prosím o kontrolu logu

Zpráva

cica18 · #1 Příspěvek od **cica18** » 15 kvě 2014 17:58

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:14-05-2014
Ran by Marketa (administrator) on MARKETA-PC on 15-05-2014 18:50:31
Running from C:\Users\Marketa\Desktop
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\AtService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ActivIdentity) C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acevents.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
(Roman Svihalek, ActivityMon Software) C:\Program Files\ActivityMon Software\ActivityMon\svchost.exe
(Bioscrypt Inc.) C:\Program Files\Hewlett-Packard\IAM\Bin\asghost.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Acronis) C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
() C:\Program Files\ActivityMon Software\ActivityMon\rundll32.exe
() C:\Program Files\ActivityMon Software\ActivityMon\actSessionUI32.exe
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Express Tray\ExpressTray.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_13_0_0_206_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(forum.viry.cz) C:\Users\Marketa\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-08-04] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-04-25] (AVAST Software)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-04-22] (Hewlett-Packard)
HKU\.DEFAULT\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [122200 2014-04-23] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-730507215-887370363-3937766701-1001\...\Run: [ShowBatteryBar] => C:\Program Files\BatteryBar\ShowBatteryBar.exe [90624 2013-04-11] ()
HKU\S-1-5-21-730507215-887370363-3937766701-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [122200 2014-04-23] (Garmin Ltd or its subsidiaries)
AppInit_DLLs: C:\PROGRA~1\HEWLET~1\IAM\Bin\APSHook.dll => C:\Program Files\Hewlett-Packard\IAM\Bin\APSHook.dll [89872 2009-07-23] (Bioscrypt Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: PasswordBox Helper - {5DB69B97-934B-451D-94DB-32EF802A01CD} - C:\Program Files\PasswordBox\Application\pbbtn.dll (PasswordBox, Inc.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: No Name - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - No File
BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 192.168.1.1
Tcpip\..\Interfaces\{080FA4BF-28B2-4E7A-A306-E06364A2E9F9}: [NameServer]217.77.165.81 217.77.161.131
Tcpip\..\Interfaces\{58A95CB5-18F8-4B18-929F-C7A966324B11}: [NameServer]217.77.165.81 217.77.161.131

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @playstation.com/PsndlCheck,version=1.00 - C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF Plugin: @real.com/nppl3260;version=15.0.0.198 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.0.198 - c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.0.198 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.0.198 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=15.0.0.198 - c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.19 - C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 - C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-04-03]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-04-03]

Chrome:
=======
CHR Extension: (PenÄ›Ĺľenka Google) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-25]

========================== Services (Whitelisted) =================

R2 ac.sharedstore; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [207400 2009-06-03] (ActivIdentity)
R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [777584 2013-08-21] (Acronis)
R2 ActivityMon2; C:\Program Files\ActivityMon Software\ActivityMon\svchost.exe [80568 2012-10-18] (Roman Svihalek, ActivityMon Software)
R2 afcdpsrv; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [3869688 2013-12-20] (Acronis)
R2 ASBroker; C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll [192784 2009-07-23] (Bioscrypt Inc.)
R2 ASChannel; C:\Program Files\Hewlett-Packard\IAM\Bin\AsChnl.dll [150288 2009-07-23] (Bioscrypt Inc.)
R2 ATService; C:\Program Files\Fingerprint Sensor\AtService.exe [1201400 2009-07-29] (AuthenTec, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-25] (AVAST Software)
R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [436056 2014-04-23] (Garmin Ltd or its subsidiaries)
R2 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [124928 2009-07-10] (Hewlett-Packard)
S3 HP ProtectTools Service; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [45056 2009-07-30] (Hewlett-Packard Development Company, L.P)
R2 HpFkCryptService; C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [256544 2009-07-29] (McAfee, Inc.)
S3 PasswordBox; C:\Program Files\PasswordBox\pbbtnService.exe [67584 2013-11-01] (PasswordBox, Inc.)
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [635416 2009-06-18] (PDF Complete Inc)
S3 RipCore; C:\Program Files\Fawkes Engineering\AccuRIP\RipCore.exe [2108352 2012-09-21] ()
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
S3 Správce výběru OS; C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe [2156952 2011-12-12] ()
S3 syncagentsrv; C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7149264 2013-10-22] (Acronis)
S3 VmbService; C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [9216 2011-07-14] (Vodafone)
S2 yksvc; C:\windows\System32\yk62x86.dll [364544 2009-09-28] (Marvell)

