Prosím o pomoc
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-09-2014
Ran by Smidaci (administrator) on SMIDACI-PC on 10-09-2014 20:39:27
Running from C:\Users\Smidaci\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
() C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Sidebar\sidebar.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe
() C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
() C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(forum.viry.cz) C:\Users\Smidaci\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2245120 2009-07-24] (VIA)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [MSStp] => C:\Windows\inf\msstp.vbe [1584 2014-03-05] ()
HKLM-x32\...\Run: [mnctwxpgrSrv] => C:\Windows\SysWOW64\mnctwxpgr.vbe [7670 2014-03-05] ()
HKU\S-1-5-21-2303957841-3669098053-2568940452-1000\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [2699344 2011-11-26] (Plex, Inc.)
HKU\S-1-5-21-2303957841-3669098053-2568940452-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [380928 2009-06-14] (AMD)
HKU\S-1-5-21-2303957841-3669098053-2568940452-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2303957841-3669098053-2568940452-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
GroupPolicyUsers\S-1-5-21-2303957841-3669098053-2568940452-1006\User: Group Policy restriction detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: No Name -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> No File
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: No Name -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> No File
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\Smidaci\AppData\Roaming\Mozilla\Firefox\Profiles\h8136swd.default-1410290679118
FF DefaultSearchEngine: Seznam
FF SelectedSearchEngine: Seznam
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\istartsurf.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Smidaci\AppData\Roaming\Mozilla\Firefox\Profiles\xxoz7e2m.default\extensions\faststartff@gmail.com
Chrome:
=======
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-01-23] (Adobe Systems) [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-06] (Advanced Micro Devices, Inc.) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R3 Disc Soft Bus Service; C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe [632352 2013-05-23] (Disc Soft Ltd)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2014-05-24] ()
S2 WinRST; C:\Program Files (x86)\WinRST\WinRST.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2009-04-06] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
R3 dtscsibus; C:\Windows\System32\DRIVERS\dtscsibus.sys [29696 2014-01-23] (Disc Soft Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R1 {00c97d86-accb-4288-9972-6d929c1fe93a}Gw64; C:\Windows\System32\drivers\{00c97d86-accb-4288-9972-6d929c1fe93a}Gw64.sys [61008 2014-09-01] (StdLib)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [X]
S3 X6va021; \??\C:\Windows\SysWOW64\Drivers\X6va021 [X]
S3 X6va022; \??\C:\Windows\SysWOW64\Drivers\X6va022 [X]
S3 X6va025; \??\C:\Windows\SysWOW64\Drivers\X6va025 [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-10 20:39 - 2014-09-10 20:39 - 00012385 _____ () C:\Users\Smidaci\Desktop\FRST.txt
2014-09-10 20:39 - 2014-09-10 20:39 - 00000000 ____D () C:\FRST
2014-09-10 20:38 - 2014-09-10 20:38 - 00015327 _____ () C:\Users\Smidaci\Desktop\LM.bat
2014-09-10 20:37 - 2014-09-10 20:38 - 00029696 _____ () C:\Users\Smidaci\AppData\Local\MSGBOX.EXE
2014-09-10 20:36 - 2014-09-10 20:36 - 00112640 _____ (forum.viry.cz) C:\Users\Smidaci\Desktop\FRSTLauncher.exe
2014-09-10 20:35 - 2014-09-10 20:35 - 02105856 _____ (Farbar) C:\Users\Smidaci\Desktop\FRST64.exe
2014-09-10 19:51 - 2014-09-10 20:21 - 00000000 ____D () C:\ProgramData\clp
2014-09-10 19:49 - 2014-09-10 19:49 - 02380312 _____ (SPAMfighter ApS) C:\Users\Smidaci\Downloads\spywarefighter.exe
2014-09-10 19:46 - 2014-09-10 19:47 - 00090272 _____ () C:\Users\Smidaci\Desktop\záloha registru.reg
2014-09-09 21:42 - 2014-09-09 21:42 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-09 21:42 - 2014-09-09 21:42 - 00000000 _____ () C:\autoexec.bat
2014-09-09 21:41 - 2014-09-10 18:53 - 00000000 ____D () C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-09-09 21:40 - 2014-09-09 21:40 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Smidaci\Downloads\SpyHunter-Installer.exe
2014-09-09 21:24 - 2014-09-09 21:24 - 00000000 ____D () C:\Users\Smidaci\Desktop\Původní data aplikace Firefox
2014-09-09 21:05 - 2014-09-09 21:05 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-09-09 18:25 - 2014-09-09 18:25 - 00000003 _____ () C:\Users\VoKu\stut
2014-09-09 18:23 - 2014-09-10 17:12 - 00000330 _____ () C:\Users\VoKu\rgut
2014-09-09 18:23 - 2014-09-09 18:23 - 00000000 __SHD () C:\Users\VoKu\AppData\Local\EmieUserList
2014-09-09 18:23 - 2014-09-09 18:23 - 00000000 __SHD () C:\Users\VoKu\AppData\Local\EmieSiteList
2014-09-04 19:59 - 2014-09-10 20:38 - 00000672 _____ () C:\Windows\setupact.log
2014-09-04 19:59 - 2014-09-04 19:59 - 00001550 _____ () C:\Windows\PFRO.log
2014-09-04 19:59 - 2014-09-04 19:59 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-03 21:39 - 2014-09-03 21:39 - 00000003 _____ () C:\Users\Smidaci\stut
2014-09-03 21:37 - 2014-09-10 20:39 - 00000330 _____ () C:\Users\Smidaci\rgut
2014-09-03 21:30 - 2014-09-03 21:30 - 00000000 ____D () C:\ProgramData\374311380
2014-09-03 21:22 - 2014-09-04 21:46 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-09-03 21:22 - 2014-09-03 21:22 - 00003124 _____ () C:\Windows\System32\Tasks\{F260045E-39BD-4957-ABD6-47D5BDCD6B71}
2014-09-03 21:22 - 2014-09-03 21:22 - 00000000 ____D () C:\Users\Smidaci\AppData\Local\globalUpdate
2014-09-03 21:15 - 2014-09-01 04:34 - 00061008 _____ (StdLib) C:\Windows\system32\Drivers\{00c97d86-accb-4288-9972-6d929c1fe93a}Gw64.sys
2014-09-03 21:13 - 2014-09-03 21:31 - 00000000 ____D () C:\Users\Public\Documents\GOOBZO
2014-09-03 21:13 - 2014-09-03 21:31 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-03 21:13 - 2014-09-03 21:13 - 00000000 ____D () C:\Users\Public\Documents\YTAHelper
2014-09-03 21:12 - 2014-09-03 21:12 - 00000000 ____D () C:\Users\Smidaci\AppData\Local\CrashRpt
2014-09-03 21:12 - 2014-09-03 21:12 - 00000000 ____D () C:\Users\Public\Documents\ShopperPro
2014-09-03 21:08 - 2014-09-03 21:08 - 00000000 ____D () C:\Users\Smidaci\Documents\Optimizer Pro
2014-09-03 21:04 - 2014-09-03 21:23 - 00000000 ____D () C:\Users\Smidaci\AppData\Roaming\istartsurf
2014-09-03 21:04 - 2014-09-03 21:12 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-09-03 21:04 - 2014-09-03 21:05 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-09-03 21:04 - 2014-09-03 21:04 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-09-03 21:03 - 2014-09-09 21:05 - 00000000 ____D () C:\Program Files (x86)\Xbox 360 Emulatorx
2014-09-03 21:03 - 2014-09-03 21:30 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-09-03 20:47 - 2014-09-03 20:47 - 00000000 ____D () C:\Windows\SysWOW64\bitstreams
2014-09-03 20:47 - 2014-03-05 23:19 - 00007670 ____S () C:\Windows\SysWOW64\mnctwxpgr.vbe
2014-09-03 20:47 - 2013-12-10 01:30 - 10236928 ____S () C:\Windows\SysWOW64\acumnctwxpgr.exe
2014-09-03 20:47 - 2013-10-26 21:30 - 01704448 ____S (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\libeay32.dll
2014-09-03 20:47 - 2013-10-26 21:30 - 00972814 ____S () C:\Windows\SysWOW64\dcgmnctwxpgr.exe
2014-09-03 20:47 - 2013-10-26 21:30 - 00538126 ____S () C:\Windows\SysWOW64\libcurl-4.dll
2014-09-03 20:47 - 2013-10-26 21:30 - 00364544 ____S (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\ssleay32.dll
2014-09-03 20:47 - 2013-10-26 21:30 - 00192512 ____S () C:\Windows\SysWOW64\libidn-11.dll
2014-09-03 20:47 - 2013-10-26 21:30 - 00171008 ____S (The libssh2 library, http://www.libssh2.org/) C:\Windows\SysWOW64\libssh2.dll
2014-09-03 20:47 - 2013-10-26 21:30 - 00133632 ____S () C:\Windows\SysWOW64\librtmp.dll
2014-09-03 20:47 - 2013-10-26 21:30 - 00044727 ____S () C:\Windows\SysWOW64\diablo130302.cl
2014-09-03 20:47 - 2013-10-26 21:30 - 00043810 ____S () C:\Windows\SysWOW64\poclbm130302.cl
2014-09-03 20:47 - 2013-10-26 21:30 - 00030802 ____S () C:\Windows\SysWOW64\diakgcn121016.cl
2014-09-03 20:47 - 2013-10-26 21:30 - 00023825 ____S () C:\Windows\SysWOW64\scrypt130511.cl
2014-09-03 20:47 - 2013-10-26 21:30 - 00013062 ____S () C:\Windows\SysWOW64\phatk121016.cl
2014-09-03 20:47 - 2013-07-18 17:06 - 00187904 ____S () C:\Windows\SysWOW64\lcpmnctwxpgr.exe
2014-09-03 20:47 - 2013-06-12 16:15 - 00119888 ____S (Open Source Software community LGPL) C:\Windows\SysWOW64\pthreadGC2.dll
2014-09-03 20:47 - 2013-06-12 16:15 - 00100864 ____S () C:\Windows\SysWOW64\zlib1.dll
2014-09-03 20:47 - 2012-09-26 00:46 - 00472424 ____S (NVIDIA Corporation) C:\Windows\SysWOW64\cudart32_50_35.dll
2014-09-03 20:47 - 2012-05-27 02:36 - 00055808 ____S (Open Source Software community LGPL) C:\Windows\SysWOW64\pthreadVC2.dll
2014-09-03 19:08 - 2014-09-03 19:08 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2014-09-03 19:08 - 2009-08-13 16:40 - 01436920 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2014-08-28 12:53 - 2014-08-28 12:53 - 00000000 ____D () C:\Users\VoKu\Documents\Ulozto
2014-08-28 12:53 - 2014-08-28 12:53 - 00000000 ____D () C:\Users\VoKu\AppData\Roaming\Ulozto File Manager
