Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Kontrola pc

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
ptdave
Návštěvník
Návštěvník
Příspěvky: 82
Registrován: 01 zář 2012 11:28

Kontrola pc

#1 Příspěvek od ptdave »

Dobry den,

potřebuji zkontrolovat pc zasílám log + info

Logfile of random's system information tool 1.10 (written by random/random)
Run by Kereši at 2014-09-17 20:24:12
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 133 GB (66%) free of 200 GB
Total RAM: 2986 MB (49% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-06-22 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-08-11 142616]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-08-11 177432]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-08-11 176408]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [2011-09-09 6253160]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"Samsung PanelMgr"=C:\Windows\Samsung\PanelMgr\SSMMgr.exe [2011-07-06 688128]
"CLX3180_Scan2Pc"=C:\Windows\Twain_32\Samsung\CLX3180\Scan2pc.exe [2011-04-29 1990144]
"3180 Scan2PC"=C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe [2011-04-29 1990144]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"3170 Scan2PC"=C:\Windows\twain_32\Samsung\CLX3170\Scan2Pc.exe [2009-06-12 503808]
"AVG_UI"=C:\Program Files\AVG\AVG2014\avgui.exe [2014-08-25 5188112]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Kereši^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^dmqwv3j6.lnk]
C:\PROGRA~2\6j3vwqmd.dss,FFZ0 []

C:\Users\Kereši\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.3.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-08-09 294400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"TaskbarNoNotification"=0
"HideSCAHealth"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"TaskbarNoNotification"=0
"HideSCAHealth"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.siren"=sirenacm.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-09-17 20:17:31 ----D---- C:\rsit
2014-09-17 20:17:31 ----D---- C:\Program Files\trend micro
2014-09-17 20:06:17 ----SHD---- C:\Config.Msi
2014-09-08 13:33:26 ----D---- C:\Users\Kereši\AppData\Roaming\MPC-HC
2014-09-08 13:32:39 ----D---- C:\Program Files\MPC-HC
2014-09-08 11:51:30 ----D---- C:\Windows\Sun
2014-08-19 17:57:57 ----D---- C:\Users\Kereši\AppData\Roaming\GHISLER
2014-08-19 17:57:57 ----D---- C:\totalcmd
2014-08-19 17:57:57 ----A---- C:\Windows\UC.PIF
2014-08-19 17:57:57 ----A---- C:\Windows\RAR.PIF
2014-08-19 17:57:57 ----A---- C:\Windows\PKZIP.PIF
2014-08-19 17:57:57 ----A---- C:\Windows\PKUNZIP.PIF
2014-08-19 17:57:57 ----A---- C:\Windows\LHA.PIF
2014-08-19 17:57:57 ----A---- C:\Windows\ARJ.PIF
2014-08-19 17:10:19 ----D---- C:\Users\Kereši\AppData\Roaming\AVG2014
2014-08-19 17:09:02 ----D---- C:\Users\Kereši\AppData\Roaming\TuneUp Software
2014-08-19 17:07:18 ----HD---- C:\$AVG
2014-08-19 17:07:18 ----D---- C:\ProgramData\AVG2014
2014-08-19 17:06:03 ----D---- C:\Program Files\AVG
2014-08-19 17:04:40 ----HD---- C:\ProgramData\Common Files
2014-08-19 17:04:40 ----D---- C:\ProgramData\MFAData
2014-08-19 06:23:05 ----D---- C:\Users\Kereši\AppData\Roaming\Uhhoev
2014-08-19 06:23:05 ----D---- C:\Users\Kereši\AppData\Roaming\Fiwayb
2014-08-19 06:22:33 ----D---- C:\Users\Kereši\AppData\Roaming\Ulco
2014-08-19 06:22:33 ----D---- C:\Users\Kereši\AppData\Roaming\Emata

======List of files/folders modified in the last 1 month======

2014-09-17 20:24:09 ----D---- C:\Windows\Temp
2014-09-17 20:17:35 ----D---- C:\Windows\Prefetch
2014-09-17 20:17:31 ----RD---- C:\Program Files
2014-09-17 20:16:16 ----D---- C:\Windows
2014-09-17 20:16:15 ----D---- C:\Windows\inf
2014-09-17 20:06:35 ----SHD---- C:\Windows\Installer
2014-09-17 20:06:08 ----D---- C:\Windows\System32
2014-09-17 06:01:12 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-09-11 20:27:46 ----D---- C:\Windows\system32\NDF
2014-09-11 07:44:19 ----SHD---- C:\System Volume Information
2014-09-11 07:12:13 ----D---- C:\Windows\system32\config
2014-09-10 15:32:28 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-09-09 05:46:31 ----D---- C:\Windows\system32\catroot2
2014-09-03 08:25:54 ----D---- C:\Windows\system32\drivers
2014-08-30 08:38:59 ----HD---- C:\ProgramData
2014-08-30 08:38:59 ----D---- C:\Windows\system32\Tasks
2014-08-30 08:38:58 ----D---- C:\Windows\Tasks
2014-08-21 05:56:32 ----D---- C:\Program Files\SamsungPrinterLiveUpdate
2014-08-19 20:50:39 ----D---- C:\Users\Kereši\AppData\Roaming\AdobeChk
2014-08-19 20:50:34 ----D---- C:\Users\Kereši\AppData\Roaming\WinRAR
2014-08-19 18:02:18 ----D---- C:\Program Files\Google
2014-08-19 16:46:09 ----SD---- C:\ProgramData\Microsoft
2014-08-19 16:46:09 ----D---- C:\Program Files\Microsoft
2014-08-19 16:45:14 ----D---- C:\Windows\SoftwareDistribution
2014-08-19 16:45:14 ----D---- C:\Windows\Panther
2014-08-19 16:45:14 ----D---- C:\Windows\Logs
2014-08-19 16:45:14 ----D---- C:\Windows\debug
2014-08-19 06:33:32 ----D---- C:\Program Files\Internet Explorer
2014-08-19 06:33:22 ----D---- C:\Program Files\WinRAR
2014-08-19 06:32:46 ----D---- C:\Windows\system32\wbem
2014-08-19 06:32:25 ----D---- C:\Windows\system32\Wat
2014-08-19 06:29:54 ----D---- C:\Windows\ehome

