Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-11-2014
Ran by Home_PC (administrator) on GAME-PC on 03-11-2014 19:37:17
Running from C:\Users\Home_PC\Desktop
Loaded Profiles: Home_PC & All (Available profiles: Home_PC & All)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel Desktop Utilities\iduServ.exe
(Intel Corporation) C:\Program Files (x86)\Intel\FSC\FSCAppServ.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(http://lucky-tab.com/) C:\Program Files (x86)\LuckyTab\LuckyTab.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2RPK.EXE
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNACBSWK.EXE
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
() C:\Users\Home_PC\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Home_PC\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel Desktop Utilities\iptray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2RPK.EXE
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNACBSWK.EXE
() C:\Users\All\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
() C:\Users\All\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel Desktop Utilities\iptray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\consent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\Home_PC\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [CNAP2 Launcher] => C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [226784 2010-10-14] (CANON INC.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [ipTray.exe] => C:\Program Files (x86)\Intel\Intel Desktop Utilities\ipTray.exe [1632456 2011-11-10] (Intel(R) Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1061960 2013-03-21] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-07] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-765561512-130652983-1916819721-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3481408 2012-02-13] (DT Soft Ltd)
HKU\S-1-5-21-765561512-130652983-1916819721-1000\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [1938112 2014-09-23] (Valve Corporation)
HKU\S-1-5-21-765561512-130652983-1916819721-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Home_PC\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-765561512-130652983-1916819721-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Home_PC\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-765561512-130652983-1916819721-1000\...\Run: [Pokki] => C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
HKU\S-1-5-21-765561512-130652983-1916819721-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-07] (Samsung)
HKU\S-1-5-21-765561512-130652983-1916819721-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3481408 2012-02-13] (DT Soft Ltd)
HKU\S-1-5-21-765561512-130652983-1916819721-1002\...\Run: [cz.seznam.software.szndesktop] => C:\Users\All\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-765561512-130652983-1916819721-1002\...\Run: [cz.seznam.software.autoupdate] => C:\Users\All\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-765561512-130652983-1916819721-1002\...\Run: [Clownfish] => C:\Users\All\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-765561512-130652983-1916819721-1002\...\Run: [Skype] => C:\Users\All\Desktop\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-765561512-130652983-1916819721-1002\...\MountPoints2: J - J:\Setup.exe
Startup: C:\Users\Home_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler.exe ()
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-765561512-130652983-1916819721-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {0B76631B-65DE-4001-8522-FD0BFD98CEB6} URL = http://www.novinky.cz/hledej?w={searchT ... arch_12454
SearchScopes: HKCU - {245388E3-CBA9-42EF-8189-C4EAC4A8E535} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKCU - {4D76A73F-6822-43D9-B461-A10E3BF8587B} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_12454
SearchScopes: HKCU - {57311830-C3D9-4AC7-931A-3AAB685B4874} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
SearchScopes: HKCU - {7D7B63EA-BCE9-4931-A81C-812117D69BE4} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKCU - {863F9688-4707-4F28-8F4F-A4AA12BF8EB5} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454
SearchScopes: HKCU - {88249AB9-9129-4AD5-93AC-7F8B889E2B9F} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
SearchScopes: HKCU - {C777CC1F-C2AE-4987-99B9-F11A30F764DA} URL = http://encyklopedie.seznam.cz/search?q= ... arch_12454
SearchScopes: HKCU - {D161C07C-0991-4F4E-BD98-E749442BBF1E} URL = http://www.mapy.cz/?query={searchTerms} ... arch_12454
SearchScopes: HKCU - {E3C9BE4C-D394-4BC1-910C-92580DB819D1} URL = http://search.seznam.cz/?q={searchTerms ... arch_12454
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: No Name -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Home_PC\AppData\Roaming\Mozilla\Firefox\Profiles\ev4pn85p.default
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppluginrichmediaplayer.dll ()
FF SearchPlugin: C:\Users\Home_PC\AppData\Roaming\Mozilla\Firefox\Profiles\ev4pn85p.default\searchplugins\ask-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Adblock Plus - C:\Users\Home_PC\AppData\Roaming\Mozilla\Firefox\Profiles\ev4pn85p.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-31]
FF Extension: BitAccelerator - C:\Program Files (x86)\Mozilla Firefox\extensions\{5ddeb737-082c-48fb-8c06-aa4b38d61e5f} [2014-09-21]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-09-21]
Chrome:
=======
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [484592 2013-09-27] (BitRaider, LLC)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 IduService; C:\Program Files (x86)\Intel\Intel Desktop Utilities\iduServ.exe [124616 2011-11-10] (Intel(R) Corporation)
R2 Intel(R) Desktop Boards FSC Application Service; C:\Program Files (x86)\Intel\FSC\FSCAppServ.exe [61440 2011-11-10] (Intel Corporation) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2014-08-26] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [107832 2014-08-26] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2013-09-27] (BitRaider)
R3 cpuio; C:\Windows\SysWOW64\Drivers\cpuiox64.sys [15384 2012-02-28] (Intel Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-03-12] (DT Soft Ltd)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-11-03] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R1 SbFw; C:\Windows\System32\drivers\SbFw.sys [253528 2011-04-05] (Sunbelt Software, Inc.)
S3 SBFWIMCL; C:\Windows\System32\DRIVERS\sbfwim.sys [84568 2011-02-08] (Sunbelt Software, Inc.)
R3 SBFWIMCLMP; C:\Windows\System32\DRIVERS\SBFWIM.sys [84568 2011-02-08] (Sunbelt Software, Inc.)
S3 sbhips; C:\Windows\System32\drivers\sbhips.sys [60504 2011-04-05] (Sunbelt Software, Inc.)
R1 SbTis; C:\Windows\System32\drivers\sbtis.sys [94296 2011-04-05] (Sunbelt Software, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-09-04] (Duplex Secure Ltd.)
U3 ap4pukzt; C:\Windows\System32\Drivers\ap4pukzt.sys [0 ] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-03 19:37 - 2014-11-03 19:37 - 00019991 _____ () C:\Users\Home_PC\Desktop\FRST.txt
2014-11-03 19:36 - 2014-11-03 19:36 - 00000000 ____D () C:\Users\Home_PC\Desktop\FRST-OlderVersion
2014-11-02 16:10 - 2014-11-03 06:22 - 00000000 ____D () C:\Users\Home_PC\Desktop\MO 2014
2014-10-29 21:04 - 2014-10-29 21:04 - 00000000 ____D () C:\Users\Home_PC\Documents\VideoPad Projects
2014-10-29 20:49 - 2014-10-29 21:04 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\NCH Software
2014-10-29 20:49 - 2014-10-29 20:51 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2014-10-29 20:49 - 2014-10-29 20:49 - 00001295 _____ () C:\Users\Public\Desktop\NCH Suite.lnk
2014-10-29 20:49 - 2014-10-29 20:49 - 00001155 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad Video Editor.lnk
2014-10-29 20:49 - 2014-10-29 20:49 - 00001143 _____ () C:\Users\Public\Desktop\VideoPad Video Editor.lnk
2014-10-29 20:49 - 2014-10-29 20:49 - 00000000 ____D () C:\ProgramData\NCH Software
2014-10-29 20:49 - 2014-10-29 20:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
2014-10-29 20:49 - 2014-10-29 20:49 - 00000000 ____D () C:\Program Files (x86)\NCH Software
2014-10-29 20:47 - 2014-10-29 20:47 - 04830264 _____ (NCH Software) C:\Users\Home_PC\Downloads\vpsetup.exe
2014-10-29 18:20 - 2014-10-29 18:20 - 00000000 ____D () C:\Users\Home_PC\Desktop\VirtualDub-1.10.4
2014-10-29 10:42 - 2014-10-29 10:42 - 00000000 ____D () C:\Users\Home_PC\Documents\Telltale Games
2014-10-29 10:41 - 2014-10-29 10:41 - 00000000 ____D () C:\Users\All\Documents\Telltale Games
2014-10-28 21:44 - 2014-10-28 21:44 - 00000000 ____D () C:\Users\Home_PC\Desktop\pok_data
2014-10-28 21:31 - 2014-10-28 21:31 - 00000716 _____ () C:\Users\Home_PC\Desktop\Audacity.lnk
2014-10-28 21:31 - 2014-10-28 21:31 - 00000716 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-10-28 21:30 - 2014-10-28 21:30 - 00000000 __SHD () C:\Users\Home_PC\AppData\Local\EmieUserList
2014-10-28 21:30 - 2014-10-28 21:30 - 00000000 __SHD () C:\Users\Home_PC\AppData\Local\EmieSiteList
2014-10-28 21:15 - 2014-10-28 21:30 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-10-28 21:15 - 2014-10-28 21:15 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\Opera Software
2014-10-28 21:15 - 2014-10-28 21:15 - 00000000 ____D () C:\Users\Home_PC\AppData\Local\Opera Software
2014-10-28 21:14 - 2014-10-28 21:14 - 00000931 _____ () C:\Users\Home_PC\Desktop\MediaHuman YouTube to MP3 Converter.lnk
2014-10-28 21:14 - 2014-10-28 21:14 - 00000214 _____ () C:\Users\Home_PC\Desktop\Visit MediaHuman Website.url
2014-10-28 21:14 - 2014-10-28 21:14 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\OpenCandy
2014-10-28 21:14 - 2014-10-28 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaHuman
2014-10-28 21:13 - 2014-10-28 21:13 - 16762208 _____ ( ) C:\Users\Home_PC\Desktop\YouTubeToMP3.exe
2014-10-28 21:09 - 2014-10-28 21:10 - 31386424 _____ (DVDVideoSoft Ltd. ) C:\Users\Home_PC\Desktop\FreeYouTubeToMP3Converter.exe
2014-10-28 20:35 - 2014-10-28 20:49 - 00000000 ____D () C:\Users\Home_PC\AppData\Local\Ashampoo Movie Studio
2014-10-28 20:32 - 2014-10-28 20:32 - 00001232 _____ () C:\Users\Public\Desktop\CleverReach.com.lnk
2014-10-28 20:32 - 2014-10-28 20:32 - 00000903 _____ () C:\Users\Public\Desktop\Ashampoo Movie Studio.lnk
2014-10-28 20:32 - 2014-10-28 20:32 - 00000213 _____ () C:\Users\Public\Desktop\Your Software Deals.url
2014-10-28 20:32 - 2014-10-28 20:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2014-10-28 20:22 - 2014-10-28 20:25 - 174698672 _____ (Ashampoo GmbH & Co. KG ) C:\Users\Home_PC\Desktop\ashampoo_movie_studio_e1.0.17_sm.exe
2014-10-28 20:12 - 2014-10-29 18:14 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\avidemux
2014-10-28 18:59 - 2014-10-28 18:59 - 00000738 _____ () C:\Users\Public\Desktop\Avidemux 2.6 (32-bit).lnk
2014-10-28 18:59 - 2014-10-28 18:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux
2014-10-28 18:48 - 2014-10-28 18:49 - 24960294 _____ () C:\Users\Home_PC\Desktop\Avidemux-setup.exe
2014-10-28 13:18 - 2014-10-28 13:18 - 00000000 ____D () C:\Users\Home_PC\Documents\Electronic Arts
2014-10-28 13:13 - 2014-10-19 15:54 - 00447752 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
2014-10-28 13:12 - 2014-10-28 13:13 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-28 13:12 - 2014-10-28 13:12 - 00000876 _____ () C:\Users\Public\Desktop\The Sims 4.lnk
2014-10-28 13:12 - 2014-10-28 13:12 - 00000876 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4.lnk
2014-10-28 12:56 - 2014-10-28 10:03 - 00000956 _____ () C:\Users\Home_PC\Desktop\DVD + divX seznam pravděpodobně kompletní vč orig 2010-08-30 pracovní úprava - final.lnk
2014-10-28 12:56 - 2005-10-26 09:26 - 00048640 _____ () C:\Users\Home_PC\Desktop\DVD seznam pravdipodobni kompletní 25-10-2005.xls
2014-10-28 12:56 - 2005-10-26 09:26 - 00045568 _____ () C:\Users\Home_PC\Desktop\DVD seznam pravdipodobni kompletní 25-10-2005 k tisku.xls
2014-10-28 09:07 - 2014-10-28 09:08 - 00000000 ____D () C:\Users\Home_PC\Desktop\Violby, zastupitelstvo
2014-10-25 07:32 - 2014-10-25 07:32 - 00000917 _____ () C:\Users\Public\Desktop\Quake II (Berserker@Quake2).lnk
2014-10-25 07:32 - 2014-10-25 07:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quake II (Berserker@Quake2)
2014-10-20 20:16 - 2014-10-20 20:16 - 00007908 _____ () C:\Users\Home_PC\Desktop\cc_20141020_211655.reg
2014-10-20 18:33 - 2014-10-20 18:33 - 00000000 ____D () C:\Games
2014-10-20 17:22 - 2014-10-20 19:06 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\337Games
2014-10-20 17:21 - 2014-10-20 17:21 - 00003402 _____ () C:\Windows\System32\Tasks\LuckyTab
2014-10-20 17:21 - 2014-10-20 17:21 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\Microsoft\Windows\Start Menu\LuckyTab
2014-10-20 17:21 - 2014-10-20 17:21 - 00000000 ____D () C:\Program Files (x86)\LuckyTab
2014-10-19 18:52 - 2014-10-19 18:52 - 00004647 _____ () C:\Users\Home_PC\Downloads\CENEK_PAVEL_ING(1).p12
2014-10-19 10:09 - 2014-10-19 10:09 - 00001000 _____ () C:\Users\Home_PC\Desktop\nw – zástupce.lnk
2014-10-18 19:36 - 2014-10-18 19:36 - 00025038 _____ () C:\Users\All\Desktop\hs_err_pid3636.log