==================== Drivers (Whitelisted) ====================

R3 5U876UVC; C:\windows\System32\DRIVERS\5U876.sys [118656 2009-06-30] (Ricoh co.,Ltd.)
R2 aswHwid; C:\windows\system32\drivers\aswHwid.sys [24184 2014-04-25] ()
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [67824 2014-04-25] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [81768 2014-04-25] (AVAST Software)
R0 aswRvrt; C:\windows\system32\Drivers\aswRvrt.sys [49944 2014-04-25] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [777488 2014-05-15] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [411680 2014-05-15] (AVAST Software)
S2 aswStm; C:\windows\system32\drivers\aswStm.sys [68312 2014-05-15] (AVAST Software)
R0 aswVmm; C:\windows\system32\Drivers\aswVmm.sys [180632 2014-04-25] ()
R1 dtsoftbus01; C:\windows\System32\DRIVERS\dtsoftbus01.sys [232512 2011-10-07] (DT Soft Ltd)
S3 FsUsbExDisk; C:\windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] ()
S3 grmnusb; C:\windows\System32\drivers\grmnusb.sys [15720 2012-04-18] (GARMIN Corp.)
S3 huawei_cdcacm; C:\windows\System32\DRIVERS\ew_jucdcacm.sys [89856 2011-07-12] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\windows\System32\DRIVERS\ew_juextctrl.sys [26624 2011-07-12] (Huawei Technologies Co., Ltd.)
S3 huawei_wwanecm; C:\windows\System32\DRIVERS\ew_juwwanecm.sys [182272 2011-07-12] (Huawei Technologies Co., Ltd.)
S3 MfeAVFK; C:\windows\System32\drivers\MfeAVFK.sys [79816 2009-05-16] (McAfee, Inc.)
S3 MfeBOPK; C:\windows\System32\drivers\MfeBOPK.sys [35272 2009-05-16] (McAfee, Inc.)
R1 mfehidk; C:\windows\System32\drivers\mfehidk.sys [214024 2009-05-16] (McAfee, Inc.)
S3 MfeRKDK; C:\windows\System32\drivers\MfeRKDK.sys [34248 2009-05-16] (McAfee, Inc.)
R1 mfetdik; C:\windows\System32\drivers\mfetdik.sys [55336 2009-05-16] (McAfee, Inc.)
S3 NETw1v32; C:\windows\System32\DRIVERS\NETw1v32.sys [5958656 2009-07-21] (Intel Corporation)
R2 npf; C:\windows\System32\drivers\npf.sys [50704 2010-01-27] (CACE Technologies, Inc.)
R1 RsvLock; C:\windows\system32\Drivers\RsvLock.sys [12528 2009-07-29] (SafeBoot International)
R0 SafeBoot; C:\windows\system32\Drivers\SafeBoot.sys [109216 2009-07-29] ()
R0 SbAlg; C:\windows\system32\Drivers\SbAlg.sys [51408 2009-07-29] (SafeBoot N.V.)
R0 SbFsLock; C:\windows\system32\Drivers\SbFsLock.sys [12960 2009-07-29] (SafeBoot International)
R0 sptd; C:\windows\System32\Drivers\sptd.sys [436792 2012-06-05] ()
S3 ss_bbus; C:\windows\System32\DRIVERS\ss_bbus.sys [98432 2010-04-27] (MCCI)
S3 ss_bmdfl; C:\windows\System32\DRIVERS\ss_bmdfl.sys [14848 2010-04-27] (MCCI Corporation)
S3 ss_bmdm; C:\windows\System32\DRIVERS\ss_bmdm.sys [123648 2010-04-27] (MCCI Corporation)
S3 tdrpman; C:\windows\System32\DRIVERS\tdrpman.sys [889888 2013-12-20] (Acronis International GmbH)
R0 tib; C:\windows\System32\DRIVERS\tib.sys [736192 2013-11-09] (Acronis International GmbH)
R0 tib_mounter; C:\windows\System32\DRIVERS\tib_mounter.sys [143648 2013-12-20] (Acronis International GmbH)
R0 vididr; C:\windows\System32\DRIVERS\vididr.sys [116000 2013-11-09] (Acronis International GmbH)
R0 vidsflt; C:\windows\System32\DRIVERS\vidsflt.sys [85280 2013-11-09] (Acronis International GmbH)
R3 yukonw7; C:\windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
U5 AppMgmt; C:\windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-05-15 18:50 - 2014-05-15 18:50 - 00016201 _____ () C:\Users\Marketa\Desktop\FRST.txt
2014-05-15 18:50 - 2014-05-15 18:50 - 00000000 ____D () C:\FRST
2014-05-15 18:49 - 2014-05-15 18:49 - 00112640 _____ (forum.viry.cz) C:\Users\Marketa\Desktop\FRSTLauncher.exe
2014-05-15 18:48 - 2014-05-15 18:48 - 01056256 _____ (Farbar) C:\Users\Marketa\Desktop\FRST.exe
2014-05-15 18:01 - 2014-05-15 18:01 - 00000000 ____D () C:\Users\Marketa\Downloads\Game of Thrones S04E06 1080i HDTV MPEG2 DD5.1-CtrlHD
2014-05-15 17:23 - 2014-05-15 18:18 - 00000000 ____D () C:\ProgramData\AutoKMS
2014-05-15 11:16 - 2014-05-15 11:29 - 00000000 ____D () C:\Users\Marketa\Desktop\video deda
