Dobrý den, prosím o kontrolu logu dle návodu z FRST. Mám pocit, že počítač mám zavirovaný - je pomalý a eset mi našel viry. Děkuji.
Ran by Ruzena Kicurova (administrator) on RUZENA on 02-07-2014 17:15:11
Running from C:\Users\Ruzena Kicurova\Desktop
Platform: Windows 8 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 10
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
() C:\Users\Ruzena Kicurova\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Users\Ruzena Kicurova\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(forum.viry.cz) C:\Users\Ruzena Kicurova\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [AuditSHD] => C:\windows\system32\oobe\auditshd.exe [31232 2012-07-26] (Microsoft Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5581888 2014-02-24] (ESET)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [GamingWonderland EPM Support] => C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtmedint.exe [12872 2014-02-02] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [GamingWonderland Search Scope Monitor] => C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtSrchMn.exe [55368 2014-02-02] (Mindspark)
HKLM-x32\...\Run: [GamingWonderland Browser Plugin Loader 64] => C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbrmon64.exe [71752 2014-02-02] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [Marine Aquarium Lite EPM Support] => C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57medint.exe [12872 2014-02-02] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [Marine Aquarium Lite Search Scope Monitor] => C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57SrchMn.exe [55368 2014-02-02] (Mindspark)
HKLM-x32\...\Run: [MarineAquarium3Free_57 Browser Plugin Loader 64] => C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57brmon64.exe [71752 2014-02-02] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TrojanScanner] => C:\Program Files (x86)\Trojan Remover\Trjscan.exe [1666432 2014-06-25] (Simply Super Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2745765-3501856421-523033783-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Ruzena Kicurova\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2745765-3501856421-523033783-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Ruzena Kicurova\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-2745765-3501856421-523033783-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2745765-3501856421-523033783-1001\...\Run: [Facebook Update] => C:\Users\Ruzena Kicurova\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-04-19] (Facebook Inc.)
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.6.112\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.6.112\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_U -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.6.112\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://my.myplaycity.com/
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... &pc=ASU2JS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... &pc=ASU2JS
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... &pc=ASU2JS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... &pc=ASU2JS
SearchScopes: HKCU - DefaultScope {6C14A2E5-9B02-4DDC-AA2F-B6080DD422D2} URL = https://search.yahoo.com/search?fr=chr- ... earchTerms}
SearchScopes: HKCU - {03154A8A-6B4F-45DE-B457-C0E5C9A8EC51} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKCU - {3B6D94B7-2BB4-455D-BC31-75BEBABF631B} URL = http://encyklopedie.seznam.cz/search?q= ... arch_16194
SearchScopes: HKCU - {4ED1E08D-F23D-430A-9565-371D8BD0C178} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_16194
SearchScopes: HKCU - {6C14A2E5-9B02-4DDC-AA2F-B6080DD422D2} URL = https://search.yahoo.com/search?fr=chr- ... earchTerms}
SearchScopes: HKCU - {805C3B75-2BC8-4022-9AF0-C7742449F783} URL = http://www.mapy.cz/?query={searchTerms} ... arch_16194
SearchScopes: HKCU - {8E0F27C7-4EAF-4AF4-9E8B-F4AE91EC25F1} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_16194
SearchScopes: HKCU - {C7DFFF0F-0E3A-4CB1-84DD-B2C3FBB03C3C} URL = http://search.seznam.cz/?q={searchTerms ... arch_16194
SearchScopes: HKCU - {D2C77159-1F44-4715-AED4-FFF09CE5083F} URL = http://www.novinky.cz/hledej?w={searchT ... arch_16194
SearchScopes: HKCU - {D3CF8925-DDF4-4985-BBC6-BDC82F96FF80} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
SearchScopes: HKCU - {E1D3ABB8-7DAE-4E5B-A912-98B5C8234A18} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll No File
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 94.74.192.252 94.74.192.244
FireFox:
========
FF Plugin-x32: @GamingWonderland.com/Plugin - C:\Program Files (x86)\GamingWonderland\bar\1.bin\NPgtStub.dll (Mindspark)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @MarineAquarium3Free_57.com/Plugin - C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\NP57Stub.dll (Mindspark)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @lightspark.github.com/Lightspark;version=1 - C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Ruzena Kicurova\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Ruzena Kicurova\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-06-25]
FF HKLM-x32\...\Firefox\Extensions: [ext@flashenhancer.com] - C:\Program Files (x86)\AmiExt\flashEnhancer\ff
FF Extension: flash-Enhancer - C:\Program Files (x86)\AmiExt\flashEnhancer\ff [2014-03-10]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaWatchV1home9563.net] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home9563\ff
FF Extension: Media Watch - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home9563\ff [2014-03-25]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-06-25]
==================== Services (Whitelisted) =================
R3 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R3 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1578496 2012-08-14] (IVT Corporation) [File not signed]
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2012-08-14] (IVT Corporation) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1343408 2014-02-24] (ESET)
R3 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R3 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R3 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2014-05-23] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
S2 GamingWonderlandService; C:\PROGRA~2\GAMING~2\bar\1.bin\gtbarsvc.exe [X]
S2 MarineAquarium3Free_57Service; C:\PROGRA~2\MARINE~2\bar\1.bin\57barsvc.exe [X]
S2 Update Surftastic; "C:\Program Files (x86)\Surftastic\updateSurftastic.exe" [X]
S2 Util Surftastic; "C:\Program Files (x86)\Surftastic\bin\utilSurftastic.exe" [X]
==================== Drivers (Whitelisted) ====================
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-04-16] (ASUS Corporation)
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [34912 2012-06-15] (Ralink Corporation.)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
U4 BthAvrcpTg;
U4 BthHFEnum;
U4 bthhfhid;
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [48736 2012-08-14] (Ralink Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [220232 2013-09-17] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-09-17] (ESET)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2014-06-16] (Intel Corporation)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [695392 2012-08-14] (Ralink Technology, Corp.)
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [34912 2012-06-15] (Ralink Corporation.)
S3 e1edc438-f640-4184-a443-d2a7c37a01dc; \??\G:\WTP 2.3.0 - testy\wtp\bin\690b33e1-0462-4e84-9bea-c7552b45432a.sys [X]
U0 msahci;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-02 17:15 - 2014-07-02 17:16 - 00015512 _____ () C:\Users\Ruzena Kicurova\Desktop\FRST.txt
2014-07-02 17:14 - 2014-07-02 17:15 - 00000000 ____D () C:\FRST
2014-07-02 17:13 - 2014-07-02 17:13 - 00112640 _____ (forum.viry.cz) C:\Users\Ruzena Kicurova\Desktop\FRSTLauncher.exe
2014-07-02 17:12 - 2014-07-02 17:11 - 02083840 _____ (Farbar) C:\Users\Ruzena Kicurova\Desktop\FRST64.exe
2014-07-02 17:11 - 2014-07-02 17:11 - 02083840 _____ (Farbar) C:\Users\Ruzena Kicurova\Downloads\FRST64.exe
2014-06-26 13:45 - 2014-04-03 13:22 - 02233176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-25 18:54 - 2014-06-25 18:54 - 04748896 _____ (Piriform Ltd) C:\Users\Ruzena Kicurova\Downloads\ccleaner_4.14.4707.exe
2014-06-25 18:11 - 2014-06-25 18:11 - 00000000 ____D () C:\Users\Ruzena Kicurova\AppData\Roaming\ESET
2014-06-25 18:11 - 2014-06-25 18:11 - 00000000 ____D () C:\Users\Ruzena Kicurova\AppData\Local\ESET
2014-06-25 18:08 - 2014-06-25 18:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-06-25 18:08 - 2014-06-25 18:08 - 00000000 ____D () C:\ProgramData\ESET
2014-06-25 18:08 - 2014-06-25 18:08 - 00000000 ____D () C:\Program Files\ESET
2014-06-25 18:02 - 2014-05-24 04:48 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-25 18:02 - 2014-05-24 04:47 - 01366016 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-25 18:02 - 2014-05-24 04:47 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-06-25 18:02 - 2014-05-24 04:46 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-25 18:02 - 2014-05-24 04:46 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-06-25 18:02 - 2014-05-24 04:46 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-25 18:02 - 2014-05-24 03:26 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-25 18:02 - 2014-05-24 03:26 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-25 18:02 - 2014-05-24 03:26 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-25 18:02 - 2014-05-24 03:26 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-06-25 18:02 - 2014-05-24 03:25 - 13731328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-25 18:02 - 2014-05-24 03:25 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-25 18:02 - 2014-05-24 03:25 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-06-25 18:02 - 2014-05-24 03:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-25 18:02 - 2014-05-24 03:25 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-25 18:02 - 2014-05-24 03:09 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-25 18:02 - 2014-05-24 00:37 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-06-25 18:02 - 2014-05-03 07:47 - 03246592 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-25 18:02 - 2014-05-03 05:34 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-06-25 18:02 - 2014-04-30 00:32 - 01301504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-06-25 18:02 - 2014-04-30 00:22 - 01023488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-06-25 18:02 - 2014-04-03 13:19 - 00328024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-06-25 18:02 - 2014-04-03 05:44 - 00619008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-06-25 18:02 - 2014-04-01 00:08 - 00387268 _____ () C:\Windows\system32\ApnDatabase.xml
2014-06-25 18:02 - 2014-03-25 01:42 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2014-06-25 18:02 - 2014-03-25 00:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-06-25 18:01 - 2014-05-24 04:47 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-25 18:01 - 2014-05-24 04:47 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-06-25 18:01 - 2014-05-24 04:46 - 19290112 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-25 18:01 - 2014-05-24 04:46 - 15368704 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-25 18:01 - 2014-05-24 04:46 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-25 18:01 - 2014-05-24 04:46 - 02650112 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-25 18:01 - 2014-05-24 04:46 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-25 18:01 - 2014-05-24 04:46 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-25 18:01 - 2014-05-24 04:46 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-25 18:01 - 2014-05-24 04:46 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-25 18:01 - 2014-05-24 04:46 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-25 18:01 - 2014-05-24 04:45 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-25 18:01 - 2014-05-24 04:45 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-25 18:01 - 2014-05-24 04:45 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-25 18:01 - 2014-05-24 03:26 - 14365696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-25 18:01 - 2014-05-24 03:26 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-25 18:01 - 2014-05-24 03:26 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-25 18:01 - 2014-05-24 03:25 - 02862080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-25 18:01 - 2014-05-24 03:25 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-25 18:01 - 2014-05-24 03:25 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-06-25 18:01 - 2014-05-24 03:25 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-25 18:01 - 2014-05-24 03:25 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-25 18:01 - 2014-05-24 03:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-25 18:01 - 2014-05-24 03:03 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-25 17:59 - 2014-03-07 02:47 - 01419264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-25 17:59 - 2014-03-07 02:08 - 01845760 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-25 17:19 - 2014-06-25 17:19 - 00000000 ____D () C:\ProgramData\Licenses
2014-06-25 17:17 - 2014-06-25 17:17 - 00001107 _____ () C:\Users\Public\Desktop\Trojan Remover.lnk
2014-06-25 17:17 - 2014-06-25 17:17 - 00000000 ____D () C:\Users\Ruzena Kicurova\Documents\Simply Super Software
2014-06-25 17:17 - 2014-06-25 17:17 - 00000000 ____D () C:\Users\Ruzena Kicurova\AppData\Roaming\Simply Super Software
2014-06-25 17:17 - 2014-06-25 17:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
2014-06-25 17:16 - 2014-06-30 12:15 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2014-06-25 17:16 - 2014-06-25 17:16 - 00000000 ____D () C:\ProgramData\Simply Super Software
2014-06-25 17:15 - 2014-06-25 17:15 - 29644704 _____ (Simply Super Software ) C:\Users\Ruzena Kicurova\Desktop\trjsetup690.exe
2014-06-16 10:46 - 2014-06-16 10:46 - 02617008 _____ (Ralink Technology, Corp.) C:\Windows\system32\Drivers\netr28x.sys
2014-06-16 10:46 - 2014-06-16 10:46 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2014-06-16 10:46 - 2014-06-16 10:46 - 00331568 _____ (Ralink Technology, Inc.) C:\Windows\system32\RaCoInstx.dll
2014-06-16 10:46 - 2014-06-16 10:46 - 00100312 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2014-06-16 10:46 - 2014-06-16 10:46 - 00013973 _____ () C:\Windows\system32\RaCoInst.dat
2014-06-16 10:46 - 2014-06-16 10:46 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2014-06-04 00:13 - 2014-06-04 00:13 - 00326312 _____ () C:\Windows\Minidump\060414-19812-01.dmp
==================== One Month Modified Files and Folders =======
2014-07-02 17:16 - 2014-07-02 17:15 - 00015512 _____ () C:\Users\Ruzena Kicurova\Desktop\FRST.txt
2014-07-02 17:15 - 2014-07-02 17:14 - 00000000 ____D () C:\FRST
2014-07-02 17:15 - 2013-08-16 21:20 - 00000000 ____D () C:\Users\Ruzena Kicurova\AppData\Roaming\Skype
2014-07-02 17:13 - 2014-07-02 17:13 - 00112640 _____ (forum.viry.cz) C:\Users\Ruzena Kicurova\Desktop\FRSTLauncher.exe
2014-07-02 17:11 - 2014-07-02 17:12 - 02083840 _____ (Farbar) C:\Users\Ruzena Kicurova\Desktop\FRST64.exe
2014-07-02 17:11 - 2014-07-02 17:11 - 02083840 _____ (Farbar) C:\Users\Ruzena Kicurova\Downloads\FRST64.exe
2014-07-02 17:07 - 2012-08-15 18:46 - 00000739 _____ () C:\Windows\SysWOW64\bscs.ini
2014-07-02 17:03 - 2013-08-08 14:17 - 00004268 _____ () C:\Windows\SysWOW64\LOCALSERVICE.INI
2014-07-02 17:03 - 2013-08-08 14:17 - 00000043 _____ () C:\Windows\SysWOW64\LOCALDEVICE.INI
2014-07-02 17:03 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-07-02 13:01 - 2013-08-16 15:52 - 01371647 _____ () C:\Windows\WindowsUpdate.log
2014-07-02 10:56 - 2014-04-19 13:51 - 00000982 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2745765-3501856421-523033783-1001UA.job
2014-07-02 10:45 - 2014-03-10 00:49 - 00000000 ____D () C:\Users\Ruzena Kicurova\AppData\Roaming\Seznam.cz
2014-07-01 13:56 - 2014-04-19 13:51 - 00000960 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2745765-3501856421-523033783-1001Core.job
2014-07-01 00:21 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-06-30 16:52 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-06-30 12:15 - 2014-06-25 17:16 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2014-06-29 10:01 - 2013-08-08 14:37 - 00003114 _____ () C:\Windows\System32\Tasks\ASUS Live Update
2014-06-29 10:01 - 2013-08-08 14:37 - 00003056 _____ () C:\Windows\System32\Tasks\ASUS P4G
2014-06-29 10:01 - 2013-08-08 14:37 - 00003028 _____ () C:\Windows\System32\Tasks\ASUS USB Charger Plus
2014-06-29 10:01 - 2013-08-08 14:11 - 00003542 _____ () C:\Windows\System32\Tasks\ASUS Touchpad Launcher (x64)
2014-06-29 10:01 - 2013-08-08 14:10 - 00003222 _____ () C:\Windows\System32\Tasks\ASUS Patch for VIA Audio
2014-06-29 10:00 - 2013-08-16 15:55 - 00000401 _____ () C:\Users\Ruzena Kicurova\AppData\Roaming\sp_data.sys