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2014-06-17 147736]
R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2014-06-17 241944]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2014-08-06 98584]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2014-06-17 27416]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 Avgdiskx;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiskx.sys [2014-06-30 121624]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2014-07-21 200984]
R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2014-06-17 21272]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2014-06-17 188696]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2014-06-17 197400]
R2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [2009-07-13 38400]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2007-08-13 5120]
R3 dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
R3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 16384]
R3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-08-09 10843136]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-09-13 3665704]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt32.sys [2009-11-18 24664]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S1 ajomcxag;ajomcxag; \??\C:\Windows\system32\drivers\ajomcxag.sys []
S1 bmkgpghv;bmkgpghv; \??\C:\Windows\system32\drivers\bmkgpghv.sys []
S1 csyfctfz;csyfctfz; \??\C:\Windows\system32\drivers\csyfctfz.sys []
S1 cxufldht;cxufldht; \??\C:\Windows\system32\drivers\cxufldht.sys []
S1 dmpfljnh;dmpfljnh; \??\C:\Windows\system32\drivers\dmpfljnh.sys []
S1 hidobygt;hidobygt; \??\C:\Windows\system32\drivers\hidobygt.sys []
S1 kkkhzdmn;kkkhzdmn; \??\C:\Windows\system32\drivers\kkkhzdmn.sys []
S1 mqmjarun;mqmjarun; \??\C:\Windows\system32\drivers\mqmjarun.sys []
S1 nhgduczd;nhgduczd; \??\C:\Windows\system32\drivers\nhgduczd.sys []
S1 obtrnnov;obtrnnov; \??\C:\Windows\system32\drivers\obtrnnov.sys []
S1 rzxamqzl;rzxamqzl; \??\C:\Windows\system32\drivers\rzxamqzl.sys []
S1 shsccjwu;shsccjwu; \??\C:\Windows\system32\drivers\shsccjwu.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 39272]
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\E:\NTIOLib.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2013-11-27 14848]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-11-27 49664]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2013-11-27 27136]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-04 64704]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [2014-08-25 3242000]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [2014-08-25 289328]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 TeamViewer7;TeamViewer 7; C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe [2012-07-16 2673064]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-08-30 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10 267440]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-08-30 136176]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-07-25 108032]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-06-20 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

-----------------EOF-----------------
Nahoru
ptdave
Návštěvník
Návštěvník
Příspěvky: 82
Registrován: 01 zář 2012 11:28

Re: Kontrola pc

#2 Příspěvek od ptdave »

info.txt logfile of random's system information tool 1.10 2014-09-17 20:24:14

======MBR======

0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F850E0183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731CFE4E11750C807E00800F848A00B280EB845532E48A5600CD135DEB9E813EFE7D55AA756EFF7600E88D007517FAB0D1E664E88300B0DFE660E87C00B0FFE664E87500FBB800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C007409BB0700B40ECD10EBF2F4EBFD2BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D000000637B9A413B6F6500008020210007DF130C000800000020030000DF140C07FEFFFF0028030000D8661800FEFFFF07FEFFFF00006A180058CE210000000000000000000000000000000055AA