2014-05-15 03:09 - 2014-05-15 03:09 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-15 03:01 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-15 03:01 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-15 03:01 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-05-14 21:09 - 2014-05-14 21:13 - 00000000 ____D () C:\Users\Marketa\Downloads\Penny.Dreadful.S01E02.720p.HDTV.x264-RARBG
2014-05-14 10:33 - 2014-05-14 10:37 - 00000000 ____D () C:\Users\Marketa\Desktop\Loutky
2014-05-14 07:10 - 2014-05-09 09:06 - 00369664 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-05-14 07:10 - 2014-05-09 09:04 - 00302592 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-05-14 07:10 - 2014-04-12 04:15 - 00136640 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-05-14 07:10 - 2014-04-12 04:15 - 00067520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2014-05-14 07:10 - 2014-04-12 04:12 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2014-05-14 07:10 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2014-05-14 07:10 - 2014-04-12 04:12 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2014-05-14 07:10 - 2014-04-12 04:11 - 01059840 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-05-14 07:10 - 2014-04-12 04:11 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2014-05-14 07:10 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2014-05-14 07:10 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-05-14 07:10 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-05-14 07:10 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll
2014-05-14 07:10 - 2014-03-04 11:17 - 00304128 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-05-14 07:10 - 2014-03-04 11:17 - 00293376 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-05-14 07:10 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-05-14 07:10 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-05-14 07:10 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-05-14 07:10 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-05-14 07:10 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\cngprovider.dll
2014-05-14 07:10 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\windows\system32\adprovider.dll
2014-05-14 07:10 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\capiprovider.dll
2014-05-14 07:10 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\dpapiprovider.dll
2014-05-14 07:10 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll
2014-05-14 07:10 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\windows\system32\wincredprovider.dll
2014-05-14 07:10 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-05-14 07:09 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-05-13 15:38 - 2014-05-14 21:08 - 00000000 ____D () C:\Users\Marketa\Downloads\Penny.Dreadful.S01E01.720p.HDTV.x264-2HD [PublicHD]
2014-05-13 15:38 - 2014-05-13 15:38 - 00014318 _____ () C:\Users\Marketa\Downloads\[kickass.to]penny.dreadful.s01e02.720p.hdtv.x264.rarbg.torrent
2014-05-13 15:37 - 2014-05-13 15:37 - 00005147 _____ () C:\Users\Marketa\Downloads\[kickass.to]penny.dreadful.s01e01.720p.hdtv.x264.2hd.publichd.torrent
2014-05-13 15:14 - 2014-05-13 15:14 - 00025310 _____ () C:\Users\Marketa\Downloads\Penny.Dreadful.S01E01.HDTV.x264-2HD (+720p).srt.srt
2014-05-13 15:14 - 2014-05-13 15:14 - 00025310 _____ () C:\Users\Marketa\Downloads\Penny.Dreadful.S01E01.HDTV.x264-2HD (+720p).srt (1).srt
2014-05-13 15:11 - 2014-05-14 21:48 - 00000000 ____D () C:\Users\Marketa\Downloads\Game of Thrones S04E06 1080i HDTV MPEG2 DD5.1-CtrlHD[rartv]
2014-05-13 15:09 - 2014-05-13 15:09 - 00053151 _____ () C:\Users\Marketa\Downloads\[kickass.to]game.of.thrones.s04e06.1080i.hdtv.mpeg2.dd5.1.ctrlhd.rartv.torrent
2014-05-13 15:09 - 2014-05-13 15:09 - 00049953 _____ () C:\Users\Marketa\Downloads\Game.of.Thrones.S04E06.1080i.HDTV.MPEG2.DD5.1-CtrlHD.srt
2014-05-11 23:51 - 2014-05-12 05:03 - 00000000 ____D () C:\Users\Marketa\Downloads\House of Cards Season 2 Complete