2014-06-29 09:52 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-26 19:24 - 2012-08-02 20:06 - 00727488 _____ () C:\Windows\system32\perfh005.dat
2014-06-26 19:24 - 2012-08-02 20:06 - 00148006 _____ () C:\Windows\system32\perfc005.dat
2014-06-26 19:24 - 2012-07-26 09:28 - 01714430 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-26 10:25 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-06-26 09:04 - 2012-08-02 15:24 - 00034142 _____ () C:\Windows\PFRO.log
2014-06-25 20:02 - 2013-08-18 14:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-25 19:56 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-06-25 19:55 - 2014-05-23 09:00 - 00000000 ____D () C:\Users\Ruzena Kicurova\AppData\Roaming\Slick Savings
2014-06-25 19:55 - 2014-03-10 00:46 - 00000000 ____D () C:\Program Files (x86)\Surftastic
2014-06-25 19:55 - 2013-08-18 14:12 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-25 19:54 - 2013-08-16 16:01 - 00003592 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2745765-3501856421-523033783-1001
2014-06-25 18:54 - 2014-06-25 18:54 - 04748896 _____ (Piriform Ltd) C:\Users\Ruzena Kicurova\Downloads\ccleaner_4.14.4707.exe
2014-06-25 18:53 - 2014-03-10 00:48 - 00000000 ____D () C:\Program Files (x86)\PCData
2014-06-25 18:29 - 2014-03-10 22:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPlayCity.com
2014-06-25 18:29 - 2014-03-10 22:25 - 00000000 ____D () C:\Program Files (x86)\MyPlayCity.com
2014-06-25 18:15 - 2013-09-09 10:29 - 00435200 ___SH () C:\Users\Ruzena Kicurova\Desktop\Thumbs.db
2014-06-25 18:11 - 2014-06-25 18:11 - 00000000 ____D () C:\Users\Ruzena Kicurova\AppData\Roaming\ESET
2014-06-25 18:11 - 2014-06-25 18:11 - 00000000 ____D () C:\Users\Ruzena Kicurova\AppData\Local\ESET
2014-06-25 18:08 - 2014-06-25 18:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-06-25 18:08 - 2014-06-25 18:08 - 00000000 ____D () C:\ProgramData\ESET
2014-06-25 18:08 - 2014-06-25 18:08 - 00000000 ____D () C:\Program Files\ESET
2014-06-25 17:53 - 2014-03-10 00:48 - 00000000 ____D () C:\Users\Ruzena Kicurova\AppData\Local\Mobogenie
2014-06-25 17:49 - 2014-05-23 10:24 - 00168111 _____ () C:\MyXML.xml
2014-06-25 17:49 - 2012-07-26 07:26 - 00000226 _____ () C:\Windows\win.ini
2014-06-25 17:48 - 2012-08-04 19:37 - 00000000 ____D () C:\ProgramData\McAfee
2014-06-25 17:44 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-06-25 17:36 - 2014-05-23 09:01 - 00000000 ____D () C:\ProgramData\ProductData
2014-06-25 17:34 - 2013-08-08 14:37 - 00000000 ____D () C:\ProgramData\Temp
2014-06-25 17:32 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-06-25 17:19 - 2014-06-25 17:19 - 00000000 ____D () C:\ProgramData\Licenses
2014-06-25 17:17 - 2014-06-25 17:17 - 00001107 _____ () C:\Users\Public\Desktop\Trojan Remover.lnk
2014-06-25 17:17 - 2014-06-25 17:17 - 00000000 ____D () C:\Users\Ruzena Kicurova\Documents\Simply Super Software
2014-06-25 17:17 - 2014-06-25 17:17 - 00000000 ____D () C:\Users\Ruzena Kicurova\AppData\Roaming\Simply Super Software
2014-06-25 17:17 - 2014-06-25 17:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
2014-06-25 17:16 - 2014-06-25 17:16 - 00000000 ____D () C:\ProgramData\Simply Super Software
2014-06-25 17:15 - 2014-06-25 17:15 - 29644704 _____ (Simply Super Software ) C:\Users\Ruzena Kicurova\Desktop\trjsetup690.exe
2014-06-18 14:32 - 2014-05-23 10:23 - 00000282 _____ () C:\Windows\Tasks\Driver Booster SkipUAC (Ruzena Kicurova).job
2014-06-16 10:46 - 2014-06-16 10:46 - 02617008 _____ (Ralink Technology, Corp.) C:\Windows\system32\Drivers\netr28x.sys
2014-06-16 10:46 - 2014-06-16 10:46 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2014-06-16 10:46 - 2014-06-16 10:46 - 00331568 _____ (Ralink Technology, Inc.) C:\Windows\system32\RaCoInstx.dll
2014-06-16 10:46 - 2014-06-16 10:46 - 00100312 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2014-06-16 10:46 - 2014-06-16 10:46 - 00013973 _____ () C:\Windows\system32\RaCoInst.dat
2014-06-16 10:46 - 2014-06-16 10:46 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2014-06-16 10:46 - 2013-08-08 14:13 - 00004092 _____ () C:\Windows\system32\RaCoInst.log
2014-06-16 10:46 - 2012-07-26 09:21 - 00039143 _____ () C:\Windows\setupact.log
2014-06-04 00:13 - 2014-06-04 00:13 - 00326312 _____ () C:\Windows\Minidump\060414-19812-01.dmp
2014-06-04 00:13 - 2013-08-08 14:18 - 338495670 _____ () C:\Windows\MEMORY.DMP
2014-06-04 00:13 - 2013-08-08 14:18 - 00000000 ____D () C:\Windows\Minidump
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Driver Booster SkipUAC (Ruzena Kicurova).job => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe <==== ATTENTION
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2745765-3501856421-523033783-1001Core.job => C:\Users\Ruzena Kicurova\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2745765-3501856421-523033783-1001UA.job => C:\Users\Ruzena Kicurova\AppData\Local\Facebook\Update\FacebookUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: ESET Smart Security 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personální firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Ruzena Kicurova\Desktop" je 30 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACMON
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
"C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSPRP
"C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSWebStorage
C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.6.112\AsusWSPanel.exe /S [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtTray
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DisableS3S4
c:\windows\temp\DisableS3S464\sethigh.cmd [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds
C:\Windows\system32\hkcmd.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray
C:\Windows\system32\igfxtray.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcui_exe
"C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DefaultOutboundAction REG_DWORD 0x0
DefaultInboundAction REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zavirovaný komp?
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Zavirovaný komp?
Zdravim, pekny podvecer preji a vitam Vas u nas na foru 
Jste se dala na chov konicku trojskych ci co 
Mate tam celou zoo i s babkou pokladni 
Odinstalujte McAfee.com a Trojan Remover
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Jste se dala na chov konicku trojskych ci co Mate tam celou zoo i s babkou pokladni Odinstalujte McAfee.com a Trojan Remover Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Kliknete na Scan a nasledne Clean
- Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.-
ruzena.kicurova
- Návštěvník
- Příspěvky: 8
- Registrován: 02 črc 2014 16:21
Re: Zavirovaný komp?
Zde je log adwcleaner
# AdwCleaner v3.214 - Report created 02/07/2014 at 18:33:50
# Updated 29/06/2014 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : Ruzena Kicurova - RUZENA
# Running from : C:\Users\Ruzena Kicurova\Desktop\adwcleaner_3.214.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : GamingWonderlandService
[#] Service Deleted : Update Surftastic
[#] Service Deleted : Util Surftastic
***** [ Files / Folders ] *****
Folder Deleted : C:\Program Files (x86)\AmiExt
Folder Deleted : C:\Program Files (x86)\GamingWonderland
Folder Deleted : C:\Program Files (x86)\MediaWatchV1
Folder Deleted : C:\Program Files (x86)\Surftastic
Folder Deleted : C:\Program Files (x86)\Common Files\Spigot
Folder Deleted : C:\Users\Ruzena Kicurova\AppData\Local\GamingWonderland
Folder Deleted : C:\Users\Ruzena Kicurova\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Ruzena Kicurova\AppData\Local\Slick Savings
Folder Deleted : C:\Users\Ruzena Kicurova\AppData\LocalLow\GamingWonderland
Folder Deleted : C:\Users\Ruzena Kicurova\AppData\Roaming\Slick Savings
Folder Deleted : C:\Users\Ruzena Kicurova\Documents\Mobogenie
File Deleted : C:\Users\Ruzena Kicurova\daemonprocess.txt
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cikkkfooompgefbcjlgdjejfdknkheaj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [GamingWonderland Browser Plugin Loader 64]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [MarineAquarium3Free_57 Browser Plugin Loader 64]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A60B6BB-FA81-4EFA-AB9C-A820E2143736}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A899079D-206F-43A6-BE6A-07E0FA648EA0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5A60B6BB-FA81-4EFA-AB9C-A820E2143736}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A899079D-206F-43A6-BE6A-07E0FA648EA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5A60B6BB-FA81-4EFA-AB9C-A820E2143736}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A899079D-206F-43A6-BE6A-07E0FA648EA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A899079D-206F-43A6-BE6A-07E0FA648EA0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\AmiExt
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKLM\Software\AmiExt
Key Deleted : HKLM\Software\Lightspark Team
Key Deleted : HKLM\Software\MediaWatchV1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3A787631-66A2-4634-B928-A37E73B58FB6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16921
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
*************************
AdwCleaner[R0].txt - [5060 octets] - [02/07/2014 18:32:55]
AdwCleaner[S0].txt - [5014 octets] - [02/07/2014 18:33:50]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5074 octets] ##########
# AdwCleaner v3.214 - Report created 02/07/2014 at 18:33:50
# Updated 29/06/2014 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : Ruzena Kicurova - RUZENA
# Running from : C:\Users\Ruzena Kicurova\Desktop\adwcleaner_3.214.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : GamingWonderlandService
[#] Service Deleted : Update Surftastic
[#] Service Deleted : Util Surftastic
***** [ Files / Folders ] *****
Folder Deleted : C:\Program Files (x86)\AmiExt
Folder Deleted : C:\Program Files (x86)\GamingWonderland
Folder Deleted : C:\Program Files (x86)\MediaWatchV1
Folder Deleted : C:\Program Files (x86)\Surftastic
Folder Deleted : C:\Program Files (x86)\Common Files\Spigot
Folder Deleted : C:\Users\Ruzena Kicurova\AppData\Local\GamingWonderland
Folder Deleted : C:\Users\Ruzena Kicurova\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Ruzena Kicurova\AppData\Local\Slick Savings
Folder Deleted : C:\Users\Ruzena Kicurova\AppData\LocalLow\GamingWonderland
Folder Deleted : C:\Users\Ruzena Kicurova\AppData\Roaming\Slick Savings
Folder Deleted : C:\Users\Ruzena Kicurova\Documents\Mobogenie
File Deleted : C:\Users\Ruzena Kicurova\daemonprocess.txt
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cikkkfooompgefbcjlgdjejfdknkheaj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [GamingWonderland Browser Plugin Loader 64]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [MarineAquarium3Free_57 Browser Plugin Loader 64]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A60B6BB-FA81-4EFA-AB9C-A820E2143736}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A899079D-206F-43A6-BE6A-07E0FA648EA0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5A60B6BB-FA81-4EFA-AB9C-A820E2143736}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A899079D-206F-43A6-BE6A-07E0FA648EA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5A60B6BB-FA81-4EFA-AB9C-A820E2143736}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A899079D-206F-43A6-BE6A-07E0FA648EA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A899079D-206F-43A6-BE6A-07E0FA648EA0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\AmiExt
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKLM\Software\AmiExt
Key Deleted : HKLM\Software\Lightspark Team
Key Deleted : HKLM\Software\MediaWatchV1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3A787631-66A2-4634-B928-A37E73B58FB6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16921
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
*************************
AdwCleaner[R0].txt - [5060 octets] - [02/07/2014 18:32:55]
AdwCleaner[S0].txt - [5014 octets] - [02/07/2014 18:33:50]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5074 octets] ##########
Re: Zavirovaný komp?
Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
- Do okna vlozte skript nize
Kód: Vybrat vše
autoclean; emptyclsid; iedefaults; FFdefaults; CHRdefaults; emptyalltemp; resethosts;- Nasledne kliknete na Run Script
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
ruzena.kicurova
- Návštěvník
- Příspěvky: 8
- Registrován: 02 črc 2014 16:21
Re: Zavirovaný komp?
Zde je log
Zoek.exe v5.0.0.0 Updated 30-06-2014
Tool run by Ruzena Kicurova on st 02. 07. 2014 at 18:44:07,37.
Microsoft Windows 8 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Ruzena Kicurova\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
2. 7. 2014 18:46:43 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-2745765-3501856421-523033783-1001\Software\Microsoft\Internet Explorer\SearchScopes\{6C14A2E5-9B02-4DDC-AA2F-B6080DD422D2} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@flashenhancer.com deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@MediaWatchV1home9563.net deleted successfully
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted
C:\Users\Ruzena Kicurova\.android deleted
C:\PROGRA~2\MarineAquarium3Free_57 deleted
C:\extensions.sqlite deleted
C:\extensions.ini deleted
C:\PROGRA~3\ProductData deleted
C:\Users\Ruzena Kicurova\AppData\Local\MarineAquarium3Free_57 deleted
C:\Users\Ruzena Kicurova\AppData\Local\cache deleted
C:\Users\Ruzena Kicurova\Searches deleted
C:\Users\Ruzena Kicurova\AppData\LocalLow\ADSRemoval deleted
C:\Users\Ruzena Kicurova\AppData\LocalLow\MarineAquarium3Free_57 deleted
C:\Users\Ruzena Kicurova\AppData\LocalLow\MarineAquarium3Free_57EI deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater deleted
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
cgbealecnakbhfoeeipcnoboempfkbjd - C:\Program Files (x86)\AmiExt\flashEnhancer\ch\flashEnhancer.crx[]
lhaiphgcappngmomhfphndocjepdpfmc - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home9563\ch\MediaWatchV1home9563.crx[]
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{03154A8A-6B4F-45DE-B457-C0E5C9A8EC51} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_16194"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{3B6D94B7-2BB4-455D-BC31-75BEBABF631B} Encyklopedie Seznam Url="http://encyklopedie.seznam.cz/search?q= ... arch_16194"
{4ED1E08D-F23D-430A-9565-371D8BD0C178} Firmy.cz Url="http://www.firmy.cz/?q={searchTerms}&so ... arch_16194"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"
{805C3B75-2BC8-4022-9AF0-C7742449F783} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms} ... arch_16194"
{8E0F27C7-4EAF-4AF4-9E8B-F4AE91EC25F1} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r= ... arch_16194"
{C7DFFF0F-0E3A-4CB1-84DD-B2C3FBB03C3C} Seznam Url="http://search.seznam.cz/?q={searchTerms ... arch_16194"
{D2C77159-1F44-4715-AED4-FFF09CE5083F} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchT ... arch_16194"
{D3CF8925-DDF4-4985-BBC6-BDC82F96FF80} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_16194"
{E1D3ABB8-7DAE-4E5B-A912-98B5C8234A18} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_16194"
==== Reset Google Chrome ======================
Nothing found to reset
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\cgbealecnakbhfoeeipcnoboempfkbjd deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\lhaiphgcappngmomhfphndocjepdpfmc deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\flash-Enhancer deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcui_exe deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Ruzena Kicurova\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Terinka-inka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Ruzena Kicurova\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ET5YLL7G will be deleted at reboot
C:\Users\Ruzena Kicurova\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W2VGYPJ2 will be deleted at reboot
C:\Users\Ruzena Kicurova\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XQJ67V1X will be deleted at reboot
C:\Users\Ruzena Kicurova\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y1PYJMCT will be deleted at reboot
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=30 folders=25 2370919 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Ruzena Kicurova\AppData\Local\Temp will be emptied at reboot
C:\Users\Terinka-inka\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\RUZENA~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\Ruzena Kicurova\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ET5YLL7G" not found
"C:\Users\Ruzena Kicurova\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W2VGYPJ2" not found
"C:\Users\Ruzena Kicurova\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XQJ67V1X" not found
"C:\Users\Ruzena Kicurova\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y1PYJMCT" not found
==== EOF on st 02. 07. 2014 at 19:00:21,68 ======================
Zoek.exe v5.0.0.0 Updated 30-06-2014
Tool run by Ruzena Kicurova on st 02. 07. 2014 at 18:44:07,37.