======Uninstall list======

Update for Microsoft Office 2007 (KB2508958)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
-->C:\Program Files\InstallShield Installation Information\{AC584CC1-0EA7-49AD-ADD5-D0039459466F}\setup.exe -runfromtemp -l0x0005 -removeonly
32 Bit HP CIO Components Installer-->MsiExec.exe /I{2614F54E-A828-49FA-93BA-45A3F756BFAA}
Adobe Flash Player 15 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil32_15_0_0_152_ActiveX.exe -maintain activex
Adobe Reader X (10.1.12) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AA1000000001}
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {0A1FAC46-B899-421D-B1A2-470896DC45DB}
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {E68DD413-B834-4923-8181-0A03B7555187}
aladin-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7FFC1B30-70CE-11D5-A8B2-000374890932}\Setup.exe"
AVG 2014-->"C:\Program Files\AVG\AVG2014\avgmfapx.exe" /AppMode=SETUP /Uninstall
AVG 2014-->MsiExec.exe /I{59C51498-BEDE-4033-BBEE-16908F1EFB47}
AVG 2014-->MsiExec.exe /I{F37413EB-9B55-4764-AC88-90BCBB3D4695}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
Google Chrome-->"C:\Program Files\Google\Chrome\Application\37.0.2062.120\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HP LaserJet P3010 Series PCL 6-->"C:\Program Files\Common Files\Hewlett-Packard\HPDIU 2.5\HPDIU_Uninstall.exe" /d "HP LaserJet P3010 Series PCL 6" /m "ARP"
Intel(R) Control Center-->C:\Program Files\Intel\Intel Control Center\uninstaller\SetupICC.exe -uninstall -force -confirm
Intel(R) Processor Graphics-->C:\Program Files\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall
Java(TM) 6 Update 22-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216022FF}
Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
Mesh Runtime-->MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E}
Messenger Companion-->MsiExec.exe /I{B44F3823-52DD-45CA-A916-8B320778715D}
Microsoft .NET Framework 4.5.1 (CSY)-->MsiExec.exe /X{123F4E9B-80E6-3A84-BDD4-3CB3AC59ABF0}
Microsoft .NET Framework 4.5.1 (čeština)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\CSY\\Setup.exe /repair /x86 /lcid 1029
Microsoft .NET Framework 4.5.1-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\\Setup.exe /repair /x86
Microsoft .NET Framework 4.5.1-->MsiExec.exe /X{4903D172-DCCB-392F-93A3-34CA9D47FE3D}
Microsoft Antimalware Service CS-CZ Language Pack-->MsiExec.exe /X{17CA32D1-73BD-4990-B8F6-369D8D34B05D}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0015-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0019-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0044-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00A1-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00BA-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook Connector-->MsiExec.exe /X{95140000-007A-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {0B7A4B67-2A38-42B1-9857-662FAB361E08}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {928D7B99-2BEA-49F9-83B8-20FA57860643}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {FDF9A959-241A-4662-A8DE-7DED9C22D160}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Security Client CS-CZ Language Pack-->MsiExec.exe /I{50779A29-834E-4E36-BBEB-B7CABC67A825}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
MPC-HC 1.7.6-->"C:\Program Files\MPC-HC\unins000.exe"
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
OpenOffice.org 3.3-->MsiExec.exe /I{10B43A43-FF73-47FD-83E8-A503E84F9ED6}
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení-->MsiExec.exe /I{B6190387-0036-4BEB-8D74-A0AFC5F14706}
Readiris Pro 10-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}\setup.exe" -l0x9
Realtek Ethernet Controller Driver-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\SETUP.EXE -runfromtemp -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.EXE" -removeonly
Samsung CLX-3170 Series-->C:\Program Files\Samsung\Samsung CLX-3170 Series\Install\Setup.exe /R
Samsung Scan Assistant-->"C:\Program Files\Scan Assistant\uninstall.exe"
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {8086EDC0-3409-3560-B108-44FC46882443}
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {FED9B2BC-E6D7-3409-B4C9-99AF8AC65725}
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {054F96E9-E89B-3DDB-AA70-A65194B921B4}
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {D33B9EF5-3801-496A-A2D6-B7F4BE972D75}
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B145DBBB-7778-4A5D-9D2B-DA6569F02391}
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E34960DB-2A93-45DB-A208-02650F7AB09C}
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B7727B4D-5EA3-4C11-9D30-15E47616DCAF}
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE}
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {2B3C041A-A7F2-4A24-968D-4BEB6A123D15}
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {EA575F57-C5D1-4B5A-B9F9-F16EEBC6B58C}
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3579CE34-B225-4B19-A3AF-DE5F562A212F}
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {79850906-6D2B-4061-8EAF-EAC84173DEC5}
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition -->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {A4A50F66-DD0F-4150-A19F-0F35531D6E21}
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8907F32C-DF89-4C2F-AEDE-0DB4B65451C0}
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {319FC809-3841-4739-A25F-FDBADF073697}
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {32DA925D-8B7D-4298-B893-6291D28CE809}
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4CCE0378-386F-4DC2-9CC1-A3710C77057D}
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6B4A3804-666A-4DD8-84A7-B97701416784}
Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F7DFD2B8-0CD1-4A51-AC71-A0582FE796C2}
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {36842896-D83B-4C92-8261-6312B7DEB562}
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4C1BE82B-9AC0-4AB9-B76D-5467131955E1}
Security Update for Microsoft Office 2007 suites (KB2880513) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A514D470-B2E9-43BC-865B-5ECEE29AD33F}
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FC572B0C-6356-46CC-A01E-CCCEC4340BF5}
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {686630EC-8033-4031-85C5-D8E5CD62A958}
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F311D6C-D8DD-4C32-9457-1A129CABD1A5}
Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C069DBBB-0547-4405-B9C8-38123FCD9CE0}
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AEA16A27-0B97-4670-818F-A98D06EC0A6F}
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}
Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F88656FB-92A1-484E-911E-D259B15CF420}
Security Update for Microsoft Office Word 2007 (KB2880515) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {25E99E7A-DEA7-4077-856B-9DBA15BEE045}
SmarThru 4-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{90F1943D-EA4A-4460-B59F-30023F3BA69A}\setup.exe" -l0x9 uninstall -l0009
TeamViewer 7-->C:\Program Files\TeamViewer\Version7\uninstall.exe
Total Commander (Remove or Repair)-->c:\totalcmd\tcuninst.exe
Údržba Samsung CLX-3180 Series-->"C:\Program Files\Samsung\Samsung CLX-3180 Series\Setup\Setup.exe" /R
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A024FC7B-77DE-45DE-A058-1C049A17BFB3}
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CB68A5B0-3508-4193-AEB9-AF636DAECE0F}
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {A030537D-0034-46AD-A730-B1119786F607}
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {53DEC068-4690-4F6B-9946-7D21EF02236B}
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B2260BC9-D561-46EE-B33D-739CF760A2A9}
Visual Studio 2012 x86 Redistributables-->MsiExec.exe /I{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}
Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}
Windows Live Family Safety-->MsiExec.exe /I{28A25E3A-2855-4A39-B72B-50BF80FB86C5}
Windows Live Family Safety-->MsiExec.exe /X{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}
Windows Live Fotogalerie-->MsiExec.exe /X{FB79FDB7-4DE1-453D-99FE-9A880F57380E}
Windows Live ID Sign-in Assistant-->MsiExec.exe /I{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}
Windows Live Mail-->MsiExec.exe /I{C454280F-3C3E-4929-B60E-9E6CED5717E7}
Windows Live Mesh-->MsiExec.exe /I{80E8C65A-8F70-4585-88A2-ABC54BABD576}
Windows Live Mesh-->MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48}
Windows Live Messenger Companion Core-->MsiExec.exe /I{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}
Windows Live Messenger-->MsiExec.exe /X{E5B21F11-6933-4E0B-A25C-7963E3C07D11}
Windows Live Messenger-->MsiExec.exe /X{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}
Windows Live MIME IFilter-->MsiExec.exe /I{AF844339-2F8A-4593-81B3-9F4C54038C4E}
Windows Live Movie Maker-->MsiExec.exe /X{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}
Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
Windows Live Photo Common-->MsiExec.exe /X{78906B56-0E81-42A7-AC25-F54C946E1538}
Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}
Windows Live Remote Client Resources-->MsiExec.exe /I{454F5782-A4C3-480E-A629-D435795DEFD8}
Windows Live Remote Client-->MsiExec.exe /I{19A4A990-5343-4FF7-B3B5-6F046C091EDF}
Windows Live Remote Service Resources-->MsiExec.exe /I{0891B708-EF3F-4D7E-9724-265245F46276}
Windows Live Remote Service-->MsiExec.exe /I{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}
Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
Windows Live Writer Resources-->MsiExec.exe /X{AB78C965-5C67-409B-8433-D7B5BDB12073}
Windows Live Writer-->MsiExec.exe /X{4264C020-850B-4F08-ACBE-98205D9C336C}
Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}
Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR 5.01 (32-bit)-->C:\Program Files\WinRAR\uninstall.exe

======System event log======

Computer Name: Kereši-PC
Event Code: 1116
Message:
Record Number: 242224
Source Name: Microsoft Antimalware
Time Written: 20140819060706.000000-000
Event Type: Upozornění
User:

Computer Name: Kereši-PC
Event Code: 1116
Message:
Record Number: 242223
Source Name: Microsoft Antimalware
Time Written: 20140819060702.000000-000
Event Type: Upozornění
User:

Computer Name: Kereši-PC
Event Code: 1116
Message:
Record Number: 242222
Source Name: Microsoft Antimalware
Time Written: 20140819060654.000000-000
Event Type: Upozornění
User:

Computer Name: Kereši-PC
Event Code: 1116
Message:
Record Number: 242221
Source Name: Microsoft Antimalware
Time Written: 20140819060652.000000-000
Event Type: Upozornění
User:

Computer Name: Kereši-PC
Event Code: 1116
Message:
Record Number: 242220
Source Name: Microsoft Antimalware
Time Written: 20140819060645.000000-000
Event Type: Upozornění
User:

=====Application event log=====

Computer Name: Kereši-PC
Event Code: 903
Message: Služba Ochrana softwaru byla ukončena.

Record Number: 3637
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20120813065251.000000-000
Event Type: Informace
User:

Computer Name: Kereši-PC
Event Code: 1000
Message: Čítače výkonu pro službu WmiApRpl (WmiApRpl) byly úspěšně načteny. Data záznamu v datové části obsahují nové indexové hodnoty přiřazené této službě.
Record Number: 3636
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20120813064957.373701-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: Kereši-PC
Event Code: 1001
Message: Čítače výkonu pro službu WmiApRpl (WmiApRpl) byly úspěšně odstraněny. Data záznamu obsahují nové hodnoty položek Last Counter a Last Help systémového registru.
Record Number: 3635
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20120813064957.264501-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: Kereši-PC
Event Code: 902
Message: Služba Ochrana softwaru byla spuštěna.
6.1.7601.17514
Record Number: 3634
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20120813064751.000000-000
Event Type: Informace
User:

Computer Name: Kereši-PC
Event Code: 1003
Message: Služba Ochrana softwaru dokončila kontrolu stavu licencování.
ID aplikace=55c92734-d682-4d71-983e-d6ec3f16059f
Stav licencování=
1: 01f5fc37-a99e-45c5-b65e-d762f3518ead, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
2: 2e7d060d-4714-40f2-9896-1e4f15b612ad, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
3: 3b965dfc-31d9-4903-886f-873a0382776c, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
4: 586bc076-c93d-429a-afe5-a69fbc644e88, 1, 1 [(0 [0x00000000, 1, 0], [(?)(?)( 1 0x00000000 3 0 msft:rm/algorithm/hwid/4.0 0x00000000 0)(?)(?)(?)])(1 )(2 )]
5: 5e017a8a-f3f9-4167-b1bd-ba3e236a4d8f, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
6: 5e35dc43-389b-47c5-b889-2088b06738cb, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
7: 6a7d5d8a-92af-4e6a-af4b-8fddaec800e5, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
8: 9ab82e0c-ffc9-4107-baa1-c65a8bd3ccc3, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
9: 9f83d90f-a151-4665-ae69-30b3f63ec659, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
10: a63275f4-530c-48a7-b0d3-4f00d688d151, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
11: b8a4bb91-69b1-460d-93f8-40e0670af04a, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
12: d2c04e90-c3dd-4260-b0f3-f845f5d27d64, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
13: e68b141f-4dfa-4387-b3b7-e65c4889216e, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
14: ee4e1629-bcdc-4b42-a68f-b92e135f78d7, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
15: 4a8149bb-7d61-49f4-8822-82c7bf88d64b, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
16: afd5f68f-b70f-4000-a21d-28dbc8be8b07, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]


Record Number: 3633
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20120813064751.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: Kereši-PC
Event Code: 1100
Message: Služba protokolování událostí byla ukončena.
Record Number: 18938
Source Name: Microsoft-Windows-Eventlog
Time Written: 20130611172355.029732-000
Event Type: Úspěšný audit
User:

Computer Name: Kereši-PC
Event Code: 4647
Message: Odhlášení spuštěné uživatelem:

Předmět:
ID zabezpečení: S-1-5-21-3856467891-3230522657-195447900-1000
Název účtu: Kereši
Doména účtu: Kereši-PC
ID přihlášení: 0x18001

Tato událost je generována, pokud je spuštěno odhlášení. Není povolena žádná další uživatelem spuštěná akce. Tuto událost lze interpretovat jako událost odhlášení.
Record Number: 18937
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130611172353.532130-000
Event Type: Úspěšný audit
User:

Computer Name: Kereši-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 18936
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130611061200.679123-000
Event Type: Úspěšný audit
User:

Computer Name: Kereši-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: KEREŠI-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x20c
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 18935
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130611061200.679123-000
Event Type: Úspěšný audit
User:

Computer Name: Kereši-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 18934
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130611061200.523123-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Windows Live\Shared
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 42 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=2a07
"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log
"windows_tracing_flags"=3

-----------------EOF-----------------
Nahoru
ptdave
Návštěvník
Návštěvník
Příspěvky: 82
Registrován: 01 zář 2012 11:28

Re: Kontrola pc

#3 Příspěvek od ptdave »

kontrola bude krapet delší protože pc nemám k dispozici a všechno je přes vzdálenou správu, ale dotáhneme to do konce :)
přikládám log z AdwCleaner v3.310

# AdwCleaner v3.310 - Report created 17/09/2014 at 20:51:21
# Updated 12/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Kereši - KEREŠI-PC
# Running from : C:\Users\Kereši\Desktop\adwcleaner_3.310.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\AVG SafeGuard toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17239


-\\ Google Chrome v37.0.2062.120

[ File : C:\Users\Kereši\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [857 octets] - [17/09/2014 20:50:21]
AdwCleaner[S0].txt - [781 octets] - [17/09/2014 20:51:21]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [840 octets] ##########
Nahoru
ptdave
Návštěvník
Návštěvník
Příspěvky: 82
Registrován: 01 zář 2012 11:28

Re: Kontrola pc

#4 Příspěvek od ptdave »

log z frst

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-09-2014
Ran by Kereši (administrator) on KEREŠI-PC on 17-09-2014 21:02:15
Running from C:\Users\Kereši\Desktop
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
() C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Windows\twain_32\Samsung\CLX3170\Scan2Pc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\tv_w32.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer_Desktop.exe
(forum.viry.cz) C:\Users\Kereši\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [6253160 2011-09-09] (Realtek Semiconductor)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [688128 2011-07-06] ()
HKLM\...\Run: [CLX3180_Scan2Pc] => C:\Windows\Twain_32\Samsung\CLX3180\Scan2pc.exe [1990144 2011-04-29] ()
HKLM\...\Run: [3180 Scan2PC] => C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe [1990144 2011-04-29] ()
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM\...\Run: [3170 Scan2PC] => C:\Windows\twain_32\Samsung\CLX3170\Scan2Pc.exe [503808 2009-06-12] ()
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5188112 2014-08-25] (AVG Technologies CZ, s.r.o.)
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-3856467891-3230522657-195447900-1000\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-3856467891-3230522657-195447900-1000\...\Policies\Explorer: [HideSCAHealth] 0
Startup: C:\Users\Kereši\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Kereši\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default ->
CHR CustomProfile: C:\Users\Kereši\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Wallet) - C:\Users\Kereši\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3242000 2014-08-25] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-25] (AVG Technologies CZ, s.r.o.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2008-07-18] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-07-18] (Hewlett-Packard) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [200984 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [188696 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-08-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [197400 2014-06-17] (AVG Technologies CZ, s.r.o.)
R2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [38400 2009-07-13] (Samsung Electronics Co., Ltd.) [File not signed]
R3 MBfilt; C:\Windows\System32\drivers\MBfilt32.sys [24664 2009-11-18] (Creative Technology Ltd.)
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2007-08-13] (Samsung Electronics) [File not signed]
S1 ajomcxag; \??\C:\Windows\system32\drivers\ajomcxag.sys [X]
S1 bmkgpghv; \??\C:\Windows\system32\drivers\bmkgpghv.sys [X]
S1 csyfctfz; \??\C:\Windows\system32\drivers\csyfctfz.sys [X]
S1 cxufldht; \??\C:\Windows\system32\drivers\cxufldht.sys [X]
S1 dmpfljnh; \??\C:\Windows\system32\drivers\dmpfljnh.sys [X]
S1 hidobygt; \??\C:\Windows\system32\drivers\hidobygt.sys [X]
S1 kkkhzdmn; \??\C:\Windows\system32\drivers\kkkhzdmn.sys [X]
S1 mqmjarun; \??\C:\Windows\system32\drivers\mqmjarun.sys [X]
S1 nhgduczd; \??\C:\Windows\system32\drivers\nhgduczd.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib.sys [X]
S1 obtrnnov; \??\C:\Windows\system32\drivers\obtrnnov.sys [X]
S1 rzxamqzl; \??\C:\Windows\system32\drivers\rzxamqzl.sys [X]
S1 shsccjwu; \??\C:\Windows\system32\drivers\shsccjwu.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-17 21:02 - 2014-09-17 21:02 - 00010200 _____ () C:\Users\Kereši\Desktop\FRST.txt
2014-09-17 21:02 - 2014-09-17 21:02 - 00000000 ____D () C:\FRST
2014-09-17 21:00 - 2014-09-17 21:00 - 01097728 _____ (Farbar) C:\Users\Kereši\Desktop\FRST.exe
2014-09-17 20:59 - 2014-09-17 20:59 - 00112640 _____ (forum.viry.cz) C:\Users\Kereši\Desktop\FRSTLauncher.exe
2014-09-17 20:52 - 2014-09-17 20:52 - 00000314 _____ () C:\Windows\PFRO.log
2014-09-17 20:51 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-09-17 20:50 - 2014-09-17 20:51 - 00000000 ____D () C:\AdwCleaner
2014-09-17 20:48 - 2014-09-17 20:48 - 01373475 _____ () C:\Users\Kereši\Desktop\adwcleaner_3.310.exe
2014-09-17 20:23 - 2014-09-17 20:23 - 01107968 _____ () C:\Users\Kereši\Desktop\RSIT.exe
2014-09-17 20:19 - 2014-09-17 20:19 - 01107968 _____ () C:\Users\Kereši\Downloads\RSIT.exe
2014-09-17 20:17 - 2014-09-17 20:24 - 00000000 ____D () C:\rsit
2014-09-17 20:17 - 2014-09-17 20:24 - 00000000 ____D () C:\Program Files\trend micro
2014-09-17 20:16 - 2014-09-17 20:52 - 00000112 _____ () C:\Windows\setupact.log
2014-09-17 20:16 - 2014-09-17 20:16 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-17 17:31 - 2014-09-17 17:31 - 00147456 _____ () C:\Users\Kereši\Downloads\TP_PERSIL%20BRIGHTNESS.xls
2014-09-17 17:30 - 2014-09-17 17:30 - 00147456 _____ () C:\Users\Kereši\Downloads\TP_Palmex%20detektor%20skvrn.xls
2014-09-15 16:37 - 2014-09-15 17:48 - 00000000 ____D () C:\Users\Kereši\Desktop\Odpady
2014-09-15 13:06 - 2014-09-15 13:06 - 00010491 _____ () C:\Users\Kereši\Desktop\RPG.xlsx
2014-09-11 16:29 - 2014-09-11 16:29 - 00023246 _____ () C:\Users\Kereši\Downloads\Reportová karta_Budamont 1 (1).xlsx
2014-09-11 16:28 - 2014-09-11 16:28 - 00023246 _____ () C:\Users\Kereši\Downloads\Reportová karta_Budamont 1.xlsx
2014-09-08 13:40 - 2014-09-08 13:40 - 00037222 _____ () C:\Users\Kereši\Downloads\home-alone_english-836438.zip
2014-09-08 13:38 - 2014-09-08 13:38 - 00031660 _____ () C:\Users\Kereši\Downloads\home-alone_english-829074.zip
2014-09-08 13:38 - 2013-12-06 16:16 - 00082289 _____ () C:\Users\Kereši\Desktop\Home.Alone.1990.720p.BluRay.x264-SiNNERS.srt
2014-09-08 13:33 - 2014-09-08 13:33 - 00000000 ____D () C:\Users\Kereši\AppData\Roaming\MPC-HC
2014-09-08 13:32 - 2014-09-08 13:32 - 00001821 _____ () C:\Users\Kereši\Desktop\MPC-HC.lnk
2014-09-08 13:32 - 2014-09-08 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC
2014-09-08 13:32 - 2014-09-08 13:32 - 00000000 ____D () C:\Program Files\MPC-HC
2014-09-08 13:30 - 2014-09-08 13:31 - 17207373 _____ () C:\Users\Kereši\Downloads\MPCx86.exe
2014-09-08 13:22 - 2014-09-08 13:22 - 00000000 ____D () C:\Users\Kereši\AppData\Local\{E99BEE44-C492-466A-BCC0-950A617647CA}
2014-09-08 11:51 - 2014-09-08 11:51 - 00016417 _____ () C:\Users\Kereši\Desktop\hs_err_pid3384.log
2014-09-08 11:51 - 2014-09-08 11:51 - 00000000 ____D () C:\Windows\Sun
2014-09-08 11:20 - 2014-09-09 07:49 - 00000000 ____D () C:\Users\Kereši\Desktop\Nová složka (2)
2014-09-05 15:20 - 2014-09-05 15:20 - 00103424 _____ () C:\Users\Kereši\Downloads\Lindt_denni_zprava Excellence (1).xls
2014-09-05 10:16 - 2014-09-05 10:16 - 00103424 _____ () C:\Users\Kereši\Downloads\Lindt_denni_zprava Excellence.xls
2014-09-02 07:51 - 2014-09-02 07:51 - 01753600 _____ () C:\Users\Kereši\Downloads\Dotazník hostesky-promotéra (4).xls
2014-09-02 07:49 - 2014-09-02 07:49 - 00056832 _____ () C:\Users\Kereši\Downloads\Dotazník hostesky-promotéra (3).xls
2014-09-02 07:47 - 2014-09-02 07:47 - 00056832 _____ () C:\Users\Kereši\Downloads\Dotazník hostesky-promotéra (2).xls
2014-09-02 07:36 - 2014-09-02 07:36 - 04395525 _____ () C:\Users\Kereši\Downloads\prezentace hostesek.pptx
2014-08-28 08:06 - 2014-08-28 08:06 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2014-08-28 08:06 - 2014-08-28 08:06 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2014-08-23 10:27 - 2014-08-23 10:28 - 00000000 ___RD () C:\Users\Kereši\Desktop\Reklamace
2014-08-23 10:20 - 2014-08-23 10:31 - 00000000 ___RD () C:\Users\Kereši\Desktop\Vyjádření + předávací protokoly
2014-08-19 17:58 - 2014-08-19 17:58 - 00000632 _____ () C:\Users\Kereši\Desktop\Total Commander.lnk
2014-08-19 17:57 - 2014-08-19 17:58 - 00000000 ____D () C:\totalcmd
2014-08-19 17:57 - 2014-08-19 17:57 - 03722264 _____ (Ghisler Software GmbH) C:\Users\Kereši\Downloads\tcm851x32.exe
2014-08-19 17:57 - 2014-08-19 17:57 - 00000000 ____D () C:\Users\Kereši\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2014-08-19 17:57 - 2014-08-19 17:57 - 00000000 ____D () C:\Users\Kereši\AppData\Roaming\GHISLER
2014-08-19 17:57 - 2014-04-23 08:51 - 00000545 _____ () C:\Windows\UC.PIF
2014-08-19 17:57 - 2014-04-23 08:51 - 00000545 _____ () C:\Windows\RAR.PIF
2014-08-19 17:57 - 2014-04-23 08:51 - 00000545 _____ () C:\Windows\PKZIP.PIF
2014-08-19 17:57 - 2014-04-23 08:51 - 00000545 _____ () C:\Windows\PKUNZIP.PIF
2014-08-19 17:57 - 2014-04-23 08:51 - 00000545 _____ () C:\Windows\LHA.PIF
2014-08-19 17:57 - 2014-04-23 08:51 - 00000545 _____ () C:\Windows\ARJ.PIF
2014-08-19 17:34 - 2014-08-19 17:34 - 03433008 _____ (AVG Technologies CZ) C:\Users\Kereši\Downloads\jlpostldpttjcumfol.exe
2014-08-19 17:33 - 2014-08-19 17:34 - 03433008 _____ (AVG Technologies CZ) C:\Users\Kereši\Downloads\avg_remover_expiro.exe
2014-08-19 17:10 - 2014-08-19 17:10 - 00000000 ____D () C:\Users\Kereši\AppData\Roaming\AVG2014
2014-08-19 17:09 - 2014-09-03 08:25 - 00000947 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-08-19 17:09 - 2014-09-03 08:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-08-19 17:09 - 2014-08-19 17:09 - 00000000 ____D () C:\Users\Kereši\AppData\Roaming\TuneUp Software
2014-08-19 17:07 - 2014-08-19 20:50 - 00000000 ____D () C:\ProgramData\AVG2014
2014-08-19 17:07 - 2014-08-19 17:07 - 00000000 ___HD () C:\$AVG
2014-08-19 17:06 - 2014-08-19 17:06 - 00000000 ____D () C:\Program Files\AVG
2014-08-19 17:04 - 2014-09-17 17:01 - 00000000 ____D () C:\ProgramData\MFAData
2014-08-19 17:04 - 2014-08-19 17:19 - 00000000 ____D () C:\Users\Kereši\AppData\Local\Avg2014
2014-08-19 17:04 - 2014-08-19 17:04 - 00000000 ____D () C:\Users\Kereši\AppData\Local\MFAData
2014-08-19 16:58 - 2014-08-19 17:03 - 155862088 _____ (AVG Technologies) C:\Users\Kereši\Downloads\avg_free_x86_all_2014_4716a7754.exe
2014-08-19 16:47 - 2014-08-19 16:47 - 00037558 _____ () C:\Users\Kereši\Documents\cc_20140819_164655.reg
2014-08-19 06:23 - 2014-08-19 20:50 - 00000000 ____D () C:\Users\Kereši\AppData\Roaming\Uhhoev
2014-08-19 06:23 - 2014-08-19 06:23 - 00000000 ____D () C:\Users\Kereši\AppData\Roaming\Fiwayb
2014-08-19 06:22 - 2014-08-19 20:50 - 00000000 ____D () C:\Users\Kereši\AppData\Roaming\Ulco
2014-08-19 06:22 - 2014-08-19 06:27 - 00000000 ____D () C:\Users\Kereši\AppData\Roaming\Emata

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-17 21:02 - 2014-09-17 21:02 - 00010200 _____ () C:\Users\Kereši\Desktop\FRST.txt
2014-09-17 21:02 - 2014-09-17 21:02 - 00000000 ____D () C:\FRST
2014-09-17 21:01 - 2012-08-30 16:53 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-17 21:00 - 2014-09-17 21:00 - 01097728 _____ (Farbar) C:\Users\Kereši\Desktop\FRST.exe
2014-09-17 21:00 - 2009-07-14 06:34 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-17 21:00 - 2009-07-14 06:34 - 00029120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-17 20:59 - 2014-09-17 20:59 - 00112640 _____ (forum.viry.cz) C:\Users\Kereši\Desktop\FRSTLauncher.exe
2014-09-17 20:59 - 2010-11-20 23:01 - 01593310 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-17 20:52 - 2014-09-17 20:52 - 00000314 _____ () C:\Windows\PFRO.log
2014-09-17 20:52 - 2014-09-17 20:16 - 00000112 _____ () C:\Windows\setupact.log
2014-09-17 20:52 - 2012-08-30 16:53 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-17 20:52 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-17 20:52 - 2009-07-14 06:33 - 00435936 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-17 20:51 - 2014-09-17 20:50 - 00000000 ____D () C:\AdwCleaner
2014-09-17 20:48 - 2014-09-17 20:48 - 01373475 _____ () C:\Users\Kereši\Desktop\adwcleaner_3.310.exe
2014-09-17 20:32 - 2012-06-22 11:50 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-17 20:24 - 2014-09-17 20:17 - 00000000 ____D () C:\rsit
2014-09-17 20:24 - 2014-09-17 20:17 - 00000000 ____D () C:\Program Files\trend micro
2014-09-17 20:23 - 2014-09-17 20:23 - 01107968 _____ () C:\Users\Kereši\Desktop\RSIT.exe
2014-09-17 20:19 - 2014-09-17 20:19 - 01107968 _____ () C:\Users\Kereši\Downloads\RSIT.exe
2014-09-17 20:16 - 2014-09-17 20:16 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-17 20:06 - 2012-06-19 15:19 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-09-17 17:31 - 2014-09-17 17:31 - 00147456 _____ () C:\Users\Kereši\Downloads\TP_PERSIL%20BRIGHTNESS.xls
2014-09-17 17:30 - 2014-09-17 17:30 - 00147456 _____ () C:\Users\Kereši\Downloads\TP_Palmex%20detektor%20skvrn.xls
2014-09-17 17:01 - 2014-08-19 17:04 - 00000000 ____D () C:\ProgramData\MFAData
2014-09-17 12:13 - 2012-06-22 11:51 - 00012191 _____ () C:\Users\Kereši\AppData\Roaming\SmarThruOptions.xml
2014-09-17 08:31 - 2012-11-16 10:42 - 00000000 ____D () C:\Users\Kereši\Desktop\Revize Kundrik
2014-09-16 08:42 - 2014-05-05 17:13 - 00000000 ___RD () C:\Users\Kereši\Desktop\RPG 2.kolo 2014
2014-09-15 17:48 - 2014-09-15 16:37 - 00000000 ____D () C:\Users\Kereši\Desktop\Odpady
2014-09-15 13:06 - 2014-09-15 13:06 - 00010491 _____ () C:\Users\Kereši\Desktop\RPG.xlsx
2014-09-13 08:06 - 2012-08-30 16:54 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-11 20:27 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-11 16:29 - 2014-09-11 16:29 - 00023246 _____ () C:\Users\Kereši\Downloads\Reportová karta_Budamont 1 (1).xlsx
2014-09-11 16:28 - 2014-09-11 16:28 - 00023246 _____ () C:\Users\Kereši\Downloads\Reportová karta_Budamont 1.xlsx
2014-09-10 15:32 - 2012-06-22 11:50 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-10 15:32 - 2012-06-22 11:50 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-09 07:49 - 2014-09-08 11:20 - 00000000 ____D () C:\Users\Kereši\Desktop\Nová složka (2)
2014-09-08 13:40 - 2014-09-08 13:40 - 00037222 _____ () C:\Users\Kereši\Downloads\home-alone_english-836438.zip
2014-09-08 13:38 - 2014-09-08 13:38 - 00031660 _____ () C:\Users\Kereši\Downloads\home-alone_english-829074.zip
2014-09-08 13:33 - 2014-09-08 13:33 - 00000000 ____D () C:\Users\Kereši\AppData\Roaming\MPC-HC
2014-09-08 13:32 - 2014-09-08 13:32 - 00001821 _____ () C:\Users\Kereši\Desktop\MPC-HC.lnk
2014-09-08 13:32 - 2014-09-08 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC
2014-09-08 13:32 - 2014-09-08 13:32 - 00000000 ____D () C:\Program Files\MPC-HC
2014-09-08 13:31 - 2014-09-08 13:30 - 17207373 _____ () C:\Users\Kereši\Downloads\MPCx86.exe
2014-09-08 13:22 - 2014-09-08 13:22 - 00000000 ____D () C:\Users\Kereši\AppData\Local\{E99BEE44-C492-466A-BCC0-950A617647CA}
2014-09-08 11:51 - 2014-09-08 11:51 - 00016417 _____ () C:\Users\Kereši\Desktop\hs_err_pid3384.log
2014-09-08 11:51 - 2014-09-08 11:51 - 00000000 ____D () C:\Windows\Sun
2014-09-05 17:17 - 2014-02-09 18:58 - 00000000 ____D () C:\Users\Kereši\Desktop\Denisa Pavlovská
2014-09-05 15:20 - 2014-09-05 15:20 - 00103424 _____ () C:\Users\Kereši\Downloads\Lindt_denni_zprava Excellence (1).xls
2014-09-05 10:16 - 2014-09-05 10:16 - 00103424 _____ () C:\Users\Kereši\Downloads\Lindt_denni_zprava Excellence.xls
2014-09-03 08:25 - 2014-08-19 17:09 - 00000947 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-09-03 08:25 - 2014-08-19 17:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-09-02 07:58 - 2014-01-30 21:53 - 00000000 ____D () C:\Users\Kereši\Desktop\Fotky různé
2014-09-02 07:51 - 2014-09-02 07:51 - 01753600 _____ () C:\Users\Kereši\Downloads\Dotazník hostesky-promotéra (4).xls