2014-05-11 23:50 - 2014-05-11 23:50 - 00035799 _____ () C:\Users\Marketa\Downloads\[CzT]House_of_Cards_2_serie_2014_WebRip_720p_.torrent
2014-05-11 10:52 - 2014-05-15 06:07 - 00000000 ____D () C:\Program Files\Opera
2014-05-11 10:52 - 2014-05-11 10:52 - 00001087 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-05-11 10:52 - 2014-05-11 10:52 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\Opera Software
2014-05-11 10:52 - 2014-05-11 10:52 - 00000000 ____D () C:\Users\Marketa\AppData\Local\Opera Software
2014-05-11 10:51 - 2014-05-11 10:52 - 34759416 _____ (Opera Software ASA) C:\Users\Marketa\Downloads\Opera_20.0.1387.64_Setup.exe
2014-05-09 17:28 - 2014-05-09 17:37 - 00000000 ____D () C:\Users\Marketa\Downloads\Root
2014-05-07 06:23 - 2014-05-07 06:23 - 00001858 _____ () C:\Users\Public\Desktop\Garmin Express.lnk
2014-05-07 06:16 - 2014-05-15 03:28 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-05-06 05:00 - 2014-05-11 17:57 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-05-01 20:38 - 2014-05-15 18:16 - 00010684 _____ () C:\windows\setupact.log
2014-05-01 20:38 - 2014-05-01 20:38 - 00000000 _____ () C:\windows\setuperr.log
2014-04-28 23:31 - 2014-04-28 23:31 - 00000000 ____D () C:\Users\Marketa\Downloads\Kdo zabil elektromobil
2014-04-25 20:29 - 2014-05-12 05:22 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\Vidalia
2014-04-25 20:29 - 2014-05-12 05:02 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\Tor
2014-04-25 20:29 - 2014-04-25 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vidalia Bundle
2014-04-25 20:29 - 2014-04-25 20:29 - 00000000 ____D () C:\Program Files\Vidalia Bundle
2014-04-25 20:17 - 2014-04-25 20:17 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-04-25 20:17 - 2014-04-25 20:17 - 00024184 _____ () C:\windows\system32\Drivers\aswHwid.sys
2014-04-25 13:29 - 2014-05-04 14:14 - 00000000 ____D () C:\Users\Marketa\Desktop\Chléb
2014-04-23 07:32 - 2014-04-23 07:32 - 00000000 __SHD () C:\Users\Marketa\AppData\Local\EmieUserList
2014-04-23 07:32 - 2014-04-23 07:32 - 00000000 __SHD () C:\Users\Marketa\AppData\Local\EmieSiteList
2014-04-22 20:33 - 2014-03-06 10:31 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-04-22 20:33 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-04-22 20:33 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-04-22 20:33 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-04-22 20:33 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-04-22 20:33 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-04-22 20:33 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-04-22 20:33 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-04-22 20:33 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-04-22 20:33 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-04-22 20:33 - 2014-03-06 09:38 - 00108032 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-04-22 20:33 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-04-22 20:33 - 2014-03-06 09:28 - 00646144 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-04-22 20:33 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-04-22 20:33 - 2014-03-06 09:18 - 00575488 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-04-22 20:33 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-04-22 20:33 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-04-22 20:33 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-04-22 20:33 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-04-22 20:33 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-04-22 20:33 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-04-22 20:33 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-04-22 20:33 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-04-22 20:33 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-04-15 07:29 - 2014-04-21 00:39 - 00000000 ____D () C:\Users\Marketa\Desktop\Perníčky
2014-04-15 02:34 - 2014-04-15 02:34 - 01070232 _____ (Microsoft Corporation) C:\windows\system32\MSCOMCTL.OCX