Microsoft Windows 8 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Ruzena Kicurova\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
2. 7. 2014 18:46:43 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-2745765-3501856421-523033783-1001\Software\Microsoft\Internet Explorer\SearchScopes\{6C14A2E5-9B02-4DDC-AA2F-B6080DD422D2} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@flashenhancer.com deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@MediaWatchV1home9563.net deleted successfully
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted
C:\Users\Ruzena Kicurova\.android deleted
C:\PROGRA~2\MarineAquarium3Free_57 deleted
C:\extensions.sqlite deleted
C:\extensions.ini deleted
C:\PROGRA~3\ProductData deleted
C:\Users\Ruzena Kicurova\AppData\Local\MarineAquarium3Free_57 deleted
C:\Users\Ruzena Kicurova\AppData\Local\cache deleted
C:\Users\Ruzena Kicurova\Searches deleted
C:\Users\Ruzena Kicurova\AppData\LocalLow\ADSRemoval deleted
C:\Users\Ruzena Kicurova\AppData\LocalLow\MarineAquarium3Free_57 deleted
C:\Users\Ruzena Kicurova\AppData\LocalLow\MarineAquarium3Free_57EI deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater deleted
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
cgbealecnakbhfoeeipcnoboempfkbjd - C:\Program Files (x86)\AmiExt\flashEnhancer\ch\flashEnhancer.crx[]
lhaiphgcappngmomhfphndocjepdpfmc - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home9563\ch\MediaWatchV1home9563.crx[]
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{03154A8A-6B4F-45DE-B457-C0E5C9A8EC51} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_16194"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{3B6D94B7-2BB4-455D-BC31-75BEBABF631B} Encyklopedie Seznam Url="http://encyklopedie.seznam.cz/search?q= ... arch_16194"
{4ED1E08D-F23D-430A-9565-371D8BD0C178} Firmy.cz Url="http://www.firmy.cz/?q={searchTerms}&so ... arch_16194"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"
{805C3B75-2BC8-4022-9AF0-C7742449F783} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms} ... arch_16194"
{8E0F27C7-4EAF-4AF4-9E8B-F4AE91EC25F1} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r= ... arch_16194"
{C7DFFF0F-0E3A-4CB1-84DD-B2C3FBB03C3C} Seznam Url="http://search.seznam.cz/?q={searchTerms ... arch_16194"
{D2C77159-1F44-4715-AED4-FFF09CE5083F} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchT ... arch_16194"
{D3CF8925-DDF4-4985-BBC6-BDC82F96FF80} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_16194"
{E1D3ABB8-7DAE-4E5B-A912-98B5C8234A18} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_16194"
==== Reset Google Chrome ======================
Nothing found to reset
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\cgbealecnakbhfoeeipcnoboempfkbjd deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\lhaiphgcappngmomhfphndocjepdpfmc deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\flash-Enhancer deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcui_exe deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Ruzena Kicurova\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Terinka-inka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Ruzena Kicurova\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ET5YLL7G will be deleted at reboot
C:\Users\Ruzena Kicurova\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W2VGYPJ2 will be deleted at reboot
C:\Users\Ruzena Kicurova\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XQJ67V1X will be deleted at reboot
C:\Users\Ruzena Kicurova\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y1PYJMCT will be deleted at reboot
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=30 folders=25 2370919 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Ruzena Kicurova\AppData\Local\Temp will be emptied at reboot
C:\Users\Terinka-inka\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\RUZENA~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\Ruzena Kicurova\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ET5YLL7G" not found
"C:\Users\Ruzena Kicurova\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W2VGYPJ2" not found
"C:\Users\Ruzena Kicurova\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XQJ67V1X" not found
"C:\Users\Ruzena Kicurova\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y1PYJMCT" not found
==== EOF on st 02. 07. 2014 at 19:00:21,68 ======================
Re: Zavirovaný komp?
Poprosim o novy log z FRST
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
ruzena.kicurova
- Návštěvník
- Příspěvky: 8
- Registrován: 02 črc 2014 16:21
Re: Zavirovaný komp?
Prosim, zde je
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-07-2014
Ran by Ruzena Kicurova at 2014-07-02 19:13:46
Running from C:\Users\Ruzena Kicurova\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: ESET Smart Security 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personální firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
==================== Installed Programs ======================
Adobe Reader X (10.1.9) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.8.142.61628 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.8.142.61628 - Alcor Micro Corp.) Hidden
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.4 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.9 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.0.4 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.1.3 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0005 - ASUS)
ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.6 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.6.112 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0027 - ASUS)
ESET Smart Security (HKLM\...\{750374DE-064B-403F-8F3E-252760CE6381}) (Version: 7.0.317.4 - ESET, spol s r. o.)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
GamingWonderland Internet Explorer Toolbar (HKLM-x32\...\GamingWonderlandbar Uninstall Internet Explorer) (Version: - Mindspark Interactive Network) <==== ATTENTION
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2875 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Marine Aquarium Lite Internet Explorer Toolbar (HKLM-x32\...\MarineAquarium3Free_57bar Uninstall Internet Explorer) (Version: - Mindspark Interactive Network) <==== ATTENTION
Media Watch (HKLM-x32\...\MediaWatchV1home9563) (Version: 1.1 - Media Watch) <==== ATTENTION
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
PC Data App (HKLM-x32\...\PCData App) (Version: - ) <==== ATTENTION
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Ralink Bluetooth Stack64 (HKLM\...\{ED818A3C-3DF5-CDCF-3DB2-A646D7B31A16}) (Version: 9.0.717.0 - Ralink Corporation)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 1.2.0.41 - Ralink)
Seznam Software (HKCU\...\SeznamInstall) (Version: - Seznam.cz)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Surftastic (HKLM\...\Surftastic) (Version: 2014.03.07.205731 - Surftastic) <==== ATTENTION
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Windows Driver Package - ASUS (ATP) Mouse (01/10/2013 1.0.0.170) (HKLM\...\4A9DE1E9EBC800B7F01739D4DE7363EF6751BDF5) (Version: 01/10/2013 1.0.0.170 - ASUS)
==================== Restore Points =========================
16-06-2014 08:42:47 Driver Booster : 802.11n Wireless LAN Card
25-06-2014 06:37:02 Naplánovaný kontrolní bod
30-06-2014 22:19:50 Windows Update
02-07-2014 16:46:04 zoek.exe restore point
==================== Hosts content: ==========================
2012-07-26 07:26 - 2014-07-02 18:46 - 00000840 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {1283587E-E32F-4CDA-8273-28FFB6467D54} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)
Task: {14DDF434-2E88-4253-BE8B-5FB886DC4829} - System32\Tasks\Driver Booster SkipUAC (Ruzena Kicurova) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe <==== ATTENTION
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {32D0AF7C-C3B3-4710-9A95-2D9235F49704} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-09-24] (ASUS)
Task: {4CAD5C4F-7372-4EC1-95D5-3D1EF4CB0313} - System32\Tasks\ASUS Patch for VIA Audio => C:\Windows\system32\AsPatchViaAudio.exe [2012-11-07] (ASUSTek Computer INC.)
Task: {4E945CBE-7FB8-4C83-8A6A-A65A6B9AF66B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2745765-3501856421-523033783-1001Core => C:\Users\Ruzena Kicurova\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-04-19] (Facebook Inc.)
Task: {55D3B476-73B3-4D6F-8D52-0E9AF5791438} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {61E893D3-E64C-4D68-B4C7-A9C2F8875320} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-22] (ASUSTeK Computer Inc.)
Task: {871C3CCA-70E0-40E0-9843-729C3E7464A0} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {984F2460-9699-4EDF-87FB-3CD216701A01} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2745765-3501856421-523033783-1001UA => C:\Users\Ruzena Kicurova\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-04-19] (Facebook Inc.)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {C0DC54EA-766B-4B51-B555-3ED3DA11880C} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-04-16] (AsusTek)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {DAB7364E-312B-497D-BC4E-73891FC7C16F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-06-25] (Microsoft Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: C:\Windows\Tasks\Driver Booster SkipUAC (Ruzena Kicurova).job => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe <==== ATTENTION
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2745765-3501856421-523033783-1001Core.job => C:\Users\Ruzena Kicurova\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2745765-3501856421-523033783-1001UA.job => C:\Users\Ruzena Kicurova\AppData\Local\Facebook\Update\FacebookUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-03-10 00:50 - 2013-04-15 13:32 - 00060416 _____ () C:\Users\Ruzena Kicurova\AppData\Roaming\Seznam.cz\bin\1836libfoxloader-x64.dll
2012-08-15 18:20 - 2012-08-15 18:20 - 00356352 _____ () C:\Windows\system32\BsExtendFunc.dll
2012-08-14 15:11 - 2012-08-14 15:11 - 00022528 _____ () C:\Windows\system32\BsTrace.dll
2012-08-14 15:13 - 2012-08-14 15:13 - 00009728 _____ () C:\Windows\system32\BsHelpCSps.dll
2012-08-14 15:13 - 2012-08-14 15:13 - 00052736 _____ () C:\Windows\system32\BlueSoleilCSps.dll
2014-03-10 00:50 - 2014-03-10 00:50 - 00457208 _____ () C:\Users\Ruzena Kicurova\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2014-03-10 00:50 - 2013-04-29 12:53 - 00045560 _____ () C:\Users\Ruzena Kicurova\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2014-03-10 00:50 - 2013-04-29 12:27 - 02438168 _____ () C:\Users\Ruzena Kicurova\AppData\Roaming\Seznam.cz\bin\libfoxcub-x64.dll
2013-04-22 08:33 - 2012-11-02 09:19 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll
2013-08-08 14:10 - 2012-10-25 11:26 - 00078456 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2013-08-08 14:10 - 2012-10-25 11:26 - 00386168 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2012-08-24 18:26 - 2012-08-24 18:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2014-03-10 00:50 - 2013-03-25 16:39 - 00894968 _____ () C:\Users\Ruzena Kicurova\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2014-03-10 00:50 - 2014-02-05 16:38 - 00076288 _____ () C:\Users\Ruzena Kicurova\AppData\Roaming\Seznam.cz\bin\libchinst.dll
2014-03-10 00:50 - 2013-03-29 13:37 - 00059384 _____ () C:\Users\Ruzena Kicurova\AppData\Roaming\Seznam.cz\bin\1833libfoxloader.dll
2014-03-10 00:50 - 2013-04-29 11:54 - 01663000 _____ () C:\Users\Ruzena Kicurova\AppData\Roaming\Seznam.cz\bin\libfoxcub.dll
2012-08-14 15:11 - 2012-08-14 15:11 - 00022528 _____ () C:\Windows\SYSTEM32\BsTrace.dll
2012-08-14 15:13 - 2012-08-14 15:13 - 00009728 _____ () C:\Windows\SYSTEM32\BsHelpCSps.dll
2012-08-14 11:24 - 2012-08-14 11:24 - 00323648 _____ () C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dll
2012-05-02 18:28 - 2012-05-02 18:28 - 00012800 _____ () C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\AMP\IVTAMPRL.dll
2012-08-14 15:13 - 2012-08-14 15:13 - 00052736 _____ () C:\Windows\SYSTEM32\BlueSoleilCSps.dll
2012-09-11 15:01 - 2012-09-11 15:01 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2013-08-08 14:10 - 2012-06-25 11:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2012-08-14 15:16 - 2012-08-14 15:16 - 00072192 _____ () C:\Windows\SYSTEM32\BsProfilefunc.dll
2012-08-15 18:20 - 2012-08-15 18:20 - 00356352 _____ () C:\Windows\SYSTEM32\BsExtendFunc.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
MSCONFIG\startupreg: ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ASUSPRP => "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
MSCONFIG\startupreg: ASUSWebStorage => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.6.112\AsusWSPanel.exe /S
MSCONFIG\startupreg: BtTray => "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
MSCONFIG\startupreg: DisableS3S4 => c:\windows\temp\DisableS3S464\sethigh.cmd
MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/02/2014 06:34:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: egui.exe, verze: 7.0.317.0, časové razítko: 0x530b636e
Název chybujícího modulu: ToastNotify.dll, verze: 7.0.317.0, časové razítko: 0x530b63fa
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000000dbca
ID chybujícího procesu: 0x89d0
Čas spuštění chybující aplikace: 0xegui.exe0
Cesta k chybující aplikaci: egui.exe1
Cesta k chybujícímu modulu: egui.exe2
ID zprávy: egui.exe3
Úplný název chybujícího balíčku: egui.exe4
ID aplikace související s chybujícím balíčkem: egui.exe5
Error: (07/02/2014 11:29:17 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (07/01/2014 10:19:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: IEXPLORE.EXE, verze: 10.0.9200.16921, časové razítko: 0x537fc9dc
Název chybujícího modulu: Flash.ocx, verze: 14.0.0.125, časové razítko: 0x53864f23
Kód výjimky: 0xc0000005
Posun chyby: 0x004bd2f7
ID chybujícího procesu: 0x8670
Čas spuštění chybující aplikace: 0xIEXPLORE.EXE0
Cesta k chybující aplikaci: IEXPLORE.EXE1
Cesta k chybujícímu modulu: IEXPLORE.EXE2
ID zprávy: IEXPLORE.EXE3
Úplný název chybujícího balíčku: IEXPLORE.EXE4
ID aplikace související s chybujícím balíčkem: IEXPLORE.EXE5
Error: (07/01/2014 00:20:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program IEXPLORE.EXE verze 10.0.9200.16921 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 1550
Čas spuštění: 01cf9515e011f6b1
Čas ukončení: 0
Cesta k aplikaci: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
ID hlášení: 3b4ff57f-0109-11e4-bec6-844bf52adda2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/30/2014 11:04:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: IEXPLORE.EXE, verze: 10.0.9200.16921, časové razítko: 0x537fc9dc
Název chybujícího modulu: Flash.ocx, verze: 14.0.0.125, časové razítko: 0x53864f23
Kód výjimky: 0xc0000005
Posun chyby: 0x004bd2f7
ID chybujícího procesu: 0x6944
Čas spuštění chybující aplikace: 0xIEXPLORE.EXE0
Cesta k chybující aplikaci: IEXPLORE.EXE1
Cesta k chybujícímu modulu: IEXPLORE.EXE2
ID zprávy: IEXPLORE.EXE3
Úplný název chybujícího balíčku: IEXPLORE.EXE4
ID aplikace související s chybujícím balíčkem: IEXPLORE.EXE5
Error: (06/30/2014 01:13:32 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (06/30/2014 01:05:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FBAgent.exe, verze: 2.0.0.1, časové razítko: 0x50e6be1a
Název chybujícího modulu: ntdll.dll, verze: 6.2.9200.16579, časové razítko: 0x51637f77
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000ebd59
ID chybujícího procesu: 0x434
Čas spuštění chybující aplikace: 0xFBAgent.exe0
Cesta k chybující aplikaci: FBAgent.exe1
Cesta k chybujícímu modulu: FBAgent.exe2
ID zprávy: FBAgent.exe3
Úplný název chybujícího balíčku: FBAgent.exe4
ID aplikace související s chybujícím balíčkem: FBAgent.exe5
Error: (06/30/2014 00:08:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: IEXPLORE.EXE, verze: 10.0.9200.16921, časové razítko: 0x537fc9dc
Název chybujícího modulu: Flash.ocx, verze: 14.0.0.125, časové razítko: 0x53864f23
Kód výjimky: 0xc0000005
Posun chyby: 0x004bd2f7
ID chybujícího procesu: 0x16a0
Čas spuštění chybující aplikace: 0xIEXPLORE.EXE0
Cesta k chybující aplikaci: IEXPLORE.EXE1
Cesta k chybujícímu modulu: IEXPLORE.EXE2
ID zprávy: IEXPLORE.EXE3
Úplný název chybujícího balíčku: IEXPLORE.EXE4
ID aplikace související s chybujícím balíčkem: IEXPLORE.EXE5
Error: (06/29/2014 00:04:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: IEXPLORE.EXE, verze: 10.0.9200.16921, časové razítko: 0x537fc9dc
Název chybujícího modulu: Flash.ocx, verze: 14.0.0.125, časové razítko: 0x53864f23
Kód výjimky: 0xc0000005
Posun chyby: 0x004bd2f7
ID chybujícího procesu: 0x165c
Čas spuštění chybující aplikace: 0xIEXPLORE.EXE0
Cesta k chybující aplikaci: IEXPLORE.EXE1
Cesta k chybujícímu modulu: IEXPLORE.EXE2
ID zprávy: IEXPLORE.EXE3
Úplný název chybujícího balíčku: IEXPLORE.EXE4
ID aplikace související s chybujícím balíčkem: IEXPLORE.EXE5
Error: (06/28/2014 03:21:11 PM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostex (5332) Pokus o otevření souboru C:\Users\Ruzena Kicurova\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat jen pro čtení se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).
System errors:
=============
Error: (07/02/2014 06:59:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Marine Aquarium LiteService neuspěla při spuštění v důsledku následující chyby:
%%2
Error: (07/02/2014 06:56:18 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (07/02/2014 06:56:18 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (07/02/2014 06:56:18 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (07/02/2014 06:56:17 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (07/02/2014 06:56:17 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (07/02/2014 06:46:51 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.