2014-08-28 12:52 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 12:52 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 12:52 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 18:22 - 2014-08-27 18:22 - 00000427 _____ () C:\Users\VoKu\Desktop\Jednotka CD-ROM – zástupce.lnk
2014-08-26 17:07 - 2014-08-26 17:09 - 00000000 ____D () C:\Users\Smidaci\AppData\Roaming\vlc
2014-08-22 12:21 - 2014-08-22 12:21 - 00000000 ____D () C:\Users\VoKu\AppData\Roaming\Thunderbird
2014-08-22 12:21 - 2014-08-22 12:21 - 00000000 ____D () C:\Users\VoKu\AppData\Local\Thunderbird
2014-08-17 22:07 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-17 22:07 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-17 22:07 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-17 22:07 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-17 22:07 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-17 22:07 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-17 22:07 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-17 22:07 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-17 21:29 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-17 21:29 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-17 21:29 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-17 21:29 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-17 21:29 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-17 21:29 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-17 21:29 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-17 21:29 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-17 21:29 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-17 21:29 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-17 21:29 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-17 21:29 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-17 21:29 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-17 21:29 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-17 21:29 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-17 21:29 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-17 21:29 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-17 21:29 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-17 21:29 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-17 21:29 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-17 21:29 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-17 21:29 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-17 21:29 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-17 21:29 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-17 21:29 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-17 21:29 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-17 21:29 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-17 21:29 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-17 21:29 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-17 21:29 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-17 21:29 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-17 21:29 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-17 21:29 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-17 21:29 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-17 21:29 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-17 21:29 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-17 21:29 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-17 21:29 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-17 21:29 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-17 21:29 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-17 21:29 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-17 21:29 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-17 21:29 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-17 21:29 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-17 21:29 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-17 21:29 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-17 21:29 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-17 21:29 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-17 21:29 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-17 21:29 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-17 21:29 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-17 21:29 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-17 21:29 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-17 21:29 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-17 21:29 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-17 21:29 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-17 21:29 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-17 21:29 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-17 21:29 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-17 21:29 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-17 21:29 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-17 21:28 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-17 21:28 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-17 21:28 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-17 21:28 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-17 21:28 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-17 21:28 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-17 21:28 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-17 21:28 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-17 21:28 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-17 21:28 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-17 21:28 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-10 20:39 - 2014-09-10 20:39 - 00012385 _____ () C:\Users\Smidaci\Desktop\FRST.txt
2014-09-10 20:39 - 2014-09-10 20:39 - 00000000 ____D () C:\FRST
2014-09-10 20:39 - 2014-09-03 21:37 - 00000330 _____ () C:\Users\Smidaci\rgut
2014-09-10 20:38 - 2014-09-10 20:38 - 00015327 _____ () C:\Users\Smidaci\Desktop\LM.bat
2014-09-10 20:38 - 2014-09-10 20:37 - 00029696 _____ () C:\Users\Smidaci\AppData\Local\MSGBOX.EXE
2014-09-10 20:38 - 2014-09-04 19:59 - 00000672 _____ () C:\Windows\setupact.log
2014-09-10 20:38 - 2014-04-26 15:35 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-09-10 20:38 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-10 20:37 - 2014-01-23 09:42 - 01939147 _____ () C:\Windows\WindowsUpdate.log
2014-09-10 20:36 - 2014-09-10 20:36 - 00112640 _____ (forum.viry.cz) C:\Users\Smidaci\Desktop\FRSTLauncher.exe
2014-09-10 20:35 - 2014-09-10 20:35 - 02105856 _____ (Farbar) C:\Users\Smidaci\Desktop\FRST64.exe
2014-09-10 20:21 - 2014-09-10 19:51 - 00000000 ____D () C:\ProgramData\clp
2014-09-10 19:49 - 2014-09-10 19:49 - 02380312 _____ (SPAMfighter ApS) C:\Users\Smidaci\Downloads\spywarefighter.exe
2014-09-10 19:47 - 2014-09-10 19:46 - 00090272 _____ () C:\Users\Smidaci\Desktop\záloha registru.reg
2014-09-10 19:45 - 2014-03-12 20:45 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-10 18:53 - 2014-09-09 21:41 - 00000000 ____D () C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-09-10 18:38 - 2014-07-26 20:49 - 00000000 ____D () C:\Users\VoKu\AppData\Roaming\Adobe
2014-09-10 18:38 - 2014-07-26 20:49 - 00000000 ____D () C:\Users\VoKu\AppData\Local\Adobe
2014-09-10 17:18 - 2009-07-14 06:45 - 00031312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-10 17:18 - 2009-07-14 06:45 - 00031312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-10 17:15 - 2010-11-21 11:27 - 00680734 _____ () C:\Windows\system32\perfh005.dat
2014-09-10 17:15 - 2010-11-21 11:27 - 00145212 _____ () C:\Windows\system32\perfc005.dat
2014-09-10 17:15 - 2009-07-14 07:13 - 01608076 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-10 17:12 - 2014-09-09 18:23 - 00000330 _____ () C:\Users\VoKu\rgut
2014-09-09 21:42 - 2014-09-09 21:42 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-09 21:42 - 2014-09-09 21:42 - 00000000 _____ () C:\autoexec.bat
2014-09-09 21:40 - 2014-09-09 21:40 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Smidaci\Downloads\SpyHunter-Installer.exe
2014-09-09 21:24 - 2014-09-09 21:24 - 00000000 ____D () C:\Users\Smidaci\Desktop\Původní data aplikace Firefox
2014-09-09 21:05 - 2014-09-09 21:05 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-09-09 21:05 - 2014-09-03 21:03 - 00000000 ____D () C:\Program Files (x86)\Xbox 360 Emulatorx
2014-09-09 20:45 - 2014-02-09 13:18 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-09 20:45 - 2014-01-23 21:32 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-09 20:45 - 2014-01-23 21:32 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-09 18:25 - 2014-09-09 18:25 - 00000003 _____ () C:\Users\VoKu\stut
2014-09-09 18:25 - 2014-07-26 20:48 - 00000000 ____D () C:\Users\VoKu\AppData\Local\VirtualStore
2014-09-09 18:25 - 2014-07-26 20:48 - 00000000 ____D () C:\Users\VoKu
2014-09-09 18:23 - 2014-09-09 18:23 - 00000000 __SHD () C:\Users\VoKu\AppData\Local\EmieUserList
2014-09-09 18:23 - 2014-09-09 18:23 - 00000000 __SHD () C:\Users\VoKu\AppData\Local\EmieSiteList
2014-09-08 05:39 - 2014-03-12 20:11 - 00145920 ___SH () C:\Users\Smidaci\Desktop\Thumbs.db
2014-09-06 14:45 - 2014-06-25 20:04 - 00000000 ____D () C:\Program Files (x86)\MicroVolts