==================== One Month Modified Files and Folders =======

2014-05-15 18:50 - 2014-05-15 18:50 - 00016201 _____ () C:\Users\Marketa\Desktop\FRST.txt
2014-05-15 18:50 - 2014-05-15 18:50 - 00000000 ____D () C:\FRST
2014-05-15 18:50 - 2013-01-28 23:49 - 00000000 ____D () C:\ProgramData\ActivityMon
2014-05-15 18:49 - 2014-05-15 18:49 - 00112640 _____ (forum.viry.cz) C:\Users\Marketa\Desktop\FRSTLauncher.exe
2014-05-15 18:48 - 2014-05-15 18:48 - 01056256 _____ (Farbar) C:\Users\Marketa\Desktop\FRST.exe
2014-05-15 18:24 - 2009-07-14 06:34 - 00019760 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-15 18:24 - 2009-07-14 06:34 - 00019760 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-15 18:21 - 2013-07-26 21:31 - 01447920 _____ () C:\windows\WindowsUpdate.log
2014-05-15 18:18 - 2014-05-15 17:23 - 00000000 ____D () C:\ProgramData\AutoKMS
2014-05-15 18:17 - 2014-03-31 19:07 - 00000940 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-15 18:17 - 2014-03-31 19:06 - 00000936 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-15 18:16 - 2014-05-01 20:38 - 00010684 _____ () C:\windows\setupact.log
2014-05-15 18:16 - 2009-07-14 06:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-05-15 18:15 - 2011-09-14 11:39 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\uTorrent
2014-05-15 18:09 - 2009-09-20 09:17 - 00006428 _____ () C:\windows\system32\PerfStringBackup.INI
2014-05-15 18:01 - 2014-05-15 18:01 - 00000000 ____D () C:\Users\Marketa\Downloads\Game of Thrones S04E06 1080i HDTV MPEG2 DD5.1-CtrlHD
2014-05-15 17:26 - 2013-12-26 16:31 - 00068312 _____ (AVAST Software) C:\windows\system32\Drivers\aswstm.sys
2014-05-15 17:26 - 2011-09-14 11:28 - 00777488 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys
2014-05-15 17:26 - 2011-09-14 11:28 - 00411680 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys
2014-05-15 11:29 - 2014-05-15 11:16 - 00000000 ____D () C:\Users\Marketa\Desktop\video deda
2014-05-15 08:33 - 2011-10-15 22:13 - 00000000 ____D () C:\Users\Marketa\Desktop\Sokol
2014-05-15 06:07 - 2014-05-11 10:52 - 00000000 ____D () C:\Program Files\Opera
2014-05-15 03:39 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\Microsoft.NET
2014-05-15 03:28 - 2014-05-07 06:16 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-05-15 03:12 - 2009-09-20 09:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-15 03:09 - 2014-05-15 03:09 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-15 03:09 - 2013-08-05 09:25 - 00000000 ____D () C:\windows\system32\MRT
2014-05-15 03:04 - 2011-09-16 06:32 - 90547776 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-05-14 21:48 - 2014-05-13 15:11 - 00000000 ____D () C:\Users\Marketa\Downloads\Game of Thrones S04E06 1080i HDTV MPEG2 DD5.1-CtrlHD[rartv]
2014-05-14 21:13 - 2014-05-14 21:09 - 00000000 ____D () C:\Users\Marketa\Downloads\Penny.Dreadful.S01E02.720p.HDTV.x264-RARBG
2014-05-14 21:08 - 2014-05-13 15:38 - 00000000 ____D () C:\Users\Marketa\Downloads\Penny.Dreadful.S01E01.720p.HDTV.x264-2HD [PublicHD]
2014-05-14 21:05 - 2011-11-11 20:56 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\vlc
2014-05-14 14:41 - 2012-04-09 17:13 - 07427584 ___SH () C:\Users\Marketa\Desktop\Thumbs.db