Error: (07/02/2014 06:36:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Marine Aquarium LiteService neuspěla při spuštění v důsledku následující chyby:
%%2
Error: (07/02/2014 04:15:46 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (07/02/2014 01:49:47 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Microsoft Office Sessions:
=========================
Error: (07/02/2014 06:34:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: egui.exe7.0.317.0530b636eToastNotify.dll7.0.317.0530b63fac0000005000000000000dbca89d001cf95d15167eff0C:\Program Files\ESET\ESET Smart Security\egui.exeC:\Program Files\ESET\ESET Smart Security\ToastNotify.dllc11bf059-0206-11e4-bec6-844bf52adda2
Error: (07/02/2014 11:29:17 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (07/01/2014 10:19:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE10.0.9200.16921537fc9dcFlash.ocx14.0.0.12553864f23c0000005004bd2f7867001cf9555dd3f9af6C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\Macromed\Flash\Flash.ocxfd124893-015c-11e4-bec6-844bf52adda2
Error: (07/01/2014 00:20:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE10.0.9200.16921155001cf9515e011f6b10C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE3b4ff57f-0109-11e4-bec6-844bf52adda2
Error: (06/30/2014 11:04:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE10.0.9200.16921537fc9dcFlash.ocx14.0.0.12553864f23c0000005004bd2f7694401cf949e24f381f8C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\Macromed\Flash\Flash.ocx25a31abd-009a-11e4-bec6-844bf52adda2
Error: (06/30/2014 01:13:32 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (06/30/2014 01:05:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: FBAgent.exe2.0.0.150e6be1antdll.dll6.2.9200.1657951637f77c000037400000000000ebd5943401cf936f0e1dda38C:\Windows\system32\FBAgent.exeC:\Windows\SYSTEM32\ntdll.dllec26fd33-ffe1-11e3-bec6-844bf52adda2
Error: (06/30/2014 00:08:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE10.0.9200.16921537fc9dcFlash.ocx14.0.0.12553864f23c0000005004bd2f716a001cf93d37b954726C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\Macromed\Flash\Flash.ocxdb4e3941-ffd9-11e3-bec6-844bf52adda2
Error: (06/29/2014 00:04:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE10.0.9200.16921537fc9dcFlash.ocx14.0.0.12553864f23c0000005004bd2f7165c01cf92d4209561b1C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\Macromed\Flash\Flash.ocx1b481801-ff10-11e3-bec5-844bf52adda2
Error: (06/28/2014 03:21:11 PM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostex5332C:\Users\Ruzena Kicurova\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat-1032 (0xfffffbf8)32 (0x00000020)Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
==================== Memory info ===========================
Percentage of memory in use: 53%
Total physical RAM: 1931.68 MB
Available physical RAM: 897.72 MB
Total Pagefile: 7563.68 MB
Available Pagefile: 6309.57 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:119.23 GB) (Free:76.96 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:157.84 GB) (Free:157.41 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 8EC04745)
Partition: GPT Partition Type.
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-07-2014
Ran by Ruzena Kicurova at 2014-07-02 19:13:46
Running from C:\Users\Ruzena Kicurova\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: ESET Smart Security 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personální firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
==================== Installed Programs ======================
Adobe Reader X (10.1.9) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.8.142.61628 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.8.142.61628 - Alcor Micro Corp.) Hidden
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.4 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.9 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.0.4 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.1.3 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0005 - ASUS)
ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.6 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.6.112 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0027 - ASUS)
ESET Smart Security (HKLM\...\{750374DE-064B-403F-8F3E-252760CE6381}) (Version: 7.0.317.4 - ESET, spol s r. o.)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
GamingWonderland Internet Explorer Toolbar (HKLM-x32\...\GamingWonderlandbar Uninstall Internet Explorer) (Version: - Mindspark Interactive Network) <==== ATTENTION
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2875 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Marine Aquarium Lite Internet Explorer Toolbar (HKLM-x32\...\MarineAquarium3Free_57bar Uninstall Internet Explorer) (Version: - Mindspark Interactive Network) <==== ATTENTION
Media Watch (HKLM-x32\...\MediaWatchV1home9563) (Version: 1.1 - Media Watch) <==== ATTENTION
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
PC Data App (HKLM-x32\...\PCData App) (Version: - ) <==== ATTENTION
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Ralink Bluetooth Stack64 (HKLM\...\{ED818A3C-3DF5-CDCF-3DB2-A646D7B31A16}) (Version: 9.0.717.0 - Ralink Corporation)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 1.2.0.41 - Ralink)
Seznam Software (HKCU\...\SeznamInstall) (Version: - Seznam.cz)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Surftastic (HKLM\...\Surftastic) (Version: 2014.03.07.205731 - Surftastic) <==== ATTENTION
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Windows Driver Package - ASUS (ATP) Mouse (01/10/2013 1.0.0.170) (HKLM\...\4A9DE1E9EBC800B7F01739D4DE7363EF6751BDF5) (Version: 01/10/2013 1.0.0.170 - ASUS)
==================== Restore Points =========================
16-06-2014 08:42:47 Driver Booster : 802.11n Wireless LAN Card
25-06-2014 06:37:02 Naplánovaný kontrolní bod
30-06-2014 22:19:50 Windows Update
02-07-2014 16:46:04 zoek.exe restore point
==================== Hosts content: ==========================
2012-07-26 07:26 - 2014-07-02 18:46 - 00000840 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {1283587E-E32F-4CDA-8273-28FFB6467D54} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)
Task: {14DDF434-2E88-4253-BE8B-5FB886DC4829} - System32\Tasks\Driver Booster SkipUAC (Ruzena Kicurova) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe <==== ATTENTION
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {32D0AF7C-C3B3-4710-9A95-2D9235F49704} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-09-24] (ASUS)
Task: {4CAD5C4F-7372-4EC1-95D5-3D1EF4CB0313} - System32\Tasks\ASUS Patch for VIA Audio => C:\Windows\system32\AsPatchViaAudio.exe [2012-11-07] (ASUSTek Computer INC.)
Task: {4E945CBE-7FB8-4C83-8A6A-A65A6B9AF66B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2745765-3501856421-523033783-1001Core => C:\Users\Ruzena Kicurova\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-04-19] (Facebook Inc.)
Task: {55D3B476-73B3-4D6F-8D52-0E9AF5791438} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {61E893D3-E64C-4D68-B4C7-A9C2F8875320} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-22] (ASUSTeK Computer Inc.)
Task: {871C3CCA-70E0-40E0-9843-729C3E7464A0} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {984F2460-9699-4EDF-87FB-3CD216701A01} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2745765-3501856421-523033783-1001UA => C:\Users\Ruzena Kicurova\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-04-19] (Facebook Inc.)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {C0DC54EA-766B-4B51-B555-3ED3DA11880C} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-04-16] (AsusTek)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {DAB7364E-312B-497D-BC4E-73891FC7C16F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-06-25] (Microsoft Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: C:\Windows\Tasks\Driver Booster SkipUAC (Ruzena Kicurova).job => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe <==== ATTENTION
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2745765-3501856421-523033783-1001Core.job => C:\Users\Ruzena Kicurova\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2745765-3501856421-523033783-1001UA.job => C:\Users\Ruzena Kicurova\AppData\Local\Facebook\Update\FacebookUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-03-10 00:50 - 2013-04-15 13:32 - 00060416 _____ () C:\Users\Ruzena Kicurova\AppData\Roaming\Seznam.cz\bin\1836libfoxloader-x64.dll
2012-08-15 18:20 - 2012-08-15 18:20 - 00356352 _____ () C:\Windows\system32\BsExtendFunc.dll
2012-08-14 15:11 - 2012-08-14 15:11 - 00022528 _____ () C:\Windows\system32\BsTrace.dll
2012-08-14 15:13 - 2012-08-14 15:13 - 00009728 _____ () C:\Windows\system32\BsHelpCSps.dll
2012-08-14 15:13 - 2012-08-14 15:13 - 00052736 _____ () C:\Windows\system32\BlueSoleilCSps.dll
2014-03-10 00:50 - 2014-03-10 00:50 - 00457208 _____ () C:\Users\Ruzena Kicurova\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2014-03-10 00:50 - 2013-04-29 12:53 - 00045560 _____ () C:\Users\Ruzena Kicurova\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2014-03-10 00:50 - 2013-04-29 12:27 - 02438168 _____ () C:\Users\Ruzena Kicurova\AppData\Roaming\Seznam.cz\bin\libfoxcub-x64.dll
2013-04-22 08:33 - 2012-11-02 09:19 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll
2013-08-08 14:10 - 2012-10-25 11:26 - 00078456 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2013-08-08 14:10 - 2012-10-25 11:26 - 00386168 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2012-08-24 18:26 - 2012-08-24 18:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2014-03-10 00:50 - 2013-03-25 16:39 - 00894968 _____ () C:\Users\Ruzena Kicurova\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2014-03-10 00:50 - 2014-02-05 16:38 - 00076288 _____ () C:\Users\Ruzena Kicurova\AppData\Roaming\Seznam.cz\bin\libchinst.dll
2014-03-10 00:50 - 2013-03-29 13:37 - 00059384 _____ () C:\Users\Ruzena Kicurova\AppData\Roaming\Seznam.cz\bin\1833libfoxloader.dll
2014-03-10 00:50 - 2013-04-29 11:54 - 01663000 _____ () C:\Users\Ruzena Kicurova\AppData\Roaming\Seznam.cz\bin\libfoxcub.dll
2012-08-14 15:11 - 2012-08-14 15:11 - 00022528 _____ () C:\Windows\SYSTEM32\BsTrace.dll
2012-08-14 15:13 - 2012-08-14 15:13 - 00009728 _____ () C:\Windows\SYSTEM32\BsHelpCSps.dll
2012-08-14 11:24 - 2012-08-14 11:24 - 00323648 _____ () C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dll
2012-05-02 18:28 - 2012-05-02 18:28 - 00012800 _____ () C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\AMP\IVTAMPRL.dll
2012-08-14 15:13 - 2012-08-14 15:13 - 00052736 _____ () C:\Windows\SYSTEM32\BlueSoleilCSps.dll
2012-09-11 15:01 - 2012-09-11 15:01 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2013-08-08 14:10 - 2012-06-25 11:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2012-08-14 15:16 - 2012-08-14 15:16 - 00072192 _____ () C:\Windows\SYSTEM32\BsProfilefunc.dll
2012-08-15 18:20 - 2012-08-15 18:20 - 00356352 _____ () C:\Windows\SYSTEM32\BsExtendFunc.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
MSCONFIG\startupreg: ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ASUSPRP => "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
MSCONFIG\startupreg: ASUSWebStorage => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.6.112\AsusWSPanel.exe /S
MSCONFIG\startupreg: BtTray => "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
MSCONFIG\startupreg: DisableS3S4 => c:\windows\temp\DisableS3S464\sethigh.cmd
MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/02/2014 06:34:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: egui.exe, verze: 7.0.317.0, časové razítko: 0x530b636e
Název chybujícího modulu: ToastNotify.dll, verze: 7.0.317.0, časové razítko: 0x530b63fa
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000000dbca
ID chybujícího procesu: 0x89d0
Čas spuštění chybující aplikace: 0xegui.exe0
Cesta k chybující aplikaci: egui.exe1
Cesta k chybujícímu modulu: egui.exe2
ID zprávy: egui.exe3
Úplný název chybujícího balíčku: egui.exe4
ID aplikace související s chybujícím balíčkem: egui.exe5
Error: (07/02/2014 11:29:17 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (07/01/2014 10:19:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: IEXPLORE.EXE, verze: 10.0.9200.16921, časové razítko: 0x537fc9dc
Název chybujícího modulu: Flash.ocx, verze: 14.0.0.125, časové razítko: 0x53864f23
Kód výjimky: 0xc0000005
Posun chyby: 0x004bd2f7
ID chybujícího procesu: 0x8670
Čas spuštění chybující aplikace: 0xIEXPLORE.EXE0
Cesta k chybující aplikaci: IEXPLORE.EXE1
Cesta k chybujícímu modulu: IEXPLORE.EXE2
ID zprávy: IEXPLORE.EXE3
Úplný název chybujícího balíčku: IEXPLORE.EXE4
ID aplikace související s chybujícím balíčkem: IEXPLORE.EXE5
Error: (07/01/2014 00:20:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program IEXPLORE.EXE verze 10.0.9200.16921 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 1550
Čas spuštění: 01cf9515e011f6b1
Čas ukončení: 0
Cesta k aplikaci: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
ID hlášení: 3b4ff57f-0109-11e4-bec6-844bf52adda2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/30/2014 11:04:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: IEXPLORE.EXE, verze: 10.0.9200.16921, časové razítko: 0x537fc9dc
Název chybujícího modulu: Flash.ocx, verze: 14.0.0.125, časové razítko: 0x53864f23
Kód výjimky: 0xc0000005
Posun chyby: 0x004bd2f7
ID chybujícího procesu: 0x6944
Čas spuštění chybující aplikace: 0xIEXPLORE.EXE0
Cesta k chybující aplikaci: IEXPLORE.EXE1
Cesta k chybujícímu modulu: IEXPLORE.EXE2
ID zprávy: IEXPLORE.EXE3
Úplný název chybujícího balíčku: IEXPLORE.EXE4
ID aplikace související s chybujícím balíčkem: IEXPLORE.EXE5
Error: (06/30/2014 01:13:32 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (06/30/2014 01:05:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FBAgent.exe, verze: 2.0.0.1, časové razítko: 0x50e6be1a
Název chybujícího modulu: ntdll.dll, verze: 6.2.9200.16579, časové razítko: 0x51637f77
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000ebd59
ID chybujícího procesu: 0x434
Čas spuštění chybující aplikace: 0xFBAgent.exe0
Cesta k chybující aplikaci: FBAgent.exe1
Cesta k chybujícímu modulu: FBAgent.exe2
ID zprávy: FBAgent.exe3
Úplný název chybujícího balíčku: FBAgent.exe4
ID aplikace související s chybujícím balíčkem: FBAgent.exe5
Error: (06/30/2014 00:08:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: IEXPLORE.EXE, verze: 10.0.9200.16921, časové razítko: 0x537fc9dc
Název chybujícího modulu: Flash.ocx, verze: 14.0.0.125, časové razítko: 0x53864f23
Kód výjimky: 0xc0000005
Posun chyby: 0x004bd2f7
ID chybujícího procesu: 0x16a0
Čas spuštění chybující aplikace: 0xIEXPLORE.EXE0
Cesta k chybující aplikaci: IEXPLORE.EXE1
Cesta k chybujícímu modulu: IEXPLORE.EXE2
ID zprávy: IEXPLORE.EXE3
Úplný název chybujícího balíčku: IEXPLORE.EXE4
ID aplikace související s chybujícím balíčkem: IEXPLORE.EXE5
Error: (06/29/2014 00:04:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: IEXPLORE.EXE, verze: 10.0.9200.16921, časové razítko: 0x537fc9dc
Název chybujícího modulu: Flash.ocx, verze: 14.0.0.125, časové razítko: 0x53864f23
Kód výjimky: 0xc0000005
Posun chyby: 0x004bd2f7
ID chybujícího procesu: 0x165c
Čas spuštění chybující aplikace: 0xIEXPLORE.EXE0
Cesta k chybující aplikaci: IEXPLORE.EXE1
Cesta k chybujícímu modulu: IEXPLORE.EXE2
ID zprávy: IEXPLORE.EXE3
Úplný název chybujícího balíčku: IEXPLORE.EXE4
ID aplikace související s chybujícím balíčkem: IEXPLORE.EXE5
Error: (06/28/2014 03:21:11 PM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostex (5332) Pokus o otevření souboru C:\Users\Ruzena Kicurova\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat jen pro čtení se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).
System errors:
=============
Error: (07/02/2014 06:59:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Marine Aquarium LiteService neuspěla při spuštění v důsledku následující chyby:
%%2
Error: (07/02/2014 06:56:18 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (07/02/2014 06:56:18 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (07/02/2014 06:56:18 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (07/02/2014 06:56:17 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (07/02/2014 06:56:17 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (07/02/2014 06:46:51 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.