2014-09-04 21:46 - 2014-09-03 21:22 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-09-04 19:59 - 2014-09-04 19:59 - 00001550 _____ () C:\Windows\PFRO.log
2014-09-04 19:59 - 2014-09-04 19:59 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-03 21:39 - 2014-09-03 21:39 - 00000003 _____ () C:\Users\Smidaci\stut
2014-09-03 21:39 - 2014-01-23 09:46 - 00000000 ____D () C:\Users\Smidaci
2014-09-03 21:31 - 2014-09-03 21:13 - 00000000 ____D () C:\Users\Public\Documents\GOOBZO
2014-09-03 21:31 - 2014-09-03 21:13 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-03 21:30 - 2014-09-03 21:30 - 00000000 ____D () C:\ProgramData\374311380
2014-09-03 21:30 - 2014-09-03 21:03 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-09-03 21:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-09-03 21:23 - 2014-09-03 21:04 - 00000000 ____D () C:\Users\Smidaci\AppData\Roaming\istartsurf
2014-09-03 21:22 - 2014-09-03 21:22 - 00003124 _____ () C:\Windows\System32\Tasks\{F260045E-39BD-4957-ABD6-47D5BDCD6B71}
2014-09-03 21:22 - 2014-09-03 21:22 - 00000000 ____D () C:\Users\Smidaci\AppData\Local\globalUpdate
2014-09-03 21:15 - 2009-07-14 04:34 - 00000580 _____ () C:\Windows\win.ini
2014-09-03 21:13 - 2014-09-03 21:13 - 00000000 ____D () C:\Users\Public\Documents\YTAHelper
2014-09-03 21:12 - 2014-09-03 21:12 - 00000000 ____D () C:\Users\Smidaci\AppData\Local\CrashRpt
2014-09-03 21:12 - 2014-09-03 21:12 - 00000000 ____D () C:\Users\Public\Documents\ShopperPro
2014-09-03 21:12 - 2014-09-03 21:04 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-09-03 21:11 - 2014-01-23 10:38 - 00001395 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-03 21:11 - 2014-01-23 09:46 - 00001629 _____ () C:\Users\Smidaci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-03 21:08 - 2014-09-03 21:08 - 00000000 ____D () C:\Users\Smidaci\Documents\Optimizer Pro
2014-09-03 21:05 - 2014-09-03 21:04 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-09-03 21:04 - 2014-09-03 21:04 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-09-03 20:47 - 2014-09-03 20:47 - 00000000 ____D () C:\Windows\SysWOW64\bitstreams
2014-09-03 19:08 - 2014-09-03 19:08 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2014-09-01 04:34 - 2014-09-03 21:15 - 00061008 _____ (StdLib) C:\Windows\system32\Drivers\{00c97d86-accb-4288-9972-6d929c1fe93a}Gw64.sys
2014-08-29 12:28 - 2009-07-14 06:45 - 05079984 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-28 12:53 - 2014-08-28 12:53 - 00000000 ____D () C:\Users\VoKu\Documents\Ulozto
2014-08-28 12:53 - 2014-08-28 12:53 - 00000000 ____D () C:\Users\VoKu\AppData\Roaming\Ulozto File Manager
2014-08-27 18:22 - 2014-08-27 18:22 - 00000427 _____ () C:\Users\VoKu\Desktop\Jednotka CD-ROM – zástupce.lnk
2014-08-26 17:09 - 2014-08-26 17:07 - 00000000 ____D () C:\Users\Smidaci\AppData\Roaming\vlc
2014-08-26 17:07 - 2014-05-11 22:17 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-26 15:01 - 2014-05-24 14:36 - 00183112 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-08-23 04:07 - 2014-08-28 12:52 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 12:52 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 12:52 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 12:21 - 2014-08-22 12:21 - 00000000 ____D () C:\Users\VoKu\AppData\Roaming\Thunderbird
2014-08-22 12:21 - 2014-08-22 12:21 - 00000000 ____D () C:\Users\VoKu\AppData\Local\Thunderbird
2014-08-18 21:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-18 20:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-17 22:14 - 2014-01-23 12:10 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-17 22:10 - 2014-02-02 10:53 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-17 22:10 - 2014-02-02 10:53 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-17 22:07 - 2014-05-01 15:21 - 00000000 ___SD () C:\Windows\system32\CompatTel
Some content of TEMP:
====================
C:\Users\Smidaci\AppData\Local\Temp\CPCShield_Setup.exe
C:\Users\Smidaci\AppData\Local\Temp\SHSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-06 00:04
==================== End Of Log ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
iStartSurf
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119546
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: iStartSurf
Zdravím!
Spusťte nejprve tuto utilitu:
Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: iStartSurf
# AdwCleaner v3.309 - Report created 11/09/2014 at 05:30:23
# Updated 02/09/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Smidaci - SMIDACI-PC
# Running from : C:\Users\Smidaci\Desktop\adwcleaner_3.309.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : {00c97d86-accb-4288-9972-6d929c1fe93a}Gw64
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\374311380
Folder Deleted : C:\ProgramData\IePluginServices
Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\Optimizer Pro
Folder Deleted : C:\Program Files (x86)\SupTab
Folder Deleted : C:\Users\Public\Documents\Goobzo
Folder Deleted : C:\Users\Public\Documents\ShopperPro
Folder Deleted : C:\Users\Public\Documents\YTAHelper
Folder Deleted : C:\Users\Smidaci\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Smidaci\AppData\Roaming\istartsurf
Folder Deleted : C:\Users\Smidaci\Documents\Optimizer Pro
Folder Deleted : C:\Users\Smidaci\Documents\Updater
File Deleted : C:\Windows\System32\drivers\{00c97d86-accb-4288-9972-6d929c1fe93a}Gw64.sys
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Users\Smidaci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Smidaci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Smidaci\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\Smidaci\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Smidaci\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
***** [ Registry ] *****
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\Goobzo
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\SupHpUISoft
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17239
-\\ Mozilla Firefox v31.0 (x86 cs)
[ File : C:\Users\Smidaci\AppData\Roaming\Mozilla\Firefox\Profiles\h8136swd.default-1410290679118\prefs.js ]
[ File : C:\Users\VoKu\AppData\Roaming\Mozilla\Firefox\Profiles\72ewc7pj.default\prefs.js ]
*************************
AdwCleaner[R1].txt - [6346 octets] - [11/09/2014 05:29:51]
AdwCleaner[S1].txt - [5330 octets] - [11/09/2014 05:30:23]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [5390 octets] ##########
# Updated 02/09/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Smidaci - SMIDACI-PC
# Running from : C:\Users\Smidaci\Desktop\adwcleaner_3.309.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : {00c97d86-accb-4288-9972-6d929c1fe93a}Gw64
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\374311380
Folder Deleted : C:\ProgramData\IePluginServices
Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\Optimizer Pro
Folder Deleted : C:\Program Files (x86)\SupTab
Folder Deleted : C:\Users\Public\Documents\Goobzo
Folder Deleted : C:\Users\Public\Documents\ShopperPro
Folder Deleted : C:\Users\Public\Documents\YTAHelper
Folder Deleted : C:\Users\Smidaci\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Smidaci\AppData\Roaming\istartsurf
Folder Deleted : C:\Users\Smidaci\Documents\Optimizer Pro
Folder Deleted : C:\Users\Smidaci\Documents\Updater
File Deleted : C:\Windows\System32\drivers\{00c97d86-accb-4288-9972-6d929c1fe93a}Gw64.sys
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Users\Smidaci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Smidaci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Smidaci\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\Smidaci\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Smidaci\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
***** [ Registry ] *****
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\Goobzo
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\SupHpUISoft
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17239
-\\ Mozilla Firefox v31.0 (x86 cs)
[ File : C:\Users\Smidaci\AppData\Roaming\Mozilla\Firefox\Profiles\h8136swd.default-1410290679118\prefs.js ]
[ File : C:\Users\VoKu\AppData\Roaming\Mozilla\Firefox\Profiles\72ewc7pj.default\prefs.js ]
*************************
AdwCleaner[R1].txt - [6346 octets] - [11/09/2014 05:29:51]
AdwCleaner[S1].txt - [5330 octets] - [11/09/2014 05:30:23]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [5390 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119546
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: iStartSurf
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: iStartSurf
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-09-2014
Ran by Smidaci (administrator) on SMIDACI-PC on 11-09-2014 19:23:14
Running from C:\Users\Smidaci\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Sidebar\sidebar.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(forum.viry.cz) C:\Users\Smidaci\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2245120 2009-07-24] (VIA)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [MSStp] => C:\Windows\inf\msstp.vbe [1584 2014-03-05] ()
HKLM-x32\...\Run: [mnctwxpgrSrv] => C:\Windows\SysWOW64\mnctwxpgr.vbe [7670 2014-03-05] ()
HKU\S-1-5-21-2303957841-3669098053-2568940452-1000\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [2699344 2011-11-26] (Plex, Inc.)