2014-05-14 13:35 - 2013-07-21 12:34 - 00000000 ____D () C:\Users\Marketa\Desktop\Foto vyvolat
2014-05-14 10:37 - 2014-05-14 10:33 - 00000000 ____D () C:\Users\Marketa\Desktop\Loutky
2014-05-14 08:44 - 2013-11-10 09:10 - 00000000 ____D () C:\Users\Marketa\Desktop\Logo MŠ Rybička
2014-05-13 15:38 - 2014-05-13 15:38 - 00014318 _____ () C:\Users\Marketa\Downloads\[kickass.to]penny.dreadful.s01e02.720p.hdtv.x264.rarbg.torrent
2014-05-13 15:37 - 2014-05-13 15:37 - 00005147 _____ () C:\Users\Marketa\Downloads\[kickass.to]penny.dreadful.s01e01.720p.hdtv.x264.2hd.publichd.torrent
2014-05-13 15:14 - 2014-05-13 15:14 - 00025310 _____ () C:\Users\Marketa\Downloads\Penny.Dreadful.S01E01.HDTV.x264-2HD (+720p).srt.srt
2014-05-13 15:14 - 2014-05-13 15:14 - 00025310 _____ () C:\Users\Marketa\Downloads\Penny.Dreadful.S01E01.HDTV.x264-2HD (+720p).srt (1).srt
2014-05-13 15:09 - 2014-05-13 15:09 - 00053151 _____ () C:\Users\Marketa\Downloads\[kickass.to]game.of.thrones.s04e06.1080i.hdtv.mpeg2.dd5.1.ctrlhd.rartv.torrent
2014-05-13 15:09 - 2014-05-13 15:09 - 00049953 _____ () C:\Users\Marketa\Downloads\Game.of.Thrones.S04E06.1080i.HDTV.MPEG2.DD5.1-CtrlHD.srt
2014-05-12 05:22 - 2014-04-25 20:29 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\Vidalia
2014-05-12 05:03 - 2014-05-11 23:51 - 00000000 ____D () C:\Users\Marketa\Downloads\House of Cards Season 2 Complete
2014-05-12 05:02 - 2014-04-25 20:29 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\Tor
2014-05-11 23:50 - 2014-05-11 23:50 - 00035799 _____ () C:\Users\Marketa\Downloads\[CzT]House_of_Cards_2_serie_2014_WebRip_720p_.torrent
2014-05-11 17:57 - 2014-05-06 05:00 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-05-11 10:55 - 2011-09-14 19:14 - 00000000 ____D () C:\Users\Marketa\AppData\Local\Adobe
2014-05-11 10:54 - 2012-04-02 05:04 - 00692400 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2014-05-11 10:54 - 2011-09-26 20:32 - 00070832 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2014-05-11 10:52 - 2014-05-11 10:52 - 00001087 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-05-11 10:52 - 2014-05-11 10:52 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\Opera Software
2014-05-11 10:52 - 2014-05-11 10:52 - 00000000 ____D () C:\Users\Marketa\AppData\Local\Opera Software
2014-05-11 10:52 - 2014-05-11 10:51 - 34759416 _____ (Opera Software ASA) C:\Users\Marketa\Downloads\Opera_20.0.1387.64_Setup.exe
2014-05-11 06:03 - 2009-09-20 09:18 - 00000000 ____D () C:\ProgramData\PDFC
2014-05-10 11:29 - 2013-11-13 11:48 - 00000000 ____D () C:\Users\Marketa\Desktop\Tea foto
2014-05-09 21:41 - 2009-07-14 04:04 - 00000513 _____ () C:\windows\win.ini
2014-05-09 21:40 - 2009-07-14 06:52 - 00000000 ____D () C:\windows\twain_32
2014-05-09 17:37 - 2014-05-09 17:28 - 00000000 ____D () C:\Users\Marketa\Downloads\Root
2014-05-09 09:29 - 2013-06-24 11:57 - 00000000 ____D () C:\Users\Marketa\Desktop\Dům snů
2014-05-09 09:06 - 2014-05-14 07:10 - 00369664 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-05-09 09:04 - 2014-05-14 07:10 - 00302592 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-05-09 07:00 - 2011-09-15 20:00 - 00000052 _____ () C:\windows\system32\DOErrors.log
2014-05-09 06:59 - 2011-09-20 13:54 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\HpUpdate