Error: (07/02/2014 06:36:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Marine Aquarium LiteService neuspěla při spuštění v důsledku následující chyby:
%%2
Error: (07/02/2014 04:15:46 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (07/02/2014 01:49:47 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Microsoft Office Sessions:
=========================
Error: (07/02/2014 06:34:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: egui.exe7.0.317.0530b636eToastNotify.dll7.0.317.0530b63fac0000005000000000000dbca89d001cf95d15167eff0C:\Program Files\ESET\ESET Smart Security\egui.exeC:\Program Files\ESET\ESET Smart Security\ToastNotify.dllc11bf059-0206-11e4-bec6-844bf52adda2
Error: (07/02/2014 11:29:17 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (07/01/2014 10:19:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE10.0.9200.16921537fc9dcFlash.ocx14.0.0.12553864f23c0000005004bd2f7867001cf9555dd3f9af6C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\Macromed\Flash\Flash.ocxfd124893-015c-11e4-bec6-844bf52adda2
Error: (07/01/2014 00:20:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE10.0.9200.16921155001cf9515e011f6b10C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE3b4ff57f-0109-11e4-bec6-844bf52adda2
Error: (06/30/2014 11:04:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE10.0.9200.16921537fc9dcFlash.ocx14.0.0.12553864f23c0000005004bd2f7694401cf949e24f381f8C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\Macromed\Flash\Flash.ocx25a31abd-009a-11e4-bec6-844bf52adda2
Error: (06/30/2014 01:13:32 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (06/30/2014 01:05:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: FBAgent.exe2.0.0.150e6be1antdll.dll6.2.9200.1657951637f77c000037400000000000ebd5943401cf936f0e1dda38C:\Windows\system32\FBAgent.exeC:\Windows\SYSTEM32\ntdll.dllec26fd33-ffe1-11e3-bec6-844bf52adda2
Error: (06/30/2014 00:08:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE10.0.9200.16921537fc9dcFlash.ocx14.0.0.12553864f23c0000005004bd2f716a001cf93d37b954726C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\Macromed\Flash\Flash.ocxdb4e3941-ffd9-11e3-bec6-844bf52adda2
Error: (06/29/2014 00:04:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE10.0.9200.16921537fc9dcFlash.ocx14.0.0.12553864f23c0000005004bd2f7165c01cf92d4209561b1C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\Macromed\Flash\Flash.ocx1b481801-ff10-11e3-bec5-844bf52adda2
Error: (06/28/2014 03:21:11 PM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostex5332C:\Users\Ruzena Kicurova\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat-1032 (0xfffffbf8)32 (0x00000020)Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
==================== Memory info ===========================
Percentage of memory in use: 53%
Total physical RAM: 1931.68 MB
Available physical RAM: 897.72 MB
Total Pagefile: 7563.68 MB
Available Pagefile: 6309.57 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:119.23 GB) (Free:76.96 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:157.84 GB) (Free:157.41 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 8EC04745)
Partition: GPT Partition Type.
==================== End Of Log ============================
Re: Zavirovaný komp?
Jeste log FRST.txt
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
ruzena.kicurova
- Návštěvník
- Příspěvky: 8
- Registrován: 02 črc 2014 16:21
Re: Zavirovaný komp?
Zde je
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-07-2014
Ran by Ruzena Kicurova (administrator) on RUZENA on 02-07-2014 19:12:40
Running from C:\Users\Ruzena Kicurova\Desktop
Platform: Windows 8 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 10
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
() C:\Users\Ruzena Kicurova\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Ruzena Kicurova\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.6.112\AsusWSPanel.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [AuditSHD] => C:\windows\system32\oobe\auditshd.exe [31232 2012-07-26] (Microsoft Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5581888 2014-02-24] (ESET)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [GamingWonderland EPM Support] => "C:\PROGRA~2\GAMING~2\bar\1.bin\gtmedint.exe" T8EPMSUP.DLL,S
HKLM-x32\...\Run: [GamingWonderland Search Scope Monitor] => "C:\PROGRA~2\GAMING~2\bar\1.bin\gtsrchmn.exe" /m=2 /w /h
HKLM-x32\...\Run: [Marine Aquarium Lite EPM Support] => "C:\PROGRA~2\MARINE~2\bar\1.bin\57medint.exe" T8EPMSUP.DLL,S
HKLM-x32\...\Run: [Marine Aquarium Lite Search Scope Monitor] => "C:\PROGRA~2\MARINE~2\bar\1.bin\57srchmn.exe" /m=2 /w /h
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2745765-3501856421-523033783-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Ruzena Kicurova\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2745765-3501856421-523033783-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Ruzena Kicurova\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-2745765-3501856421-523033783-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2745765-3501856421-523033783-1001\...\Run: [Facebook Update] => C:\Users\Ruzena Kicurova\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-04-19] (Facebook Inc.)
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.6.112\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.6.112\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_U -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.6.112\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... &pc=ASU2JS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... &pc=ASU2JS
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {03154A8A-6B4F-45DE-B457-C0E5C9A8EC51} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKCU - {3B6D94B7-2BB4-455D-BC31-75BEBABF631B} URL = http://encyklopedie.seznam.cz/search?q= ... arch_16194
SearchScopes: HKCU - {4ED1E08D-F23D-430A-9565-371D8BD0C178} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_16194
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {805C3B75-2BC8-4022-9AF0-C7742449F783} URL = http://www.mapy.cz/?query={searchTerms} ... arch_16194
SearchScopes: HKCU - {8E0F27C7-4EAF-4AF4-9E8B-F4AE91EC25F1} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_16194
SearchScopes: HKCU - {C7DFFF0F-0E3A-4CB1-84DD-B2C3FBB03C3C} URL = http://search.seznam.cz/?q={searchTerms ... arch_16194
SearchScopes: HKCU - {D2C77159-1F44-4715-AED4-FFF09CE5083F} URL = http://www.novinky.cz/hledej?w={searchT ... arch_16194
SearchScopes: HKCU - {D3CF8925-DDF4-4985-BBC6-BDC82F96FF80} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
SearchScopes: HKCU - {E1D3ABB8-7DAE-4E5B-A912-98B5C8234A18} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
FireFox:
========
FF Plugin-x32: @GamingWonderland.com/Plugin - C:\Program Files (x86)\GamingWonderland\bar\1.bin\NPgtStub.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @MarineAquarium3Free_57.com/Plugin - C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\NP57Stub.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @lightspark.github.com/Lightspark;version=1 - C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Ruzena Kicurova\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Ruzena Kicurova\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-06-25]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-06-25]
==================== Services (Whitelisted) =================
R3 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R3 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1578496 2012-08-14] (IVT Corporation) [File not signed]
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2012-08-14] (IVT Corporation) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1343408 2014-02-24] (ESET)
R3 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R3 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R3 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2014-05-23] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
S2 MarineAquarium3Free_57Service; C:\PROGRA~2\MARINE~2\bar\1.bin\57barsvc.exe [X]
==================== Drivers (Whitelisted) ====================
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-04-16] (ASUS Corporation)
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [34912 2012-06-15] (Ralink Corporation.)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
U4 BthAvrcpTg;
U4 BthHFEnum;
U4 bthhfhid;
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [48736 2012-08-14] (Ralink Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [220232 2013-09-17] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-09-17] (ESET)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2014-06-16] (Intel Corporation)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [695392 2012-08-14] (Ralink Technology, Corp.)
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [34912 2012-06-15] (Ralink Corporation.)
S3 e1edc438-f640-4184-a443-d2a7c37a01dc; \??\G:\WTP 2.3.0 - testy\wtp\bin\690b33e1-0462-4e84-9bea-c7552b45432a.sys [X]
U0 msahci;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-02 19:12 - 2014-07-02 19:12 - 00029696 _____ () C:\Users\Ruzena Kicurova\AppData\Local\MSGBOX.EXE
2014-07-02 19:12 - 2014-07-02 19:12 - 00015327 _____ () C:\Users\Ruzena Kicurova\Desktop\LM.bat
2014-07-02 18:58 - 2014-07-02 18:43 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-07-02 18:45 - 2014-07-02 19:00 - 00009643 _____ () C:\zoek-results.log
2014-07-02 18:43 - 2014-07-02 18:56 - 00000000 ____D () C:\zoek_backup
2014-07-02 18:43 - 2014-07-02 18:43 - 01285120 _____ () C:\Users\Ruzena Kicurova\Desktop\zoek.exe
2014-07-02 18:32 - 2014-07-02 18:34 - 00000000 ____D () C:\AdwCleaner
2014-07-02 18:32 - 2014-07-02 18:32 - 01346519 _____ () C:\Users\Ruzena Kicurova\Desktop\adwcleaner_3.214.exe
2014-07-02 17:31 - 2014-07-02 17:32 - 00000034 _____ () C:\Users\Ruzena Kicurova\Desktop\Nový textový dokument.txt
2014-07-02 17:15 - 2014-07-02 19:13 - 00014935 _____ () C:\Users\Ruzena Kicurova\Desktop\FRST.txt
2014-07-02 17:14 - 2014-07-02 19:12 - 00000000 ____D () C:\FRST
2014-07-02 17:13 - 2014-07-02 17:13 - 00112640 _____ (forum.viry.cz) C:\Users\Ruzena Kicurova\Desktop\FRSTLauncher.exe
2014-07-02 17:12 - 2014-07-02 17:11 - 02083840 _____ (Farbar) C:\Users\Ruzena Kicurova\Desktop\FRST64.exe
2014-07-02 17:11 - 2014-07-02 17:11 - 02083840 _____ (Farbar) C:\Users\Ruzena Kicurova\Downloads\FRST64.exe
2014-06-26 13:45 - 2014-04-03 13:22 - 02233176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-25 18:54 - 2014-06-25 18:54 - 04748896 _____ (Piriform Ltd) C:\Users\Ruzena Kicurova\Downloads\ccleaner_4.14.4707.exe
2014-06-25 18:11 - 2014-06-25 18:11 - 00000000 ____D () C:\Users\Ruzena Kicurova\AppData\Roaming\ESET
2014-06-25 18:11 - 2014-06-25 18:11 - 00000000 ____D () C:\Users\Ruzena Kicurova\AppData\Local\ESET
2014-06-25 18:08 - 2014-06-25 18:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-06-25 18:08 - 2014-06-25 18:08 - 00000000 ____D () C:\ProgramData\ESET
2014-06-25 18:08 - 2014-06-25 18:08 - 00000000 ____D () C:\Program Files\ESET
2014-06-25 18:02 - 2014-05-24 04:48 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-25 18:02 - 2014-05-24 04:47 - 01366016 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-25 18:02 - 2014-05-24 04:47 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-06-25 18:02 - 2014-05-24 04:46 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-25 18:02 - 2014-05-24 04:46 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-06-25 18:02 - 2014-05-24 04:46 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-25 18:02 - 2014-05-24 03:26 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-25 18:02 - 2014-05-24 03:26 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-25 18:02 - 2014-05-24 03:26 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-25 18:02 - 2014-05-24 03:26 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-06-25 18:02 - 2014-05-24 03:25 - 13731328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-25 18:02 - 2014-05-24 03:25 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-25 18:02 - 2014-05-24 03:25 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-06-25 18:02 - 2014-05-24 03:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-25 18:02 - 2014-05-24 03:25 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-25 18:02 - 2014-05-24 03:09 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-25 18:02 - 2014-05-24 00:37 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-06-25 18:02 - 2014-05-03 07:47 - 03246592 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-25 18:02 - 2014-05-03 05:34 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-06-25 18:02 - 2014-04-30 00:32 - 01301504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-06-25 18:02 - 2014-04-30 00:22 - 01023488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-06-25 18:02 - 2014-04-03 13:19 - 00328024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-06-25 18:02 - 2014-04-03 05:44 - 00619008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-06-25 18:02 - 2014-04-01 00:08 - 00387268 _____ () C:\Windows\system32\ApnDatabase.xml
2014-06-25 18:02 - 2014-03-25 01:42 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2014-06-25 18:02 - 2014-03-25 00:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-06-25 18:01 - 2014-05-24 04:47 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-25 18:01 - 2014-05-24 04:47 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-06-25 18:01 - 2014-05-24 04:46 - 19290112 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-25 18:01 - 2014-05-24 04:46 - 15368704 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-25 18:01 - 2014-05-24 04:46 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-25 18:01 - 2014-05-24 04:46 - 02650112 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-25 18:01 - 2014-05-24 04:46 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-25 18:01 - 2014-05-24 04:46 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-25 18:01 - 2014-05-24 04:46 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-25 18:01 - 2014-05-24 04:46 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-25 18:01 - 2014-05-24 04:46 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-25 18:01 - 2014-05-24 04:45 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-25 18:01 - 2014-05-24 04:45 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-25 18:01 - 2014-05-24 04:45 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-25 18:01 - 2014-05-24 03:26 - 14365696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-25 18:01 - 2014-05-24 03:26 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-25 18:01 - 2014-05-24 03:26 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-25 18:01 - 2014-05-24 03:25 - 02862080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-25 18:01 - 2014-05-24 03:25 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-25 18:01 - 2014-05-24 03:25 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-06-25 18:01 - 2014-05-24 03:25 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-25 18:01 - 2014-05-24 03:25 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-25 18:01 - 2014-05-24 03:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-25 18:01 - 2014-05-24 03:03 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-25 17:59 - 2014-03-07 02:47 - 01419264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-25 17:59 - 2014-03-07 02:08 - 01845760 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-25 17:19 - 2014-06-25 17:19 - 00000000 ____D () C:\ProgramData\Licenses
2014-06-25 17:16 - 2014-07-02 18:31 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2014-06-25 17:16 - 2014-06-25 17:16 - 00000000 ____D () C:\ProgramData\Simply Super Software
2014-06-25 17:15 - 2014-06-25 17:15 - 29644704 _____ (Simply Super Software ) C:\Users\Ruzena Kicurova\Desktop\trjsetup690.exe
2014-06-16 10:46 - 2014-06-16 10:46 - 02617008 _____ (Ralink Technology, Corp.) C:\Windows\system32\Drivers\netr28x.sys
2014-06-16 10:46 - 2014-06-16 10:46 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2014-06-16 10:46 - 2014-06-16 10:46 - 00331568 _____ (Ralink Technology, Inc.) C:\Windows\system32\RaCoInstx.dll