2014-09-02 07:49 - 2014-09-02 07:49 - 00056832 _____ () C:\Users\Kereši\Downloads\Dotazník hostesky-promotéra (3).xls
2014-09-02 07:47 - 2014-09-02 07:47 - 00056832 _____ () C:\Users\Kereši\Downloads\Dotazník hostesky-promotéra (2).xls
2014-09-02 07:36 - 2014-09-02 07:36 - 04395525 _____ () C:\Users\Kereši\Downloads\prezentace hostesek.pptx
2014-08-28 08:06 - 2014-08-28 08:06 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2014-08-28 08:06 - 2014-08-28 08:06 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2014-08-27 20:34 - 2013-08-13 18:21 - 00000000 ___RD () C:\Users\Kereši\Desktop\Cenový návrh,dodací list - email
2014-08-23 10:32 - 2014-01-16 22:10 - 00000000 ___RD () C:\Users\Kereši\Desktop\CPI
2014-08-23 10:31 - 2014-08-23 10:20 - 00000000 ___RD () C:\Users\Kereši\Desktop\Vyjádření + předávací protokoly
2014-08-23 10:31 - 2013-07-26 12:53 - 00000000 ____D () C:\Users\Kereši\Desktop\Peťka-škola
2014-08-23 10:30 - 2014-01-16 22:25 - 00000000 ___RD () C:\Users\Kereši\Desktop\Pošty SMorava
2014-08-23 10:29 - 2013-12-28 13:41 - 00000000 ___RD () C:\Users\Kereši\Desktop\Pošty JČechy
2014-08-23 10:28 - 2014-08-23 10:27 - 00000000 ___RD () C:\Users\Kereši\Desktop\Reklamace
2014-08-23 10:21 - 2013-10-09 08:26 - 00000000 ____D () C:\Users\Kereši\Desktop\Revize - naskenované
2014-08-23 09:27 - 2013-08-13 17:50 - 00000000 ___RD () C:\Users\Kereši\Desktop\Revize email
2014-08-21 05:56 - 2012-06-22 11:49 - 00000000 ____D () C:\Program Files\SamsungPrinterLiveUpdate
2014-08-19 20:50 - 2014-08-19 17:07 - 00000000 ____D () C:\ProgramData\AVG2014
2014-08-19 20:50 - 2014-08-19 06:23 - 00000000 ____D () C:\Users\Kereši\AppData\Roaming\Uhhoev
2014-08-19 20:50 - 2014-08-19 06:22 - 00000000 ____D () C:\Users\Kereši\AppData\Roaming\Ulco
2014-08-19 20:50 - 2014-06-23 18:19 - 00000000 ____D () C:\Users\Kereši\AppData\Roaming\AdobeChk
2014-08-19 20:50 - 2014-04-15 10:25 - 00000000 ____D () C:\Users\Kereši\AppData\Roaming\WinRAR
2014-08-19 18:02 - 2012-08-30 16:53 - 00000000 ____D () C:\Program Files\Google
2014-08-19 17:58 - 2014-08-19 17:58 - 00000632 _____ () C:\Users\Kereši\Desktop\Total Commander.lnk
2014-08-19 17:58 - 2014-08-19 17:57 - 00000000 ____D () C:\totalcmd
2014-08-19 17:57 - 2014-08-19 17:57 - 03722264 _____ (Ghisler Software GmbH) C:\Users\Kereši\Downloads\tcm851x32.exe
2014-08-19 17:57 - 2014-08-19 17:57 - 00000000 ____D () C:\Users\Kereši\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2014-08-19 17:57 - 2014-08-19 17:57 - 00000000 ____D () C:\Users\Kereši\AppData\Roaming\GHISLER
2014-08-19 17:34 - 2014-08-19 17:34 - 03433008 _____ (AVG Technologies CZ) C:\Users\Kereši\Downloads\jlpostldpttjcumfol.exe
2014-08-19 17:34 - 2014-08-19 17:33 - 03433008 _____ (AVG Technologies CZ) C:\Users\Kereši\Downloads\avg_remover_expiro.exe
2014-08-19 17:19 - 2014-08-19 17:04 - 00000000 ____D () C:\Users\Kereši\AppData\Local\Avg2014
2014-08-19 17:10 - 2014-08-19 17:10 - 00000000 ____D () C:\Users\Kereši\AppData\Roaming\AVG2014
2014-08-19 17:09 - 2014-08-19 17:09 - 00000000 ____D () C:\Users\Kereši\AppData\Roaming\TuneUp Software
2014-08-19 17:07 - 2014-08-19 17:07 - 00000000 ___HD () C:\$AVG
2014-08-19 17:06 - 2014-08-19 17:06 - 00000000 ____D () C:\Program Files\AVG
2014-08-19 17:04 - 2014-08-19 17:04 - 00000000 ____D () C:\Users\Kereši\AppData\Local\MFAData
2014-08-19 17:03 - 2014-08-19 16:58 - 155862088 _____ (AVG Technologies) C:\Users\Kereši\Downloads\avg_free_x86_all_2014_4716a7754.exe
2014-08-19 16:47 - 2014-08-19 16:47 - 00037558 _____ () C:\Users\Kereši\Documents\cc_20140819_164655.reg
2014-08-19 16:45 - 2012-06-19 12:39 - 00000000 ____D () C:\Windows\Panther
2014-08-19 16:39 - 2012-06-19 15:24 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-08-19 16:37 - 2012-08-30 16:53 - 00000000 ____D () C:\Users\Kereši\AppData\Local\Google
2014-08-19 06:33 - 2014-04-15 10:25 - 00000000 ____D () C:\Program Files\WinRAR
2014-08-19 06:27 - 2014-08-19 06:22 - 00000000 ____D () C:\Users\Kereši\AppData\Roaming\Emata
2014-08-19 06:23 - 2014-08-19 06:23 - 00000000 ____D () C:\Users\Kereši\AppData\Roaming\Fiwayb
2014-08-19 06:22 - 2012-06-19 11:57 - 00000000 ____D () C:\Users\Kereši

Files to move or delete:
====================
C:\ProgramData\0wlfr329.bxx
C:\ProgramData\0wlfr329.fvv
C:\ProgramData\2zjodbrjj6.bxx
C:\ProgramData\2zjodbrjj6.fvv
C:\ProgramData\dmqwv3j6.bxx
C:\ProgramData\dmqwv3j6.fvv
C:\ProgramData\frb38zafr.bxx
C:\ProgramData\frb38zafr.fvv


Some content of TEMP:
====================
C:\Users\Kereši\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Kere�i\Desktop" je 15333 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Kere�i^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^dmqwv3j6.lnk
C:\Windows\System32\rundll32.exe C:\PROGRA~2\6j3vwqmd.dss,FFZ0 [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================
Přílohy
Addition.rar
(5.52 KiB) Staženo 70 x
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Kontrola pc

#5 Příspěvek od motji »

Zdravím :) ,
je problém ještě aktuální?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
Odpovědět

Zpět na „Preventivní kontroly logů“