2014-05-08 18:19 - 2013-05-06 21:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-05-07 06:24 - 2014-03-30 12:54 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-07 06:23 - 2014-05-07 06:23 - 00001858 _____ () C:\Users\Public\Desktop\Garmin Express.lnk
2014-05-07 06:23 - 2012-06-25 23:40 - 00000000 ____D () C:\ProgramData\Garmin
2014-05-07 06:23 - 2012-02-24 13:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2014-05-07 06:23 - 2012-02-24 13:47 - 00000000 ____D () C:\Program Files\Garmin
2014-05-06 05:25 - 2014-05-15 03:01 - 17382912 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-06 05:07 - 2014-05-15 03:01 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-06 04:10 - 2014-05-15 03:01 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-05-05 22:24 - 2011-09-23 17:30 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\BatteryBar
2014-05-04 14:14 - 2014-04-25 13:29 - 00000000 ____D () C:\Users\Marketa\Desktop\Chléb
2014-05-02 20:58 - 2011-09-14 11:35 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\Media Player Classic
2014-05-01 20:38 - 2014-05-01 20:38 - 00000000 _____ () C:\windows\setuperr.log
2014-04-29 08:05 - 2014-01-29 14:30 - 00000000 ____D () C:\Users\Marketa\Desktop\Logopomůcky
2014-04-28 23:31 - 2014-04-28 23:31 - 00000000 ____D () C:\Users\Marketa\Downloads\Kdo zabil elektromobil
2014-04-25 20:29 - 2014-04-25 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vidalia Bundle
2014-04-25 20:29 - 2014-04-25 20:29 - 00000000 ____D () C:\Program Files\Vidalia Bundle
2014-04-25 20:17 - 2014-04-25 20:17 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-04-25 20:17 - 2014-04-25 20:17 - 00024184 _____ () C:\windows\system32\Drivers\aswHwid.sys
2014-04-25 20:17 - 2014-02-05 06:25 - 00002047 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-25 20:17 - 2013-03-02 00:39 - 00180632 _____ () C:\windows\system32\Drivers\aswVmm.sys
2014-04-25 20:17 - 2013-03-02 00:39 - 00049944 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2014-04-25 20:17 - 2012-02-25 23:34 - 00081768 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2014-04-25 20:17 - 2011-09-14 11:28 - 00776976 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys.1400167584336
2014-04-25 20:17 - 2011-09-14 11:28 - 00411552 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys.1400167584336
2014-04-25 20:17 - 2011-09-14 11:28 - 00271264 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-04-25 20:17 - 2011-09-14 11:28 - 00067824 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2014-04-24 10:03 - 2013-09-13 19:59 - 00000000 ____D () C:\windows\rescache
2014-04-23 07:32 - 2014-04-23 07:32 - 00000000 __SHD () C:\Users\Marketa\AppData\Local\EmieUserList
2014-04-23 07:32 - 2014-04-23 07:32 - 00000000 __SHD () C:\Users\Marketa\AppData\Local\EmieSiteList
2014-04-21 00:39 - 2014-04-15 07:29 - 00000000 ____D () C:\Users\Marketa\Desktop\Perníčky
2014-04-20 12:23 - 2013-08-24 12:15 - 00000000 ____D () C:\Users\Marketa\Desktop\Pro Terezku a kluky
2014-04-17 10:18 - 2009-07-14 06:53 - 00032602 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-04-15 02:34 - 2014-04-15 02:34 - 01070232 _____ (Microsoft Corporation) C:\windows\system32\MSCOMCTL.OCX