2014-06-16 10:46 - 2014-06-16 10:46 - 00100312 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2014-06-16 10:46 - 2014-06-16 10:46 - 00013973 _____ () C:\Windows\system32\RaCoInst.dat
2014-06-16 10:46 - 2014-06-16 10:46 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2014-06-04 00:13 - 2014-06-04 00:13 - 00326312 _____ () C:\Windows\Minidump\060414-19812-01.dmp
==================== One Month Modified Files and Folders =======
2014-07-02 19:13 - 2014-07-02 17:15 - 00014935 _____ () C:\Users\Ruzena Kicurova\Desktop\FRST.txt
2014-07-02 19:12 - 2014-07-02 19:12 - 00029696 _____ () C:\Users\Ruzena Kicurova\AppData\Local\MSGBOX.EXE
2014-07-02 19:12 - 2014-07-02 19:12 - 00015327 _____ () C:\Users\Ruzena Kicurova\Desktop\LM.bat
2014-07-02 19:12 - 2014-07-02 17:14 - 00000000 ____D () C:\FRST
2014-07-02 19:05 - 2014-03-10 00:49 - 00000000 ____D () C:\Users\Ruzena Kicurova\AppData\Roaming\Seznam.cz
2014-07-02 19:05 - 2013-08-16 16:01 - 00003590 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2745765-3501856421-523033783-1001
2014-07-02 19:04 - 2012-08-15 18:46 - 00000739 _____ () C:\Windows\SysWOW64\bscs.ini
2014-07-02 19:02 - 2013-08-08 14:37 - 00003028 _____ () C:\Windows\System32\Tasks\ASUS USB Charger Plus
2014-07-02 19:02 - 2013-08-08 14:11 - 00003542 _____ () C:\Windows\System32\Tasks\ASUS Touchpad Launcher (x64)
2014-07-02 19:02 - 2013-08-08 14:10 - 00003222 _____ () C:\Windows\System32\Tasks\ASUS Patch for VIA Audio
2014-07-02 19:01 - 2013-08-16 21:20 - 00000000 ____D () C:\Users\Ruzena Kicurova\AppData\Roaming\Skype
2014-07-02 19:01 - 2013-08-16 15:55 - 00000401 _____ () C:\Users\Ruzena Kicurova\AppData\Roaming\sp_data.sys
2014-07-02 19:01 - 2013-08-08 14:37 - 00003114 _____ () C:\Windows\System32\Tasks\ASUS Live Update
2014-07-02 19:01 - 2013-08-08 14:37 - 00003056 _____ () C:\Windows\System32\Tasks\ASUS P4G
2014-07-02 19:01 - 2013-08-08 14:17 - 00004268 _____ () C:\Windows\SysWOW64\LOCALSERVICE.INI
2014-07-02 19:01 - 2013-08-08 14:17 - 00000043 _____ () C:\Windows\SysWOW64\LOCALDEVICE.INI
2014-07-02 19:00 - 2014-07-02 18:45 - 00009643 _____ () C:\zoek-results.log
2014-07-02 18:59 - 2012-08-02 15:24 - 00034786 _____ () C:\Windows\PFRO.log
2014-07-02 18:59 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-02 18:59 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-07-02 18:56 - 2014-07-02 18:43 - 00000000 ____D () C:\zoek_backup
2014-07-02 18:56 - 2013-08-16 15:54 - 00000000 ____D () C:\Users\Ruzena Kicurova
2014-07-02 18:43 - 2014-07-02 18:58 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-07-02 18:43 - 2014-07-02 18:43 - 01285120 _____ () C:\Users\Ruzena Kicurova\Desktop\zoek.exe
2014-07-02 18:34 - 2014-07-02 18:32 - 00000000 ____D () C:\AdwCleaner
2014-07-02 18:32 - 2014-07-02 18:32 - 01346519 _____ () C:\Users\Ruzena Kicurova\Desktop\adwcleaner_3.214.exe
2014-07-02 18:31 - 2014-06-25 17:16 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2014-07-02 18:02 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-07-02 17:32 - 2014-07-02 17:31 - 00000034 _____ () C:\Users\Ruzena Kicurova\Desktop\Nový textový dokument.txt
2014-07-02 17:13 - 2014-07-02 17:13 - 00112640 _____ (forum.viry.cz) C:\Users\Ruzena Kicurova\Desktop\FRSTLauncher.exe
2014-07-02 17:11 - 2014-07-02 17:12 - 02083840 _____ (Farbar) C:\Users\Ruzena Kicurova\Desktop\FRST64.exe
2014-07-02 17:11 - 2014-07-02 17:11 - 02083840 _____ (Farbar) C:\Users\Ruzena Kicurova\Downloads\FRST64.exe
2014-07-02 13:01 - 2013-08-16 15:52 - 01371647 _____ () C:\Windows\WindowsUpdate.log
2014-07-02 10:56 - 2014-04-19 13:51 - 00000982 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2745765-3501856421-523033783-1001UA.job
2014-07-01 13:56 - 2014-04-19 13:51 - 00000960 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2745765-3501856421-523033783-1001Core.job
2014-07-01 00:21 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-06-30 16:52 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-06-26 19:24 - 2012-08-02 20:06 - 00727488 _____ () C:\Windows\system32\perfh005.dat
2014-06-26 19:24 - 2012-08-02 20:06 - 00148006 _____ () C:\Windows\system32\perfc005.dat
2014-06-26 19:24 - 2012-07-26 09:28 - 01714430 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-26 10:25 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-06-25 20:02 - 2013-08-18 14:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-25 19:56 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-06-25 19:55 - 2013-08-18 14:12 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-25 18:54 - 2014-06-25 18:54 - 04748896 _____ (Piriform Ltd) C:\Users\Ruzena Kicurova\Downloads\ccleaner_4.14.4707.exe
2014-06-25 18:53 - 2014-03-10 00:48 - 00000000 ____D () C:\Program Files (x86)\PCData
2014-06-25 18:29 - 2014-03-10 22:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPlayCity.com
2014-06-25 18:29 - 2014-03-10 22:25 - 00000000 ____D () C:\Program Files (x86)\MyPlayCity.com
2014-06-25 18:15 - 2013-09-09 10:29 - 00435200 ___SH () C:\Users\Ruzena Kicurova\Desktop\Thumbs.db
2014-06-25 18:11 - 2014-06-25 18:11 - 00000000 ____D () C:\Users\Ruzena Kicurova\AppData\Roaming\ESET
2014-06-25 18:11 - 2014-06-25 18:11 - 00000000 ____D () C:\Users\Ruzena Kicurova\AppData\Local\ESET
2014-06-25 18:08 - 2014-06-25 18:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-06-25 18:08 - 2014-06-25 18:08 - 00000000 ____D () C:\ProgramData\ESET
2014-06-25 18:08 - 2014-06-25 18:08 - 00000000 ____D () C:\Program Files\ESET
2014-06-25 17:49 - 2014-05-23 10:24 - 00168111 _____ () C:\MyXML.xml
2014-06-25 17:49 - 2012-07-26 07:26 - 00000226 _____ () C:\Windows\win.ini
2014-06-25 17:48 - 2012-08-04 19:37 - 00000000 ____D () C:\ProgramData\McAfee
2014-06-25 17:44 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-06-25 17:34 - 2013-08-08 14:37 - 00000000 ____D () C:\ProgramData\Temp
2014-06-25 17:19 - 2014-06-25 17:19 - 00000000 ____D () C:\ProgramData\Licenses
2014-06-25 17:16 - 2014-06-25 17:16 - 00000000 ____D () C:\ProgramData\Simply Super Software
2014-06-25 17:15 - 2014-06-25 17:15 - 29644704 _____ (Simply Super Software ) C:\Users\Ruzena Kicurova\Desktop\trjsetup690.exe
2014-06-18 14:32 - 2014-05-23 10:23 - 00000282 _____ () C:\Windows\Tasks\Driver Booster SkipUAC (Ruzena Kicurova).job
2014-06-16 10:46 - 2014-06-16 10:46 - 02617008 _____ (Ralink Technology, Corp.) C:\Windows\system32\Drivers\netr28x.sys
2014-06-16 10:46 - 2014-06-16 10:46 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2014-06-16 10:46 - 2014-06-16 10:46 - 00331568 _____ (Ralink Technology, Inc.) C:\Windows\system32\RaCoInstx.dll
2014-06-16 10:46 - 2014-06-16 10:46 - 00100312 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2014-06-16 10:46 - 2014-06-16 10:46 - 00013973 _____ () C:\Windows\system32\RaCoInst.dat
2014-06-16 10:46 - 2014-06-16 10:46 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2014-06-16 10:46 - 2013-08-08 14:13 - 00004092 _____ () C:\Windows\system32\RaCoInst.log
2014-06-16 10:46 - 2012-07-26 09:21 - 00039143 _____ () C:\Windows\setupact.log
2014-06-04 00:13 - 2014-06-04 00:13 - 00326312 _____ () C:\Windows\Minidump\060414-19812-01.dmp
2014-06-04 00:13 - 2013-08-08 14:18 - 338495670 _____ () C:\Windows\MEMORY.DMP
2014-06-04 00:13 - 2013-08-08 14:18 - 00000000 ____D () C:\Windows\Minidump
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-02 10:51
==================== End Of Log ============================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-07-2014
Ran by Ruzena Kicurova (administrator) on RUZENA on 02-07-2014 19:12:40
Running from C:\Users\Ruzena Kicurova\Desktop
Platform: Windows 8 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 10
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
() C:\Users\Ruzena Kicurova\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Ruzena Kicurova\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.6.112\AsusWSPanel.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [AuditSHD] => C:\windows\system32\oobe\auditshd.exe [31232 2012-07-26] (Microsoft Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5581888 2014-02-24] (ESET)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [GamingWonderland EPM Support] => "C:\PROGRA~2\GAMING~2\bar\1.bin\gtmedint.exe" T8EPMSUP.DLL,S
HKLM-x32\...\Run: [GamingWonderland Search Scope Monitor] => "C:\PROGRA~2\GAMING~2\bar\1.bin\gtsrchmn.exe" /m=2 /w /h
HKLM-x32\...\Run: [Marine Aquarium Lite EPM Support] => "C:\PROGRA~2\MARINE~2\bar\1.bin\57medint.exe" T8EPMSUP.DLL,S
HKLM-x32\...\Run: [Marine Aquarium Lite Search Scope Monitor] => "C:\PROGRA~2\MARINE~2\bar\1.bin\57srchmn.exe" /m=2 /w /h
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2745765-3501856421-523033783-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Ruzena Kicurova\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2745765-3501856421-523033783-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Ruzena Kicurova\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-2745765-3501856421-523033783-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2745765-3501856421-523033783-1001\...\Run: [Facebook Update] => C:\Users\Ruzena Kicurova\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-04-19] (Facebook Inc.)
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.6.112\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.6.112\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_U -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.6.112\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... &pc=ASU2JS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... &pc=ASU2JS
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {03154A8A-6B4F-45DE-B457-C0E5C9A8EC51} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKCU - {3B6D94B7-2BB4-455D-BC31-75BEBABF631B} URL = http://encyklopedie.seznam.cz/search?q= ... arch_16194
SearchScopes: HKCU - {4ED1E08D-F23D-430A-9565-371D8BD0C178} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_16194
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {805C3B75-2BC8-4022-9AF0-C7742449F783} URL = http://www.mapy.cz/?query={searchTerms} ... arch_16194
SearchScopes: HKCU - {8E0F27C7-4EAF-4AF4-9E8B-F4AE91EC25F1} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_16194
SearchScopes: HKCU - {C7DFFF0F-0E3A-4CB1-84DD-B2C3FBB03C3C} URL = http://search.seznam.cz/?q={searchTerms ... arch_16194
SearchScopes: HKCU - {D2C77159-1F44-4715-AED4-FFF09CE5083F} URL = http://www.novinky.cz/hledej?w={searchT ... arch_16194
SearchScopes: HKCU - {D3CF8925-DDF4-4985-BBC6-BDC82F96FF80} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
SearchScopes: HKCU - {E1D3ABB8-7DAE-4E5B-A912-98B5C8234A18} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
FireFox:
========
FF Plugin-x32: @GamingWonderland.com/Plugin - C:\Program Files (x86)\GamingWonderland\bar\1.bin\NPgtStub.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @MarineAquarium3Free_57.com/Plugin - C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\NP57Stub.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @lightspark.github.com/Lightspark;version=1 - C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Ruzena Kicurova\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Ruzena Kicurova\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-06-25]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-06-25]
==================== Services (Whitelisted) =================
R3 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R3 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1578496 2012-08-14] (IVT Corporation) [File not signed]
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2012-08-14] (IVT Corporation) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1343408 2014-02-24] (ESET)
R3 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R3 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R3 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2014-05-23] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
S2 MarineAquarium3Free_57Service; C:\PROGRA~2\MARINE~2\bar\1.bin\57barsvc.exe [X]
==================== Drivers (Whitelisted) ====================
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-04-16] (ASUS Corporation)
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [34912 2012-06-15] (Ralink Corporation.)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
U4 BthAvrcpTg;
U4 BthHFEnum;
U4 bthhfhid;
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [48736 2012-08-14] (Ralink Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [220232 2013-09-17] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-09-17] (ESET)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2014-06-16] (Intel Corporation)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [695392 2012-08-14] (Ralink Technology, Corp.)
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [34912 2012-06-15] (Ralink Corporation.)
S3 e1edc438-f640-4184-a443-d2a7c37a01dc; \??\G:\WTP 2.3.0 - testy\wtp\bin\690b33e1-0462-4e84-9bea-c7552b45432a.sys [X]
U0 msahci;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-02 19:12 - 2014-07-02 19:12 - 00029696 _____ () C:\Users\Ruzena Kicurova\AppData\Local\MSGBOX.EXE
2014-07-02 19:12 - 2014-07-02 19:12 - 00015327 _____ () C:\Users\Ruzena Kicurova\Desktop\LM.bat
2014-07-02 18:58 - 2014-07-02 18:43 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-07-02 18:45 - 2014-07-02 19:00 - 00009643 _____ () C:\zoek-results.log
2014-07-02 18:43 - 2014-07-02 18:56 - 00000000 ____D () C:\zoek_backup
2014-07-02 18:43 - 2014-07-02 18:43 - 01285120 _____ () C:\Users\Ruzena Kicurova\Desktop\zoek.exe
2014-07-02 18:32 - 2014-07-02 18:34 - 00000000 ____D () C:\AdwCleaner
2014-07-02 18:32 - 2014-07-02 18:32 - 01346519 _____ () C:\Users\Ruzena Kicurova\Desktop\adwcleaner_3.214.exe
2014-07-02 17:31 - 2014-07-02 17:32 - 00000034 _____ () C:\Users\Ruzena Kicurova\Desktop\Nový textový dokument.txt
2014-07-02 17:15 - 2014-07-02 19:13 - 00014935 _____ () C:\Users\Ruzena Kicurova\Desktop\FRST.txt
2014-07-02 17:14 - 2014-07-02 19:12 - 00000000 ____D () C:\FRST
2014-07-02 17:13 - 2014-07-02 17:13 - 00112640 _____ (forum.viry.cz) C:\Users\Ruzena Kicurova\Desktop\FRSTLauncher.exe
2014-07-02 17:12 - 2014-07-02 17:11 - 02083840 _____ (Farbar) C:\Users\Ruzena Kicurova\Desktop\FRST64.exe
2014-07-02 17:11 - 2014-07-02 17:11 - 02083840 _____ (Farbar) C:\Users\Ruzena Kicurova\Downloads\FRST64.exe
2014-06-26 13:45 - 2014-04-03 13:22 - 02233176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-25 18:54 - 2014-06-25 18:54 - 04748896 _____ (Piriform Ltd) C:\Users\Ruzena Kicurova\Downloads\ccleaner_4.14.4707.exe
2014-06-25 18:11 - 2014-06-25 18:11 - 00000000 ____D () C:\Users\Ruzena Kicurova\AppData\Roaming\ESET
2014-06-25 18:11 - 2014-06-25 18:11 - 00000000 ____D () C:\Users\Ruzena Kicurova\AppData\Local\ESET
2014-06-25 18:08 - 2014-06-25 18:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-06-25 18:08 - 2014-06-25 18:08 - 00000000 ____D () C:\ProgramData\ESET
2014-06-25 18:08 - 2014-06-25 18:08 - 00000000 ____D () C:\Program Files\ESET
2014-06-25 18:02 - 2014-05-24 04:48 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-25 18:02 - 2014-05-24 04:47 - 01366016 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-25 18:02 - 2014-05-24 04:47 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-06-25 18:02 - 2014-05-24 04:46 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-25 18:02 - 2014-05-24 04:46 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-06-25 18:02 - 2014-05-24 04:46 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-25 18:02 - 2014-05-24 03:26 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-25 18:02 - 2014-05-24 03:26 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-25 18:02 - 2014-05-24 03:26 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-25 18:02 - 2014-05-24 03:26 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-06-25 18:02 - 2014-05-24 03:25 - 13731328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-25 18:02 - 2014-05-24 03:25 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-25 18:02 - 2014-05-24 03:25 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-06-25 18:02 - 2014-05-24 03:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-25 18:02 - 2014-05-24 03:25 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-25 18:02 - 2014-05-24 03:09 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-25 18:02 - 2014-05-24 00:37 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-06-25 18:02 - 2014-05-03 07:47 - 03246592 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-25 18:02 - 2014-05-03 05:34 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-06-25 18:02 - 2014-04-30 00:32 - 01301504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-06-25 18:02 - 2014-04-30 00:22 - 01023488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-06-25 18:02 - 2014-04-03 13:19 - 00328024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-06-25 18:02 - 2014-04-03 05:44 - 00619008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-06-25 18:02 - 2014-04-01 00:08 - 00387268 _____ () C:\Windows\system32\ApnDatabase.xml