HKU\S-1-5-21-2303957841-3669098053-2568940452-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2303957841-3669098053-2568940452-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
GroupPolicyUsers\S-1-5-21-2303957841-3669098053-2568940452-1006\User: Group Policy restriction detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: No Name -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\Smidaci\AppData\Roaming\Mozilla\Firefox\Profiles\h8136swd.default-1410290679118
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
Chrome:
=======
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-01-23] (Adobe Systems) [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-06] (Advanced Micro Devices, Inc.) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R3 Disc Soft Bus Service; C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe [632352 2013-05-23] (Disc Soft Ltd)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2014-05-24] ()
S2 WinRST; C:\Program Files (x86)\WinRST\WinRST.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2009-04-06] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
R3 dtscsibus; C:\Windows\System32\DRIVERS\dtscsibus.sys [29696 2014-01-23] (Disc Soft Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [X]
S3 X6va021; \??\C:\Windows\SysWOW64\Drivers\X6va021 [X]
S3 X6va022; \??\C:\Windows\SysWOW64\Drivers\X6va022 [X]
R3 X6va025; \??\C:\Windows\SysWOW64\Drivers\X6va025 [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-11 19:22 - 2014-09-11 19:22 - 00036552 _____ () C:\Users\Smidaci\Desktop\FRST3.txt
2014-09-11 19:21 - 2014-09-11 19:21 - 00028175 _____ () C:\Users\Smidaci\Desktop\Addition.txt
2014-09-11 19:20 - 2014-09-11 19:20 - 00015327 _____ () C:\Users\Smidaci\Desktop\LM.bat
2014-09-11 05:29 - 2014-09-11 05:30 - 00000000 ____D () C:\AdwCleaner
2014-09-11 05:29 - 2014-09-11 05:29 - 01370467 _____ () C:\Users\Smidaci\Desktop\adwcleaner_3.309.exe
2014-09-10 20:39 - 2014-09-11 19:23 - 00010753 _____ () C:\Users\Smidaci\Desktop\FRST.txt
2014-09-10 20:39 - 2014-09-11 19:23 - 00000000 ____D () C:\FRST
2014-09-10 20:36 - 2014-09-10 20:36 - 00112640 _____ (forum.viry.cz) C:\Users\Smidaci\Desktop\FRSTLauncher.exe
2014-09-10 20:35 - 2014-09-10 20:35 - 02105856 _____ (Farbar) C:\Users\Smidaci\Desktop\FRST64.exe
2014-09-10 19:51 - 2014-09-10 20:21 - 00000000 ____D () C:\ProgramData\clp
2014-09-10 19:46 - 2014-09-10 19:47 - 00090272 _____ () C:\Users\Smidaci\Desktop\záloha registru.reg
2014-09-09 21:42 - 2014-09-09 21:42 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-09 21:42 - 2014-09-09 21:42 - 00000000 _____ () C:\autoexec.bat
2014-09-09 21:41 - 2014-09-10 18:53 - 00000000 ____D () C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-09-09 21:24 - 2014-09-09 21:24 - 00000000 ____D () C:\Users\Smidaci\Desktop\Původní data aplikace Firefox
2014-09-09 21:05 - 2014-09-09 21:05 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-09-09 18:25 - 2014-09-09 18:25 - 00000003 _____ () C:\Users\VoKu\stut
2014-09-09 18:23 - 2014-09-10 17:12 - 00000330 _____ () C:\Users\VoKu\rgut
2014-09-09 18:23 - 2014-09-09 18:23 - 00000000 __SHD () C:\Users\VoKu\AppData\Local\EmieUserList
2014-09-09 18:23 - 2014-09-09 18:23 - 00000000 __SHD () C:\Users\VoKu\AppData\Local\EmieSiteList
2014-09-04 19:59 - 2014-09-11 17:03 - 00000840 _____ () C:\Windows\setupact.log
2014-09-04 19:59 - 2014-09-11 05:31 - 00001856 _____ () C:\Windows\PFRO.log
2014-09-04 19:59 - 2014-09-04 19:59 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-03 21:39 - 2014-09-03 21:39 - 00000003 _____ () C:\Users\Smidaci\stut
2014-09-03 21:37 - 2014-09-11 17:04 - 00000330 _____ () C:\Users\Smidaci\rgut
2014-09-03 21:22 - 2014-09-03 21:22 - 00003124 _____ () C:\Windows\System32\Tasks\{F260045E-39BD-4957-ABD6-47D5BDCD6B71}
2014-09-03 21:13 - 2014-09-03 21:31 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-03 21:12 - 2014-09-03 21:12 - 00000000 ____D () C:\Users\Smidaci\AppData\Local\CrashRpt
2014-09-03 21:03 - 2014-09-09 21:05 - 00000000 ____D () C:\Program Files (x86)\Xbox 360 Emulatorx
2014-09-03 20:47 - 2014-09-03 20:47 - 00000000 ____D () C:\Windows\SysWOW64\bitstreams
2014-09-03 20:47 - 2014-03-05 23:19 - 00007670 ____S () C:\Windows\SysWOW64\mnctwxpgr.vbe
2014-09-03 20:47 - 2013-12-10 01:30 - 10236928 ____S () C:\Windows\SysWOW64\acumnctwxpgr.exe
2014-09-03 20:47 - 2013-10-26 21:30 - 01704448 ____S (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\libeay32.dll
2014-09-03 20:47 - 2013-10-26 21:30 - 00972814 ____S () C:\Windows\SysWOW64\dcgmnctwxpgr.exe
2014-09-03 20:47 - 2013-10-26 21:30 - 00538126 ____S () C:\Windows\SysWOW64\libcurl-4.dll
2014-09-03 20:47 - 2013-10-26 21:30 - 00364544 ____S (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\ssleay32.dll
2014-09-03 20:47 - 2013-10-26 21:30 - 00192512 ____S () C:\Windows\SysWOW64\libidn-11.dll
2014-09-03 20:47 - 2013-10-26 21:30 - 00171008 ____S (The libssh2 library, http://www.libssh2.org/) C:\Windows\SysWOW64\libssh2.dll
2014-09-03 20:47 - 2013-10-26 21:30 - 00133632 ____S () C:\Windows\SysWOW64\librtmp.dll
2014-09-03 20:47 - 2013-10-26 21:30 - 00044727 ____S () C:\Windows\SysWOW64\diablo130302.cl
2014-09-03 20:47 - 2013-10-26 21:30 - 00043810 ____S () C:\Windows\SysWOW64\poclbm130302.cl
2014-09-03 20:47 - 2013-10-26 21:30 - 00030802 ____S () C:\Windows\SysWOW64\diakgcn121016.cl
2014-09-03 20:47 - 2013-10-26 21:30 - 00023825 ____S () C:\Windows\SysWOW64\scrypt130511.cl
2014-09-03 20:47 - 2013-10-26 21:30 - 00013062 ____S () C:\Windows\SysWOW64\phatk121016.cl
2014-09-03 20:47 - 2013-07-18 17:06 - 00187904 ____S () C:\Windows\SysWOW64\lcpmnctwxpgr.exe
2014-09-03 20:47 - 2013-06-12 16:15 - 00119888 ____S (Open Source Software community LGPL) C:\Windows\SysWOW64\pthreadGC2.dll
2014-09-03 20:47 - 2013-06-12 16:15 - 00100864 ____S () C:\Windows\SysWOW64\zlib1.dll
2014-09-03 20:47 - 2012-09-26 00:46 - 00472424 ____S (NVIDIA Corporation) C:\Windows\SysWOW64\cudart32_50_35.dll
2014-09-03 20:47 - 2012-05-27 02:36 - 00055808 ____S (Open Source Software community LGPL) C:\Windows\SysWOW64\pthreadVC2.dll
2014-09-03 19:08 - 2014-09-03 19:08 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2014-09-03 19:08 - 2009-08-13 16:40 - 01436920 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2014-08-28 12:53 - 2014-08-28 12:53 - 00000000 ____D () C:\Users\VoKu\Documents\Ulozto
2014-08-28 12:53 - 2014-08-28 12:53 - 00000000 ____D () C:\Users\VoKu\AppData\Roaming\Ulozto File Manager
2014-08-28 12:52 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 12:52 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 12:52 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 18:22 - 2014-08-27 18:22 - 00000427 _____ () C:\Users\VoKu\Desktop\Jednotka CD-ROM – zástupce.lnk
2014-08-26 17:07 - 2014-08-26 17:09 - 00000000 ____D () C:\Users\Smidaci\AppData\Roaming\vlc
2014-08-22 12:21 - 2014-08-22 12:21 - 00000000 ____D () C:\Users\VoKu\AppData\Roaming\Thunderbird
2014-08-22 12:21 - 2014-08-22 12:21 - 00000000 ____D () C:\Users\VoKu\AppData\Local\Thunderbird
2014-08-17 22:07 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-17 22:07 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-17 22:07 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-17 22:07 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-17 22:07 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-17 22:07 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-17 22:07 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-17 22:07 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-17 21:29 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-17 21:29 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-17 21:29 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-17 21:29 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-17 21:29 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-17 21:29 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-17 21:29 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-17 21:29 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-17 21:29 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-17 21:29 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-17 21:29 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-17 21:29 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-17 21:29 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-17 21:29 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-17 21:29 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-17 21:29 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-17 21:29 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-17 21:29 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-17 21:29 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-17 21:29 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-17 21:29 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-17 21:29 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-17 21:29 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-17 21:29 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-17 21:29 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-17 21:29 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-17 21:29 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-17 21:29 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-17 21:29 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-17 21:29 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-17 21:29 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-17 21:29 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-17 21:29 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-17 21:29 