==================== Bamital & volsnap Check =================

C:\windows\explorer.exe => MD5 is legit
C:\windows\system32\winlogon.exe
[2014-05-14 07:10] - [2014-03-04 11:17] - 0304128 ____A (Microsoft Corporation) 998507B046BA314CE8245364C686FA67

C:\windows\system32\wininit.exe => MD5 is legit
C:\windows\system32\svchost.exe => MD5 is legit
C:\windows\system32\services.exe => MD5 is legit
C:\windows\system32\User32.dll => MD5 is legit
C:\windows\system32\userinit.exe => MD5 is legit
C:\windows\system32\rpcss.dll => MD5 is legit
C:\windows\system32\Drivers\volsnap.sys => MD5 is legit

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Marketa\Desktop" je 72663 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\accrdsub
"C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\acevents
"C:\Program Files\ActivIdentity\ActivClient\acevents.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTibMounterMonitor
c:\program files\common files\acronis\tibmounter\tibmountermonitor.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\actSessionUI32.exe
"C:\Program Files\ActivityMon Software\ActivityMon\actSessionUI32.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ANT Agent
c:\program files\garmin\ant agent\ant agent.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CognizanceTS
rundll32.exe C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarminExpressTrayApp
c:\program files\garmin\express tray\expresstray.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPADVISOR
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileBroadband
C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PTHOSTTR
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Slu�ba Acronis Scheduler2
c:\program files\common files\acronis\schedule2\schedhlp.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX
C:\Program Files\Analog Devices\SoundMAX\soundmax.exe /tray [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP
C:\Program Files\Analog Devices\Core\smax4pnp.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh
%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe
c:\program files\acronis\trueimagehome\trueimagemonitor.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vidalia
"C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WirelessAssistant
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk
C:\PROGRA~1\WinZip\WZQKPICK.EXE

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Marketa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk
C:\Users\Marketa\AppData\Roaming\Dropbox\bin\Dropbox.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Marketa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^V��ezy obrazovky a spu�t�n� aplikace OneNote 2010.lnk
C:\PROGRA~1\MICROS~2\Office14\ONENOTEM.EXE

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000001

==================== End Of Log ==============================

#2 Příspěvek od **Rudy** » 15 kvě 2014 19:25

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:

Start
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
C:\Program Files\Google\Google Toolbar
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
C:\ProgramData\AutoKMS
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Na ploše máte příliš mnoho dat (cca 72GB). Takové množství značně zpomaluje start. Přesuňte je do některého standardního adresáře a na plochu si dejte pro jednoduchost přístupu pouze zástupce.

cica18 · #3 Příspěvek od **cica18** » 15 kvě 2014 20:59

to mam pouze prechodne, videa z kamery, odstranim o vikendu

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:15-05-2014
Ran by Marketa at 2014-05-15 21:58:15 Run:1
Running from C:\Users\Marketa\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
C:\Program Files\Google\Google Toolbar
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
C:\ProgramData\AutoKMS
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
End
*****************

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => Key deleted successfully.
HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => Key deleted successfully.
C:\Program Files\Google\Google Toolbar => Moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Key deleted successfully.
HKLM\Software\MozillaPlugins\FF Plugin: @microsoft.com/GENUINE - disabled No File => Key not found.
FF Plugin: @microsoft.com/GENUINE - disabled No File not found.
C:\ProgramData\AutoKMS => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job not found.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job not found.

==== End of Fixlog ====

#4 Příspěvek od **Rudy** » 15 kvě 2014 21:35

Smazáno, log je již OK.

VIRY.CZ

prosím o kontrolu logu

prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu