe
2014-03-24 06:18 - 2014-03-24 06:18 - 00001242 _____ () C:\Users\Admin_\Documents\cc_20140324_061800.reg
2014-03-24 06:16 - 2013-09-12 15:07 - 00000000 ____D () C:\Users\Admin_\AppData\Roaming\uTorrent
2014-03-21 07:29 - 2014-03-06 17:29 - 00000000 ____D () C:\Users\Admin_\Desktop\MATLAB
2014-03-19 22:51 - 2013-07-15 02:00 - 00000000 ____D () C:\windows\system32\MRT
2014-03-19 22:46 - 2011-12-24 13:31 - 90015360 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-03-15 13:25 - 2014-03-15 06:15 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-15 08:07 - 2013-07-02 07:19 - 00000000 ____D () C:\Users\Admin_
2014-03-15 08:06 - 2014-03-15 08:06 - 00026840 _____ () C:\Users\Admin_\Documents\cc_20140315_080645.reg
2014-03-15 06:24 - 2014-01-03 23:21 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-15 06:23 - 2014-03-15 06:23 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-03-15 06:23 - 2014-03-15 06:23 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-03-15 06:23 - 2014-03-15 06:23 - 00174504 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-03-15 06:23 - 2014-03-15 06:23 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-03-15 06:23 - 2014-03-15 06:23 - 00000000 ____D () C:\Program Files (x86)\Java
2014-03-15 06:15 - 2013-07-02 10:37 - 00000000 ____D () C:\Users\Admin_\AppData\Local\Google
2014-03-15 06:15 - 2011-12-17 20:16 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-14 05:36 - 2009-07-14 05:45 - 00559968 _____ () C:\windows\system32\FNTCACHE.DAT
2014-03-14 05:34 - 2013-03-13 06:37 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-14 05:34 - 2013-03-13 06:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-13 09:33 - 2014-03-13 09:33 - 05777288 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2014-03-13 09:33 - 2012-04-28 11:19 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-03-13 09:33 - 2012-04-28 11:19 - 00003852 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-03-13 09:33 - 2011-12-17 20:16 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-07 17:54 - 2011-09-12 20:42 - 00008224 _____ () C:\Users\Ivana\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-07 17:53 - 2012-12-27 07:04 - 00003496 _____ () C:\windows\System32\Tasks\gg_uac_daemon_Ivana
2014-03-06 23:31 - 2014-03-06 23:30 - 00000000 ____D () C:\Users\Admin_\Documents\Moje naskenované obrázky
2014-03-06 19:56 - 2014-03-06 19:56 - 00000000 ____D () C:\Users\Admin_\AppData\Roaming\LibreOffice
2014-03-06 00:56 - 2014-03-06 00:37 - 00000000 ____D () C:\Users\Admin_\Downloads\2 & 0.5 men
2014-03-05 09:11 - 2014-03-05 08:31 - 820312064 ____R () C:\Users\Admin_\Downloads\Skyfall CZ 2012.avi
2014-03-05 09:03 - 2014-03-05 08:23 - 00000000 ____D () C:\Users\Admin_\Downloads\Wolverine.2013.Extended.Cut
2014-03-04 19:45 - 2014-03-04 17:46 - 736022528 ____R () C:\Users\Admin_\Downloads\Sucker Punch.avi
2014-03-04 18:52 - 2014-03-04 17:53 - 1867552768 ____R () C:\Users\Admin_\Downloads\Návrat na zapomenutý ostrov.avi
2014-03-04 18:15 - 2014-03-04 17:48 - 1554069504 ____R () C:\Users\Admin_\Downloads\Thor.2.Temny.svet.2o13.avi
2014-03-04 17:44 - 2014-03-04 17:44 - 00000000 ____D () C:\Users\Admin_\Downloads\Gravity,2013.BRRip.XviD,AC3.CZ-Starcross
2014-03-04 13:21 - 2012-01-21 10:11 - 00000000 ____D () C:\Users\Admin\Desktop\movie
2014-03-01 20:29 - 2014-01-15 21:16 - 00000000 ____D () C:\Users\Admin_\Desktop\Mamka
2014-03-01 07:05 - 2014-03-13 20:48 - 23133696 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-03-01 06:17 - 2014-03-13 20:48 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-03-01 06:16 - 2014-03-13 20:48 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-03-01 05:58 - 2014-03-13 20:48 - 02765824 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-03-01 05:52 - 2014-03-13 20:48 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-03-01 05:51 - 2014-03-13 20:48 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-03-01 05:42 - 2014-03-13 20:48 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-03-01 05:40 - 2014-03-13 20:48 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-03-01 05:37 - 2014-03-13 20:48 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-03-01 05:33 - 2014-03-13 20:48 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-03-01 05:33 - 2014-03-13 20:48 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-03-01 05:32 - 2014-03-13 20:48 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-03-01 05:30 - 2014-03-13 20:48 - 17074688 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-03-01 05:23 - 2014-03-13 20:48 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-03-01 05:17 - 2014-03-13 20:48 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-03-01 05:11 - 2014-03-13 20:48 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-03-01 05:02 - 2014-03-13 20:48 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-03-01 04:54 - 2014-03-13 20:48 - 05768704 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-03-01 04:52 - 2014-03-13 20:48 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-03-01 04:51 - 2014-03-13 20:48 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-03-01 04:47 - 2014-03-13 20:48 - 02168320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-03-01 04:43 - 2014-03-13 20:48 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-03-01 04:43 - 2014-03-13 20:48 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-03-01 04:42 - 2014-03-13 20:48 - 00627200 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-03-01 04:40 - 2014-03-13 20:48 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-03-01 04:38 - 2014-03-13 20:48 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-03-01 04:37 - 2014-03-13 20:48 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-03-01 04:35 - 2014-03-13 20:48 - 02041856 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-03-01 04:18 - 2014-03-13 20:48 - 13051904 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-03-01 04:16 - 2014-03-13 20:48 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-03-01 04:14 - 2014-03-13 20:48 - 04244480 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-13 20:48 - 02334208 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-03-01 04:03 - 2014-03-13 20:48 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-03-01 04:00 - 2014-03-13 20:48 - 01964032 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-03-01 03:57 - 2014-03-13 20:48 - 11266048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-13 20:48 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-13 20:48 - 01820160 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-13 20:48 - 01156096 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-13 20:48 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-13 20:48 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-02-28 03:02 - 2012-01-30 21:20 - 01560204 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2014-02-26 07:20 - 2014-02-26 07:20 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-26 07:20 - 2012-04-13 21:32 - 00000000 ____D () C:\ProgramData\Skype
Files to move or delete:
====================
C:\ProgramData\wavav0bdtzbtb43b.bat
C:\ProgramData\wavav0bdtzbtb43b.reg
Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\b34btbztdb0vavaw.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1446954214-2930582283-825936318-1000Core.job => C:\Users\Ivana\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1446954214-2930582283-825936318-1000UA.job => C:\Users\Ivana\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\Torntv 2-codedownloader.job => C:\Program Files (x86)\Torntv 2\Torntv 2-codedownloader.exe <==== ATTENTION
Task: C:\windows\Tasks\Torntv 2-enabler.job => C:\Program Files (x86)\Torntv 2\Torntv 2-enabler.exe <==== ATTENTION
Task: C:\windows\Tasks\Torntv 2-updater.job => C:\Program Files (x86)\Torntv 2\Torntv 2-updater.exe <==== ATTENTION
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Admin_\Desktop" je 2895 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zpomalený PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpomalený PC
- Přílohy
-
- Addition.rar
- (11.57 KiB) Staženo 42 x
-
Rudy
- Site Admin
- Příspěvky: 119536
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomalený PC
Zdravím!
Spusťte nejprve tuto utilitu:
Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zpomalený PC
# AdwCleaner v3.022 - Report created 26/03/2014 at 20:12:37
# Updated 13/03/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Admin_ - IVANA-PC
# Running from : C:\Users\Admin_\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\IBUpdaterService
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\BrowseFox
Folder Deleted : C:\Program Files (x86)\Mobogenie
Folder Deleted : C:\Program Files (x86)\TornTV.com
Folder Deleted : C:\Program Files (x86)\Torntv 2
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\Ivana\AppData\Local\Temp\apn
Folder Deleted : C:\Users\Admin\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Admin_\AppData\Local\genienext
Folder Deleted : C:\Users\Admin_\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Admin_\AppData\Roaming\newnext.me
Folder Deleted : C:\Users\Admin_\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Admin_\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
Folder Deleted : C:\Users\Admin_\Documents\Mobogenie
Folder Deleted : C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Default\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj
Folder Deleted : C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
File Deleted : C:\Users\Admin_\AppData\Roaming\speedanalysis.ico
File Deleted : C:\Users\Admin_\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js
File Deleted : C:\windows\Tasks\Torntv 2-codedownloader.job
File Deleted : C:\windows\System32\Tasks\Torntv 2-codedownloader
File Deleted : C:\windows\Tasks\Torntv 2-enabler.job
File Deleted : C:\windows\System32\Tasks\Torntv 2-enabler
File Deleted : C:\windows\Tasks\Torntv 2-updater.job
File Deleted : C:\windows\System32\Tasks\Torntv 2-updater
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseFox_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseFox_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0035578.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0035578.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0035578.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0035578.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_youtube-downloader_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_youtube-downloader_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311551178}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322552278}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355555578}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366556678}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344554478}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311551178}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311551178}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311551178}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{091f7430-e568-4477-8302-60be90dff142}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8f3263a9-ae07-449d-bf03-5cedf0e9d7ae}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9ce037a0-9f4d-4d58-82be-ce45256d47da}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ab3b6b05-5dfc-4ebd-a023-2bde2ef48487}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ecbe83d0-245c-4197-accb-06a3724d15d5}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D8278076-BC68-4484-9233-6E7F1628B56C}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355555578}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366556678}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\installedbrowserextensions
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Torntv 2
Key Deleted : HKLM\Software\AskTBar
Key Deleted : HKLM\Software\BrowseFox
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Torntv 2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IM
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Torntv 2
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16521
-\\ Mozilla Firefox v
[ File : C:\Users\Admin_\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js ]
-\\ Google Chrome v33.0.1750.154
[ File : C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted : icon_url
[ File : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Admin_\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [7152 octets] - [26/03/2014 20:11:05]
AdwCleaner[S0].txt - [7094 octets] - [26/03/2014 20:12:37]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7154 octets] ##########
# Updated 13/03/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Admin_ - IVANA-PC
# Running from : C:\Users\Admin_\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\IBUpdaterService
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\BrowseFox
Folder Deleted : C:\Program Files (x86)\Mobogenie
Folder Deleted : C:\Program Files (x86)\TornTV.com
Folder Deleted : C:\Program Files (x86)\Torntv 2
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\Ivana\AppData\Local\Temp\apn
Folder Deleted : C:\Users\Admin\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Admin_\AppData\Local\genienext
Folder Deleted : C:\Users\Admin_\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Admin_\AppData\Roaming\newnext.me
Folder Deleted : C:\Users\Admin_\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Admin_\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
Folder Deleted : C:\Users\Admin_\Documents\Mobogenie
Folder Deleted : C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Default\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj
Folder Deleted : C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
File Deleted : C:\Users\Admin_\AppData\Roaming\speedanalysis.ico
File Deleted : C:\Users\Admin_\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js
File Deleted : C:\windows\Tasks\Torntv 2-codedownloader.job
File Deleted : C:\windows\System32\Tasks\Torntv 2-codedownloader
File Deleted : C:\windows\Tasks\Torntv 2-enabler.job
File Deleted : C:\windows\System32\Tasks\Torntv 2-enabler
File Deleted : C:\windows\Tasks\Torntv 2-updater.job
File Deleted : C:\windows\System32\Tasks\Torntv 2-updater
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseFox_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseFox_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0035578.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0035578.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0035578.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0035578.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_youtube-downloader_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_youtube-downloader_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311551178}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322552278}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355555578}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366556678}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344554478}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311551178}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311551178}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311551178}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{091f7430-e568-4477-8302-60be90dff142}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8f3263a9-ae07-449d-bf03-5cedf0e9d7ae}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9ce037a0-9f4d-4d58-82be-ce45256d47da}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ab3b6b05-5dfc-4ebd-a023-2bde2ef48487}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ecbe83d0-245c-4197-accb-06a3724d15d5}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D8278076-BC68-4484-9233-6E7F1628B56C}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355555578}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366556678}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\installedbrowserextensions
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Torntv 2
Key Deleted : HKLM\Software\AskTBar
Key Deleted : HKLM\Software\BrowseFox
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Torntv 2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IM
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Torntv 2
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16521
-\\ Mozilla Firefox v
[ File : C:\Users\Admin_\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js ]
-\\ Google Chrome v33.0.1750.154
[ File : C:\Users\Ivana\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted : icon_url
[ File : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Admin_\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [7152 octets] - [26/03/2014 20:11:05]
AdwCleaner[S0].txt - [7094 octets] - [26/03/2014 20:12:37]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7154 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119536
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomalený PC
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zpomalený PC
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Admin_ (administrator) on IVANA-PC on 26-03-2014 21:12:34
Running from C:\Users\Admin_\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(AMD) C:\windows\system32\atiesrxx.exe
(AMD) C:\windows\system32\atieclxx.exe
() C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(InterVideo Inc.) C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe
(Microsoft Corporation) C:\windows\SysWOW64\svchost.exe
() C:\windows\SysWOW64\srvany.exe
() C:\windows\KMService.exe
(Robert McNeel & Associates) C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
() C:\windows\SysWOW64\PnkBstrA.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
() C:\Program Files (x86)\Garena Plus\ggdllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdcBase.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(eInstruction Corporation) C:\Program Files (x86)\eInstruction\Device Manager\Launch.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(forum.viry.cz) C:\Users\Admin_\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11448424 2010-08-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2120808 2010-08-20] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1894696 2010-01-07] (Synaptics Incorporated)
HKLM\...\Run: [EnergyUtility] - C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [4462496 2010-04-12] (Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] - C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [7056800 2010-03-18] (Lenovo (Beijing) Limited)
HKLM\...\Run: [Windows Mobile-based device management] - C:\Windows\WindowsMobile\wmdcBase.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-07-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [hpqSRMon] - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\qttask.exe [282624 2006-09-01] (Apple Computer, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1446954214-2930582283-825936318-1008\...\MountPoints2: {9ff52d1c-5068-11e2-8098-806e6f6e6963} - F:\Autorun.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages =
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {866369DD-FD11-4560-A9A3-BA51E337D305} URL = http://www.search.ask.com/web?p2=%5EB7N ... 26ppd%253D
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {434D452D-5637-006A-76A7-7A786E7484D7} - No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @t.garena.com/garenatalk - C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppluginrichmediaplayer.dll ()
FF Extension: Torntv 3 - C:\Users\Admin_\AppData\Roaming\Mozilla\Firefox\profiles\extensions\trtv3@trtv.com.xpi [2013-06-30]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-04-10]
Chrome:
=======
CHR Extension: (Peněženka Google) - C:\Users\Admin_\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-15]
==================== Services (Whitelisted) =================
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [864032 2009-08-11] (Broadcom Corporation.)
R2 Capture Device Service; C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
R2 KMService; C:\windows\SysWOW64\srvany.exe [8192 2012-04-23] ()
R2 McNeelUpdate; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [67752 2012-10-25] (Robert McNeel & Associates)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2013-12-19] ()
==================== Drivers (Whitelisted) ====================
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-06-27] (DT Soft Ltd)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 usbsmi; C:\Windows\System32\DRIVERS\SMIksdrv.sys [200704 2010-04-20] (SMI)
U3 BcmSqlStartupSvc;
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
U3 SQLWriter;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-26 20:16 - 2014-03-26 20:16 - 00000056 _____ () C:\windows\setupact.log
2014-03-26 20:16 - 2014-03-26 20:16 - 00000000 _____ () C:\windows\setuperr.log
2014-03-26 20:11 - 2014-03-26 20:13 - 00000000 ____D () C:\AdwCleaner
2014-03-26 20:10 - 2014-03-26 20:10 - 01950720 _____ () C:\Users\Admin_\Desktop\adwcleaner.exe
2014-03-26 19:08 - 2014-03-26 21:12 - 00012521 _____ () C:\Users\Admin_\Desktop\FRST.txt
2014-03-26 19:04 - 2014-03-26 19:04 - 00000000 ____D () C:\Program Files\trend micro
2014-03-26 19:03 - 2014-03-26 19:03 - 02157056 _____ (Farbar) C:\Users\Admin_\Desktop\FRST64.exe
2014-03-26 19:03 - 2014-03-26 19:03 - 00112640 _____ (forum.viry.cz) C:\Users\Admin_\Desktop\FRSTLauncher.exe
2014-03-24 23:06 - 2014-03-24 23:06 - 00000160 _____ () C:\Users\Admin_\Documents\cc_20140324_230619.reg
2014-03-24 20:32 - 2014-03-24 20:32 - 10938635 _____ () C:\Users\Admin_\Downloads\2IV-informacnigramotnost.rar
2014-03-24 08:28 - 2014-03-24 20:20 - 00000000 ___RD () C:\Users\Admin_\Desktop\viry-forum
2014-03-24 07:08 - 2014-03-24 07:09 - 00384488 _____ () C:\Users\Admin_\Downloads\InstallPlus500.exe
2014-03-15 06:23 - 2014-03-15 06:23 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-03-15 06:23 - 2014-03-15 06:23 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-03-15 06:23 - 2014-03-15 06:23 - 00174504 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-03-15 06:23 - 2014-03-15 06:23 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-03-15 06:23 - 2014-03-15 06:23 - 00000000 ____D () C:\Program Files (x86)\Java
2014-03-15 06:15 - 2014-03-15 13:25 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-13 20:48 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-03-13 20:48 - 2014-03-01 06:17 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-03-13 20:48 - 2014-03-01 06:16 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-03-13 20:48 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-03-13 20:48 - 2014-03-01 05:52 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-03-13 20:48 - 2014-03-01 05:51 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-03-13 20:48 - 2014-03-01 05:42 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-03-13 20:48 - 2014-03-01 05:40 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-03-13 20:48 - 2014-03-01 05:37 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-03-13 20:48 - 2014-03-01 05:33 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-03-13 20:48 - 2014-03-01 05:33 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-03-13 20:48 - 2014-03-01 05:32 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-03-13 20:48 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-03-13 20:48 - 2014-03-01 05:23 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-03-13 20:48 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-03-13 20:48 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-03-13 20:48 - 2014-03-01 05:02 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-03-13 20:48 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-03-13 20:48 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-03-13 20:48 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-03-13 20:48 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-03-13 20:48 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-03-13 20:48 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-03-13 20:48 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-03-13 20:48 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-03-13 20:48 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-03-13 20:48 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-03-13 20:48 - 2014-03-01 04:35 - 02041856 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-03-13 20:48 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-03-13 20:48 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-03-13 20:48 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-03-13 20:48 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-03-13 20:48 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-03-13 20:48 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-03-13 20:48 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-03-13 20:48 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-03-13 20:48 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-03-13 20:48 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-03-13 20:48 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-03-13 20:48 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-03-13 20:48 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-03-13 20:48 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2014-03-13 20:48 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2014-03-13 20:48 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2014-03-13 20:47 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2014-03-13 20:47 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-03-13 20:47 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2014-03-13 20:47 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2014-03-13 09:33 - 2014-03-13 09:33 - 05777288 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2014-03-10 10:32 - 2014-03-24 23:05 - 00000000 ____D () C:\Users\Admin_\Desktop\4. semestr 2013-2014
2014-03-06 23:30 - 2014-03-06 23:31 - 00000000 ____D () C:\Users\Admin_\Documents\Moje naskenované obrázky
2014-03-06 19:56 - 2014-03-06 19:56 - 00000000 ____D () C:\Users\Admin_\AppData\Roaming\LibreOffice
2014-03-06 17:29 - 2014-03-21 07:29 - 00000000 ____D () C:\Users\Admin_\Desktop\MATLAB
2014-03-06 00:37 - 2014-03-06 00:56 - 00000000 ____D () C:\Users\Admin_\Downloads\2 & 0.5 men
2014-03-05 08:31 - 2014-03-05 09:11 - 820312064 ____R () C:\Users\Admin_\Downloads\Skyfall CZ 2012.avi
2014-03-05 08:23 - 2014-03-05 09:03 - 00000000 ____D () C:\Users\Admin_\Downloads\Wolverine.2013.Extended.Cut
2014-03-04 17:53 - 2014-03-04 18:52 - 1867552768 ____R () C:\Users\Admin_\Downloads\Návrat na zapomenutý ostrov.avi
2014-03-04 17:48 - 2014-03-04 18:15 - 1554069504 ____R () C:\Users\Admin_\Downloads\Thor.2.Temny.svet.2o13.avi
2014-03-04 17:46 - 2014-03-04 19:45 - 736022528 ____R () C:\Users\Admin_\Downloads\Sucker Punch.avi
2014-03-04 17:44 - 2014-03-04 17:44 - 00000000 ____D () C:\Users\Admin_\Downloads\Gravity,2013.BRRip.XviD,AC3.CZ-Starcross
2014-02-26 07:20 - 2014-02-26 07:20 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-25 15:36 - 2014-02-22 21:20 - 1678292992 _____ () C:\Users\Admin_\Downloads\7.Prepadeni.2.Temne.uzemi.1995.480p.DVDRip.XviD.AC3.CZ.-calibrum2.avi
==================== One Month Modified Files and Folders =======
2014-03-26 21:12 - 2014-03-26 19:08 - 00012521 _____ () C:\Users\Admin_\Desktop\FRST.txt
2014-03-26 21:12 - 2013-12-16 16:44 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-26 20:33 - 2013-08-21 10:33 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-03-26 20:23 - 2009-07-14 05:45 - 00013632 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-26 20:23 - 2009-07-14 05:45 - 00013632 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-26 20:21 - 2013-08-16 12:29 - 00000962 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1446954214-2930582283-825936318-1000UA.job
2014-03-26 20:21 - 2013-07-02 07:19 - 00000000 ____D () C:\Users\Admin_
2014-03-26 20:20 - 2013-07-08 00:22 - 00000952 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-26 20:19 - 2013-11-23 00:39 - 02031539 _____ () C:\windows\WindowsUpdate.log
2014-03-26 20:16 - 2014-03-26 20:16 - 00000056 _____ () C:\windows\setupact.log
2014-03-26 20:16 - 2014-03-26 20:16 - 00000000 _____ () C:\windows\setuperr.log
2014-03-26 20:16 - 2014-02-16 22:23 - 00003496 _____ () C:\windows\System32\Tasks\gg_uac_daemon_Admin_
2014-03-26 20:16 - 2013-07-08 00:22 - 00000948 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-26 20:16 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-03-26 20:13 - 2014-03-26 20:11 - 00000000 ____D () C:\AdwCleaner
2014-03-26 20:10 - 2014-03-26 20:10 - 01950720 _____ () C:\Users\Admin_\Desktop\adwcleaner.exe
2014-03-26 19:08 - 2013-07-02 09:55 - 00000000 ____D () C:\FRST
2014-03-26 19:04 - 2014-03-26 19:04 - 00000000 ____D () C:\Program Files\trend micro
2014-03-26 19:03 - 2014-03-26 19:03 - 02157056 _____ (Farbar) C:\Users\Admin_\Desktop\FRST64.exe
2014-03-26 19:03 - 2014-03-26 19:03 - 00112640 _____ (forum.viry.cz) C:\Users\Admin_\Desktop\FRSTLauncher.exe
2014-03-26 10:29 - 2013-08-16 12:29 - 00000910 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1446954214-2930582283-825936318-1000Core.job
2014-03-26 08:14 - 2011-06-14 12:45 - 00669116 _____ () C:\windows\system32\perfh005.dat
2014-03-26 08:14 - 2011-06-14 12:45 - 00141744 _____ () C:\windows\system32\perfc005.dat
2014-03-26 08:14 - 2009-07-14 06:13 - 01584554 _____ () C:\windows\system32\PerfStringBackup.INI
2014-03-24 23:06 - 2014-03-24 23:06 - 00000160 _____ () C:\Users\Admin_\Documents\cc_20140324_230619.reg
2014-03-24 23:05 - 2014-03-10 10:32 - 00000000 ____D () C:\Users\Admin_\Desktop\4. semestr 2013-2014
2014-03-24 20:32 - 2014-03-24 20:32 - 10938635 _____ () C:\Users\Admin_\Downloads\2IV-informacnigramotnost.rar
2014-03-24 20:25 - 2012-11-02 23:16 - 00002774 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-03-24 20:25 - 2012-01-28 19:34 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-24 20:20 - 2014-03-24 08:28 - 00000000 ___RD () C:\Users\Admin_\Desktop\viry-forum
2014-03-24 07:09 - 2014-03-24 07:08 - 00384488 _____ () C:\Users\Admin_\Downloads\InstallPlus500.exe
2014-03-24 06:16 - 2013-09-12 15:07 - 00000000 ____D () C:\Users\Admin_\AppData\Roaming\uTorrent
2014-03-21 07:29 - 2014-03-06 17:29 - 00000000 ____D () C:\Users\Admin_\Desktop\MATLAB
2014-03-19 22:51 - 2013-07-15 02:00 - 00000000 ____D () C:\windows\system32\MRT
2014-03-19 22:46 - 2011-12-24 13:31 - 90015360 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-03-15 13:25 - 2014-03-15 06:15 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-15 06:24 - 2014-01-03 23:21 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-15 06:23 - 2014-03-15 06:23 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-03-15 06:23 - 2014-03-15 06:23 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-03-15 06:23 - 2014-03-15 06:23 - 00174504 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-03-15 06:23 - 2014-03-15 06:23 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-03-15 06:23 - 2014-03-15 06:23 - 00000000 ____D () C:\Program Files (x86)\Java
2014-03-15 06:15 - 2013-07-02 10:37 - 00000000 ____D () C:\Users\Admin_\AppData\Local\Google
2014-03-15 06:15 - 2011-12-17 20:16 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-14 05:36 - 2009-07-14 05:45 - 00559968 _____ () C:\windows\system32\FNTCACHE.DAT
2014-03-14 05:34 - 2013-03-13 06:37 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-14 05:34 - 2013-03-13 06:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-13 09:33 - 2014-03-13 09:33 - 05777288 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2014-03-13 09:33 - 2012-04-28 11:19 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-03-13 09:33 - 2012-04-28 11:19 - 00003852 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-03-13 09:33 - 2011-12-17 20:16 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-07 17:54 - 2011-09-12 20:42 - 00008224 _____ () C:\Users\Ivana\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-07 17:53 - 2012-12-27 07:04 - 00003496 _____ () C:\windows\System32\Tasks\gg_uac_daemon_Ivana
2014-03-06 23:31 - 2014-03-06 23:30 - 00000000 ____D () C:\Users\Admin_\Documents\Moje naskenované obrázky
2014-03-06 19:56 - 2014-03-06 19:56 - 00000000 ____D () C:\Users\Admin_\AppData\Roaming\LibreOffice
2014-03-06 00:56 - 2014-03-06 00:37 - 00000000 ____D () C:\Users\Admin_\Downloads\2 & 0.5 men
2014-03-05 09:11 - 2014-03-05 08:31 - 820312064 ____R () C:\Users\Admin_\Downloads\Skyfall CZ 2012.avi
2014-03-05 09:03 - 2014-03-05 08:23 - 00000000 ____D () C:\Users\Admin_\Downloads\Wolverine.2013.Extended.Cut
2014-03-04 19:45 - 2014-03-04 17:46 - 736022528 ____R () C:\Users\Admin_\Downloads\Sucker Punch.avi
2014-03-04 18:52 - 2014-03-04 17:53 - 1867552768 ____R () C:\Users\Admin_\Downloads\Návrat na zapomenutý ostrov.avi
2014-03-04 18:15 - 2014-03-04 17:48 - 1554069504 ____R () C:\Users\Admin_\Downloads\Thor.2.Temny.svet.2o13.avi
2014-03-04 17:44 - 2014-03-04 17:44 - 00000000 ____D () C:\Users\Admin_\Downloads\Gravity,2013.BRRip.XviD,AC3.CZ-Starcross
2014-03-04 13:21 - 2012-01-21 10:11 - 00000000 ____D () C:\Users\Admin\Desktop\movie
2014-03-01 20:29 - 2014-01-15 21:16 - 00000000 ____D () C:\Users\Admin_\Desktop\Mamka
2014-03-01 07:05 - 2014-03-13 20:48 - 23133696 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-03-01 06:17 - 2014-03-13 20:48 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-03-01 06:16 - 2014-03-13 20:48 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-03-01 05:58 - 2014-03-13 20:48 - 02765824 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-03-01 05:52 - 2014-03-13 20:48 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-03-01 05:51 - 2014-03-13 20:48 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-03-01 05:42 - 2014-03-13 20:48 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-03-01 05:40 - 2014-03-13 20:48 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-03-01 05:37 - 2014-03-13 20:48 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-03-01 05:33 - 2014-03-13 20:48 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-03-01 05:33 - 2014-03-13 20:48 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-03-01 05:32 - 2014-03-13 20:48 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-03-01 05:30 - 2014-03-13 20:48 - 17074688 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-03-01 05:23 - 2014-03-13 20:48 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-03-01 05:17 - 2014-03-13 20:48 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-03-01 05:11 - 2014-03-13 20:48 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-03-01 05:02 - 2014-03-13 20:48 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-03-01 04:54 - 2014-03-13 20:48 - 05768704 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-03-01 04:52 - 2014-03-13 20:48 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-03-01 04:51 - 2014-03-13 20:48 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-03-01 04:47 - 2014-03-13 20:48 - 02168320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-03-01 04:43 - 2014-03-13 20:48 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-03-01 04:43 - 2014-03-13 20:48 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-03-01 04:42 - 2014-03-13 20:48 - 00627200 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-03-01 04:40 - 2014-03-13 20:48 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-03-01 04:38 - 2014-03-13 20:48 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-03-01 04:37 - 2014-03-13 20:48 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-03-01 04:35 - 2014-03-13 20:48 - 02041856 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-03-01 04:18 - 2014-03-13 20:48 - 13051904 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-03-01 04:16 - 2014-03-13 20:48 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-03-01 04:14 - 2014-03-13 20:48 - 04244480 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-13 20:48 - 02334208 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-03-01 04:03 - 2014-03-13 20:48 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-03-01 04:00 - 2014-03-13 20:48 - 01964032 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-03-01 03:57 - 2014-03-13 20:48 - 11266048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-13 20:48 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-13 20:48 - 01820160 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-13 20:48 - 01156096 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-13 20:48 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-13 20:48 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-02-28 03:02 - 2012-01-30 21:20 - 01560204 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2014-02-26 07:20 - 2014-02-26 07:20 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-26 07:20 - 2012-04-13 21:32 - 00000000 ____D () C:\ProgramData\Skype