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-17 21:29 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-17 21:29 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-17 21:29 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-17 21:29 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-17 21:29 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-17 21:29 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-17 21:29 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-17 21:29 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-17 21:29 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-17 21:29 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-17 21:29 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-17 21:29 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-17 21:29 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-17 21:29 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-17 21:29 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-17 21:29 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-17 21:29 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-17 21:29 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-17 21:29 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-17 21:29 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-17 21:29 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-17 21:29 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-17 21:29 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-17 21:29 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-17 21:29 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-17 21:29 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-17 21:29 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-17 21:28 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-17 21:28 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-17 21:28 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-17 21:28 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-17 21:28 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-17 21:28 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-17 21:28 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-17 21:28 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-17 21:28 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-17 21:28 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-17 21:28 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-11 19:23 - 2014-09-10 20:39 - 00010753 _____ () C:\Users\Smidaci\Desktop\FRST.txt
2014-09-11 19:23 - 2014-09-10 20:39 - 00000000 ____D () C:\FRST
2014-09-11 19:22 - 2014-09-11 19:22 - 00036552 _____ () C:\Users\Smidaci\Desktop\FRST3.txt
2014-09-11 19:21 - 2014-09-11 19:21 - 00028175 _____ () C:\Users\Smidaci\Desktop\Addition.txt
2014-09-11 19:20 - 2014-09-11 19:20 - 00015327 _____ () C:\Users\Smidaci\Desktop\LM.bat
2014-09-11 18:45 - 2014-03-12 20:45 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-11 18:20 - 2014-01-23 09:42 - 01085187 _____ () C:\Windows\WindowsUpdate.log
2014-09-11 17:23 - 2014-06-25 20:04 - 00000000 ____D () C:\Program Files (x86)\MicroVolts
2014-09-11 17:10 - 2009-07-14 06:45 - 00031312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-11 17:10 - 2009-07-14 06:45 - 00031312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-11 17:07 - 2010-11-21 11:27 - 00680734 _____ () C:\Windows\system32\perfh005.dat
2014-09-11 17:07 - 2010-11-21 11:27 - 00145212 _____ () C:\Windows\system32\perfc005.dat
2014-09-11 17:07 - 2009-07-14 07:13 - 01608076 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-11 17:04 - 2014-09-03 21:37 - 00000330 _____ () C:\Users\Smidaci\rgut
2014-09-11 17:03 - 2014-09-04 19:59 - 00000840 _____ () C:\Windows\setupact.log
2014-09-11 17:03 - 2014-04-26 15:35 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-09-11 17:03 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-11 05:31 - 2014-09-04 19:59 - 00001856 _____ () C:\Windows\PFRO.log
2014-09-11 05:30 - 2014-09-11 05:29 - 00000000 ____D () C:\AdwCleaner
2014-09-11 05:30 - 2014-01-23 10:38 - 00001065 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-11 05:30 - 2014-01-23 09:46 - 00000973 _____ () C:\Users\Smidaci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-11 05:29 - 2014-09-11 05:29 - 01370467 _____ () C:\Users\Smidaci\Desktop\adwcleaner_3.309.exe
2014-09-10 20:50 - 2014-01-23 09:46 - 00000000 ____D () C:\Users\Smidaci
2014-09-10 20:36 - 2014-09-10 20:36 - 00112640 _____ (forum.viry.cz) C:\Users\Smidaci\Desktop\FRSTLauncher.exe
2014-09-10 20:35 - 2014-09-10 20:35 - 02105856 _____ (Farbar) C:\Users\Smidaci\Desktop\FRST64.exe
2014-09-10 20:21 - 2014-09-10 19:51 - 00000000 ____D () C:\ProgramData\clp
2014-09-10 19:47 - 2014-09-10 19:46 - 00090272 _____ () C:\Users\Smidaci\Desktop\záloha registru.reg
2014-09-10 18:53 - 2014-09-09 21:41 - 00000000 ____D () C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-09-10 18:38 - 2014-07-26 20:49 - 00000000 ____D () C:\Users\VoKu\AppData\Roaming\Adobe
2014-09-10 18:38 - 2014-07-26 20:49 - 00000000 ____D () C:\Users\VoKu\AppData\Local\Adobe
2014-09-10 17:12 - 2014-09-09 18:23 - 00000330 _____ () C:\Users\VoKu\rgut
2014-09-09 21:42 - 2014-09-09 21:42 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-09 21:42 - 2014-09-09 21:42 - 00000000 _____ () C:\autoexec.bat
2014-09-09 21:24 - 2014-09-09 21:24 - 00000000 ____D () C:\Users\Smidaci\Desktop\Původní data aplikace Firefox
2014-09-09 21:05 - 2014-09-09 21:05 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-09-09 21:05 - 2014-09-03 21:03 - 00000000 ____D () C:\Program Files (x86)\Xbox 360 Emulatorx
2014-09-09 20:45 - 2014-02-09 13:18 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-09 20:45 - 2014-01-23 21:32 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-09 20:45 - 2014-01-23 21:32 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-09 18:25 - 2014-09-09 18:25 - 00000003 _____ () C:\Users\VoKu\stut
2014-09-09 18:25 - 2014-07-26 20:48 - 00000000 ____D () C:\Users\VoKu\AppData\Local\VirtualStore
2014-09-09 18:25 - 2014-07-26 20:48 - 00000000 ____D () C:\Users\VoKu
2014-09-09 18:23 - 2014-09-09 18:23 - 00000000 __SHD () C:\Users\VoKu\AppData\Local\EmieUserList
2014-09-09 18:23 - 2014-09-09 18:23 - 00000000 __SHD () C:\Users\VoKu\AppData\Local\EmieSiteList
2014-09-08 05:39 - 2014-03-12 20:11 - 00145920 ___SH () C:\Users\Smidaci\Desktop\Thumbs.db
2014-09-04 19:59 - 2014-09-04 19:59 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-03 21:39 - 2014-09-03 21:39 - 00000003 _____ () C:\Users\Smidaci\stut
2014-09-03 21:31 - 2014-09-03 21:13 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-03 21:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-09-03 21:22 - 2014-09-03 21:22 - 00003124 _____ () C:\Windows\System32\Tasks\{F260045E-39BD-4957-ABD6-47D5BDCD6B71}
2014-09-03 21:15 - 2009-07-14 04:34 - 00000580 _____ () C:\Windows\win.ini
2014-09-03 21:12 - 2014-09-03 21:12 - 00000000 ____D () C:\Users\Smidaci\AppData\Local\CrashRpt
2014-09-03 20:47 - 2014-09-03 20:47 - 00000000 ____D () C:\Windows\SysWOW64\bitstreams
2014-09-03 19:08 - 2014-09-03 19:08 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2014-08-29 12:28 - 2009-07-14 06:45 - 05079984 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-28 12:53 - 2014-08-28 12:53 - 00000000 ____D () C:\Users\VoKu\Documents\Ulozto
2014-08-28 12:53 - 2014-08-28 12:53 - 00000000 ____D () C:\Users\VoKu\AppData\Roaming\Ulozto File Manager
2014-08-27 18:22 - 2014-08-27 18:22 - 00000427 _____ () C:\Users\VoKu\Desktop\Jednotka CD-ROM – zástupce.lnk
2014-08-26 17:09 - 2014-08-26 17:07 - 00000000 ____D () C:\Users\Smidaci\AppData\Roaming\vlc
2014-08-26 17:07 - 2014-05-11 22:17 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-26 15:01 - 2014-05-24 14:36 - 00183112 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-08-23 04:07 - 2014-08-28 12:52 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 12:52 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 12:52 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 12:21 - 2014-08-22 12:21 - 00000000 ____D () C:\Users\VoKu\AppData\Roaming\Thunderbird
2014-08-22 12:21 - 2014-08-22 12:21 - 00000000 ____D () C:\Users\VoKu\AppData\Local\Thunderbird
2014-08-18 21:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-18 20:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-17 22:14 - 2014-01-23 12:10 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-17 22:10 - 2014-02-02 10:53 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-17 22:10 - 2014-02-02 10:53 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-17 22:07 - 2014-05-01 15:21 - 00000000 ___SD () C:\Windows\system32\CompatTel
Some content of TEMP:
====================
C:\Users\Smidaci\AppData\Local\Temp\CPCShield_Setup.exe
C:\Users\Smidaci\AppData\Local\Temp\Quarantine.exe
C:\Users\Smidaci\AppData\Local\Temp\SHSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-06 00:04
==================== End Of Log ============================
Ran by Smidaci (administrator) on SMIDACI-PC on 11-09-2014 19:23:14
Running from C:\Users\Smidaci\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Sidebar\sidebar.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(forum.viry.cz) C:\Users\Smidaci\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2245120 2009-07-24] (VIA)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [MSStp] => C:\Windows\inf\msstp.vbe [1584 2014-03-05] ()
HKLM-x32\...\Run: [mnctwxpgrSrv] => C:\Windows\SysWOW64\mnctwxpgr.vbe [7670 2014-03-05] ()
HKU\S-1-5-21-2303957841-3669098053-2568940452-1000\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [2699344 2011-11-26] (Plex, Inc.)
HKU\S-1-5-21-2303957841-3669098053-2568940452-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2303957841-3669098053-2568940452-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
GroupPolicyUsers\S-1-5-21-2303957841-3669098053-2568940452-1006\User: Group Policy restriction detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: No Name -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\Smidaci\AppData\Roaming\Mozilla\Firefox\Profiles\h8136swd.default-1410290679118
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
Chrome:
=======
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-01-23] (Adobe Systems) [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-06] (Advanced Micro Devices, Inc.) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R3 Disc Soft Bus Service; C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe [632352 2013-05-23] (Disc Soft Ltd)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2014-05-24] ()
S2 WinRST; C:\Program Files (x86)\WinRST\WinRST.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2009-04-06] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
R3 dtscsibus; C:\Windows\System32\DRIVERS\dtscsibus.sys [29696 2014-01-23] (Disc Soft Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [X]
S3 X6va021; \??\C:\Windows\SysWOW64\Drivers\X6va021 [X]
S3 X6va022; \??\C:\Windows\SysWOW64\Drivers\X6va022 [X]
R3 X6va025; \??\C:\Windows\SysWOW64\Drivers\X6va025 [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-11 19:22 - 2014-09-11 19:22 - 00036552 _____ () C:\Users\Smidaci\Desktop\FRST3.txt
2014-09-11 19:21 - 2014-09-11 19:21 - 00028175 _____ () C:\Users\Smidaci\Desktop\Addition.txt
2014-09-11 19:20 - 2014-09-11 19:20 - 00015327 _____ () C:\Users\Smidaci\Desktop\LM.bat
2014-09-11 05:29 - 2014-09-11 05:30 - 00000000 ____D () C:\AdwCleaner
2014-09-11 05:29 - 2014-09-11 05:29 - 01370467 _____ () C:\Users\Smidaci\Desktop\adwcleaner_3.309.exe
2014-09-10 20:39 - 2014-09-11 19:23 - 00010753 _____ () C:\Users\Smidaci\Desktop\FRST.txt
2014-09-10 20:39 - 2014-09-11 19:23 - 00000000 ____D () C:\FRST
2014-09-10 20:36 - 2014-09-10 20:36 - 00112640 _____ (forum.viry.cz) C:\Users\Smidaci\Desktop\FRSTLauncher.exe
2014-09-10 20:35 - 2014-09-10 20:35 - 02105856 _____ (Farbar) C:\Users\Smidaci\Desktop\FRST64.exe
2014-09-10 19:51 - 2014-09-10 20:21 - 00000000 ____D () C:\ProgramData\clp
2014-09-10 19:46 - 2014-09-10 19:47 - 00090272 _____ () C:\Users\Smidaci\Desktop\záloha registru.reg
2014-09-09 21:42 - 2014-09-09 21:42 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-09 21:42 - 2014-09-09 21:42 - 00000000 _____ () C:\autoexec.bat
2014-09-09 21:41 - 2014-09-10 18:53 - 00000000 ____D () C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-09-09 21:24 - 2014-09-09 21:24 - 00000000 ____D () C:\Users\Smidaci\Desktop\Původní data aplikace Firefox
2014-09-09 21:05 - 2014-09-09 21:05 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-09-09 18:25 - 2014-09-09 18:25 - 00000003 _____ () C:\Users\VoKu\stut
2014-09-09 18:23 - 2014-09-10 17:12 - 00000330 _____ () C:\Users\VoKu\rgut
2014-09-09 18:23 - 2014-09-09 18:23 - 00000000 __SHD () C:\Users\VoKu\AppData\Local\EmieUserList
2014-09-09 18:23 - 2014-09-09 18:23 - 00000000 __SHD () C:\Users\VoKu\AppData\Local\EmieSiteList
2014-09-04 19:59 - 2014-09-11 17:03 - 00000840 _____ () C:\Windows\setupact.log
2014-09-04 19:59 - 2014-09-11 05:31 - 00001856 _____ () C:\Windows\PFRO.log
2014-09-04 19:59 - 2014-09-04 19:59 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-03 21:39 - 2014-09-03 21:39 - 00000003 _____ () C:\Users\Smidaci\stut
2014-09-03 21:37 - 2014-09-11 17:04 - 00000330 _____ () C:\Users\Smidaci\rgut
2014-09-03 21:22 - 2014-09-03 21:22 - 00003124 _____ () C:\Windows\System32\Tasks\{F260045E-39BD-4957-ABD6-47D5BDCD6B71}
2014-09-03 21:13 - 2014-09-03 21:31 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-03 21:12 - 2014-09-03 21:12 - 00000000 ____D () C:\Users\Smidaci\AppData\Local\CrashRpt
2014-09-03 21:03 - 2014-09-09 21:05 - 00000000 ____D () C:\Program Files (x86)\Xbox 360 Emulatorx
2014-09-03 20:47 - 2014-09-03 20:47 - 00000000 ____D () C:\Windows\SysWOW64\bitstreams
2014-09-03 20:47 - 2014-03-05 23:19 - 00007670 ____S () C:\Windows\SysWOW64\mnctwxpgr.vbe
2014-09-03 20:47 - 2013-12-10 01:30 - 10236928 ____S () C:\Windows\SysWOW64\acumnctwxpgr.exe
2014-09-03 20:47 - 2013-10-26 21:30 - 01704448 ____S (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\libeay32.dll
2014-09-03 20:47 - 2013-10-26 21:30 - 00972814 ____S () C:\Windows\SysWOW64\dcgmnctwxpgr.exe
2014-09-03 20:47 - 2013-10-26 21:30 - 00538126 ____S () C:\Windows\SysWOW64\libcurl-4.dll
2014-09-03 20:47 - 2013-10-26 21:30 - 00364544 ____S (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\ssleay32.dll
2014-09-03 20:47 - 2013-10-26 21:30 - 00192512 ____S () C:\Windows\SysWOW64\libidn-11.dll
2014-09-03 20:47 - 2013-10-26 21:30 - 00171008 ____S (The libssh2 library, http://www.libssh2.org/) C:\Windows\SysWOW64\libssh2.dll
2014-09-03 20:47 - 2013-10-26 21:30 - 00133632 ____S () C:\Windows\SysWOW64\librtmp.dll
2014-09-03 20:47 - 2013-10-26 21:30 - 00044727 ____S () C:\Windows\SysWOW64\diablo130302.cl
2014-09-03 20:47 - 2013-10-26 21:30 - 00043810 ____S () C:\Windows\SysWOW64\poclbm130302.cl
2014-09-03 20:47 - 2013-10-26 21:30 - 00030802 ____S () C:\Windows\SysWOW64\diakgcn121016.cl
2014-09-03 20:47 - 2013-10-26 21:30 - 00023825 ____S () C:\Windows\SysWOW64\scrypt130511.cl
2014-09-03 20:47 - 2013-10-26 21:30 - 00013062 ____S () C:\Windows\SysWOW64\phatk121016.cl
2014-09-03 20:47 - 2013-07-18 17:06 - 00187904 ____S () C:\Windows\SysWOW64\lcpmnctwxpgr.exe
2014-09-03 20:47 - 2013-06-12 16:15 - 00119888 ____S (Open Source Software community LGPL) C:\Windows\SysWOW64\pthreadGC2.dll
2014-09-03 20:47 - 2013-06-12 16:15 - 00100864 ____S () C:\Windows\SysWOW64\zlib1.dll
2014-09-03 20:47 - 2012-09-26 00:46 - 00472424 ____S (NVIDIA Corporation) C:\Windows\SysWOW64\cudart32_50_35.dll
2014-09-03 20:47 - 2012-05-27 02:36 - 00055808 ____S (Open Source Software community LGPL) C:\Windows\SysWOW64\pthreadVC2.dll
2014-09-03 19:08 - 2014-09-03 19:08 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2014-09-03 19:08 - 2009-08-13 16:40 - 01436920 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2014-08-28 12:53 - 2014-08-28 12:53 - 00000000 ____D () C:\Users\VoKu\Documents\Ulozto
2014-08-28 12:53 - 2014-08-28 12:53 - 00000000 ____D () C:\Users\VoKu\AppData\Roaming\Ulozto File Manager
2014-08-28 12:52 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 12:52 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 12:52 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 18:22 - 2014-08-27 18:22 - 00000427 _____ () C:\Users\VoKu\Desktop\Jednotka CD-ROM – zástupce.lnk
2014-08-26 17:07 - 2014-08-26 17:09 - 00000000 ____D () C:\Users\Smidaci\AppData\Roaming\vlc
2014-08-22 12:21 - 2014-08-22 12:21 - 00000000 ____D () C:\Users\VoKu\AppData\Roaming\Thunderbird
2014-08-22 12:21 - 2014-08-22 12:21 - 00000000 ____D () C:\Users\VoKu\AppData\Local\Thunderbird
2014-08-17 22:07 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-17 22:07 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-17 22:07 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-17 22:07 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-17 22:07 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-17 22:07 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-17 22:07 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-17 22:07 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-17 21:29 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-17 21:29 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-17 21:29 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-17 21:29 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-17 21:29 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-17 21:29 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-17 21:29 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-17 21:29 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-17 21:29 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-17 21:29 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-17 21:29 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-17 21:29 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-17 21:29 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-17 21:29 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-17 21:29 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-17 21:29 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-17 21:29 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-17 21:29 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-17 21:29 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-17 21:29 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-17 21:29 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-17 21:29 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-17 21:29 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-17 21:29 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-17 21:29 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-17 21:29 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-17 21:29 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-17 21:29 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-17 21:29 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-17 21:29 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-17 21:29 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-17 21:29 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-17 21:29 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-17 21:29 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-17 21:29 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-17 21:29 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-17 21:29 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-17 21:29 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-17 21:29 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-17 21:29 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-17 21:29 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-17 21:29 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-17 21:29 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-17 21:29 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-17 21:29 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-17 21:29 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-17 21:29 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-17 21:29 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-17 21:29 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-17 21:29 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-17 21:29 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-17 21:29 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-17 21:29 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-17 21:29 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-17 21:29 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-17 21:29 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-17 21:29 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-17 21:29 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-17 21:29 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-17 21:29 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-17 21:29 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-17 21:28 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-17 21:28 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-17 21:28 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-17 21:28 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-17 21:28 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-17 21:28 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-17 21:28 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-17 21:28 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-17 21:28 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-17 21:28 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-17 21:28 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-11 19:23 - 2014-09-10 20:39 - 00010753 _____ () C:\Users\Smidaci\Desktop\FRST.txt
2014-09-11 19:23 - 2014-09-10 20:39 - 00000000 ____D () C:\FRST
2014-09-11 19:22 - 2014-09-11 19:22 - 00036552 _____ () C:\Users\Smidaci\Desktop\FRST3.txt
2014-09-11 19:21 - 2014-09-11 19:21 - 00028175 _____ () C:\Users\Smidaci\Desktop\Addition.txt
2014-09-11 19:20 - 2014-09-11 19:20 - 00015327 _____ () C:\Users\Smidaci\Desktop\LM.bat
2014-09-11 18:45 - 2014-03-12 20:45 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-11 18:20 - 2014-01-23 09:42 - 01085187 _____ () C:\Windows\WindowsUpdate.log
2014-09-11 17:23 - 2014-06-25 20:04 - 00000000 ____D () C:\Program Files (x86)\MicroVolts
2014-09-11 17:10 - 2009-07-14 06:45 - 00031312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-11 17:10 - 2009-07-14 06:45 - 00031312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-11 17:07 - 2010-11-21 11:27 - 00680734 _____ () C:\Windows\system32\perfh005.dat
2014-09-11 17:07 - 2010-11-21 11:27 - 00145212 _____ () C:\Windows\system32\perfc005.dat
2014-09-11 17:07 - 2009-07-14 07:13 - 01608076 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-11 17:04 - 2014-09-03 21:37 - 00000330 _____ () C:\Users\Smidaci\rgut
2014-09-11 17:03 - 2014-09-04 19:59 - 00000840 _____ () C:\Windows\setupact.log
2014-09-11 17:03 - 2014-04-26 15:35 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-09-11 17:03 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-11 05:31 - 2014-09-04 19:59 - 00001856 _____ () C:\Windows\PFRO.log
2014-09-11 05:30 - 2014-09-11 05:29 - 00000000 ____D () C:\AdwCleaner
2014-09-11 05:30 - 2014-01-23 10:38 - 00001065 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-11 05:30 - 2014-01-23 09:46 - 00000973 _____ () C:\Users\Smidaci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-11 05:29 - 2014-09-11 05:29 - 01370467 _____ () C:\Users\Smidaci\Desktop\adwcleaner_3.309.exe
2014-09-10 20:50 - 2014-01-23 09:46 - 00000000 ____D () C:\Users\Smidaci
2014-09-10 20:36 - 2014-09-10 20:36 - 00112640 _____ (forum.viry.cz) C:\Users\Smidaci\Desktop\FRSTLauncher.exe
2014-09-10 20:35 - 2014-09-10 20:35 - 02105856 _____ (Farbar) C:\Users\Smidaci\Desktop\FRST64.exe
2014-09-10 20:21 - 2014-09-10 19:51 - 00000000 ____D () C:\ProgramData\clp
2014-09-10 19:47 - 2014-09-10 19:46 - 00090272 _____ () C:\Users\Smidaci\Desktop\záloha registru.reg
2014-09-10 18:53 - 2014-09-09 21:41 - 00000000 ____D () C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-09-10 18:38 - 2014-07-26 20:49 - 00000000 ____D () C:\Users\VoKu\AppData\Roaming\Adobe
2014-09-10 18:38 - 2014-07-26 20:49 - 00000000 ____D () C:\Users\VoKu\AppData\Local\Adobe
2014-09-10 17:12 - 2014-09-09 18:23 - 00000330 _____ () C:\Users\VoKu\rgut
2014-09-09 21:42 - 2014-09-09 21:42 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-09 21:42 - 2014-09-09 21:42 - 00000000 _____ () C:\autoexec.bat
2014-09-09 21:24 - 2014-09-09 21:24 - 00000000 ____D () C:\Users\Smidaci\Desktop\Původní data aplikace Firefox
2014-09-09 21:05 - 2014-09-09 21:05 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-09-09 21:05 - 2014-09-03 21:03 - 00000000 ____D () C:\Program Files (x86)\Xbox 360 Emulatorx
2014-09-09 20:45 - 2014-02-09 13:18 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-09 20:45 - 2014-01-23 21:32 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-09 20:45 - 2014-01-23 21:32 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-09 18:25 - 2014-09-09 18:25 - 00000003 _____ () C:\Users\VoKu\stut
2014-09-09 18:25 - 2014-07-26 20:48 - 00000000 ____D () C:\Users\VoKu\AppData\Local\VirtualStore
2014-09-09 18:25 - 2014-07-26 20:48 - 00000000 ____D () C:\Users\VoKu
2014-09-09 18:23 - 2014-09-09 18:23 - 00000000 __SHD () C:\Users\VoKu\AppData\Local\EmieUserList
2014-09-09 18:23 - 2014-09-09 18:23 - 00000000 __SHD () C:\Users\VoKu\AppData\Local\EmieSiteList
2014-09-08 05:39 - 2014-03-12 20:11 - 00145920 ___SH () C:\Users\Smidaci\Desktop\Thumbs.db
2014-09-04 19:59 - 2014-09-04 19:59 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-03 21:39 - 2014-09-03 21:39 - 00000003 _____ () C:\Users\Smidaci\stut
2014-09-03 21:31 - 2014-09-03 21:13 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-03 21:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-09-03 21:22 - 2014-09-03 21:22 - 00003124 _____ () C:\Windows\System32\Tasks\{F260045E-39BD-4957-ABD6-47D5BDCD6B71}
2014-09-03 21:15 - 2009-07-14 04:34 - 00000580 _____ () C:\Windows\win.ini
2014-09-03 21:12 - 2014-09-03 21:12 - 00000000 ____D () C:\Users\Smidaci\AppData\Local\CrashRpt
2014-09-03 20:47 - 2014-09-03 20:47 - 00000000 ____D () C:\Windows\SysWOW64\bitstreams
2014-09-03 19:08 - 2014-09-03 19:08 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2014-08-29 12:28 - 2009-07-14 06:45 - 05079984 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-28 12:53 - 2014-08-28 12:53 - 00000000 ____D () C:\Users\VoKu\Documents\Ulozto
2014-08-28 12:53 - 2014-08-28 12:53 - 00000000 ____D () C:\Users\VoKu\AppData\Roaming\Ulozto File Manager
2014-08-27 18:22 - 2014-08-27 18:22 - 00000427 _____ () C:\Users\VoKu\Desktop\Jednotka CD-ROM – zástupce.lnk
2014-08-26 17:09 - 2014-08-26 17:07 - 00000000 ____D () C:\Users\Smidaci\AppData\Roaming\vlc
2014-08-26 17:07 - 2014-05-11 22:17 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-26 15:01 - 2014-05-24 14:36 - 00183112 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-08-23 04:07 - 2014-08-28 12:52 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 12:52 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 12:52 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 12:21 - 2014-08-22 12:21 - 00000000 ____D () C:\Users\VoKu\AppData\Roaming\Thunderbird
2014-08-22 12:21 - 2014-08-22 12:21 - 00000000 ____D () C:\Users\VoKu\AppData\Local\Thunderbird
2014-08-18 21:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-18 20:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-17 22:14 - 2014-01-23 12:10 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-17 22:10 - 2014-02-02 10:53 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-17 22:10 - 2014-02-02 10:53 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-17 22:07 - 2014-05-01 15:21 - 00000000 ___SD () C:\Windows\system32\CompatTel
Some content of TEMP:
====================
C:\Users\Smidaci\AppData\Local\Temp\CPCShield_Setup.exe
C:\Users\Smidaci\AppData\Local\Temp\Quarantine.exe
C:\Users\Smidaci\AppData\Local\Temp\SHSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-06 00:04
==================== End Of Log ============================
-
Rudy
- Site Admin
- Příspěvky: 119546
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: iStartSurf
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM-x32\...\Run: [MSStp] => C:\Windows\inf\msstp.vbe [1584 2014-03-05] ()
HKLM-x32\...\Run: [mnctwxpgrSrv] => C:\Windows\SysWOW64\mnctwxpgr.vbe [7670 2014-03-05] ()
C:\Windows\inf\msstp.vbe
C:\Windows\SysWOW64\mnctwxpgr.vbe
HKU\S-1-5-21-2303957841-3669098053-2568940452-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2303957841-3669098053-2568940452-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
GroupPolicyUsers\S-1-5-21-2303957841-3669098053-2568940452-1006\User: Group Policy restriction detected <======= ATTENTION
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 X6va021; \??\C:\Windows\SysWOW64\Drivers\X6va021 [X]
S3 X6va022; \??\C:\Windows\SysWOW64\Drivers\X6va022 [X]
R3 X6va025; \??\C:\Windows\SysWOW64\Drivers\X6va025 [X]
C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
C:\Windows\SysWOW64\mnctwxpgr.vbe
C:\Windows\SysWOW64\acumnctwxpgr.exe
C:\Windows\SysWOW64\dcgmnctwxpgr.exe
C:\Windows\SysWOW64\lcpmnctwxpgr.exe
C:\Users\Smidaci\AppData\Local\Temp
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: iStartSurf
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-09-2014
Ran by Smidaci at 2014-09-11 19:49:18 Run:1
Running from C:\Users\Smidaci\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [MSStp] => C:\Windows\inf\msstp.vbe [1584 2014-03-05] ()
HKLM-x32\...\Run: [mnctwxpgrSrv] => C:\Windows\SysWOW64\mnctwxpgr.vbe [7670 2014-03-05] ()
C:\Windows\inf\msstp.vbe
C:\Windows\SysWOW64\mnctwxpgr.vbe
HKU\S-1-5-21-2303957841-3669098053-2568940452-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2303957841-3669098053-2568940452-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
GroupPolicyUsers\S-1-5-21-2303957841-3669098053-2568940452-1006\User: Group Policy restriction detected <======= ATTENTION
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 X6va021; \??\C:\Windows\SysWOW64\Drivers\X6va021 [X]
S3 X6va022; \??\C:\Windows\SysWOW64\Drivers\X6va022 [X]
R3 X6va025; \??\C:\Windows\SysWOW64\Drivers\X6va025 [X]
C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
C:\Windows\SysWOW64\mnctwxpgr.vbe
C:\Windows\SysWOW64\acumnctwxpgr.exe
C:\Windows\SysWOW64\dcgmnctwxpgr.exe
C:\Windows\SysWOW64\lcpmnctwxpgr.exe
C:\Users\Smidaci\AppData\Local\Temp
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\MSStp => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mnctwxpgrSrv => value deleted successfully.
C:\Windows\inf\msstp.vbe => Moved successfully.
C:\Windows\SysWOW64\mnctwxpgr.vbe => Moved successfully.
HKU\S-1-5-21-2303957841-3669098053-2568940452-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\LogonHoursAction => value deleted successfully.
HKU\S-1-5-21-2303957841-3669098053-2568940452-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DontDisplayLogonHoursWarnings => value deleted successfully.
C:\Windows\system32\GroupPolicyUsers\S-1-5-21-2303957841-3669098053-2568940452-1006\User => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
C:\Program Files (x86)\Skype\Toolbars => Moved successfully.
"HKCR\PROTOCOLS\Handler\skypec2c" => Key deleted successfully.
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
"HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c" => Key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
c2cautoupdatesvc => Service stopped successfully.
c2cautoupdatesvc => Service deleted successfully.
c2cpnrsvc => Service stopped successfully.
c2cpnrsvc => Service deleted successfully.
X6va021 => Service deleted successfully.
X6va022 => Service deleted successfully.
X6va025 => Unable to stop service
X6va025 => Service deleted successfully.
C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP => Moved successfully.
"C:\Windows\SysWOW64\mnctwxpgr.vbe" => File/Directory not found.
C:\Windows\SysWOW64\acumnctwxpgr.exe => Moved successfully.
C:\Windows\SysWOW64\dcgmnctwxpgr.exe => Moved successfully.
C:\Windows\SysWOW64\lcpmnctwxpgr.exe => Moved successfully.
"C:\Users\Smidaci\AppData\Local\Temp" directory move:
C:\Users\Smidaci\AppData\Local\Temp\AdwCleaner.jpg => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\ChicaWrapper.log.txt => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\Cleaning.ico => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\CPCShield_Setup.exe => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\DMIB388.tmp => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\Donate.ico => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\EsgScanner.inf => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\ESGScanner.sys => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\EULA.txt => Moved successfully.
Could not move "C:\Users\Smidaci\AppData\Local\Temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.
C:\Users\Smidaci\AppData\Local\Temp\hosts.bk => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\Reader.log.txt => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\Report.ico => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\Scan.ico => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\SHSetup.exe => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\SWPRO_msi.log.txt => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\SWPRO_uninstall.log.txt => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\system.ini.bk => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\tmp-46n.xpi => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\Uninstall.ico => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\win.ini.bk => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\~36CB.bat => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\~36CB.tmp => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\~74F3.bat => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\~74F3.tmp => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\~B421.tmp => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\~E5C0.bat => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\~E5C0.tmp => Moved successfully.
Could not move "C:\Users\Smidaci\AppData\Local\Temp" directory. => Scheduled to move on reboot.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-09-11 19:51:01)<=
C:\Users\Smidaci\AppData\Local\Temp\FXSAPIDebugLogFile.txt => Is moved successfully.
C:\Users\Smidaci\AppData\Local\Temp => Moved successfully.
==== End of Fixlog ====
Ran by Smidaci at 2014-09-11 19:49:18 Run:1
Running from C:\Users\Smidaci\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [MSStp] => C:\Windows\inf\msstp.vbe [1584 2014-03-05] ()
HKLM-x32\...\Run: [mnctwxpgrSrv] => C:\Windows\SysWOW64\mnctwxpgr.vbe [7670 2014-03-05] ()
C:\Windows\inf\msstp.vbe
C:\Windows\SysWOW64\mnctwxpgr.vbe
HKU\S-1-5-21-2303957841-3669098053-2568940452-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2303957841-3669098053-2568940452-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
GroupPolicyUsers\S-1-5-21-2303957841-3669098053-2568940452-1006\User: Group Policy restriction detected <======= ATTENTION
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 X6va021; \??\C:\Windows\SysWOW64\Drivers\X6va021 [X]
S3 X6va022; \??\C:\Windows\SysWOW64\Drivers\X6va022 [X]
R3 X6va025; \??\C:\Windows\SysWOW64\Drivers\X6va025 [X]
C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
C:\Windows\SysWOW64\mnctwxpgr.vbe
C:\Windows\SysWOW64\acumnctwxpgr.exe
C:\Windows\SysWOW64\dcgmnctwxpgr.exe
C:\Windows\SysWOW64\lcpmnctwxpgr.exe
C:\Users\Smidaci\AppData\Local\Temp
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\MSStp => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mnctwxpgrSrv => value deleted successfully.
C:\Windows\inf\msstp.vbe => Moved successfully.
C:\Windows\SysWOW64\mnctwxpgr.vbe => Moved successfully.
HKU\S-1-5-21-2303957841-3669098053-2568940452-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\LogonHoursAction => value deleted successfully.
HKU\S-1-5-21-2303957841-3669098053-2568940452-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DontDisplayLogonHoursWarnings => value deleted successfully.
C:\Windows\system32\GroupPolicyUsers\S-1-5-21-2303957841-3669098053-2568940452-1006\User => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
C:\Program Files (x86)\Skype\Toolbars => Moved successfully.
"HKCR\PROTOCOLS\Handler\skypec2c" => Key deleted successfully.
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
"HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c" => Key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
c2cautoupdatesvc => Service stopped successfully.
c2cautoupdatesvc => Service deleted successfully.
c2cpnrsvc => Service stopped successfully.
c2cpnrsvc => Service deleted successfully.
X6va021 => Service deleted successfully.
X6va022 => Service deleted successfully.
X6va025 => Unable to stop service
X6va025 => Service deleted successfully.
C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP => Moved successfully.
"C:\Windows\SysWOW64\mnctwxpgr.vbe" => File/Directory not found.
C:\Windows\SysWOW64\acumnctwxpgr.exe => Moved successfully.
C:\Windows\SysWOW64\dcgmnctwxpgr.exe => Moved successfully.
C:\Windows\SysWOW64\lcpmnctwxpgr.exe => Moved successfully.
"C:\Users\Smidaci\AppData\Local\Temp" directory move:
C:\Users\Smidaci\AppData\Local\Temp\AdwCleaner.jpg => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\ChicaWrapper.log.txt => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\Cleaning.ico => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\CPCShield_Setup.exe => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\DMIB388.tmp => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\Donate.ico => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\EsgScanner.inf => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\ESGScanner.sys => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\EULA.txt => Moved successfully.
Could not move "C:\Users\Smidaci\AppData\Local\Temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.
C:\Users\Smidaci\AppData\Local\Temp\hosts.bk => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\Reader.log.txt => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\Report.ico => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\Scan.ico => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\SHSetup.exe => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\SWPRO_msi.log.txt => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\SWPRO_uninstall.log.txt => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\system.ini.bk => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\tmp-46n.xpi => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\Uninstall.ico => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\win.ini.bk => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\~36CB.bat => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\~36CB.tmp => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\~74F3.bat => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\~74F3.tmp => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\~B421.tmp => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\~E5C0.bat => Moved successfully.
C:\Users\Smidaci\AppData\Local\Temp\~E5C0.tmp => Moved successfully.
Could not move "C:\Users\Smidaci\AppData\Local\Temp" directory. => Scheduled to move on reboot.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-09-11 19:51:01)<=
C:\Users\Smidaci\AppData\Local\Temp\FXSAPIDebugLogFile.txt => Is moved successfully.
C:\Users\Smidaci\AppData\Local\Temp => Moved successfully.
==== End of Fixlog ====
-
Rudy
- Site Admin
- Příspěvky: 119546
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: iStartSurf
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: iStartSurf
Ano zdá se to být v pořádku. Moc díky 
-
Rudy
- Site Admin
- Příspěvky: 119546
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: iStartSurf
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?