2014-06-25 18:02 - 2014-03-25 01:42 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2014-06-25 18:02 - 2014-03-25 00:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-06-25 18:01 - 2014-05-24 04:47 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-25 18:01 - 2014-05-24 04:47 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-06-25 18:01 - 2014-05-24 04:46 - 19290112 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-25 18:01 - 2014-05-24 04:46 - 15368704 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-25 18:01 - 2014-05-24 04:46 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-25 18:01 - 2014-05-24 04:46 - 02650112 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-25 18:01 - 2014-05-24 04:46 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-25 18:01 - 2014-05-24 04:46 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-25 18:01 - 2014-05-24 04:46 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-25 18:01 - 2014-05-24 04:46 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-25 18:01 - 2014-05-24 04:46 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-25 18:01 - 2014-05-24 04:45 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-25 18:01 - 2014-05-24 04:45 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-25 18:01 - 2014-05-24 04:45 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-25 18:01 - 2014-05-24 03:26 - 14365696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-25 18:01 - 2014-05-24 03:26 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-25 18:01 - 2014-05-24 03:26 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-25 18:01 - 2014-05-24 03:25 - 02862080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-25 18:01 - 2014-05-24 03:25 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-25 18:01 - 2014-05-24 03:25 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-06-25 18:01 - 2014-05-24 03:25 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-25 18:01 - 2014-05-24 03:25 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-25 18:01 - 2014-05-24 03:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-25 18:01 - 2014-05-24 03:03 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-25 17:59 - 2014-03-07 02:47 - 01419264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-25 17:59 - 2014-03-07 02:08 - 01845760 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-25 17:19 - 2014-06-25 17:19 - 00000000 ____D () C:\ProgramData\Licenses
2014-06-25 17:16 - 2014-07-02 18:31 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2014-06-25 17:16 - 2014-06-25 17:16 - 00000000 ____D () C:\ProgramData\Simply Super Software
2014-06-25 17:15 - 2014-06-25 17:15 - 29644704 _____ (Simply Super Software ) C:\Users\Ruzena Kicurova\Desktop\trjsetup690.exe
2014-06-16 10:46 - 2014-06-16 10:46 - 02617008 _____ (Ralink Technology, Corp.) C:\Windows\system32\Drivers\netr28x.sys
2014-06-16 10:46 - 2014-06-16 10:46 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2014-06-16 10:46 - 2014-06-16 10:46 - 00331568 _____ (Ralink Technology, Inc.) C:\Windows\system32\RaCoInstx.dll
2014-06-16 10:46 - 2014-06-16 10:46 - 00100312 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2014-06-16 10:46 - 2014-06-16 10:46 - 00013973 _____ () C:\Windows\system32\RaCoInst.dat
2014-06-16 10:46 - 2014-06-16 10:46 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2014-06-04 00:13 - 2014-06-04 00:13 - 00326312 _____ () C:\Windows\Minidump\060414-19812-01.dmp
==================== One Month Modified Files and Folders =======
2014-07-02 19:13 - 2014-07-02 17:15 - 00014935 _____ () C:\Users\Ruzena Kicurova\Desktop\FRST.txt
2014-07-02 19:12 - 2014-07-02 19:12 - 00029696 _____ () C:\Users\Ruzena Kicurova\AppData\Local\MSGBOX.EXE
2014-07-02 19:12 - 2014-07-02 19:12 - 00015327 _____ () C:\Users\Ruzena Kicurova\Desktop\LM.bat
2014-07-02 19:12 - 2014-07-02 17:14 - 00000000 ____D () C:\FRST
2014-07-02 19:05 - 2014-03-10 00:49 - 00000000 ____D () C:\Users\Ruzena Kicurova\AppData\Roaming\Seznam.cz
2014-07-02 19:05 - 2013-08-16 16:01 - 00003590 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2745765-3501856421-523033783-1001
2014-07-02 19:04 - 2012-08-15 18:46 - 00000739 _____ () C:\Windows\SysWOW64\bscs.ini
2014-07-02 19:02 - 2013-08-08 14:37 - 00003028 _____ () C:\Windows\System32\Tasks\ASUS USB Charger Plus
2014-07-02 19:02 - 2013-08-08 14:11 - 00003542 _____ () C:\Windows\System32\Tasks\ASUS Touchpad Launcher (x64)
2014-07-02 19:02 - 2013-08-08 14:10 - 00003222 _____ () C:\Windows\System32\Tasks\ASUS Patch for VIA Audio
2014-07-02 19:01 - 2013-08-16 21:20 - 00000000 ____D () C:\Users\Ruzena Kicurova\AppData\Roaming\Skype
2014-07-02 19:01 - 2013-08-16 15:55 - 00000401 _____ () C:\Users\Ruzena Kicurova\AppData\Roaming\sp_data.sys
2014-07-02 19:01 - 2013-08-08 14:37 - 00003114 _____ () C:\Windows\System32\Tasks\ASUS Live Update
2014-07-02 19:01 - 2013-08-08 14:37 - 00003056 _____ () C:\Windows\System32\Tasks\ASUS P4G
2014-07-02 19:01 - 2013-08-08 14:17 - 00004268 _____ () C:\Windows\SysWOW64\LOCALSERVICE.INI
2014-07-02 19:01 - 2013-08-08 14:17 - 00000043 _____ () C:\Windows\SysWOW64\LOCALDEVICE.INI
2014-07-02 19:00 - 2014-07-02 18:45 - 00009643 _____ () C:\zoek-results.log
2014-07-02 18:59 - 2012-08-02 15:24 - 00034786 _____ () C:\Windows\PFRO.log
2014-07-02 18:59 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-02 18:59 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-07-02 18:56 - 2014-07-02 18:43 - 00000000 ____D () C:\zoek_backup
2014-07-02 18:56 - 2013-08-16 15:54 - 00000000 ____D () C:\Users\Ruzena Kicurova
2014-07-02 18:43 - 2014-07-02 18:58 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-07-02 18:43 - 2014-07-02 18:43 - 01285120 _____ () C:\Users\Ruzena Kicurova\Desktop\zoek.exe
2014-07-02 18:34 - 2014-07-02 18:32 - 00000000 ____D () C:\AdwCleaner
2014-07-02 18:32 - 2014-07-02 18:32 - 01346519 _____ () C:\Users\Ruzena Kicurova\Desktop\adwcleaner_3.214.exe
2014-07-02 18:31 - 2014-06-25 17:16 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2014-07-02 18:02 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-07-02 17:32 - 2014-07-02 17:31 - 00000034 _____ () C:\Users\Ruzena Kicurova\Desktop\Nový textový dokument.txt
2014-07-02 17:13 - 2014-07-02 17:13 - 00112640 _____ (forum.viry.cz) C:\Users\Ruzena Kicurova\Desktop\FRSTLauncher.exe
2014-07-02 17:11 - 2014-07-02 17:12 - 02083840 _____ (Farbar) C:\Users\Ruzena Kicurova\Desktop\FRST64.exe
2014-07-02 17:11 - 2014-07-02 17:11 - 02083840 _____ (Farbar) C:\Users\Ruzena Kicurova\Downloads\FRST64.exe
2014-07-02 13:01 - 2013-08-16 15:52 - 01371647 _____ () C:\Windows\WindowsUpdate.log
2014-07-02 10:56 - 2014-04-19 13:51 - 00000982 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2745765-3501856421-523033783-1001UA.job
2014-07-01 13:56 - 2014-04-19 13:51 - 00000960 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2745765-3501856421-523033783-1001Core.job
2014-07-01 00:21 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-06-30 16:52 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-06-26 19:24 - 2012-08-02 20:06 - 00727488 _____ () C:\Windows\system32\perfh005.dat
2014-06-26 19:24 - 2012-08-02 20:06 - 00148006 _____ () C:\Windows\system32\perfc005.dat
2014-06-26 19:24 - 2012-07-26 09:28 - 01714430 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-26 10:25 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-06-25 20:02 - 2013-08-18 14:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-25 19:56 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-06-25 19:55 - 2013-08-18 14:12 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-25 18:54 - 2014-06-25 18:54 - 04748896 _____ (Piriform Ltd) C:\Users\Ruzena Kicurova\Downloads\ccleaner_4.14.4707.exe
2014-06-25 18:53 - 2014-03-10 00:48 - 00000000 ____D () C:\Program Files (x86)\PCData
2014-06-25 18:29 - 2014-03-10 22:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPlayCity.com
2014-06-25 18:29 - 2014-03-10 22:25 - 00000000 ____D () C:\Program Files (x86)\MyPlayCity.com
2014-06-25 18:15 - 2013-09-09 10:29 - 00435200 ___SH () C:\Users\Ruzena Kicurova\Desktop\Thumbs.db
2014-06-25 18:11 - 2014-06-25 18:11 - 00000000 ____D () C:\Users\Ruzena Kicurova\AppData\Roaming\ESET
2014-06-25 18:11 - 2014-06-25 18:11 - 00000000 ____D () C:\Users\Ruzena Kicurova\AppData\Local\ESET
2014-06-25 18:08 - 2014-06-25 18:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-06-25 18:08 - 2014-06-25 18:08 - 00000000 ____D () C:\ProgramData\ESET
2014-06-25 18:08 - 2014-06-25 18:08 - 00000000 ____D () C:\Program Files\ESET
2014-06-25 17:49 - 2014-05-23 10:24 - 00168111 _____ () C:\MyXML.xml
2014-06-25 17:49 - 2012-07-26 07:26 - 00000226 _____ () C:\Windows\win.ini
2014-06-25 17:48 - 2012-08-04 19:37 - 00000000 ____D () C:\ProgramData\McAfee
2014-06-25 17:44 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-06-25 17:34 - 2013-08-08 14:37 - 00000000 ____D () C:\ProgramData\Temp
2014-06-25 17:19 - 2014-06-25 17:19 - 00000000 ____D () C:\ProgramData\Licenses
2014-06-25 17:16 - 2014-06-25 17:16 - 00000000 ____D () C:\ProgramData\Simply Super Software
2014-06-25 17:15 - 2014-06-25 17:15 - 29644704 _____ (Simply Super Software ) C:\Users\Ruzena Kicurova\Desktop\trjsetup690.exe
2014-06-18 14:32 - 2014-05-23 10:23 - 00000282 _____ () C:\Windows\Tasks\Driver Booster SkipUAC (Ruzena Kicurova).job
2014-06-16 10:46 - 2014-06-16 10:46 - 02617008 _____ (Ralink Technology, Corp.) C:\Windows\system32\Drivers\netr28x.sys
2014-06-16 10:46 - 2014-06-16 10:46 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2014-06-16 10:46 - 2014-06-16 10:46 - 00331568 _____ (Ralink Technology, Inc.) C:\Windows\system32\RaCoInstx.dll
2014-06-16 10:46 - 2014-06-16 10:46 - 00100312 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2014-06-16 10:46 - 2014-06-16 10:46 - 00013973 _____ () C:\Windows\system32\RaCoInst.dat
2014-06-16 10:46 - 2014-06-16 10:46 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2014-06-16 10:46 - 2013-08-08 14:13 - 00004092 _____ () C:\Windows\system32\RaCoInst.log
2014-06-16 10:46 - 2012-07-26 09:21 - 00039143 _____ () C:\Windows\setupact.log
2014-06-04 00:13 - 2014-06-04 00:13 - 00326312 _____ () C:\Windows\Minidump\060414-19812-01.dmp
2014-06-04 00:13 - 2013-08-08 14:18 - 338495670 _____ () C:\Windows\MEMORY.DMP
2014-06-04 00:13 - 2013-08-08 14:18 - 00000000 ____D () C:\Windows\Minidump
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-02 10:51
==================== End Of Log ============================
-
ruzena.kicurova
- Návštěvník
- Příspěvky: 8
- Registrován: 02 črc 2014 16:21
Re: Zavirovaný komp?
Je to uz odvirovane? Jestli ano, moc dkuji
Re: Zavirovaný komp?
Jeste docistime Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Start PC Data App (HKLM-x32\...\PCData App) (Version: - ) <==== ATTENTION Surftastic (HKLM\...\Surftastic) (Version: 2014.03.07.205731 - Surftastic) <==== ATTENTION AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9 Task: C:\Windows\Tasks\Driver Booster SkipUAC (Ruzena Kicurova).job => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe <==== ATTENTION Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2745765-3501856421-523033783-1001Core.job => C:\Users\Ruzena Kicurova\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2745765-3501856421-523033783-1001UA.job => C:\Users\Ruzena Kicurova\AppData\Local\Facebook\Update\FacebookUpdate.exe HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey HKLM-x32\...\Run: [GamingWonderland EPM Support] => "C:\PROGRA~2\GAMING~2\bar\1.bin\gtmedint.exe" T8EPMSUP.DLL,S HKLM-x32\...\Run: [GamingWonderland Search Scope Monitor] => "C:\PROGRA~2\GAMING~2\bar\1.bin\gtsrchmn.exe" /m=2 /w /h HKLM-x32\...\Run: [Marine Aquarium Lite EPM Support] => "C:\PROGRA~2\MARINE~2\bar\1.bin\57medint.exe" T8EPMSUP.DLL,S HKLM-x32\...\Run: [Marine Aquarium Lite Search Scope Monitor] => "C:\PROGRA~2\MARINE~2\bar\1.bin\57srchmn.exe" /m=2 /w /h HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] () HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-21-2745765-3501856421-523033783-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Ruzena Kicurova\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] () HKU\S-1-5-21-2745765-3501856421-523033783-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Ruzena Kicurova\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] () HKU\S-1-5-21-2745765-3501856421-523033783-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.) HKU\S-1-5-21-2745765-3501856421-523033783-1001\...\Run: [Facebook Update] => C:\Users\Ruzena Kicurova\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-04-19] (Facebook Inc.) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} FF Plugin-x32: @GamingWonderland.com/Plugin - C:\Program Files (x86)\GamingWonderland\bar\1.bin\NPgtStub.dll No File FF Plugin-x32: @MarineAquarium3Free_57.com/Plugin - C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\NP57Stub.dll No File FF Plugin HKCU: @lightspark.github.com/Lightspark;version=1 - C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation) S2 MarineAquarium3Free_57Service; C:\PROGRA~2\MARINE~2\bar\1.bin\57barsvc.exe [X] S3 e1edc438-f640-4184-a443-d2a7c37a01dc; \??\G:\WTP 2.3.0 - testy\wtp\bin\690b33e1-0462-4e84-9bea-c7552b45432a.sys [X] U0 msahci; C:\Program Files\McAfee.com C:\Program Files (x86)\IObit C:\Program Files (x86)\Skype\Toolbars 2014-07-02 19:12 - 2014-07-02 19:12 - 00029696 _____ () C:\Users\Ruzena Kicurova\AppData\Local\MSGBOX.EXE 2014-07-02 19:12 - 2014-07-02 19:12 - 00015327 _____ () C:\Users\Ruzena Kicurova\Desktop\LM.bat 2014-07-02 18:58 - 2014-07-02 18:43 - 00024064 _____ () C:\Windows\zoek-delete.exe 2014-07-02 18:45 - 2014-07-02 19:00 - 00009643 _____ () C:\zoek-results.log 2014-07-02 18:43 - 2014-07-02 18:56 - 00000000 ____D () C:\zoek_backup 2014-07-02 18:43 - 2014-07-02 18:43 - 01285120 _____ () C:\Users\Ruzena Kicurova\Desktop\zoek.exe 2014-07-02 18:32 - 2014-07-02 18:34 - 00000000 ____D () C:\AdwCleaner 2014-07-02 18:32 - 2014-07-02 18:32 - 01346519 _____ () C:\Users\Ruzena Kicurova\Desktop\adwcleaner_3.214.exe 2014-07-02 17:31 - 2014-07-02 17:32 - 00000034 _____ () C:\Users\Ruzena Kicurova\Desktop\Nový textový dokument.txt 2014-07-02 17:15 - 2014-07-02 19:13 - 00014935 _____ () C:\Users\Ruzena Kicurova\Desktop\FRST.txt 2014-07-02 17:13 - 2014-07-02 17:13 - 00112640 _____ (forum.viry.cz) C:\Users\Ruzena Kicurova\Desktop\FRSTLauncher.exe 2014-07-02 17:11 - 2014-07-02 17:11 - 02083840 _____ (Farbar) C:\Users\Ruzena Kicurova\Downloads\FRST64.exe 2014-06-25 18:54 - 2014-06-25 18:54 - 04748896 _____ (Piriform Ltd) C:\Users\Ruzena Kicurova\Downloads\ccleaner_4.14.4707.exe 2014-06-25 17:16 - 2014-07-02 18:31 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover 2014-06-25 17:16 - 2014-06-25 17:16 - 00000000 ____D () C:\ProgramData\Simply Super Software 2014-06-25 17:15 - 2014-06-25 17:15 - 29644704 _____ (Simply Super Software ) C:\Users\Ruzena Kicurova\Desktop\trjsetup690.exe Hosts: Reboot: End- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
- Kliknete na Fix
- Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
ruzena.kicurova
- Návštěvník
- Příspěvky: 8
- Registrován: 02 črc 2014 16:21
Re: Zavirovaný komp?