Files to move or delete:
====================
C:\ProgramData\wavav0bdtzbtb43b.bat
C:\ProgramData\wavav0bdtzbtb43b.reg
Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\b34btbztdb0vavaw.exe
C:\Users\Admin_\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1446954214-2930582283-825936318-1000Core.job => C:\Users\Ivana\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1446954214-2930582283-825936318-1000UA.job => C:\Users\Ivana\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Admin_\Desktop" je 2896 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Ran by Admin_ (administrator) on IVANA-PC on 26-03-2014 21:12:34
Running from C:\Users\Admin_\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(AMD) C:\windows\system32\atiesrxx.exe
(AMD) C:\windows\system32\atieclxx.exe
() C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(InterVideo Inc.) C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe
(Microsoft Corporation) C:\windows\SysWOW64\svchost.exe
() C:\windows\SysWOW64\srvany.exe
() C:\windows\KMService.exe
(Robert McNeel & Associates) C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
() C:\windows\SysWOW64\PnkBstrA.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
() C:\Program Files (x86)\Garena Plus\ggdllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdcBase.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(eInstruction Corporation) C:\Program Files (x86)\eInstruction\Device Manager\Launch.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(forum.viry.cz) C:\Users\Admin_\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11448424 2010-08-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2120808 2010-08-20] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1894696 2010-01-07] (Synaptics Incorporated)
HKLM\...\Run: [EnergyUtility] - C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [4462496 2010-04-12] (Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] - C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [7056800 2010-03-18] (Lenovo (Beijing) Limited)
HKLM\...\Run: [Windows Mobile-based device management] - C:\Windows\WindowsMobile\wmdcBase.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-07-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [hpqSRMon] - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\qttask.exe [282624 2006-09-01] (Apple Computer, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1446954214-2930582283-825936318-1008\...\MountPoints2: {9ff52d1c-5068-11e2-8098-806e6f6e6963} - F:\Autorun.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages =
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {866369DD-FD11-4560-A9A3-BA51E337D305} URL = http://www.search.ask.com/web?p2=%5EB7N ... 26ppd%253D
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {434D452D-5637-006A-76A7-7A786E7484D7} - No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @t.garena.com/garenatalk - C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppluginrichmediaplayer.dll ()
FF Extension: Torntv 3 - C:\Users\Admin_\AppData\Roaming\Mozilla\Firefox\profiles\extensions\trtv3@trtv.com.xpi [2013-06-30]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-04-10]
Chrome:
=======
CHR Extension: (Peněženka Google) - C:\Users\Admin_\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-15]
==================== Services (Whitelisted) =================
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [864032 2009-08-11] (Broadcom Corporation.)
R2 Capture Device Service; C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
R2 KMService; C:\windows\SysWOW64\srvany.exe [8192 2012-04-23] ()
R2 McNeelUpdate; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [67752 2012-10-25] (Robert McNeel & Associates)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2013-12-19] ()
==================== Drivers (Whitelisted) ====================
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-06-27] (DT Soft Ltd)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 usbsmi; C:\Windows\System32\DRIVERS\SMIksdrv.sys [200704 2010-04-20] (SMI)
U3 BcmSqlStartupSvc;
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
U3 SQLWriter;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-26 20:16 - 2014-03-26 20:16 - 00000056 _____ () C:\windows\setupact.log
2014-03-26 20:16 - 2014-03-26 20:16 - 00000000 _____ () C:\windows\setuperr.log
2014-03-26 20:11 - 2014-03-26 20:13 - 00000000 ____D () C:\AdwCleaner
2014-03-26 20:10 - 2014-03-26 20:10 - 01950720 _____ () C:\Users\Admin_\Desktop\adwcleaner.exe
2014-03-26 19:08 - 2014-03-26 21:12 - 00012521 _____ () C:\Users\Admin_\Desktop\FRST.txt
2014-03-26 19:04 - 2014-03-26 19:04 - 00000000 ____D () C:\Program Files\trend micro
2014-03-26 19:03 - 2014-03-26 19:03 - 02157056 _____ (Farbar) C:\Users\Admin_\Desktop\FRST64.exe
2014-03-26 19:03 - 2014-03-26 19:03 - 00112640 _____ (forum.viry.cz) C:\Users\Admin_\Desktop\FRSTLauncher.exe
2014-03-24 23:06 - 2014-03-24 23:06 - 00000160 _____ () C:\Users\Admin_\Documents\cc_20140324_230619.reg
2014-03-24 20:32 - 2014-03-24 20:32 - 10938635 _____ () C:\Users\Admin_\Downloads\2IV-informacnigramotnost.rar
2014-03-24 08:28 - 2014-03-24 20:20 - 00000000 ___RD () C:\Users\Admin_\Desktop\viry-forum
2014-03-24 07:08 - 2014-03-24 07:09 - 00384488 _____ () C:\Users\Admin_\Downloads\InstallPlus500.exe
2014-03-15 06:23 - 2014-03-15 06:23 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-03-15 06:23 - 2014-03-15 06:23 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-03-15 06:23 - 2014-03-15 06:23 - 00174504 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-03-15 06:23 - 2014-03-15 06:23 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-03-15 06:23 - 2014-03-15 06:23 - 00000000 ____D () C:\Program Files (x86)\Java
2014-03-15 06:15 - 2014-03-15 13:25 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-13 20:48 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-03-13 20:48 - 2014-03-01 06:17 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-03-13 20:48 - 2014-03-01 06:16 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-03-13 20:48 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-03-13 20:48 - 2014-03-01 05:52 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-03-13 20:48 - 2014-03-01 05:51 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-03-13 20:48 - 2014-03-01 05:42 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-03-13 20:48 - 2014-03-01 05:40 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-03-13 20:48 - 2014-03-01 05:37 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-03-13 20:48 - 2014-03-01 05:33 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-03-13 20:48 - 2014-03-01 05:33 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-03-13 20:48 - 2014-03-01 05:32 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-03-13 20:48 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-03-13 20:48 - 2014-03-01 05:23 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-03-13 20:48 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-03-13 20:48 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-03-13 20:48 - 2014-03-01 05:02 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-03-13 20:48 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-03-13 20:48 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-03-13 20:48 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-03-13 20:48 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-03-13 20:48 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-03-13 20:48 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-03-13 20:48 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-03-13 20:48 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-03-13 20:48 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-03-13 20:48 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-03-13 20:48 - 2014-03-01 04:35 - 02041856 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-03-13 20:48 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-03-13 20:48 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-03-13 20:48 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-03-13 20:48 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-03-13 20:48 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-03-13 20:48 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-03-13 20:48 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-03-13 20:48 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-03-13 20:48 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-03-13 20:48 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-03-13 20:48 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-03-13 20:48 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-03-13 20:48 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-03-13 20:48 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2014-03-13 20:48 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2014-03-13 20:48 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2014-03-13 20:47 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2014-03-13 20:47 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-03-13 20:47 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2014-03-13 20:47 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2014-03-13 09:33 - 2014-03-13 09:33 - 05777288 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2014-03-10 10:32 - 2014-03-24 23:05 - 00000000 ____D () C:\Users\Admin_\Desktop\4. semestr 2013-2014
2014-03-06 23:30 - 2014-03-06 23:31 - 00000000 ____D () C:\Users\Admin_\Documents\Moje naskenované obrázky
2014-03-06 19:56 - 2014-03-06 19:56 - 00000000 ____D () C:\Users\Admin_\AppData\Roaming\LibreOffice
2014-03-06 17:29 - 2014-03-21 07:29 - 00000000 ____D () C:\Users\Admin_\Desktop\MATLAB
2014-03-06 00:37 - 2014-03-06 00:56 - 00000000 ____D () C:\Users\Admin_\Downloads\2 & 0.5 men
2014-03-05 08:31 - 2014-03-05 09:11 - 820312064 ____R () C:\Users\Admin_\Downloads\Skyfall CZ 2012.avi
2014-03-05 08:23 - 2014-03-05 09:03 - 00000000 ____D () C:\Users\Admin_\Downloads\Wolverine.2013.Extended.Cut
2014-03-04 17:53 - 2014-03-04 18:52 - 1867552768 ____R () C:\Users\Admin_\Downloads\Návrat na zapomenutý ostrov.avi
2014-03-04 17:48 - 2014-03-04 18:15 - 1554069504 ____R () C:\Users\Admin_\Downloads\Thor.2.Temny.svet.2o13.avi
2014-03-04 17:46 - 2014-03-04 19:45 - 736022528 ____R () C:\Users\Admin_\Downloads\Sucker Punch.avi
2014-03-04 17:44 - 2014-03-04 17:44 - 00000000 ____D () C:\Users\Admin_\Downloads\Gravity,2013.BRRip.XviD,AC3.CZ-Starcross
2014-02-26 07:20 - 2014-02-26 07:20 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-25 15:36 - 2014-02-22 21:20 - 1678292992 _____ () C:\Users\Admin_\Downloads\7.Prepadeni.2.Temne.uzemi.1995.480p.DVDRip.XviD.AC3.CZ.-calibrum2.avi
==================== One Month Modified Files and Folders =======
2014-03-26 21:12 - 2014-03-26 19:08 - 00012521 _____ () C:\Users\Admin_\Desktop\FRST.txt
2014-03-26 21:12 - 2013-12-16 16:44 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-26 20:33 - 2013-08-21 10:33 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-03-26 20:23 - 2009-07-14 05:45 - 00013632 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-26 20:23 - 2009-07-14 05:45 - 00013632 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-26 20:21 - 2013-08-16 12:29 - 00000962 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1446954214-2930582283-825936318-1000UA.job
2014-03-26 20:21 - 2013-07-02 07:19 - 00000000 ____D () C:\Users\Admin_
2014-03-26 20:20 - 2013-07-08 00:22 - 00000952 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-26 20:19 - 2013-11-23 00:39 - 02031539 _____ () C:\windows\WindowsUpdate.log
2014-03-26 20:16 - 2014-03-26 20:16 - 00000056 _____ () C:\windows\setupact.log
2014-03-26 20:16 - 2014-03-26 20:16 - 00000000 _____ () C:\windows\setuperr.log
2014-03-26 20:16 - 2014-02-16 22:23 - 00003496 _____ () C:\windows\System32\Tasks\gg_uac_daemon_Admin_
2014-03-26 20:16 - 2013-07-08 00:22 - 00000948 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-26 20:16 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-03-26 20:13 - 2014-03-26 20:11 - 00000000 ____D () C:\AdwCleaner
2014-03-26 20:10 - 2014-03-26 20:10 - 01950720 _____ () C:\Users\Admin_\Desktop\adwcleaner.exe
2014-03-26 19:08 - 2013-07-02 09:55 - 00000000 ____D () C:\FRST
2014-03-26 19:04 - 2014-03-26 19:04 - 00000000 ____D () C:\Program Files\trend micro
2014-03-26 19:03 - 2014-03-26 19:03 - 02157056 _____ (Farbar) C:\Users\Admin_\Desktop\FRST64.exe
2014-03-26 19:03 - 2014-03-26 19:03 - 00112640 _____ (forum.viry.cz) C:\Users\Admin_\Desktop\FRSTLauncher.exe
2014-03-26 10:29 - 2013-08-16 12:29 - 00000910 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1446954214-2930582283-825936318-1000Core.job
2014-03-26 08:14 - 2011-06-14 12:45 - 00669116 _____ () C:\windows\system32\perfh005.dat
2014-03-26 08:14 - 2011-06-14 12:45 - 00141744 _____ () C:\windows\system32\perfc005.dat
2014-03-26 08:14 - 2009-07-14 06:13 - 01584554 _____ () C:\windows\system32\PerfStringBackup.INI
2014-03-24 23:06 - 2014-03-24 23:06 - 00000160 _____ () C:\Users\Admin_\Documents\cc_20140324_230619.reg
2014-03-24 23:05 - 2014-03-10 10:32 - 00000000 ____D () C:\Users\Admin_\Desktop\4. semestr 2013-2014
2014-03-24 20:32 - 2014-03-24 20:32 - 10938635 _____ () C:\Users\Admin_\Downloads\2IV-informacnigramotnost.rar
2014-03-24 20:25 - 2012-11-02 23:16 - 00002774 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-03-24 20:25 - 2012-01-28 19:34 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-24 20:20 - 2014-03-24 08:28 - 00000000 ___RD () C:\Users\Admin_\Desktop\viry-forum
2014-03-24 07:09 - 2014-03-24 07:08 - 00384488 _____ () C:\Users\Admin_\Downloads\InstallPlus500.exe
2014-03-24 06:16 - 2013-09-12 15:07 - 00000000 ____D () C:\Users\Admin_\AppData\Roaming\uTorrent
2014-03-21 07:29 - 2014-03-06 17:29 - 00000000 ____D () C:\Users\Admin_\Desktop\MATLAB
2014-03-19 22:51 - 2013-07-15 02:00 - 00000000 ____D () C:\windows\system32\MRT
2014-03-19 22:46 - 2011-12-24 13:31 - 90015360 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-03-15 13:25 - 2014-03-15 06:15 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-15 06:24 - 2014-01-03 23:21 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-15 06:23 - 2014-03-15 06:23 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-03-15 06:23 - 2014-03-15 06:23 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-03-15 06:23 - 2014-03-15 06:23 - 00174504 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-03-15 06:23 - 2014-03-15 06:23 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-03-15 06:23 - 2014-03-15 06:23 - 00000000 ____D () C:\Program Files (x86)\Java
2014-03-15 06:15 - 2013-07-02 10:37 - 00000000 ____D () C:\Users\Admin_\AppData\Local\Google
2014-03-15 06:15 - 2011-12-17 20:16 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-14 05:36 - 2009-07-14 05:45 - 00559968 _____ () C:\windows\system32\FNTCACHE.DAT
2014-03-14 05:34 - 2013-03-13 06:37 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-14 05:34 - 2013-03-13 06:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-13 09:33 - 2014-03-13 09:33 - 05777288 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2014-03-13 09:33 - 2012-04-28 11:19 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-03-13 09:33 - 2012-04-28 11:19 - 00003852 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-03-13 09:33 - 2011-12-17 20:16 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-07 17:54 - 2011-09-12 20:42 - 00008224 _____ () C:\Users\Ivana\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-07 17:53 - 2012-12-27 07:04 - 00003496 _____ () C:\windows\System32\Tasks\gg_uac_daemon_Ivana
2014-03-06 23:31 - 2014-03-06 23:30 - 00000000 ____D () C:\Users\Admin_\Documents\Moje naskenované obrázky
2014-03-06 19:56 - 2014-03-06 19:56 - 00000000 ____D () C:\Users\Admin_\AppData\Roaming\LibreOffice
2014-03-06 00:56 - 2014-03-06 00:37 - 00000000 ____D () C:\Users\Admin_\Downloads\2 & 0.5 men
2014-03-05 09:11 - 2014-03-05 08:31 - 820312064 ____R () C:\Users\Admin_\Downloads\Skyfall CZ 2012.avi
2014-03-05 09:03 - 2014-03-05 08:23 - 00000000 ____D () C:\Users\Admin_\Downloads\Wolverine.2013.Extended.Cut
2014-03-04 19:45 - 2014-03-04 17:46 - 736022528 ____R () C:\Users\Admin_\Downloads\Sucker Punch.avi
2014-03-04 18:52 - 2014-03-04 17:53 - 1867552768 ____R () C:\Users\Admin_\Downloads\Návrat na zapomenutý ostrov.avi
2014-03-04 18:15 - 2014-03-04 17:48 - 1554069504 ____R () C:\Users\Admin_\Downloads\Thor.2.Temny.svet.2o13.avi
2014-03-04 17:44 - 2014-03-04 17:44 - 00000000 ____D () C:\Users\Admin_\Downloads\Gravity,2013.BRRip.XviD,AC3.CZ-Starcross
2014-03-04 13:21 - 2012-01-21 10:11 - 00000000 ____D () C:\Users\Admin\Desktop\movie
2014-03-01 20:29 - 2014-01-15 21:16 - 00000000 ____D () C:\Users\Admin_\Desktop\Mamka
2014-03-01 07:05 - 2014-03-13 20:48 - 23133696 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-03-01 06:17 - 2014-03-13 20:48 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-03-01 06:16 - 2014-03-13 20:48 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-03-01 05:58 - 2014-03-13 20:48 - 02765824 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-03-01 05:52 - 2014-03-13 20:48 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-03-01 05:51 - 2014-03-13 20:48 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-03-01 05:42 - 2014-03-13 20:48 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-03-01 05:40 - 2014-03-13 20:48 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-03-01 05:37 - 2014-03-13 20:48 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-03-01 05:33 - 2014-03-13 20:48 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-03-01 05:33 - 2014-03-13 20:48 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-03-01 05:32 - 2014-03-13 20:48 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-03-01 05:30 - 2014-03-13 20:48 - 17074688 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-03-01 05:23 - 2014-03-13 20:48 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-03-01 05:17 - 2014-03-13 20:48 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-03-01 05:11 - 2014-03-13 20:48 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-03-01 05:02 - 2014-03-13 20:48 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-03-01 04:54 - 2014-03-13 20:48 - 05768704 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-03-01 04:52 - 2014-03-13 20:48 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-03-01 04:51 - 2014-03-13 20:48 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-03-01 04:47 - 2014-03-13 20:48 - 02168320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-03-01 04:43 - 2014-03-13 20:48 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-03-01 04:43 - 2014-03-13 20:48 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-03-01 04:42 - 2014-03-13 20:48 - 00627200 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-03-01 04:40 - 2014-03-13 20:48 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-03-01 04:38 - 2014-03-13 20:48 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-03-01 04:37 - 2014-03-13 20:48 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-03-01 04:35 - 2014-03-13 20:48 - 02041856 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-03-01 04:18 - 2014-03-13 20:48 - 13051904 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-03-01 04:16 - 2014-03-13 20:48 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-03-01 04:14 - 2014-03-13 20:48 - 04244480 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-13 20:48 - 02334208 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-03-01 04:03 - 2014-03-13 20:48 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-03-01 04:00 - 2014-03-13 20:48 - 01964032 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-03-01 03:57 - 2014-03-13 20:48 - 11266048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-13 20:48 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-13 20:48 - 01820160 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-13 20:48 - 01156096 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-13 20:48 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-13 20:48 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-02-28 03:02 - 2012-01-30 21:20 - 01560204 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2014-02-26 07:20 - 2014-02-26 07:20 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-26 07:20 - 2012-04-13 21:32 - 00000000 ____D () C:\ProgramData\Skype
Files to move or delete:
====================
C:\ProgramData\wavav0bdtzbtb43b.bat
C:\ProgramData\wavav0bdtzbtb43b.reg
Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\b34btbztdb0vavaw.exe
C:\Users\Admin_\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1446954214-2930582283-825936318-1000Core.job => C:\Users\Ivana\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1446954214-2930582283-825936318-1000UA.job => C:\Users\Ivana\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Admin_\Desktop" je 2896 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
- Přílohy
-
- Addition.rar
- (11.42 KiB) Staženo 30 x
-
Rudy
- Site Admin
- Příspěvky: 119536
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomalený PC
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1446954214-2930582283-825936318-1008\...\MountPoints2: {9ff52d1c-5068-11e2-8098-806e6f6e6963} - F:\Autorun.exe
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages =
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {866369DD-FD11-4560-A9A3-BA51E337D305} URL = http://www.search.ask.com/web?p2=%5EB7N ... trgb=IE&q={searchTerms}&psv=barid%253D85637842089333173574992093708024904236%2526cargo%253DCME%252DV7%2526spr%253Da%2526did%253D10716%2526ppd%253D
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {434D452D-5637-006A-76A7-7A786E7484D7} - No File
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Extension: Torntv 3 - C:\Users\Admin_\AppData\Roaming\Mozilla\Firefox\profiles\extensions\trtv3@trtv.com.xpi [2013-06-30]
C:\Users\Admin_\AppData\Roaming\Mozilla\Firefox\profiles\extensions\trtv3@trtv.com.xpi
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1446954214-2930582283-825936318-1000UA.job
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1446954214-2930582283-825936318-1000Core.job
C:\ProgramData\wavav0bdtzbtb43b.bat
C:\ProgramData\wavav0bdtzbtb43b.reg
C:\Users\Admin\AppData\Local\Temp
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1446954214-2930582283-825936318-1000Core.job => C:\Users\Ivana\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1446954214-2930582283-825936318-1000UA.job => C:\Users\Ivana\AppData\Local\Google\Update\GoogleUpdate.exe
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zpomalený PC
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by Admin_ at 2014-03-27 00:03:17 Run:2
Running from C:\Users\Admin_\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1446954214-2930582283-825936318-1008\...\MountPoints2: {9ff52d1c-5068-11e2-8098-806e6f6e6963} - F:\Autorun.exe
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages =
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {866369DD-FD11-4560-A9A3-BA51E337D305} URL = http://www.search.ask.com/web?p2=%5EB7N ... trgb=IE&q={searchTerms}&psv=barid%253D85637842089333173574992093708024904236%2526cargo%253DCME%252DV7%2526spr%253Da%2526did%253D10716%2526ppd%253D
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {434D452D-5637-006A-76A7-7A786E7484D7} - No File
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Extension: Torntv 3 - C:\Users\Admin_\AppData\Roaming\Mozilla\Firefox\profiles\extensions\trtv3@trtv.com.xpi [2013-06-30]
C:\Users\Admin_\AppData\Roaming\Mozilla\Firefox\profiles\extensions\trtv3@trtv.com.xpi
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1446954214-2930582283-825936318-1000UA.job
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1446954214-2930582283-825936318-1000Core.job
C:\ProgramData\wavav0bdtzbtb43b.bat
C:\ProgramData\wavav0bdtzbtb43b.reg
C:\Users\Admin\AppData\Local\Temp
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1446954214-2930582283-825936318-1000Core.job => C:\Users\Ivana\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1446954214-2930582283-825936318-1000UA.job => C:\Users\Ivana\AppData\Local\Google\Update\GoogleUpdate.exe
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => Value deleted successfully.
HKU\S-1-5-21-1446954214-2930582283-825936318-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9ff52d1c-5068-11e2-8098-806e6f6e6963} => Key deleted successfully.
HKCR\CLSID\{9ff52d1c-5068-11e2-8098-806e6f6e6963} => Key not found.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Secondary Start Pages => Value deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Secondary Start Pages => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{866369DD-FD11-4560-A9A3-BA51E337D305} => Key deleted successfully.
HKCR\CLSID\{866369DD-FD11-4560-A9A3-BA51E337D305} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => Key deleted successfully.
HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => Key deleted successfully.
C:\Program Files (x86)\Google\Google Toolbar => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{434D452D-5637-006A-76A7-7A786E7484D7} => Value deleted successfully.
HKCR\CLSID\{434D452D-5637-006A-76A7-7A786E7484D7} => Key not found.
HKCR\PROTOCOLS\Filter\text/xml => Key deleted successfully.
HKCR\CLSID\{807553E5-5146-11D5-A672-00B0D022E945} => Key not found.
HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer => Key deleted successfully.
C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll => Moved successfully.
HKLM\Software\MozillaPlugins\FF Plugin: @microsoft.com/GENUINE - disabled No File => Key not found.
"FF Plugin: @microsoft.com/GENUINE - disabled No File" => not found.
HKLM\Software\Wow6432Node\MozillaPlugins\FF Plugin-x32: @microsoft.com/GENUINE - disabled No File => Key not found.
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File not found.
C:\Users\Admin_\AppData\Roaming\Mozilla\Firefox\profiles\extensions\trtv3@trtv.com.xpi => Moved successfully.
"C:\Users\Admin_\AppData\Roaming\Mozilla\Firefox\profiles\extensions\trtv3@trtv.com.xpi" => File/Directory not found.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1446954214-2930582283-825936318-1000UA.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1446954214-2930582283-825936318-1000Core.job => Moved successfully.
C:\ProgramData\wavav0bdtzbtb43b.bat => Moved successfully.
C:\ProgramData\wavav0bdtzbtb43b.reg => Moved successfully.
C:\Users\Admin\AppData\Local\Temp => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job not found.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job not found.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1446954214-2930582283-825936318-1000Core.job not found.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1446954214-2930582283-825936318-1000UA.job not found.
==== End of Fixlog ====
Ran by Admin_ at 2014-03-27 00:03:17 Run:2
Running from C:\Users\Admin_\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1446954214-2930582283-825936318-1008\...\MountPoints2: {9ff52d1c-5068-11e2-8098-806e6f6e6963} - F:\Autorun.exe
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages =
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {866369DD-FD11-4560-A9A3-BA51E337D305} URL = http://www.search.ask.com/web?p2=%5EB7N ... trgb=IE&q={searchTerms}&psv=barid%253D85637842089333173574992093708024904236%2526cargo%253DCME%252DV7%2526spr%253Da%2526did%253D10716%2526ppd%253D
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {434D452D-5637-006A-76A7-7A786E7484D7} - No File
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Extension: Torntv 3 - C:\Users\Admin_\AppData\Roaming\Mozilla\Firefox\profiles\extensions\trtv3@trtv.com.xpi [2013-06-30]
C:\Users\Admin_\AppData\Roaming\Mozilla\Firefox\profiles\extensions\trtv3@trtv.com.xpi
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1446954214-2930582283-825936318-1000UA.job
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1446954214-2930582283-825936318-1000Core.job
C:\ProgramData\wavav0bdtzbtb43b.bat
C:\ProgramData\wavav0bdtzbtb43b.reg
C:\Users\Admin\AppData\Local\Temp
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1446954214-2930582283-825936318-1000Core.job => C:\Users\Ivana\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1446954214-2930582283-825936318-1000UA.job => C:\Users\Ivana\AppData\Local\Google\Update\GoogleUpdate.exe
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => Value deleted successfully.
HKU\S-1-5-21-1446954214-2930582283-825936318-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9ff52d1c-5068-11e2-8098-806e6f6e6963} => Key deleted successfully.
HKCR\CLSID\{9ff52d1c-5068-11e2-8098-806e6f6e6963} => Key not found.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Secondary Start Pages => Value deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Secondary Start Pages => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{866369DD-FD11-4560-A9A3-BA51E337D305} => Key deleted successfully.
HKCR\CLSID\{866369DD-FD11-4560-A9A3-BA51E337D305} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => Key deleted successfully.
HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => Key deleted successfully.
C:\Program Files (x86)\Google\Google Toolbar => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{434D452D-5637-006A-76A7-7A786E7484D7} => Value deleted successfully.
HKCR\CLSID\{434D452D-5637-006A-76A7-7A786E7484D7} => Key not found.
HKCR\PROTOCOLS\Filter\text/xml => Key deleted successfully.
HKCR\CLSID\{807553E5-5146-11D5-A672-00B0D022E945} => Key not found.
HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer => Key deleted successfully.
C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll => Moved successfully.
HKLM\Software\MozillaPlugins\FF Plugin: @microsoft.com/GENUINE - disabled No File => Key not found.
"FF Plugin: @microsoft.com/GENUINE - disabled No File" => not found.
HKLM\Software\Wow6432Node\MozillaPlugins\FF Plugin-x32: @microsoft.com/GENUINE - disabled No File => Key not found.
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File not found.
C:\Users\Admin_\AppData\Roaming\Mozilla\Firefox\profiles\extensions\trtv3@trtv.com.xpi => Moved successfully.
"C:\Users\Admin_\AppData\Roaming\Mozilla\Firefox\profiles\extensions\trtv3@trtv.com.xpi" => File/Directory not found.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1446954214-2930582283-825936318-1000UA.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1446954214-2930582283-825936318-1000Core.job => Moved successfully.
C:\ProgramData\wavav0bdtzbtb43b.bat => Moved successfully.
C:\ProgramData\wavav0bdtzbtb43b.reg => Moved successfully.
C:\Users\Admin\AppData\Local\Temp => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job not found.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job not found.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1446954214-2930582283-825936318-1000Core.job not found.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1446954214-2930582283-825936318-1000UA.job not found.
==== End of Fixlog ====
-
Rudy
- Site Admin
- Příspěvky: 119536
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomalený PC
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?