Log zde
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-07-2014
Ran by Ruzena Kicurova at 2014-07-02 20:08:56 Run:1
Running from C:\Users\Ruzena Kicurova\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
PC Data App (HKLM-x32\...\PCData App) (Version: - ) <==== ATTENTION
Surftastic (HKLM\...\Surftastic) (Version: 2014.03.07.205731 - Surftastic) <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9
Task: C:\Windows\Tasks\Driver Booster SkipUAC (Ruzena Kicurova).job => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe <==== ATTENTION
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2745765-3501856421-523033783-1001Core.job => C:\Users\Ruzena Kicurova\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2745765-3501856421-523033783-1001UA.job => C:\Users\Ruzena Kicurova\AppData\Local\Facebook\Update\FacebookUpdate.exe
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [GamingWonderland EPM Support] => "C:\PROGRA~2\GAMING~2\bar\1.bin\gtmedint.exe" T8EPMSUP.DLL,S
HKLM-x32\...\Run: [GamingWonderland Search Scope Monitor] => "C:\PROGRA~2\GAMING~2\bar\1.bin\gtsrchmn.exe" /m=2 /w /h
HKLM-x32\...\Run: [Marine Aquarium Lite EPM Support] => "C:\PROGRA~2\MARINE~2\bar\1.bin\57medint.exe" T8EPMSUP.DLL,S
HKLM-x32\...\Run: [Marine Aquarium Lite Search Scope Monitor] => "C:\PROGRA~2\MARINE~2\bar\1.bin\57srchmn.exe" /m=2 /w /h
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2745765-3501856421-523033783-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Ruzena Kicurova\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2745765-3501856421-523033783-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Ruzena Kicurova\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-2745765-3501856421-523033783-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2745765-3501856421-523033783-1001\...\Run: [Facebook Update] => C:\Users\Ruzena Kicurova\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-04-19] (Facebook Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... &pc=ASU2JS
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
FF Plugin-x32: @GamingWonderland.com/Plugin - C:\Program Files (x86)\GamingWonderland\bar\1.bin\NPgtStub.dll No File
FF Plugin-x32: @MarineAquarium3Free_57.com/Plugin - C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\NP57Stub.dll No File
FF Plugin HKCU: @lightspark.github.com/Lightspark;version=1 - C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
S2 MarineAquarium3Free_57Service; C:\PROGRA~2\MARINE~2\bar\1.bin\57barsvc.exe [X]
S3 e1edc438-f640-4184-a443-d2a7c37a01dc; \??\G:\WTP 2.3.0 - testy\wtp\bin\690b33e1-0462-4e84-9bea-c7552b45432a.sys [X]
U0 msahci;
C:\Program Files\McAfee.com
C:\Program Files (x86)\IObit
C:\Program Files (x86)\Skype\Toolbars
2014-07-02 19:12 - 2014-07-02 19:12 - 00029696 _____ () C:\Users\Ruzena Kicurova\AppData\Local\MSGBOX.EXE
2014-07-02 19:12 - 2014-07-02 19:12 - 00015327 _____ () C:\Users\Ruzena Kicurova\Desktop\LM.bat
2014-07-02 18:58 - 2014-07-02 18:43 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-07-02 18:45 - 2014-07-02 19:00 - 00009643 _____ () C:\zoek-results.log
2014-07-02 18:43 - 2014-07-02 18:56 - 00000000 ____D () C:\zoek_backup
2014-07-02 18:43 - 2014-07-02 18:43 - 01285120 _____ () C:\Users\Ruzena Kicurova\Desktop\zoek.exe
2014-07-02 18:32 - 2014-07-02 18:34 - 00000000 ____D () C:\AdwCleaner
2014-07-02 18:32 - 2014-07-02 18:32 - 01346519 _____ () C:\Users\Ruzena Kicurova\Desktop\adwcleaner_3.214.exe
2014-07-02 17:31 - 2014-07-02 17:32 - 00000034 _____ () C:\Users\Ruzena Kicurova\Desktop\Nový textový dokument.txt
2014-07-02 17:15 - 2014-07-02 19:13 - 00014935 _____ () C:\Users\Ruzena Kicurova\Desktop\FRST.txt
2014-07-02 17:13 - 2014-07-02 17:13 - 00112640 _____ (forum.viry.cz) C:\Users\Ruzena Kicurova\Desktop\FRSTLauncher.exe
2014-07-02 17:11 - 2014-07-02 17:11 - 02083840 _____ (Farbar) C:\Users\Ruzena Kicurova\Downloads\FRST64.exe
2014-06-25 18:54 - 2014-06-25 18:54 - 04748896 _____ (Piriform Ltd) C:\Users\Ruzena Kicurova\Downloads\ccleaner_4.14.4707.exe
2014-06-25 17:16 - 2014-07-02 18:31 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2014-06-25 17:16 - 2014-06-25 17:16 - 00000000 ____D () C:\ProgramData\Simply Super Software
2014-06-25 17:15 - 2014-06-25 17:15 - 29644704 _____ (Simply Super Software ) C:\Users\Ruzena Kicurova\Desktop\trjsetup690.exe
Hosts:
Reboot:
End
*****************
C:\ProgramData\Temp => ":CB0AACC9" ADS removed successfully.
C:\Windows\Tasks\Driver Booster SkipUAC (Ruzena Kicurova).job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2745765-3501856421-523033783-1001Core.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2745765-3501856421-523033783-1001UA.job => Moved successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mcui_exe => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\GamingWonderland EPM Support => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\GamingWonderland Search Scope Monitor => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Marine Aquarium Lite EPM Support => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Marine Aquarium Lite Search Scope Monitor => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value deleted successfully.
HKU\S-1-5-21-2745765-3501856421-523033783-1001\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => value deleted successfully.
HKU\S-1-5-21-2745765-3501856421-523033783-1001\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => value deleted successfully.
HKU\S-1-5-21-2745765-3501856421-523033783-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value deleted successfully.
HKU\S-1-5-21-2745765-3501856421-523033783-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => value deleted successfully.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}' => Key deleted successfully.
'HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}'=> Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
'HKLM\Software\Wow6432Node\MozillaPlugins\@GamingWonderland.com/Plugin' => Key deleted successfully.
C:\Program Files (x86)\GamingWonderland\bar\1.bin\NPgtStub.dll not found.
'HKLM\Software\Wow6432Node\MozillaPlugins\@MarineAquarium3Free_57.com/Plugin' => Key deleted successfully.
C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\NP57Stub.dll not found.
'HKCU\Software\MozillaPlugins\@lightspark.github.com/Lightspark;version=1' => Key deleted successfully.
C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll not found.
c2cautoupdatesvc => Unable to stop service
c2cautoupdatesvc => Service deleted successfully.
MarineAquarium3Free_57Service => Service deleted successfully.
e1edc438-f640-4184-a443-d2a7c37a01dc => Service deleted successfully.
msahci => Service deleted successfully.
"C:\Program Files\McAfee.com" => File/Directory not found.
C:\Program Files (x86)\IObit => Moved successfully.
C:\Program Files (x86)\Skype\Toolbars => Moved successfully.
C:\Users\Ruzena Kicurova\AppData\Local\MSGBOX.EXE => Moved successfully.
C:\Users\Ruzena Kicurova\Desktop\LM.bat => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Ruzena Kicurova\Desktop\zoek.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Ruzena Kicurova\Desktop\adwcleaner_3.214.exe => Moved successfully.
C:\Users\Ruzena Kicurova\Desktop\Nový textový dokument.txt => Moved successfully.
C:\Users\Ruzena Kicurova\Desktop\FRST.txt => Moved successfully.
C:\Users\Ruzena Kicurova\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Users\Ruzena Kicurova\Downloads\FRST64.exe => Moved successfully.
C:\Users\Ruzena Kicurova\Downloads\ccleaner_4.14.4707.exe => Moved successfully.
C:\Program Files (x86)\Trojan Remover => Moved successfully.
C:\ProgramData\Simply Super Software => Moved successfully.
C:\Users\Ruzena Kicurova\Desktop\trjsetup690.exe => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
The system needed a reboot.
==== End of Fixlog ====
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-07-2014
Ran by Ruzena Kicurova at 2014-07-02 20:08:56 Run:1
Running from C:\Users\Ruzena Kicurova\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
PC Data App (HKLM-x32\...\PCData App) (Version: - ) <==== ATTENTION
Surftastic (HKLM\...\Surftastic) (Version: 2014.03.07.205731 - Surftastic) <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9
Task: C:\Windows\Tasks\Driver Booster SkipUAC (Ruzena Kicurova).job => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe <==== ATTENTION
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2745765-3501856421-523033783-1001Core.job => C:\Users\Ruzena Kicurova\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2745765-3501856421-523033783-1001UA.job => C:\Users\Ruzena Kicurova\AppData\Local\Facebook\Update\FacebookUpdate.exe
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [GamingWonderland EPM Support] => "C:\PROGRA~2\GAMING~2\bar\1.bin\gtmedint.exe" T8EPMSUP.DLL,S
HKLM-x32\...\Run: [GamingWonderland Search Scope Monitor] => "C:\PROGRA~2\GAMING~2\bar\1.bin\gtsrchmn.exe" /m=2 /w /h
HKLM-x32\...\Run: [Marine Aquarium Lite EPM Support] => "C:\PROGRA~2\MARINE~2\bar\1.bin\57medint.exe" T8EPMSUP.DLL,S
HKLM-x32\...\Run: [Marine Aquarium Lite Search Scope Monitor] => "C:\PROGRA~2\MARINE~2\bar\1.bin\57srchmn.exe" /m=2 /w /h
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2745765-3501856421-523033783-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Ruzena Kicurova\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2745765-3501856421-523033783-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Ruzena Kicurova\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-2745765-3501856421-523033783-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2745765-3501856421-523033783-1001\...\Run: [Facebook Update] => C:\Users\Ruzena Kicurova\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-04-19] (Facebook Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... &pc=ASU2JS
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
FF Plugin-x32: @GamingWonderland.com/Plugin - C:\Program Files (x86)\GamingWonderland\bar\1.bin\NPgtStub.dll No File
FF Plugin-x32: @MarineAquarium3Free_57.com/Plugin - C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\NP57Stub.dll No File
FF Plugin HKCU: @lightspark.github.com/Lightspark;version=1 - C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
S2 MarineAquarium3Free_57Service; C:\PROGRA~2\MARINE~2\bar\1.bin\57barsvc.exe [X]
S3 e1edc438-f640-4184-a443-d2a7c37a01dc; \??\G:\WTP 2.3.0 - testy\wtp\bin\690b33e1-0462-4e84-9bea-c7552b45432a.sys [X]
U0 msahci;
C:\Program Files\McAfee.com
C:\Program Files (x86)\IObit
C:\Program Files (x86)\Skype\Toolbars
2014-07-02 19:12 - 2014-07-02 19:12 - 00029696 _____ () C:\Users\Ruzena Kicurova\AppData\Local\MSGBOX.EXE
2014-07-02 19:12 - 2014-07-02 19:12 - 00015327 _____ () C:\Users\Ruzena Kicurova\Desktop\LM.bat
2014-07-02 18:58 - 2014-07-02 18:43 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-07-02 18:45 - 2014-07-02 19:00 - 00009643 _____ () C:\zoek-results.log
2014-07-02 18:43 - 2014-07-02 18:56 - 00000000 ____D () C:\zoek_backup
2014-07-02 18:43 - 2014-07-02 18:43 - 01285120 _____ () C:\Users\Ruzena Kicurova\Desktop\zoek.exe
2014-07-02 18:32 - 2014-07-02 18:34 - 00000000 ____D () C:\AdwCleaner
2014-07-02 18:32 - 2014-07-02 18:32 - 01346519 _____ () C:\Users\Ruzena Kicurova\Desktop\adwcleaner_3.214.exe
2014-07-02 17:31 - 2014-07-02 17:32 - 00000034 _____ () C:\Users\Ruzena Kicurova\Desktop\Nový textový dokument.txt
2014-07-02 17:15 - 2014-07-02 19:13 - 00014935 _____ () C:\Users\Ruzena Kicurova\Desktop\FRST.txt
2014-07-02 17:13 - 2014-07-02 17:13 - 00112640 _____ (forum.viry.cz) C:\Users\Ruzena Kicurova\Desktop\FRSTLauncher.exe
2014-07-02 17:11 - 2014-07-02 17:11 - 02083840 _____ (Farbar) C:\Users\Ruzena Kicurova\Downloads\FRST64.exe
2014-06-25 18:54 - 2014-06-25 18:54 - 04748896 _____ (Piriform Ltd) C:\Users\Ruzena Kicurova\Downloads\ccleaner_4.14.4707.exe
2014-06-25 17:16 - 2014-07-02 18:31 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2014-06-25 17:16 - 2014-06-25 17:16 - 00000000 ____D () C:\ProgramData\Simply Super Software
2014-06-25 17:15 - 2014-06-25 17:15 - 29644704 _____ (Simply Super Software ) C:\Users\Ruzena Kicurova\Desktop\trjsetup690.exe
Hosts:
Reboot:
End
*****************
C:\ProgramData\Temp => ":CB0AACC9" ADS removed successfully.
C:\Windows\Tasks\Driver Booster SkipUAC (Ruzena Kicurova).job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2745765-3501856421-523033783-1001Core.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2745765-3501856421-523033783-1001UA.job => Moved successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mcui_exe => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\GamingWonderland EPM Support => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\GamingWonderland Search Scope Monitor => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Marine Aquarium Lite EPM Support => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Marine Aquarium Lite Search Scope Monitor => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value deleted successfully.
HKU\S-1-5-21-2745765-3501856421-523033783-1001\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => value deleted successfully.
HKU\S-1-5-21-2745765-3501856421-523033783-1001\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => value deleted successfully.
HKU\S-1-5-21-2745765-3501856421-523033783-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value deleted successfully.
HKU\S-1-5-21-2745765-3501856421-523033783-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => value deleted successfully.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}' => Key deleted successfully.
'HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}'=> Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
'HKLM\Software\Wow6432Node\MozillaPlugins\@GamingWonderland.com/Plugin' => Key deleted successfully.
C:\Program Files (x86)\GamingWonderland\bar\1.bin\NPgtStub.dll not found.
'HKLM\Software\Wow6432Node\MozillaPlugins\@MarineAquarium3Free_57.com/Plugin' => Key deleted successfully.
C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\NP57Stub.dll not found.
'HKCU\Software\MozillaPlugins\@lightspark.github.com/Lightspark;version=1' => Key deleted successfully.
C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll not found.
c2cautoupdatesvc => Unable to stop service
c2cautoupdatesvc => Service deleted successfully.
MarineAquarium3Free_57Service => Service deleted successfully.
e1edc438-f640-4184-a443-d2a7c37a01dc => Service deleted successfully.
msahci => Service deleted successfully.
"C:\Program Files\McAfee.com" => File/Directory not found.
C:\Program Files (x86)\IObit => Moved successfully.
C:\Program Files (x86)\Skype\Toolbars => Moved successfully.
C:\Users\Ruzena Kicurova\AppData\Local\MSGBOX.EXE => Moved successfully.
C:\Users\Ruzena Kicurova\Desktop\LM.bat => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Ruzena Kicurova\Desktop\zoek.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Ruzena Kicurova\Desktop\adwcleaner_3.214.exe => Moved successfully.
C:\Users\Ruzena Kicurova\Desktop\Nový textový dokument.txt => Moved successfully.
C:\Users\Ruzena Kicurova\Desktop\FRST.txt => Moved successfully.
C:\Users\Ruzena Kicurova\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Users\Ruzena Kicurova\Downloads\FRST64.exe => Moved successfully.
C:\Users\Ruzena Kicurova\Downloads\ccleaner_4.14.4707.exe => Moved successfully.
C:\Program Files (x86)\Trojan Remover => Moved successfully.
C:\ProgramData\Simply Super Software => Moved successfully.
C:\Users\Ruzena Kicurova\Desktop\trjsetup690.exe => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
The system needed a reboot.
==== End of Fixlog ====
Re: Zavirovaný komp?
Tak jeste uklidime 
T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe
OTC http://oldtimer.geekstogo.com/OTC.exe
TFC http://oldtimer.geekstogo.com/TFC.exe
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
A pokud nejsou problemy ci dotazy, je to z me strany vse 
T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A pokud nejsou problemy ci dotazy, je to z me strany vse "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
ruzena.kicurova
- Návštěvník
- Příspěvky: 8
- Registrován: 02 črc 2014 16:21
Re: Zavirovaný komp?
Dekuji mnohokrat, prispeju na chod fora. Na napsanou 
Re: Zavirovaný komp?
Nemate zac, rad jsem pomohl 
Zase nekdy 
Za podporu fora jmenem celeho tymu dekuji
Na rozloucenou vam zahraje nase kapela
A na zaklade Pravidla o zamykani temat
Zase nekdy Za podporu fora jmenem celeho tymu dekuji
Na rozloucenou vam zahraje nase kapela
A na zaklade Pravidla o zamykani temat
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?