2014-10-18 15:52 - 2014-10-18 15:52 - 00025240 _____ () C:\Users\All\Desktop\hs_err_pid7200.log
2014-10-18 13:39 - 2014-10-18 13:39 - 00001018 _____ () C:\Users\All\Desktop\nw – zástupce.lnk
2014-10-18 13:24 - 2014-10-18 13:24 - 00025186 _____ () C:\Users\All\Desktop\hs_err_pid5136.log
2014-10-18 11:03 - 2014-10-18 11:03 - 00025501 _____ () C:\Users\All\Desktop\hs_err_pid7936.log
2014-10-13 15:09 - 2014-10-13 15:18 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\Magic Set Editor
2014-10-08 20:16 - 2014-10-08 20:16 - 00000000 ____D () C:\Users\Home_PC\Documents\MKGame
2014-10-08 17:58 - 2014-10-08 18:01 - 00000000 ____D () C:\Users\Home_PC\Documents\MK-LOL
2014-10-08 17:58 - 2014-10-08 17:58 - 00000058 _____ () C:\Windows\JQHApp.dat
2014-10-08 17:58 - 2014-10-08 17:58 - 00000000 ____D () C:\Users\Home_PC\Documents\MKJogo
2014-10-08 17:57 - 2014-10-08 19:42 - 00000899 _____ () C:\Users\Home_PC\Desktop\MK LOL.lnk
2014-10-08 17:57 - 2014-10-08 17:57 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MKJogo
2014-10-08 17:56 - 2014-10-30 20:44 - 00000000 ____D () C:\Users\All\Desktop\LoLSkins
2014-10-08 12:51 - 2014-10-08 12:51 - 00000000 ____D () C:\Users\All\AppData\Local\EdgeOfReality
2014-10-07 19:33 - 2014-10-12 16:28 - 00106978 _____ () C:\Users\All\Downloads\Untitled.mse-set
2014-10-07 19:33 - 2014-10-07 19:50 - 00111987 _____ () C:\Users\All\Downloads\Untitled.mse-set.bak
2014-10-04 09:48 - 2014-10-04 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-10-04 07:30 - 2014-10-04 07:38 - 53580025 _____ () C:\Users\Home_PC\Downloads\FFSetup3.3.5.0.zip
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-03 19:37 - 2014-03-20 19:43 - 00000000 ____D () C:\FRST
2014-11-03 19:36 - 2014-03-20 20:54 - 02114560 _____ (Farbar) C:\Users\Home_PC\Desktop\FRST64.exe
2014-11-03 19:36 - 2014-03-20 12:45 - 00000000 ____D () C:\Users\Home_PC\Desktop\antiviry
2014-11-03 19:18 - 2013-05-27 05:59 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-03 19:14 - 2009-07-14 05:45 - 00024720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-03 19:14 - 2009-07-14 05:45 - 00024720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-03 19:13 - 2013-05-04 14:12 - 00000000 ____D () C:\Users\All\AppData\Roaming\Seznam.cz
2014-11-03 19:13 - 2011-04-12 09:34 - 00689920 _____ () C:\Windows\system32\perfh005.dat
2014-11-03 19:13 - 2011-04-12 09:34 - 00150656 _____ () C:\Windows\system32\perfc005.dat
2014-11-03 19:13 - 2009-07-14 06:13 - 01637298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-03 19:12 - 2013-05-04 13:12 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\Seznam.cz
2014-11-03 19:10 - 2012-02-28 23:08 - 01340873 _____ () C:\Windows\WindowsUpdate.log
2014-11-03 19:08 - 2014-03-26 22:36 - 00000448 ____H () C:\Windows\Tasks\SW.Booster-S-1935984173.job
2014-11-03 19:08 - 2012-06-30 17:56 - 00000000 ____D () C:\Users\All\AppData\Roaming\Skype
2014-11-03 19:07 - 2014-07-08 05:14 - 00040421 _____ () C:\Windows\setupact.log
2014-11-03 19:07 - 2012-02-29 00:37 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-03 19:07 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-03 18:34 - 2012-02-28 22:17 - 00003974 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{688A73AE-B742-4599-AB00-4D8F743FCC7C}
2014-11-03 18:31 - 2014-08-10 06:10 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-02 18:42 - 2013-05-08 17:48 - 00000000 ____D () C:\Users\All\AppData\Roaming\.minecraft
2014-10-30 12:25 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-29 18:05 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-10-29 17:59 - 2014-07-14 08:34 - 00093107 _____ () C:\Windows\DirectX.log
2014-10-29 17:59 - 2013-02-01 07:52 - 00000000 ____D () C:\Users\Home_PC\AppData\Local\Windows Live
2014-10-29 17:49 - 2013-06-17 12:36 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\Audacity
2014-10-29 17:49 - 2012-04-06 13:03 - 00000000 ____D () C:\Users\Home_PC\AppData\Local\Google
2014-10-29 17:49 - 2012-04-06 13:03 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-28 20:32 - 2012-07-04 19:25 - 00000000 ____D () C:\ProgramData\ashampoo
2014-10-28 16:26 - 2013-08-29 10:43 - 00000000 ____D () C:\Users\All\Documents\Electronic Arts
2014-10-28 13:13 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-28 09:09 - 2014-05-04 08:20 - 00000000 ____D () C:\Users\Home_PC\Desktop\Nová složka (2)
2014-10-28 09:07 - 2014-10-02 18:46 - 00000000 ____D () C:\Users\Home_PC\Desktop\ZSM
2014-10-28 09:06 - 2014-10-02 18:47 - 00000000 ____D () C:\Users\Home_PC\Desktop\Chlapi a spol
2014-10-28 09:06 - 2014-08-09 17:39 - 00000000 ____D () C:\Users\Home_PC\Desktop\fun foto
2014-10-28 09:05 - 2014-10-02 18:49 - 00000000 ____D () C:\Users\Home_PC\Desktop\Tábory Štěpán
2014-10-28 09:01 - 2014-10-02 18:56 - 00000000 ____D () C:\Users\Home_PC\Desktop\Pozvánky narozeniny
2014-10-28 08:54 - 2014-03-20 20:54 - 00000000 ____D () C:\Users\Home_PC\Desktop\sh
2014-10-28 08:54 - 2014-03-20 20:53 - 00000000 ____D () C:\Users\Home_PC\Desktop\2014_01_04
2014-10-28 08:53 - 2014-03-20 20:53 - 00000000 ____D () C:\Users\Home_PC\Desktop\Povodí 10.2013 k prověření
2014-10-28 08:53 - 2014-03-20 20:53 - 00000000 ____D () C:\Users\Home_PC\Desktop\OOP 15.02.2014
2014-10-28 08:53 - 2014-03-20 20:53 - 00000000 ____D () C:\Users\Home_PC\Desktop\files
2014-10-27 06:24 - 2014-07-15 04:41 - 00082794 _____ () C:\Windows\PFRO.log
2014-10-26 11:26 - 2012-04-06 12:47 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2014-10-26 07:42 - 2012-09-22 06:03 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\uTorrent
2014-10-24 22:46 - 2012-08-27 08:36 - 00000000 ____D () C:\Users\All\AppData\Roaming\TS3Client
2014-10-23 05:33 - 2014-06-29 12:30 - 00000000 ____D () C:\Users\All\AppData\Local\Game Dev Tycoon - Steam
2014-10-22 18:10 - 2014-05-08 19:00 - 00000000 ____D () C:\Users\Home_PC\Desktop\JDownloader
2014-10-20 21:01 - 2014-07-11 14:54 - 00000000 ____D () C:\Users\Home_PC\AppData\Local\Game Dev Tycoon - Steam
2014-10-20 20:17 - 2012-03-11 23:06 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-10-20 19:06 - 2014-03-20 05:14 - 00001168 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-10-20 19:06 - 2014-03-20 05:14 - 00001156 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-10-20 19:06 - 2012-02-28 23:08 - 00001402 _____ () C:\Users\Home_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-18 10:50 - 2013-10-05 16:30 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\.minecraft
2014-10-18 09:50 - 2012-03-11 10:10 - 00000000 ____D () C:\Users\All\Documents\My Games
2014-10-18 09:13 - 2012-03-16 20:11 - 00016896 _____ () C:\Users\All\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-14 19:14 - 2013-12-12 15:31 - 00012440 _____ () C:\Users\All\Desktop\Nový List aplikace Microsoft Office Excel.xlsx
2014-10-10 03:58 - 2009-07-14 06:08 - 00032638 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-09 20:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Web
2014-10-04 09:48 - 2013-01-30 17:39 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-04 09:48 - 2012-06-30 17:24 - 00000000 ____D () C:\ProgramData\Skype
2014-10-04 07:29 - 2013-10-20 08:46 - 00000000 ____D () C:\Users\Home_PC\Desktop\Příručky, manuály
Files to move or delete:
====================
C:\Users\Home_PC\AppData\Roaming\Origin\update.vbe
Some content of TEMP:
====================
C:\Users\Home_PC\AppData\Local\Temp\aacdec.exe
C:\Users\Home_PC\AppData\Local\Temp\MovieStudio.exe
C:\Users\Home_PC\AppData\Local\Temp\YourFileDownloader8DpKlXz8Mt.exe
C:\Users\Home_PC\AppData\Local\Temp\YourFileDownloaderj5iThuTCJt.exe
C:\Users\Home_PC\AppData\Local\Temp\YourFileDownloadertr7BCKINsz.exe
C:\Users\Home_PC\AppData\Local\Temp\YourFileDownloaderXMrMW9JJ1o.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-26 13:01
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (System W7) (Fixed) (Total:83.75 GB) (Free:7.5 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.51 GB) (Free:38.89 GB) NTFS
Drive m: () (Fixed) (Total:931.5 GB) (Free:8.67 GB) NTFS
Available physical RAM: 6159.17 MB
Total physical RAM: 8169.33 MB
Percentage of memory in use: 24%
==================== MBR and Partition Table ==================
Disk: 2 (Size: 931.5 GB) (Disk ID: 3A9E720B)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\SW.Booster-S-1935984173.job => c:\programdata\puresafe\sw.booster\SW.Booster.exe <==== ATTENTION
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Home_PC\Desktop" je 2577 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Home_PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenBitCoin.exe.lnk
C:\PROGRA~2\OPENBI~1\daemon.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Home_PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Registration Heroes of Might & Magic 5.LNK
C:\Program Files (x86)\Ubisoft\Heroes of Might and Magic V Collector Edition\registration\RegistrationReminder.exe [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDFSSvc.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdate.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o preventivku
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o preventivku
Zdravim 
odinstalujte
Take velikost plochy by nemela presahovat 200 MB, protoze se pak znacne prodluzuje start PC. Snizte tedy v ramci moznosti jeji velikost.
v nedavne dobe jste si do PC natahal nekolik tzv. adwaru, takze pri instalaci cehokoliv doporucuji cist, jakemu dalsimu softwaru davate souhlas k instalaci - neklikejte zbesile na Next, Next, Next 
V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).
Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
odinstalujte - Spybot - Search & Destroy 2 - antispywarovou ochranu Vam jiz zajistuje MSE
- Seznam Software - pokud jej nepouzivate
- Skype Click to Call - pokud jej nepouzivate
Take velikost plochy by nemela presahovat 200 MB, protoze se pak znacne prodluzuje start PC. Snizte tedy v ramci moznosti jeji velikost. v nedavne dobe jste si do PC natahal nekolik tzv. adwaru, takze pri instalaci cehokoliv doporucuji cist, jakemu dalsimu softwaru davate souhlas k instalaci - neklikejte zbesile na Next, Next, Next V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose). Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
- ukoncete vsechny programy
- kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
- kliknete na Scan, pote na Clean
- po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o preventivku
Děkuji moc, provedeno
jde o domácí společné PC..... nedají si říct a klikají a klikají...
ještě jednou díky
# AdwCleaner v3.311 - Report created 04/11/2014 at 18:03:49
# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Home_PC - GAME-PC
# Running from : C:\Users\Home_PC\Desktop\adwcleaner_3.311.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\NCH Software
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\NCH Software
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\All\AppData\Local\torch
Folder Deleted : C:\Users\All\AppData\Local\WinRST
Folder Deleted : C:\Users\All\AppData\Roaming\Solvusoft
Folder Deleted : C:\Users\ASPNET\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\Home_PC\AppData\Local\DirectDownloader
Folder Deleted : C:\Users\Home_PC\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Home_PC\AppData\Local\Pokki
Folder Deleted : C:\Users\Home_PC\AppData\Local\torch
Folder Deleted : C:\Users\Home_PC\AppData\Local\Temp\apn
Folder Deleted : C:\Users\Home_PC\AppData\Roaming\337Games
Folder Deleted : C:\Users\Home_PC\AppData\Roaming\NCH Software
Folder Deleted : C:\Users\Home_PC\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Home_PC\AppData\Roaming\Solvusoft
Folder Deleted : C:\Users\Home_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgdnblnolcinnndenjnollpiplgkbjcn
Folder Deleted : C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgdnblnolcinnndenjnollpiplgkbjcn
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgdnblnolcinnndenjnollpiplgkbjcn
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgdnblnolcinnndenjnollpiplgkbjcn
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Home_PC\AppData\Roaming\Mozilla\Firefox\Profiles\ev4pn85p.default\invalidprefs.js
File Deleted : C:\Users\All\AppData\Roaming\Mozilla\Firefox\Profiles\ao2rmjeb.default\searchplugins\ask-search.xml
File Deleted : C:\Users\Home_PC\AppData\Roaming\Mozilla\Firefox\Profiles\ev4pn85p.default\searchplugins\ask-search.xml
File Deleted : C:\Users\Home_PC\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js
***** [ Scheduled Tasks ] *****
Task Deleted : YourFile Update
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASMANCS
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\Pokki
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\SOFTWARE\Myfree Codec
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17126
-\\ Mozilla Firefox v32.0.3 (x86 cs)
[ File : C:\Users\All\AppData\Roaming\Mozilla\Firefox\Profiles\ao2rmjeb.default\prefs.js ]
Line Deleted : user_pref("extensions.DxKc.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"sumoro[...]
Line Deleted : user_pref("extensions.hDjO1.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"sumor[...]
[ File : C:\Users\Home_PC\AppData\Roaming\Mozilla\Firefox\Profiles\ev4pn85p.default\prefs.js ]
Line Deleted : user_pref("extensions.4wK.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"sumorob[...]
Line Deleted : user_pref("extensions.NzJ7TVAKvSb.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\[...]
Line Deleted : user_pref("extensions.TOo4XBBX4Q.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"[...]
Line Deleted : user_pref("extensions.Vi3saw2ceJT.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\[...]
Line Deleted : user_pref("extensions.icEF8pqvp.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"s[...]
Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
Line Deleted : user_pref("extensions.xBW.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"sumorob[...]
[ File : C:\Users\Home_PC\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js ]
*************************
AdwCleaner[R0].txt - [21277 octets] - [19/03/2014 21:49:07]
AdwCleaner[R1].txt - [4521 octets] - [20/03/2014 18:25:26]
AdwCleaner[R2].txt - [9598 octets] - [04/11/2014 18:02:06]
AdwCleaner[S0].txt - [21667 octets] - [19/03/2014 21:50:09]
AdwCleaner[S1].txt - [4651 octets] - [20/03/2014 18:26:14]
AdwCleaner[S2].txt - [9381 octets] - [04/11/2014 18:03:49]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [9441 octets] ##########
jde o domácí společné PC..... nedají si říct a klikají a klikají...
ještě jednou díky
# AdwCleaner v3.311 - Report created 04/11/2014 at 18:03:49
# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Home_PC - GAME-PC
# Running from : C:\Users\Home_PC\Desktop\adwcleaner_3.311.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\NCH Software
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\NCH Software
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\All\AppData\Local\torch
Folder Deleted : C:\Users\All\AppData\Local\WinRST
Folder Deleted : C:\Users\All\AppData\Roaming\Solvusoft
Folder Deleted : C:\Users\ASPNET\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\Home_PC\AppData\Local\DirectDownloader
Folder Deleted : C:\Users\Home_PC\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Home_PC\AppData\Local\Pokki
Folder Deleted : C:\Users\Home_PC\AppData\Local\torch
Folder Deleted : C:\Users\Home_PC\AppData\Local\Temp\apn
Folder Deleted : C:\Users\Home_PC\AppData\Roaming\337Games
Folder Deleted : C:\Users\Home_PC\AppData\Roaming\NCH Software
Folder Deleted : C:\Users\Home_PC\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Home_PC\AppData\Roaming\Solvusoft
Folder Deleted : C:\Users\Home_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgdnblnolcinnndenjnollpiplgkbjcn
Folder Deleted : C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgdnblnolcinnndenjnollpiplgkbjcn
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgdnblnolcinnndenjnollpiplgkbjcn
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgdnblnolcinnndenjnollpiplgkbjcn
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Home_PC\AppData\Roaming\Mozilla\Firefox\Profiles\ev4pn85p.default\invalidprefs.js
File Deleted : C:\Users\All\AppData\Roaming\Mozilla\Firefox\Profiles\ao2rmjeb.default\searchplugins\ask-search.xml
File Deleted : C:\Users\Home_PC\AppData\Roaming\Mozilla\Firefox\Profiles\ev4pn85p.default\searchplugins\ask-search.xml
File Deleted : C:\Users\Home_PC\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js
***** [ Scheduled Tasks ] *****
Task Deleted : YourFile Update
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASMANCS
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\Pokki
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\SOFTWARE\Myfree Codec
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17126
-\\ Mozilla Firefox v32.0.3 (x86 cs)
[ File : C:\Users\All\AppData\Roaming\Mozilla\Firefox\Profiles\ao2rmjeb.default\prefs.js ]
Line Deleted : user_pref("extensions.DxKc.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"sumoro[...]
Line Deleted : user_pref("extensions.hDjO1.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"sumor[...]
[ File : C:\Users\Home_PC\AppData\Roaming\Mozilla\Firefox\Profiles\ev4pn85p.default\prefs.js ]
Line Deleted : user_pref("extensions.4wK.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"sumorob[...]
Line Deleted : user_pref("extensions.NzJ7TVAKvSb.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\[...]
Line Deleted : user_pref("extensions.TOo4XBBX4Q.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"[...]
Line Deleted : user_pref("extensions.Vi3saw2ceJT.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\[...]
Line Deleted : user_pref("extensions.icEF8pqvp.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"s[...]
Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
Line Deleted : user_pref("extensions.xBW.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"sumorob[...]
[ File : C:\Users\Home_PC\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js ]
*************************
AdwCleaner[R0].txt - [21277 octets] - [19/03/2014 21:49:07]
AdwCleaner[R1].txt - [4521 octets] - [20/03/2014 18:25:26]
AdwCleaner[R2].txt - [9598 octets] - [04/11/2014 18:02:06]
AdwCleaner[S0].txt - [21667 octets] - [19/03/2014 21:50:09]
AdwCleaner[S1].txt - [4651 octets] - [20/03/2014 18:26:14]
AdwCleaner[S2].txt - [9381 octets] - [04/11/2014 18:03:49]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [9441 octets] ##########
Re: Prosím o preventivku
Nainstalujte MBAM a provedte vlastni kontrolu (celeho disku) presne podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o preventivku
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 4.11.2014
Čas skenování: 20:07:10
Protokol: Malwarebytes log 4.11.2014.txt
Správce: Ne
Verze: 2.00.3.1025
Databáze malwaru: v2014.11.04.06
Databáze rootkitů: v2014.11.01.02
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Sebeobrany: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Home_PC
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 648327
Uplynulý čas: 28 min, 22 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Žádné zákerné zjištěny položek)
Moduly: 0
(Žádné zákerné zjištěny položek)
Klíče registru: 0
(Žádné zákerné zjištěny položek)
Hodnoty registru: 0
(Žádné zákerné zjištěny položek)
Data registru: 0
(Žádné zákerné zjištěny položek)
Složky: 0
(Žádné zákerné zjištěny položek)
Soubory: 1
BitcoinMiner, C:\Windows\inf\msbxfebn\msbxfebn.exe, , [edd9b3842359c76fe5c2e03408f9ca36],
Fyzické sektory: 0
(Žádné zákerné zjištěny položek)
(end)
www.malwarebytes.org
Datum skenování: 4.11.2014
Čas skenování: 20:07:10
Protokol: Malwarebytes log 4.11.2014.txt
Správce: Ne
Verze: 2.00.3.1025
Databáze malwaru: v2014.11.04.06
Databáze rootkitů: v2014.11.01.02
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Sebeobrany: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Home_PC
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 648327
Uplynulý čas: 28 min, 22 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Žádné zákerné zjištěny položek)
Moduly: 0
(Žádné zákerné zjištěny položek)
Klíče registru: 0
(Žádné zákerné zjištěny položek)
Hodnoty registru: 0
(Žádné zákerné zjištěny položek)
Data registru: 0
(Žádné zákerné zjištěny položek)
Složky: 0
(Žádné zákerné zjištěny položek)
Soubory: 1
BitcoinMiner, C:\Windows\inf\msbxfebn\msbxfebn.exe, , [edd9b3842359c76fe5c2e03408f9ca36],
Fyzické sektory: 0
(Žádné zákerné zjištěny položek)
(end)
Re: Prosím o preventivku
Nalez smazte/presunte do karanteny. Pak dejte novy log FRST, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o preventivku
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-11-2014
Ran by Home_PC (administrator) on GAME-PC on 04-11-2014 21:33:41
Running from C:\Users\Home_PC\Desktop
Loaded Profile: Home_PC (Available profiles: Home_PC & All)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel Desktop Utilities\iduServ.exe
(Intel Corporation) C:\Program Files (x86)\Intel\FSC\FSCAppServ.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(http://lucky-tab.com/) C:\Program Files (x86)\LuckyTab\LuckyTab.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2RPK.EXE
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNACBSWK.EXE
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel Desktop Utilities\iptray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\Home_PC\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [CNAP2 Launcher] => C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [226784 2010-10-14] (CANON INC.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [ipTray.exe] => C:\Program Files (x86)\Intel\Intel Desktop Utilities\ipTray.exe [1632456 2011-11-10] (Intel(R) Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-07] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-765561512-130652983-1916819721-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3481408 2012-02-13] (DT Soft Ltd)
HKU\S-1-5-21-765561512-130652983-1916819721-1000\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [1938112 2014-09-23] (Valve Corporation)
HKU\S-1-5-21-765561512-130652983-1916819721-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-07] (Samsung)
Startup: C:\Users\Home_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler.exe ()
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-765561512-130652983-1916819721-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {57311830-C3D9-4AC7-931A-3AAB685B4874} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
SearchScopes: HKCU - {88249AB9-9129-4AD5-93AC-7F8B889E2B9F} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Home_PC\AppData\Roaming\Mozilla\Firefox\Profiles\ev4pn85p.default
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppluginrichmediaplayer.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Adblock Plus - C:\Users\Home_PC\AppData\Roaming\Mozilla\Firefox\Profiles\ev4pn85p.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-31]
FF Extension: BitAccelerator - C:\Program Files (x86)\Mozilla Firefox\extensions\{5ddeb737-082c-48fb-8c06-aa4b38d61e5f} [2014-09-21]
Chrome:
=======
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [484592 2013-09-27] (BitRaider, LLC)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 IduService; C:\Program Files (x86)\Intel\Intel Desktop Utilities\iduServ.exe [124616 2011-11-10] (Intel(R) Corporation)
R2 Intel(R) Desktop Boards FSC Application Service; C:\Program Files (x86)\Intel\FSC\FSCAppServ.exe [61440 2011-11-10] (Intel Corporation) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2014-08-26] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [107832 2014-08-26] ()
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2013-09-27] (BitRaider)
R3 cpuio; C:\Windows\SysWOW64\Drivers\cpuiox64.sys [15384 2012-02-28] (Intel Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-03-12] (DT Soft Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
R1 SbFw; C:\Windows\System32\drivers\SbFw.sys [253528 2011-04-05] (Sunbelt Software, Inc.)
S3 SBFWIMCL; C:\Windows\System32\DRIVERS\sbfwim.sys [84568 2011-02-08] (Sunbelt Software, Inc.)
R3 SBFWIMCLMP; C:\Windows\System32\DRIVERS\SBFWIM.sys [84568 2011-02-08] (Sunbelt Software, Inc.)
S3 sbhips; C:\Windows\System32\drivers\sbhips.sys [60504 2011-04-05] (Sunbelt Software, Inc.)
R1 SbTis; C:\Windows\System32\drivers\sbtis.sys [94296 2011-04-05] (Sunbelt Software, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-09-04] (Duplex Secure Ltd.)
U3 ah9udfa1; C:\Windows\System32\Drivers\ah9udfa1.sys [0 ] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-04 21:33 - 2014-11-04 21:33 - 00014641 _____ () C:\Users\Home_PC\Desktop\FRST.txt
2014-11-04 20:58 - 2014-11-04 20:58 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-11-04 20:58 - 2014-10-30 01:56 - 00614728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-11-04 20:56 - 2014-11-04 20:57 - 00000000 ____D () C:\Windows\LastGood
2014-11-04 20:56 - 2014-10-30 09:56 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-11-04 20:56 - 2014-10-30 09:56 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 31890064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 24554824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 20922696 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 19966856 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 17258696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 14029400 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 13942368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 13189832 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-11-04 20:56 - 2014-10-30 05:53 - 11395672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 11333848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 04289856 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 04011840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434460.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434460.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 00961224 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 00932168 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 00922944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 00896144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 00870112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 00174856 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 00156840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-11-04 20:41 - 2014-09-04 20:14 - 00038048 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-11-04 20:41 - 2014-09-04 20:14 - 00032416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-11-04 18:51 - 2014-11-04 20:07 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-04 18:51 - 2014-11-04 18:51 - 00000785 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-04 18:51 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-04 18:51 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-04 18:51 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-04 18:49 - 2014-11-04 18:50 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Home_PC\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-04 18:12 - 2014-11-04 18:12 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-11-04 18:12 - 2014-11-04 18:12 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-11-04 18:12 - 2014-11-04 18:12 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-11-04 18:12 - 2014-11-04 18:12 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-11-04 18:12 - 2014-11-04 18:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-04 18:12 - 2014-11-04 18:12 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-04 18:00 - 2014-11-04 18:00 - 01375089 _____ () C:\Users\Home_PC\Desktop\adwcleaner_3.311.exe
2014-11-04 17:58 - 2014-11-04 17:58 - 00000085 _____ () C:\Windows\wininit.ini
2014-11-03 19:36 - 2014-11-03 19:36 - 00000000 ____D () C:\Users\Home_PC\Desktop\FRST-OlderVersion
2014-11-02 16:10 - 2014-11-03 06:22 - 00000000 ____D () C:\Users\Home_PC\Desktop\MO 2014
2014-10-29 21:04 - 2014-10-29 21:04 - 00000000 ____D () C:\Users\Home_PC\Documents\VideoPad Projects
2014-10-29 20:49 - 2014-10-29 20:51 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2014-10-29 20:49 - 2014-10-29 20:49 - 00001295 _____ () C:\Users\Public\Desktop\NCH Suite.lnk
2014-10-29 20:49 - 2014-10-29 20:49 - 00001155 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad Video Editor.lnk
2014-10-29 20:49 - 2014-10-29 20:49 - 00001143 _____ () C:\Users\Public\Desktop\VideoPad Video Editor.lnk
2014-10-29 20:49 - 2014-10-29 20:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
2014-10-29 20:47 - 2014-10-29 20:47 - 04830264 _____ (NCH Software) C:\Users\Home_PC\Downloads\vpsetup.exe
2014-10-29 18:20 - 2014-10-29 18:20 - 00000000 ____D () C:\Users\Home_PC\Desktop\VirtualDub-1.10.4
2014-10-29 10:42 - 2014-10-29 10:42 - 00000000 ____D () C:\Users\Home_PC\Documents\Telltale Games
2014-10-29 10:41 - 2014-10-29 10:41 - 00000000 ____D () C:\Users\All\Documents\Telltale Games
2014-10-28 21:44 - 2014-10-28 21:44 - 00000000 ____D () C:\Users\Home_PC\Desktop\pok_data
2014-10-28 21:31 - 2014-10-28 21:31 - 00000716 _____ () C:\Users\Home_PC\Desktop\Audacity.lnk
2014-10-28 21:31 - 2014-10-28 21:31 - 00000716 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-10-28 21:30 - 2014-10-28 21:30 - 00000000 __SHD () C:\Users\Home_PC\AppData\Local\EmieUserList
2014-10-28 21:30 - 2014-10-28 21:30 - 00000000 __SHD () C:\Users\Home_PC\AppData\Local\EmieSiteList
2014-10-28 21:15 - 2014-10-28 21:30 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-10-28 21:15 - 2014-10-28 21:15 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\Opera Software
2014-10-28 21:15 - 2014-10-28 21:15 - 00000000 ____D () C:\Users\Home_PC\AppData\Local\Opera Software
2014-10-28 21:14 - 2014-10-28 21:14 - 00000931 _____ () C:\Users\Home_PC\Desktop\MediaHuman YouTube to MP3 Converter.lnk
2014-10-28 21:14 - 2014-10-28 21:14 - 00000214 _____ () C:\Users\Home_PC\Desktop\Visit MediaHuman Website.url
2014-10-28 21:14 - 2014-10-28 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaHuman
2014-10-28 21:13 - 2014-10-28 21:13 - 16762208 _____ ( ) C:\Users\Home_PC\Desktop\YouTubeToMP3.exe
2014-10-28 21:09 - 2014-10-28 21:10 - 31386424 _____ (DVDVideoSoft Ltd. ) C:\Users\Home_PC\Desktop\FreeYouTubeToMP3Converter.exe
2014-10-28 20:35 - 2014-10-28 20:49 - 00000000 ____D () C:\Users\Home_PC\AppData\Local\Ashampoo Movie Studio
2014-10-28 20:32 - 2014-10-28 20:32 - 00001232 _____ () C:\Users\Public\Desktop\CleverReach.com.lnk
2014-10-28 20:32 - 2014-10-28 20:32 - 00000903 _____ () C:\Users\Public\Desktop\Ashampoo Movie Studio.lnk
2014-10-28 20:32 - 2014-10-28 20:32 - 00000213 _____ () C:\Users\Public\Desktop\Your Software Deals.url
2014-10-28 20:32 - 2014-10-28 20:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2014-10-28 20:22 - 2014-10-28 20:25 - 174698672 _____ (Ashampoo GmbH & Co. KG ) C:\Users\Home_PC\Desktop\ashampoo_movie_studio_e1.0.17_sm.exe
2014-10-28 20:12 - 2014-10-29 18:14 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\avidemux
2014-10-28 18:59 - 2014-10-28 18:59 - 00000738 _____ () C:\Users\Public\Desktop\Avidemux 2.6 (32-bit).lnk
2014-10-28 18:59 - 2014-10-28 18:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux
2014-10-28 18:48 - 2014-10-28 18:49 - 24960294 _____ () C:\Users\Home_PC\Desktop\Avidemux-setup.exe
2014-10-28 13:18 - 2014-10-28 13:18 - 00000000 ____D () C:\Users\Home_PC\Documents\Electronic Arts
2014-10-28 13:13 - 2014-10-19 15:54 - 00447752 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
2014-10-28 13:12 - 2014-10-28 13:13 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-28 13:12 - 2014-10-28 13:12 - 00000876 _____ () C:\Users\Public\Desktop\The Sims 4.lnk
2014-10-28 13:12 - 2014-10-28 13:12 - 00000876 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4.lnk
2014-10-28 12:56 - 2014-10-28 10:03 - 00000956 _____ () C:\Users\Home_PC\Desktop\DVD + divX seznam pravděpodobně kompletní vč orig 2010-08-30 pracovní úprava - final.lnk
2014-10-28 12:56 - 2005-10-26 09:26 - 00048640 _____ () C:\Users\Home_PC\Desktop\DVD seznam pravdipodobni kompletní 25-10-2005.xls
2014-10-28 12:56 - 2005-10-26 09:26 - 00045568 _____ () C:\Users\Home_PC\Desktop\DVD seznam pravdipodobni kompletní 25-10-2005 k tisku.xls
2014-10-28 09:07 - 2014-10-28 09:08 - 00000000 ____D () C:\Users\Home_PC\Desktop\Violby, zastupitelstvo
2014-10-25 07:32 - 2014-10-25 07:32 - 00000917 _____ () C:\Users\Public\Desktop\Quake II (Berserker@Quake2).lnk
2014-10-25 07:32 - 2014-10-25 07:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quake II (Berserker@Quake2)
2014-10-20 20:16 - 2014-10-20 20:16 - 00007908 _____ () C:\Users\Home_PC\Desktop\cc_20141020_211655.reg
2014-10-20 18:33 - 2014-10-20 18:33 - 00000000 ____D () C:\Games
2014-10-20 17:21 - 2014-10-20 17:21 - 00003402 _____ () C:\Windows\System32\Tasks\LuckyTab
2014-10-20 17:21 - 2014-10-20 17:21 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\Microsoft\Windows\Start Menu\LuckyTab
2014-10-20 17:21 - 2014-10-20 17:21 - 00000000 ____D () C:\Program Files (x86)\LuckyTab
2014-10-19 18:52 - 2014-10-19 18:52 - 00004647 _____ () C:\Users\Home_PC\Downloads\CENEK_PAVEL_ING(1).p12
2014-10-19 10:09 - 2014-10-19 10:09 - 00001000 _____ () C:\Users\Home_PC\Desktop\nw – zástupce.lnk
2014-10-18 19:36 - 2014-10-18 19:36 - 00025038 _____ () C:\Users\All\Desktop\hs_err_pid3636.log
2014-10-18 15:52 - 2014-10-18 15:52 - 00025240 _____ () C:\Users\All\Desktop\hs_err_pid7200.log
2014-10-18 13:39 - 2014-10-18 13:39 - 00001018 _____ () C:\Users\All\Desktop\nw – zástupce.lnk
2014-10-18 13:24 - 2014-10-18 13:24 - 00025186 _____ () C:\Users\All\Desktop\hs_err_pid5136.log
2014-10-18 11:03 - 2014-10-18 11:03 - 00025501 _____ () C:\Users\All\Desktop\hs_err_pid7936.log
2014-10-13 15:09 - 2014-10-13 15:18 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\Magic Set Editor
2014-10-08 20:16 - 2014-10-08 20:16 - 00000000 ____D () C:\Users\Home_PC\Documents\MKGame
2014-10-08 17:58 - 2014-10-08 18:01 - 00000000 ____D () C:\Users\Home_PC\Documents\MK-LOL
2014-10-08 17:58 - 2014-10-08 17:58 - 00000058 _____ () C:\Windows\JQHApp.dat
2014-10-08 17:58 - 2014-10-08 17:58 - 00000000 ____D () C:\Users\Home_PC\Documents\MKJogo
2014-10-08 17:57 - 2014-10-08 19:42 - 00000899 _____ () C:\Users\Home_PC\Desktop\MK LOL.lnk
2014-10-08 17:57 - 2014-10-08 17:57 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MKJogo
2014-10-08 17:56 - 2014-10-30 20:44 - 00000000 ____D () C:\Users\All\Desktop\LoLSkins
2014-10-08 12:51 - 2014-10-08 12:51 - 00000000 ____D () C:\Users\All\AppData\Local\EdgeOfReality
2014-10-07 19:33 - 2014-10-12 16:28 - 00106978 _____ () C:\Users\All\Downloads\Untitled.mse-set
2014-10-07 19:33 - 2014-10-07 19:50 - 00111987 _____ () C:\Users\All\Downloads\Untitled.mse-set.bak
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-04 21:33 - 2014-03-20 19:43 - 00000000 ____D () C:\FRST
2014-11-04 21:18 - 2013-05-27 05:59 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-04 21:00 - 2011-04-12 09:34 - 00689920 _____ () C:\Windows\system32\perfh005.dat
2014-11-04 21:00 - 2011-04-12 09:34 - 00150656 _____ () C:\Windows\system32\perfc005.dat
2014-11-04 21:00 - 2009-07-14 06:13 - 01637298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-04 20:59 - 2012-02-28 23:08 - 01488658 _____ () C:\Windows\WindowsUpdate.log
2014-11-04 20:58 - 2014-02-20 18:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-11-04 20:58 - 2012-09-15 08:56 - 00000000 ____D () C:\Temp
2014-11-04 20:58 - 2012-02-29 00:37 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-04 20:58 - 2012-02-29 00:37 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-11-04 20:57 - 2014-07-08 05:14 - 00041754 _____ () C:\Windows\setupact.log
2014-11-04 20:53 - 2009-07-14 05:45 - 00024720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-04 20:53 - 2009-07-14 05:45 - 00024720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-04 20:47 - 2014-03-26 22:36 - 00000448 ____H () C:\Windows\Tasks\SW.Booster-S-1935984173.job
2014-11-04 20:46 - 2014-07-15 04:41 - 00086688 _____ () C:\Windows\PFRO.log
2014-11-04 20:46 - 2012-12-13 15:18 - 00000000 ____D () C:\Windows\uninstall
2014-11-04 20:46 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-04 20:42 - 2012-02-29 00:36 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-11-04 19:16 - 2012-02-28 22:17 - 00003974 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{688A73AE-B742-4599-AB00-4D8F743FCC7C}
2014-11-04 18:12 - 2014-07-02 13:43 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-04 18:04 - 2014-08-10 05:25 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-11-04 18:03 - 2014-03-19 21:49 - 00000000 ____D () C:\AdwCleaner
2014-11-04 17:59 - 2013-05-04 13:12 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\Seznam.cz
2014-11-04 17:59 - 2013-05-04 13:12 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2014-11-04 17:58 - 2013-01-30 17:39 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-11-04 17:58 - 2012-03-11 23:06 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-11-03 19:36 - 2014-03-20 20:54 - 02114560 _____ (Farbar) C:\Users\Home_PC\Desktop\FRST64.exe
2014-11-03 19:36 - 2014-03-20 12:45 - 00000000 ____D () C:\Users\Home_PC\Desktop\antiviry
2014-11-03 19:13 - 2013-05-04 14:12 - 00000000 ____D () C:\Users\All\AppData\Roaming\Seznam.cz
2014-11-03 19:08 - 2012-06-30 17:56 - 00000000 ____D () C:\Users\All\AppData\Roaming\Skype
2014-11-02 18:42 - 2013-05-08 17:48 - 00000000 ____D () C:\Users\All\AppData\Roaming\.minecraft
2014-10-30 12:25 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-30 09:56 - 2014-02-20 18:38 - 01538880 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-10-30 05:53 - 2014-07-29 16:54 - 18497600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-10-30 05:53 - 2014-02-20 18:22 - 16886168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-10-30 05:53 - 2014-02-20 18:22 - 02849224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-10-30 05:53 - 2012-02-29 00:37 - 20966504 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-10-30 05:53 - 2012-02-29 00:37 - 03237528 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-10-30 05:53 - 2012-02-09 21:43 - 00987008 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-10-30 05:53 - 2011-05-21 06:01 - 00027024 _____ () C:\Windows\system32\nvinfo.pb
2014-10-30 03:10 - 2012-02-29 00:37 - 06880968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-10-30 03:10 - 2012-02-29 00:37 - 03533632 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-10-30 03:10 - 2012-02-29 00:37 - 02558792 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-10-30 03:10 - 2012-02-29 00:37 - 00935232 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-10-30 03:10 - 2012-02-29 00:37 - 00385352 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-10-30 03:10 - 2012-02-29 00:37 - 00061640 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-10-29 18:05 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-10-29 17:59 - 2014-07-14 08:34 - 00093107 _____ () C:\Windows\DirectX.log
2014-10-29 17:59 - 2013-02-01 07:52 - 00000000 ____D () C:\Users\Home_PC\AppData\Local\Windows Live
2014-10-29 17:49 - 2013-06-17 12:36 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\Audacity
2014-10-29 17:49 - 2012-04-06 13:03 - 00000000 ____D () C:\Users\Home_PC\AppData\Local\Google
2014-10-29 17:49 - 2012-04-06 13:03 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-28 20:32 - 2012-07-04 19:25 - 00000000 ____D () C:\ProgramData\ashampoo
2014-10-28 16:26 - 2013-08-29 10:43 - 00000000 ____D () C:\Users\All\Documents\Electronic Arts
2014-10-28 13:13 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-28 09:09 - 2014-05-04 08:20 - 00000000 ____D () C:\Users\Home_PC\Desktop\Nová složka (2)
2014-10-28 09:07 - 2014-10-02 18:46 - 00000000 ____D () C:\Users\Home_PC\Desktop\ZSM
2014-10-28 09:06 - 2014-10-02 18:47 - 00000000 ____D () C:\Users\Home_PC\Desktop\Chlapi a spol
2014-10-28 09:06 - 2014-08-09 17:39 - 00000000 ____D () C:\Users\Home_PC\Desktop\fun foto
2014-10-28 09:05 - 2014-10-02 18:49 - 00000000 ____D () C:\Users\Home_PC\Desktop\Tábory Štěpán
2014-10-28 09:01 - 2014-10-02 18:56 - 00000000 ____D () C:\Users\Home_PC\Desktop\Pozvánky narozeniny
2014-10-28 08:54 - 2014-03-20 20:54 - 00000000 ____D () C:\Users\Home_PC\Desktop\sh
2014-10-28 08:54 - 2014-03-20 20:53 - 00000000 ____D () C:\Users\Home_PC\Desktop\2014_01_04
2014-10-28 08:53 - 2014-03-20 20:53 - 00000000 ____D () C:\Users\Home_PC\Desktop\Povodí 10.2013 k prověření
2014-10-28 08:53 - 2014-03-20 20:53 - 00000000 ____D () C:\Users\Home_PC\Desktop\OOP 15.02.2014
2014-10-28 08:53 - 2014-03-20 20:53 - 00000000 ____D () C:\Users\Home_PC\Desktop\files
2014-10-27 01:34 - 2012-05-25 20:47 - 04066553 _____ () C:\Windows\system32\nvcoproc.bin
2014-10-26 11:26 - 2012-04-06 12:47 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2014-10-26 07:42 - 2012-09-22 06:03 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\uTorrent
2014-10-24 22:46 - 2012-08-27 08:36 - 00000000 ____D () C:\Users\All\AppData\Roaming\TS3Client
2014-10-23 05:33 - 2014-06-29 12:30 - 00000000 ____D () C:\Users\All\AppData\Local\Game Dev Tycoon - Steam
2014-10-22 18:10 - 2014-05-08 19:00 - 00000000 ____D () C:\Users\Home_PC\Desktop\JDownloader
2014-10-20 21:01 - 2014-07-11 14:54 - 00000000 ____D () C:\Users\Home_PC\AppData\Local\Game Dev Tycoon - Steam
2014-10-20 19:06 - 2014-03-20 05:14 - 00001168 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-10-20 19:06 - 2014-03-20 05:14 - 00001156 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-10-20 19:06 - 2012-02-28 23:08 - 00001402 _____ () C:\Users\Home_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-18 10:50 - 2013-10-05 16:30 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\.minecraft
2014-10-18 09:50 - 2012-03-11 10:10 - 00000000 ____D () C:\Users\All\Documents\My Games
2014-10-18 09:13 - 2012-03-16 20:11 - 00016896 _____ () C:\Users\All\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-14 19:14 - 2013-12-12 15:31 - 00012440 _____ () C:\Users\All\Desktop\Nový List aplikace Microsoft Office Excel.xlsx
2014-10-10 03:58 - 2009-07-14 06:08 - 00032638 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-09 20:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Web
Files to move or delete:
====================
C:\Users\Home_PC\AppData\Roaming\Origin\update.vbe
Some content of TEMP:
====================
C:\Users\Home_PC\AppData\Local\Temp\aacdec.exe
C:\Users\Home_PC\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Home_PC\AppData\Local\Temp\MovieStudio.exe
C:\Users\Home_PC\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Home_PC\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Home_PC\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Home_PC\AppData\Local\Temp\nvStInst.exe
C:\Users\Home_PC\AppData\Local\Temp\Quarantine.exe
C:\Users\Home_PC\AppData\Local\Temp\YourFileDownloader8DpKlXz8Mt.exe
C:\Users\Home_PC\AppData\Local\Temp\YourFileDownloaderj5iThuTCJt.exe
C:\Users\Home_PC\AppData\Local\Temp\YourFileDownloadertr7BCKINsz.exe
C:\Users\Home_PC\AppData\Local\Temp\YourFileDownloaderXMrMW9JJ1o.exe
C:\Users\Home_PC\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-26 13:01
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (System W7) (Fixed) (Total:83.75 GB) (Free:5.62 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.51 GB) (Free:47.72 GB) NTFS
Drive m: () (Fixed) (Total:931.5 GB) (Free:8.67 GB) NTFS
Available physical RAM: 6368.98 MB
Total physical RAM: 8169.33 MB
Percentage of memory in use: 22%
==================== MBR and Partition Table ==================
Disk: 2 (Size: 931.5 GB) (Disk ID: 3A9E720B)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\SW.Booster-S-1935984173.job => c:\programdata\puresafe\sw.booster\SW.Booster.exe <==== ATTENTION
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Home_PC\Desktop" je 2578 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Home_PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenBitCoin.exe.lnk
C:\PROGRA~2\OPENBI~1\daemon.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Home_PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Registration Heroes of Might & Magic 5.LNK
C:\Program Files (x86)\Ubisoft\Heroes of Might and Magic V Collector Edition\registration\RegistrationReminder.exe [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
a
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-11-2014
Ran by Home_PC at 2014-11-04 21:34:13
Running from C:\Users\Home_PC\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34944 - BitTorrent Inc.)
2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
AeroFly Professional Deluxe (HKLM-x32\...\{8B3E5A90-1F6E-4FAF-B84F-C306C8A80809}) (Version: 1.8.0.9 - )
Agatha Christie - Deset malých černoušků (HKLM-x32\...\{F9D661EF-69AB-4017-82BB-6FD10AB089B6}) (Version: 1.0 - )
Aktualizace NVIDIA 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_PROHYBRIDR_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_PROHYBRIDR_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_PROHYBRIDR_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Movie Studio v.1.0.17 (HKLM-x32\...\{91B33C97-54B3-9CEB-E911-246EDA9BDC9A}_is1) (Version: 1.0.17 - Ashampoo GmbH & Co. KG)
Assassin's Creed Revelations 1.03 (HKLM-x32\...\{33A22B2D-55BA-4508-B767-BF2E9C21A73F}) (Version: 1.03 - Ubisoft)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Avidemux 2.6 (32-bit) (HKLM-x32\...\Avidemux 2.6) (Version: 2.6.8.9045 - )
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.8.1 - BitRaider, LLC)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
calibre (HKLM-x32\...\{AB259D81-DE6B-4554-B4A8-DB13D321FBF2}) (Version: 0.9.18 - Kovid Goyal)
Canon LBP7010C/7018C (HKLM\...\Canon LBP7010C/7018C) (Version: - )
CanoScan 9000F Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_cnq9602) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 3.15 - Piriform)
CCleaner (HKLM-x32\...\CCleaner) (Version: 2.36 - Piriform)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.3.0297 - DT Soft Ltd)
Disk Explorer Professional 3 (HKLM-x32\...\DEPro3) (Version: 3.70 - Tomas Jelinek)
dupeGuru (HKLM-x32\...\{926F26B2-8CCD-42C2-8F5A-A3F9E682BC62}) (Version: 3.8.0 - Hardcoded Software)
EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
Facebook Video Calling 1.2.0.287 (HKLM-x32\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited)
Far Cry (HKLM-x32\...\Steam App 13520) (Version: - Crytek Studios)
Far Cry 2 (HKLM-x32\...\Steam App 19900) (Version: - Ubisoft Montreal)
FormatFactory 2.90 (HKLM-x32\...\FormatFactory) (Version: 2.90 - Free Time)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
FreeRIP Toolbar v6.0 (HKLM-x32\...\{695A9F6A-6EA9-44DA-A04A-53778AC7C410}) (Version: 6.0 - Spigot, Inc.) <==== ATTENTION
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version: - Greenheart Games)
GameShadow (HKLM-x32\...\{3AE325C5-5B0F-48E5-BAC9-B55C64467681}) (Version: 2.02.0000 - GameShadow Ltd)
Gothic III (HKLM-x32\...\{A225AD86-3D03-4097-98D3-7CEE689E1ED5}) (Version: 1.0.0 - JoWooD )
Heroes of Might and Magic III Complete (HKLM-x32\...\InstallShield_{EDFB64A7-5BFD-4137-943D-5663149A15F5}) (Version: 1.00.0000 - CD Projekt)
Heroes of Might and Magic III Complete (x32 Version: 1.00.0000 - CD Projekt) Hidden
Intel(R) Desktop Utilities (HKLM-x32\...\InstallShield_{D5712598-E05C-4B51-B97B-66A2EBC80170}) (Version: 3.2.1 - Intel Corporation)
Intel(R) Desktop Utilities (x32 Version: 3.2.1 - Intel Corporation) Hidden
Intel(R) Network Connections 16.8.46.0 (HKLM\...\PROSetDX) (Version: 16.8.46.0 - Intel)
Intel(R) SMBus (HKLM\...\SMBus) (Version: - )
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Malwarebytes Anti-Malware verze 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Mass Effect™ 3 (HKLM-x32\...\{6A9D1594-7791-48f5-9CAA-DE9BCB968320}) (Version: 1.01.0.0 - Electronic Arts)
Media Player Classic - Home Cinema 1.6.0.4014 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.6.0.4014 - MPC-HC Team)
MediaHuman YouTube to MP3 Converter verze 3.6 (HKLM-x32\...\MediaHuman YouTube to MP3 Converter_is1) (Version: 3.6 - )
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft 1.6.2 (HKLM-x32\...\Minecraft 1.6.2) (Version: - )
MK LOL (HKCU\...\MK LOL) (Version: - )
MouseCraft (HKLM-x32\...\1207664833_is1) (Version: 2.0.0.1 - GOG.com)
Mozilla Firefox 32.0.3 (x86 cs) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 cs)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
MyProduct (HKLM-x32\...\MyProduct) (Version: - )
Need for Speed(TM) Hot Pursuit (HKLM-x32\...\{83A606F5-BF6F-42ED-9F33-B9F74297CDED}) (Version: 1.0.0.0 - Electronic Arts)
Nero 9 Essentials (HKLM-x32\...\{aa6b4c41-b523-498e-89ba-0c45dc927651}) (Version: - Nero AG)
Nero BurningROM 12 (HKLM-x32\...\{C0CA68BF-2963-4139-8207-1E83038F86F8}) (Version: 12.0.00800 - Nero AG)
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 344.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.60 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 344.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.46 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 344.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.60 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Období Sklizně (HKLM-x32\...\Období Sklizně) (Version: - Alawar Entertainment Inc.)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 344.60 (Version: 344.60 - NVIDIA Corporation) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
QNAP Finder (HKLM-x32\...\QNAP_FINDER) (Version: 3.4.3.0523 - QNAP Systems, Inc.)
Quake II (engine Berserker@Quake2 1.39) (HKLM-x32\...\Quake II (engine Berserker@Quake2 1.39)) (Version: - )
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Rapture3D 2.4.11 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.28.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.28.0 - Renesas Electronics Corporation) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.33.0 - SAMSUNG Electronics Co., Ltd.)
SDÍLEJ.CZ Manager (HKCU\...\69f070f18ade444c) (Version: 0.0.1.34 - SDÍLEJ.CZ)
Sherlock Holmes Crimes and Punishments (HKLM-x32\...\Sherlock Holmes Crimes and Punishments_is1) (Version: 1.0 - PLAZA)
SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Stronghold Crusader 2 (HKLM-x32\...\Stronghold Crusader 2_is1) (Version: - )
Subtitle Workshop 2.51 (HKLM-x32\...\SubtitleWorkshop) (Version: - )
Sweet Home 3D version 4.4 (HKLM\...\Sweet Home 3D_is1) (Version: - eTeks)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab Detection (HKLM-x32\...\{D9066316-2B37-42D3-8A70-658A9424DF3C}) (Version: 2.0.0.0 - Husdawg, LLC)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
The Sims 4 (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - )
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.55 public beta 3 - Ghisler Software GmbH)
Trials Fusion (HKLM-x32\...\Trials Fusion_is1) (Version: - )
TuxGuitar (HKLM-x32\...\{03534DA5-2F88-4B8E-A978-849B979E1B8F}) (Version: 1.2 - Herac)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 2.1 - Ubisoft)
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 3.74 - NCH Software)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Web Translator (HKLM-x32\...\Web Translator) (Version: - )
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinZip 15.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BE}) (Version: 15.0.9302 - WinZip Computing, S.L. )
Zoner Callisto 5 FREE (HKLM-x32\...\ZonerCallisto5_CZ_is1) (Version: 5.0.5000.16 - ZONER software)
Zoner Photo Studio 13 (HKLM\...\ZonerPhotoStudio13_CZ_is1) (Version: 13.0.1.3 - ZONER software)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-765561512-130652983-1916819721-1000_Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}\InprocServer32 -> %LOCALAPPDATA%\Pokki\ocdeskband_0.dll No File
CustomCLSID: HKU\S-1-5-21-765561512-130652983-1916819721-1000_Classes\CLSID\{BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B}\InprocServer32 -> C:\Program Files\Zoner\Photo Studio 13\Program64\SHELLEXT.DLL (ZONER software)
==================== Restore Points =========================
04-11-2014 16:58:49 Removed Skype Click to Call
04-11-2014 17:11:48 Installed Java 7 Update 71
04-11-2014 19:41:51 Nainstalováno rozhraní DirectX
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2014-03-22 09:04 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {104088C1-1943-4B2C-8CB4-659505EEB097} - System32\Tasks\Origin => C:\Users\Home_PC\AppData\Roaming\Origin\update.vbe [2014-09-07] () <==== ATTENTION
Task: {112F61B9-C631-4219-8282-CF3F44532E06} - System32\Tasks\{CA2F9B76-FB67-4AED-83F9-EC5013448E9E} => D:\štěpán\aWarcraft III\Biturn\Diablo II\Diablo II.exe
Task: {117FF4CB-3A85-44D5-B5D4-37F80EFAEB6F} - System32\Tasks\{673AE4E8-FF4E-487E-97BC-93CC61E607CE} => D:\Program Files (x86)\Steam\Steam.exe [2014-09-23] (Valve Corporation)
Task: {12081B36-58DA-4E4B-902C-BCCD8ACB2C1B} - System32\Tasks\{E4C61A85-F4B9-47D3-87FD-9A8E29878854} => C:\Users\All\Desktop\Štěpán\NTSD2.4\NTSD.exe
Task: {148A85CF-CBB6-481D-9433-46CBA9985616} - System32\Tasks\{2310C9C8-5F59-4A27-BE25-27BD8A38A756} => D:\__save league of legends\Diablo II\Diablo II.exe
Task: {1B0CDB3C-327D-4E81-8AFA-F2B3029190E8} - System32\Tasks\{E5E7DD96-76D2-44BB-B685-D7289AAD2F09} => D:\_download štěpán\League of Legends\lol.launcher.exe
Task: {1BD6BAEB-BF1E-4DF2-B0E7-947588D52C62} - System32\Tasks\{33A38BD4-E1A2-47A9-9E02-F7F3ACE8B02F} => C:\Users\All\Desktop\Štěpán\Nová složka\DEViANCE CRACK\Europa1400Gold.exe
Task: {21F6E09A-DBEA-4AA3-96C8-2BDA6A25E7C8} - System32\Tasks\{D2525F28-817C-486C-9A9C-02BF477E291F} => C:\Users\All\Desktop\Štěpán\NTSD2.4\NTSD.exe
Task: {24C45985-DD99-4FFF-9D82-BAC3231BB45F} - System32\Tasks\{A0911DD7-E8E3-4B13-A817-DB6B9FDAD331} => C:\Users\All\Desktop\Štěpán\Nová složka\DEViANCE CRACK\Europa1400Gold.exe
Task: {26CD1F58-34E1-472B-B1F0-278689F56BA8} - System32\Tasks\LuckyTab => C:\Program Files (x86)\LuckyTab\LuckyTab.exe [2014-10-20] (http://lucky-tab.com/)
Task: {2ECD702A-7FE7-40F8-A022-CF306671A1B0} - System32\Tasks\{3F558146-3219-403C-B0A0-F21F693BC40E} => M:\finálka\__games\Lego Soccer Mania\Game.exe [2002-06-20] ()
Task: {2F86DD56-C19D-4FE0-A989-EACB67C51CFA} - System32\Tasks\{01931EE4-C673-4CBD-A14A-967399AA54F3} => D:\Program Files\JoWooD\Gothic III\Gothic3.exe
Task: {36818234-7712-4795-8D22-D790B18A65DD} - System32\Tasks\{F216BCA2-B789-4FAA-AACA-D86803803093} => D:\Program Files (x86)\Steam\Steam.exe [2014-09-23] (Valve Corporation)
Task: {368F234A-B49C-4121-B8A1-66EAC1E81028} - System32\Tasks\{B1890918-60BF-4DD7-8BB7-5BAFDE3D390A} => D:\štěpán\aWarcraft III\Biturn\Diablo II\Diablo II.exe
Task: {49D8586B-D8CA-43FC-B1D3-DD241C572552} - System32\Tasks\{D2887CAF-01FC-4523-9935-E837ED347E7A} => C:\Program Files (x86)\Cyanide\Loki\Autorun\Autorun.exe
Task: {4BD6FB5C-182F-4DF7-9790-0274E791F90C} - System32\Tasks\{9EA05D69-2188-4FF5-B2AF-D7EDE04C6B84} => C:\Program Files (x86)\Strategy First\Europa Universalis 2\EU2.exe
Task: {56979844-5852-40DA-BEB0-073F1DEB4E84} - System32\Tasks\{233A2164-5832-424A-9E99-8B5E4DC7AA04} => D:\Program Files (x86)\Steam\Steam.exe [2014-09-23] (Valve Corporation)
Task: {743C48A5-5892-4EAA-A2CC-19011A02CDE7} - System32\Tasks\{73A57097-106A-4826-82ED-DE5E203CA487} => C:\Program Files (x86)\Bethesda Softworks\Oblivion\OblivionLauncher.exe
Task: {74494891-1520-4526-9400-7B20565C36DD} - System32\Tasks\{B0B95F2C-F97A-4457-90B0-064372259606} => D:\Program Files\JoWooD\Gothic III\Gothic3.exe
Task: {77A2CF29-AFFF-452E-8123-58B0E945962F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {793CB69C-AF5D-4A33-9F1A-CB50F5B064E8} - System32\Tasks\{3208FBF5-6C02-47B7-B199-048C6A7D11A8} => D:\Riot Games\League of Legends\lol.launcher.exe [2012-10-29] ()
Task: {7D29E84E-7046-41AB-97BA-F5A44A0C9AC6} - System32\Tasks\{BCE1E09F-4E24-4673-B05D-56571494039B} => C:\Program Files (x86)\Mount&Blade\mount&blade.exe
Task: {7D328EF0-54A1-4585-9D32-4E10842D422E} - System32\Tasks\{6B749465-4AEC-45BA-814C-D7CC8AF68AB2} => D:\__save league of legends\Diablo II\Diablo II.exe
Task: {836D1CBF-E58F-457D-9C41-F96F45731DA1} - System32\Tasks\{708AB068-FEC5-46DA-ABF5-54CFA21FB4AE} => C:\Users\All\Desktop\Torchlight\Torchlight.exe
Task: {88156D89-D62D-48BD-BB75-CC781B4F4C66} - System32\Tasks\{1BF52BAB-47A9-42C2-9447-D19BF7801E57} => C:\Users\All\Desktop\Minecraft-warez.exe
Task: {8BD0B81F-7C62-48AD-A3FF-636539951F90} - System32\Tasks\{ABCE0E8E-E9BD-4624-91FD-B057141F5A05} => C:\Program Files (x86)\Telestream\Wirecast\Wirecast.exe
Task: {962BFB90-C0D8-4F2E-8990-FF60BB2B284E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9D8AC9A1-5804-4184-8BDE-D43A972F4568} - System32\Tasks\{726A7B5F-C16E-4B11-B574-F24F949D9C30} => D:\Legend\The Elder Scrolls V Skyrim\SkyrimLauncher.exe
Task: {A0F15DB5-2988-4A5C-B54D-4D060A08923F} - System32\Tasks\{F79E2209-7F4D-4A86-ABFF-6FC017D07D88} => C:\Program Files (x86)\Activision\Prototype\prototypef.exe
Task: {B1436FDA-8779-42D2-B7D8-338ADF5F3372} - System32\Tasks\{FB2D14B0-A45C-4A3B-A3AE-C9BB2208901A} => K:\steam\GameOverlayUI.exe
Task: {B9377B18-C77F-46B1-8795-98F75CE5DCDA} - System32\Tasks\{552798B6-30B8-4034-B746-4E6484A35F06} => C:\Program Files (x86)\Bethesda Softworks\Oblivion\OblivionLauncher.exe
Task: {B964A853-0861-4CAA-BEE1-0D02DCB9DF7F} - System32\Tasks\{76A3FC08-FA59-42E9-BD71-C7AC4C906641} => E:\browsercall.exe
Task: {BFC50117-F298-4F94-BF7A-0B5E26CEC925} - System32\Tasks\{4DA45FC8-5B31-40C7-A019-F2C94F3013D5} => C:\Users\All\Desktop\Štěpán\Warcraft III PLUS DATADISC CZ\World Editor.exe
Task: {C2B08289-35A3-4F50-8B8D-63914D90D7AC} - System32\Tasks\{32AA287E-D7A9-4412-86B9-F4AD102EDBD0} => D:\Program Files (x86)\Steam\Steam.exe [2014-09-23] (Valve Corporation)
Task: {D0C07638-1EC4-40EC-94CC-F6BB64C305D3} - System32\Tasks\{F6731524-BC90-4945-9A19-9EE3B168B4CB} => D:\Program Files (x86)\Steam\Steam.exe [2014-09-23] (Valve Corporation)
Task: {E03E1D26-5004-40E1-9BE8-5FDCBF912EA5} - System32\Tasks\{F1D8CA28-26C3-406A-9C19-43D2803BBF9F} => C:\Users\All\Desktop\Štěpán\Nová složka\DEViANCE CRACK\Europa1400Gold.exe
Task: {E145CDAA-13F0-4CBD-A1A5-9FE03907AB21} - System32\Tasks\{0787F179-7985-458B-BC8E-39896C7C1181} => D:\Program Files\JoWooD\Gothic III\Gothic3.exe
Task: {E3CC9947-C41E-4FD7-A578-8D307045596C} - System32\Tasks\SW.Booster-S-1935984173 => c:\programdata\puresafe\sw.booster\SW.Booster.exe <==== ATTENTION
Task: {E727ED13-DFFE-4349-B01B-B5C4E76FD21E} - System32\Tasks\{E6293900-65EF-427B-B411-D14FCD090C72} => M:\finálka\__games\Lego Soccer Mania\Game.exe [2002-06-20] ()
Task: {EBBCCE8D-B8D6-4BF5-B189-AF3589985F5F} - System32\Tasks\{7C677327-A16A-4937-B8A3-8CE1E80F036D} => C:\Program Files (x86)\Worms Armageddon - New Edition\WA.exe
Task: {F7CC549B-351B-4D85-92C3-11006BAAEB89} - System32\Tasks\{6463B2A4-7555-43A0-9865-F69F0D283A95} => C:\Program Files (x86)\Mount&Blade\mount&blade.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\SW.Booster-S-1935984173.job => c:\programdata\puresafe\sw.booster\SW.Booster.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2014-03-17 21:04 - 2014-08-26 20:52 - 00066872 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-03-17 21:04 - 2014-08-26 20:52 - 00107832 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2012-02-29 00:38 - 2014-10-30 03:10 - 00117064 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 15:04 - 2014-04-23 15:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-09-21 16:57 - 2014-09-25 17:05 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Users^Home_PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenBitCoin.exe.lnk => C:\Windows\pss\OpenBitCoin.exe.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Home_PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Registration Heroes of Might & Magic 5.LNK => C:\Windows\pss\Registration Heroes of Might & Magic 5.LNK.Startup
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
========================= Accounts: ==========================
Administrator (S-1-5-21-765561512-130652983-1916819721-500 - Administrator - Disabled)
All (S-1-5-21-765561512-130652983-1916819721-1002 - Limited - Enabled) => C:\Users\All
ASPNET (S-1-5-21-765561512-130652983-1916819721-1004 - Limited - Enabled)
Guest (S-1-5-21-765561512-130652983-1916819721-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-765561512-130652983-1916819721-1006 - Limited - Enabled)
Home_PC (S-1-5-21-765561512-130652983-1916819721-1000 - Administrator - Enabled) => C:\Users\Home_PC
==================== Faulty Device Manager Devices =============
Name: USB camera
Description: USB camera
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: WD My Book Device USB Device
Description: WD My Book Device USB Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: SBRE
Description: SBRE
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SBRE
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standardní hostitelský řadič USB)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/04/2014 08:48:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/04/2014 08:41:52 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcSSAS and NSS certificates mismatching after deletion and regeneration [0]
Error: (11/04/2014 06:06:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/04/2014 05:51:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/04/2014 05:03:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/03/2014 07:07:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/03/2014 06:32:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program mbam.exe verze 1.0.0.532 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 11b4
Čas spuštění: 01cff78bfff19184
Čas ukončení: 0
Cesta k aplikaci: D:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
ID hlášení: 516b362d-637f-11e4-8745-3860771bc34b
Error: (11/03/2014 06:31:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program mbam.exe verze 1.0.0.532 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 834
Čas spuštění: 01cff78bdb0b0c8d
Čas ukončení: 0
Cesta k aplikaci: D:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
ID hlášení: 31b05562-637f-11e4-8745-3860771bc34b
Error: (11/03/2014 06:25:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/03/2014 05:05:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (11/04/2014 08:46:32 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
SBRE
Error: (11/04/2014 08:41:52 PM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.
Error: (11/04/2014 08:41:49 PM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.
Error: (11/04/2014 07:05:30 PM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.
Error: (11/04/2014 06:57:19 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.
Error: (11/04/2014 06:57:19 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.
Error: (11/04/2014 06:04:51 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
SBRE
Error: (11/04/2014 05:51:55 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
SBRE
Error: (11/04/2014 05:03:27 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
SBRE
Error: (11/03/2014 07:07:38 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
SBRE
Microsoft Office Sessions:
=========================
Error: (04/09/2014 08:56:47 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 29 seconds with 0 seconds of active time. This session ended with a crash.
Error: (11/18/2012 09:38:52 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 15 seconds with 0 seconds of active time. This session ended with a crash.
Error: (11/18/2012 09:38:19 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 291 seconds with 240 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2014-03-22 08:59:43.333
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-22 08:59:43.293
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-22 08:59:43.243
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-22 08:59:43.203
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-21 21:52:34.041
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-21 21:52:34.001
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-21 21:52:33.961
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-21 21:52:33.921
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-21 21:49:31.176
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-21 21:49:31.136
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-2130 CPU @ 3.40GHz
Percentage of memory in use: 22%
Total physical RAM: 8169.33 MB
Available physical RAM: 6368.98 MB
Total Pagefile: 16336.84 MB
Available Pagefile: 14380.71 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (System W7) (Fixed) (Total:83.75 GB) (Free:5.62 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.51 GB) (Free:47.72 GB) NTFS
Drive m: () (Fixed) (Total:931.5 GB) (Free:8.67 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 3A9E720B)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Ran by Home_PC (administrator) on GAME-PC on 04-11-2014 21:33:41
Running from C:\Users\Home_PC\Desktop
Loaded Profile: Home_PC (Available profiles: Home_PC & All)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel Desktop Utilities\iduServ.exe
(Intel Corporation) C:\Program Files (x86)\Intel\FSC\FSCAppServ.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(http://lucky-tab.com/) C:\Program Files (x86)\LuckyTab\LuckyTab.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2RPK.EXE
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNACBSWK.EXE
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel Desktop Utilities\iptray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\Home_PC\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [CNAP2 Launcher] => C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [226784 2010-10-14] (CANON INC.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [ipTray.exe] => C:\Program Files (x86)\Intel\Intel Desktop Utilities\ipTray.exe [1632456 2011-11-10] (Intel(R) Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-07] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-765561512-130652983-1916819721-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3481408 2012-02-13] (DT Soft Ltd)
HKU\S-1-5-21-765561512-130652983-1916819721-1000\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [1938112 2014-09-23] (Valve Corporation)
HKU\S-1-5-21-765561512-130652983-1916819721-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-07] (Samsung)
Startup: C:\Users\Home_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler.exe ()
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-765561512-130652983-1916819721-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {57311830-C3D9-4AC7-931A-3AAB685B4874} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
SearchScopes: HKCU - {88249AB9-9129-4AD5-93AC-7F8B889E2B9F} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Home_PC\AppData\Roaming\Mozilla\Firefox\Profiles\ev4pn85p.default
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppluginrichmediaplayer.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Adblock Plus - C:\Users\Home_PC\AppData\Roaming\Mozilla\Firefox\Profiles\ev4pn85p.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-31]
FF Extension: BitAccelerator - C:\Program Files (x86)\Mozilla Firefox\extensions\{5ddeb737-082c-48fb-8c06-aa4b38d61e5f} [2014-09-21]
Chrome:
=======
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [484592 2013-09-27] (BitRaider, LLC)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 IduService; C:\Program Files (x86)\Intel\Intel Desktop Utilities\iduServ.exe [124616 2011-11-10] (Intel(R) Corporation)
R2 Intel(R) Desktop Boards FSC Application Service; C:\Program Files (x86)\Intel\FSC\FSCAppServ.exe [61440 2011-11-10] (Intel Corporation) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2014-08-26] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [107832 2014-08-26] ()
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2013-09-27] (BitRaider)
R3 cpuio; C:\Windows\SysWOW64\Drivers\cpuiox64.sys [15384 2012-02-28] (Intel Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-03-12] (DT Soft Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
R1 SbFw; C:\Windows\System32\drivers\SbFw.sys [253528 2011-04-05] (Sunbelt Software, Inc.)
S3 SBFWIMCL; C:\Windows\System32\DRIVERS\sbfwim.sys [84568 2011-02-08] (Sunbelt Software, Inc.)
R3 SBFWIMCLMP; C:\Windows\System32\DRIVERS\SBFWIM.sys [84568 2011-02-08] (Sunbelt Software, Inc.)
S3 sbhips; C:\Windows\System32\drivers\sbhips.sys [60504 2011-04-05] (Sunbelt Software, Inc.)
R1 SbTis; C:\Windows\System32\drivers\sbtis.sys [94296 2011-04-05] (Sunbelt Software, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-09-04] (Duplex Secure Ltd.)
U3 ah9udfa1; C:\Windows\System32\Drivers\ah9udfa1.sys [0 ] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-04 21:33 - 2014-11-04 21:33 - 00014641 _____ () C:\Users\Home_PC\Desktop\FRST.txt
2014-11-04 20:58 - 2014-11-04 20:58 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-11-04 20:58 - 2014-10-30 01:56 - 00614728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-11-04 20:56 - 2014-11-04 20:57 - 00000000 ____D () C:\Windows\LastGood
2014-11-04 20:56 - 2014-10-30 09:56 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-11-04 20:56 - 2014-10-30 09:56 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 31890064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 24554824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 20922696 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 19966856 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 17258696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 14029400 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 13942368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 13189832 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-11-04 20:56 - 2014-10-30 05:53 - 11395672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 11333848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 04289856 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 04011840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434460.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434460.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 00961224 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 00932168 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 00922944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 00896144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 00870112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 00174856 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-11-04 20:56 - 2014-10-30 05:53 - 00156840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-11-04 20:41 - 2014-09-04 20:14 - 00038048 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-11-04 20:41 - 2014-09-04 20:14 - 00032416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-11-04 18:51 - 2014-11-04 20:07 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-04 18:51 - 2014-11-04 18:51 - 00000785 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-04 18:51 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-04 18:51 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-04 18:51 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-04 18:49 - 2014-11-04 18:50 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Home_PC\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-04 18:12 - 2014-11-04 18:12 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-11-04 18:12 - 2014-11-04 18:12 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-11-04 18:12 - 2014-11-04 18:12 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-11-04 18:12 - 2014-11-04 18:12 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-11-04 18:12 - 2014-11-04 18:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-04 18:12 - 2014-11-04 18:12 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-04 18:00 - 2014-11-04 18:00 - 01375089 _____ () C:\Users\Home_PC\Desktop\adwcleaner_3.311.exe
2014-11-04 17:58 - 2014-11-04 17:58 - 00000085 _____ () C:\Windows\wininit.ini
2014-11-03 19:36 - 2014-11-03 19:36 - 00000000 ____D () C:\Users\Home_PC\Desktop\FRST-OlderVersion
2014-11-02 16:10 - 2014-11-03 06:22 - 00000000 ____D () C:\Users\Home_PC\Desktop\MO 2014
2014-10-29 21:04 - 2014-10-29 21:04 - 00000000 ____D () C:\Users\Home_PC\Documents\VideoPad Projects
2014-10-29 20:49 - 2014-10-29 20:51 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2014-10-29 20:49 - 2014-10-29 20:49 - 00001295 _____ () C:\Users\Public\Desktop\NCH Suite.lnk
2014-10-29 20:49 - 2014-10-29 20:49 - 00001155 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad Video Editor.lnk
2014-10-29 20:49 - 2014-10-29 20:49 - 00001143 _____ () C:\Users\Public\Desktop\VideoPad Video Editor.lnk
2014-10-29 20:49 - 2014-10-29 20:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
2014-10-29 20:47 - 2014-10-29 20:47 - 04830264 _____ (NCH Software) C:\Users\Home_PC\Downloads\vpsetup.exe
2014-10-29 18:20 - 2014-10-29 18:20 - 00000000 ____D () C:\Users\Home_PC\Desktop\VirtualDub-1.10.4
2014-10-29 10:42 - 2014-10-29 10:42 - 00000000 ____D () C:\Users\Home_PC\Documents\Telltale Games
2014-10-29 10:41 - 2014-10-29 10:41 - 00000000 ____D () C:\Users\All\Documents\Telltale Games
2014-10-28 21:44 - 2014-10-28 21:44 - 00000000 ____D () C:\Users\Home_PC\Desktop\pok_data
2014-10-28 21:31 - 2014-10-28 21:31 - 00000716 _____ () C:\Users\Home_PC\Desktop\Audacity.lnk
2014-10-28 21:31 - 2014-10-28 21:31 - 00000716 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-10-28 21:30 - 2014-10-28 21:30 - 00000000 __SHD () C:\Users\Home_PC\AppData\Local\EmieUserList
2014-10-28 21:30 - 2014-10-28 21:30 - 00000000 __SHD () C:\Users\Home_PC\AppData\Local\EmieSiteList
2014-10-28 21:15 - 2014-10-28 21:30 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-10-28 21:15 - 2014-10-28 21:15 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\Opera Software
2014-10-28 21:15 - 2014-10-28 21:15 - 00000000 ____D () C:\Users\Home_PC\AppData\Local\Opera Software
2014-10-28 21:14 - 2014-10-28 21:14 - 00000931 _____ () C:\Users\Home_PC\Desktop\MediaHuman YouTube to MP3 Converter.lnk
2014-10-28 21:14 - 2014-10-28 21:14 - 00000214 _____ () C:\Users\Home_PC\Desktop\Visit MediaHuman Website.url
2014-10-28 21:14 - 2014-10-28 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaHuman
2014-10-28 21:13 - 2014-10-28 21:13 - 16762208 _____ ( ) C:\Users\Home_PC\Desktop\YouTubeToMP3.exe
2014-10-28 21:09 - 2014-10-28 21:10 - 31386424 _____ (DVDVideoSoft Ltd. ) C:\Users\Home_PC\Desktop\FreeYouTubeToMP3Converter.exe
2014-10-28 20:35 - 2014-10-28 20:49 - 00000000 ____D () C:\Users\Home_PC\AppData\Local\Ashampoo Movie Studio
2014-10-28 20:32 - 2014-10-28 20:32 - 00001232 _____ () C:\Users\Public\Desktop\CleverReach.com.lnk
2014-10-28 20:32 - 2014-10-28 20:32 - 00000903 _____ () C:\Users\Public\Desktop\Ashampoo Movie Studio.lnk
2014-10-28 20:32 - 2014-10-28 20:32 - 00000213 _____ () C:\Users\Public\Desktop\Your Software Deals.url
2014-10-28 20:32 - 2014-10-28 20:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2014-10-28 20:22 - 2014-10-28 20:25 - 174698672 _____ (Ashampoo GmbH & Co. KG ) C:\Users\Home_PC\Desktop\ashampoo_movie_studio_e1.0.17_sm.exe
2014-10-28 20:12 - 2014-10-29 18:14 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\avidemux
2014-10-28 18:59 - 2014-10-28 18:59 - 00000738 _____ () C:\Users\Public\Desktop\Avidemux 2.6 (32-bit).lnk
2014-10-28 18:59 - 2014-10-28 18:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux
2014-10-28 18:48 - 2014-10-28 18:49 - 24960294 _____ () C:\Users\Home_PC\Desktop\Avidemux-setup.exe
2014-10-28 13:18 - 2014-10-28 13:18 - 00000000 ____D () C:\Users\Home_PC\Documents\Electronic Arts
2014-10-28 13:13 - 2014-10-19 15:54 - 00447752 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
2014-10-28 13:12 - 2014-10-28 13:13 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-28 13:12 - 2014-10-28 13:12 - 00000876 _____ () C:\Users\Public\Desktop\The Sims 4.lnk
2014-10-28 13:12 - 2014-10-28 13:12 - 00000876 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4.lnk
2014-10-28 12:56 - 2014-10-28 10:03 - 00000956 _____ () C:\Users\Home_PC\Desktop\DVD + divX seznam pravděpodobně kompletní vč orig 2010-08-30 pracovní úprava - final.lnk
2014-10-28 12:56 - 2005-10-26 09:26 - 00048640 _____ () C:\Users\Home_PC\Desktop\DVD seznam pravdipodobni kompletní 25-10-2005.xls
2014-10-28 12:56 - 2005-10-26 09:26 - 00045568 _____ () C:\Users\Home_PC\Desktop\DVD seznam pravdipodobni kompletní 25-10-2005 k tisku.xls
2014-10-28 09:07 - 2014-10-28 09:08 - 00000000 ____D () C:\Users\Home_PC\Desktop\Violby, zastupitelstvo
2014-10-25 07:32 - 2014-10-25 07:32 - 00000917 _____ () C:\Users\Public\Desktop\Quake II (Berserker@Quake2).lnk
2014-10-25 07:32 - 2014-10-25 07:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quake II (Berserker@Quake2)
2014-10-20 20:16 - 2014-10-20 20:16 - 00007908 _____ () C:\Users\Home_PC\Desktop\cc_20141020_211655.reg
2014-10-20 18:33 - 2014-10-20 18:33 - 00000000 ____D () C:\Games
2014-10-20 17:21 - 2014-10-20 17:21 - 00003402 _____ () C:\Windows\System32\Tasks\LuckyTab
2014-10-20 17:21 - 2014-10-20 17:21 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\Microsoft\Windows\Start Menu\LuckyTab
2014-10-20 17:21 - 2014-10-20 17:21 - 00000000 ____D () C:\Program Files (x86)\LuckyTab
2014-10-19 18:52 - 2014-10-19 18:52 - 00004647 _____ () C:\Users\Home_PC\Downloads\CENEK_PAVEL_ING(1).p12
2014-10-19 10:09 - 2014-10-19 10:09 - 00001000 _____ () C:\Users\Home_PC\Desktop\nw – zástupce.lnk
2014-10-18 19:36 - 2014-10-18 19:36 - 00025038 _____ () C:\Users\All\Desktop\hs_err_pid3636.log
2014-10-18 15:52 - 2014-10-18 15:52 - 00025240 _____ () C:\Users\All\Desktop\hs_err_pid7200.log
2014-10-18 13:39 - 2014-10-18 13:39 - 00001018 _____ () C:\Users\All\Desktop\nw – zástupce.lnk
2014-10-18 13:24 - 2014-10-18 13:24 - 00025186 _____ () C:\Users\All\Desktop\hs_err_pid5136.log
2014-10-18 11:03 - 2014-10-18 11:03 - 00025501 _____ () C:\Users\All\Desktop\hs_err_pid7936.log
2014-10-13 15:09 - 2014-10-13 15:18 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\Magic Set Editor
2014-10-08 20:16 - 2014-10-08 20:16 - 00000000 ____D () C:\Users\Home_PC\Documents\MKGame
2014-10-08 17:58 - 2014-10-08 18:01 - 00000000 ____D () C:\Users\Home_PC\Documents\MK-LOL
2014-10-08 17:58 - 2014-10-08 17:58 - 00000058 _____ () C:\Windows\JQHApp.dat
2014-10-08 17:58 - 2014-10-08 17:58 - 00000000 ____D () C:\Users\Home_PC\Documents\MKJogo
2014-10-08 17:57 - 2014-10-08 19:42 - 00000899 _____ () C:\Users\Home_PC\Desktop\MK LOL.lnk
2014-10-08 17:57 - 2014-10-08 17:57 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MKJogo
2014-10-08 17:56 - 2014-10-30 20:44 - 00000000 ____D () C:\Users\All\Desktop\LoLSkins
2014-10-08 12:51 - 2014-10-08 12:51 - 00000000 ____D () C:\Users\All\AppData\Local\EdgeOfReality
2014-10-07 19:33 - 2014-10-12 16:28 - 00106978 _____ () C:\Users\All\Downloads\Untitled.mse-set
2014-10-07 19:33 - 2014-10-07 19:50 - 00111987 _____ () C:\Users\All\Downloads\Untitled.mse-set.bak
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-04 21:33 - 2014-03-20 19:43 - 00000000 ____D () C:\FRST
2014-11-04 21:18 - 2013-05-27 05:59 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-04 21:00 - 2011-04-12 09:34 - 00689920 _____ () C:\Windows\system32\perfh005.dat
2014-11-04 21:00 - 2011-04-12 09:34 - 00150656 _____ () C:\Windows\system32\perfc005.dat
2014-11-04 21:00 - 2009-07-14 06:13 - 01637298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-04 20:59 - 2012-02-28 23:08 - 01488658 _____ () C:\Windows\WindowsUpdate.log
2014-11-04 20:58 - 2014-02-20 18:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-11-04 20:58 - 2012-09-15 08:56 - 00000000 ____D () C:\Temp
2014-11-04 20:58 - 2012-02-29 00:37 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-04 20:58 - 2012-02-29 00:37 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-11-04 20:57 - 2014-07-08 05:14 - 00041754 _____ () C:\Windows\setupact.log
2014-11-04 20:53 - 2009-07-14 05:45 - 00024720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-04 20:53 - 2009-07-14 05:45 - 00024720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-04 20:47 - 2014-03-26 22:36 - 00000448 ____H () C:\Windows\Tasks\SW.Booster-S-1935984173.job
2014-11-04 20:46 - 2014-07-15 04:41 - 00086688 _____ () C:\Windows\PFRO.log
2014-11-04 20:46 - 2012-12-13 15:18 - 00000000 ____D () C:\Windows\uninstall
2014-11-04 20:46 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-04 20:42 - 2012-02-29 00:36 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-11-04 19:16 - 2012-02-28 22:17 - 00003974 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{688A73AE-B742-4599-AB00-4D8F743FCC7C}
2014-11-04 18:12 - 2014-07-02 13:43 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-04 18:04 - 2014-08-10 05:25 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-11-04 18:03 - 2014-03-19 21:49 - 00000000 ____D () C:\AdwCleaner
2014-11-04 17:59 - 2013-05-04 13:12 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\Seznam.cz
2014-11-04 17:59 - 2013-05-04 13:12 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2014-11-04 17:58 - 2013-01-30 17:39 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-11-04 17:58 - 2012-03-11 23:06 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-11-03 19:36 - 2014-03-20 20:54 - 02114560 _____ (Farbar) C:\Users\Home_PC\Desktop\FRST64.exe
2014-11-03 19:36 - 2014-03-20 12:45 - 00000000 ____D () C:\Users\Home_PC\Desktop\antiviry
2014-11-03 19:13 - 2013-05-04 14:12 - 00000000 ____D () C:\Users\All\AppData\Roaming\Seznam.cz
2014-11-03 19:08 - 2012-06-30 17:56 - 00000000 ____D () C:\Users\All\AppData\Roaming\Skype
2014-11-02 18:42 - 2013-05-08 17:48 - 00000000 ____D () C:\Users\All\AppData\Roaming\.minecraft
2014-10-30 12:25 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-30 09:56 - 2014-02-20 18:38 - 01538880 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-10-30 05:53 - 2014-07-29 16:54 - 18497600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-10-30 05:53 - 2014-02-20 18:22 - 16886168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-10-30 05:53 - 2014-02-20 18:22 - 02849224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-10-30 05:53 - 2012-02-29 00:37 - 20966504 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-10-30 05:53 - 2012-02-29 00:37 - 03237528 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-10-30 05:53 - 2012-02-09 21:43 - 00987008 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-10-30 05:53 - 2011-05-21 06:01 - 00027024 _____ () C:\Windows\system32\nvinfo.pb
2014-10-30 03:10 - 2012-02-29 00:37 - 06880968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-10-30 03:10 - 2012-02-29 00:37 - 03533632 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-10-30 03:10 - 2012-02-29 00:37 - 02558792 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-10-30 03:10 - 2012-02-29 00:37 - 00935232 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-10-30 03:10 - 2012-02-29 00:37 - 00385352 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-10-30 03:10 - 2012-02-29 00:37 - 00061640 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-10-29 18:05 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-10-29 17:59 - 2014-07-14 08:34 - 00093107 _____ () C:\Windows\DirectX.log
2014-10-29 17:59 - 2013-02-01 07:52 - 00000000 ____D () C:\Users\Home_PC\AppData\Local\Windows Live
2014-10-29 17:49 - 2013-06-17 12:36 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\Audacity
2014-10-29 17:49 - 2012-04-06 13:03 - 00000000 ____D () C:\Users\Home_PC\AppData\Local\Google
2014-10-29 17:49 - 2012-04-06 13:03 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-28 20:32 - 2012-07-04 19:25 - 00000000 ____D () C:\ProgramData\ashampoo
2014-10-28 16:26 - 2013-08-29 10:43 - 00000000 ____D () C:\Users\All\Documents\Electronic Arts
2014-10-28 13:13 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-28 09:09 - 2014-05-04 08:20 - 00000000 ____D () C:\Users\Home_PC\Desktop\Nová složka (2)
2014-10-28 09:07 - 2014-10-02 18:46 - 00000000 ____D () C:\Users\Home_PC\Desktop\ZSM
2014-10-28 09:06 - 2014-10-02 18:47 - 00000000 ____D () C:\Users\Home_PC\Desktop\Chlapi a spol
2014-10-28 09:06 - 2014-08-09 17:39 - 00000000 ____D () C:\Users\Home_PC\Desktop\fun foto
2014-10-28 09:05 - 2014-10-02 18:49 - 00000000 ____D () C:\Users\Home_PC\Desktop\Tábory Štěpán
2014-10-28 09:01 - 2014-10-02 18:56 - 00000000 ____D () C:\Users\Home_PC\Desktop\Pozvánky narozeniny
2014-10-28 08:54 - 2014-03-20 20:54 - 00000000 ____D () C:\Users\Home_PC\Desktop\sh
2014-10-28 08:54 - 2014-03-20 20:53 - 00000000 ____D () C:\Users\Home_PC\Desktop\2014_01_04
2014-10-28 08:53 - 2014-03-20 20:53 - 00000000 ____D () C:\Users\Home_PC\Desktop\Povodí 10.2013 k prověření
2014-10-28 08:53 - 2014-03-20 20:53 - 00000000 ____D () C:\Users\Home_PC\Desktop\OOP 15.02.2014
2014-10-28 08:53 - 2014-03-20 20:53 - 00000000 ____D () C:\Users\Home_PC\Desktop\files
2014-10-27 01:34 - 2012-05-25 20:47 - 04066553 _____ () C:\Windows\system32\nvcoproc.bin
2014-10-26 11:26 - 2012-04-06 12:47 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2014-10-26 07:42 - 2012-09-22 06:03 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\uTorrent
2014-10-24 22:46 - 2012-08-27 08:36 - 00000000 ____D () C:\Users\All\AppData\Roaming\TS3Client
2014-10-23 05:33 - 2014-06-29 12:30 - 00000000 ____D () C:\Users\All\AppData\Local\Game Dev Tycoon - Steam
2014-10-22 18:10 - 2014-05-08 19:00 - 00000000 ____D () C:\Users\Home_PC\Desktop\JDownloader
2014-10-20 21:01 - 2014-07-11 14:54 - 00000000 ____D () C:\Users\Home_PC\AppData\Local\Game Dev Tycoon - Steam
2014-10-20 19:06 - 2014-03-20 05:14 - 00001168 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-10-20 19:06 - 2014-03-20 05:14 - 00001156 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-10-20 19:06 - 2012-02-28 23:08 - 00001402 _____ () C:\Users\Home_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-18 10:50 - 2013-10-05 16:30 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\.minecraft
2014-10-18 09:50 - 2012-03-11 10:10 - 00000000 ____D () C:\Users\All\Documents\My Games
2014-10-18 09:13 - 2012-03-16 20:11 - 00016896 _____ () C:\Users\All\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-14 19:14 - 2013-12-12 15:31 - 00012440 _____ () C:\Users\All\Desktop\Nový List aplikace Microsoft Office Excel.xlsx
2014-10-10 03:58 - 2009-07-14 06:08 - 00032638 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-09 20:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Web
Files to move or delete:
====================
C:\Users\Home_PC\AppData\Roaming\Origin\update.vbe
Some content of TEMP:
====================
C:\Users\Home_PC\AppData\Local\Temp\aacdec.exe
C:\Users\Home_PC\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Home_PC\AppData\Local\Temp\MovieStudio.exe
C:\Users\Home_PC\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Home_PC\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Home_PC\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Home_PC\AppData\Local\Temp\nvStInst.exe
C:\Users\Home_PC\AppData\Local\Temp\Quarantine.exe
C:\Users\Home_PC\AppData\Local\Temp\YourFileDownloader8DpKlXz8Mt.exe
C:\Users\Home_PC\AppData\Local\Temp\YourFileDownloaderj5iThuTCJt.exe
C:\Users\Home_PC\AppData\Local\Temp\YourFileDownloadertr7BCKINsz.exe
C:\Users\Home_PC\AppData\Local\Temp\YourFileDownloaderXMrMW9JJ1o.exe
C:\Users\Home_PC\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-26 13:01
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (System W7) (Fixed) (Total:83.75 GB) (Free:5.62 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.51 GB) (Free:47.72 GB) NTFS
Drive m: () (Fixed) (Total:931.5 GB) (Free:8.67 GB) NTFS
Available physical RAM: 6368.98 MB
Total physical RAM: 8169.33 MB
Percentage of memory in use: 22%
==================== MBR and Partition Table ==================
Disk: 2 (Size: 931.5 GB) (Disk ID: 3A9E720B)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\SW.Booster-S-1935984173.job => c:\programdata\puresafe\sw.booster\SW.Booster.exe <==== ATTENTION
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Home_PC\Desktop" je 2578 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Home_PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenBitCoin.exe.lnk
C:\PROGRA~2\OPENBI~1\daemon.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Home_PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Registration Heroes of Might & Magic 5.LNK
C:\Program Files (x86)\Ubisoft\Heroes of Might and Magic V Collector Edition\registration\RegistrationReminder.exe [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
a
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-11-2014
Ran by Home_PC at 2014-11-04 21:34:13
Running from C:\Users\Home_PC\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34944 - BitTorrent Inc.)
2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
AeroFly Professional Deluxe (HKLM-x32\...\{8B3E5A90-1F6E-4FAF-B84F-C306C8A80809}) (Version: 1.8.0.9 - )
Agatha Christie - Deset malých černoušků (HKLM-x32\...\{F9D661EF-69AB-4017-82BB-6FD10AB089B6}) (Version: 1.0 - )
Aktualizace NVIDIA 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_PROHYBRIDR_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_PROHYBRIDR_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_PROHYBRIDR_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Movie Studio v.1.0.17 (HKLM-x32\...\{91B33C97-54B3-9CEB-E911-246EDA9BDC9A}_is1) (Version: 1.0.17 - Ashampoo GmbH & Co. KG)
Assassin's Creed Revelations 1.03 (HKLM-x32\...\{33A22B2D-55BA-4508-B767-BF2E9C21A73F}) (Version: 1.03 - Ubisoft)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Avidemux 2.6 (32-bit) (HKLM-x32\...\Avidemux 2.6) (Version: 2.6.8.9045 - )
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.8.1 - BitRaider, LLC)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
calibre (HKLM-x32\...\{AB259D81-DE6B-4554-B4A8-DB13D321FBF2}) (Version: 0.9.18 - Kovid Goyal)
Canon LBP7010C/7018C (HKLM\...\Canon LBP7010C/7018C) (Version: - )
CanoScan 9000F Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_cnq9602) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 3.15 - Piriform)
CCleaner (HKLM-x32\...\CCleaner) (Version: 2.36 - Piriform)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.3.0297 - DT Soft Ltd)
Disk Explorer Professional 3 (HKLM-x32\...\DEPro3) (Version: 3.70 - Tomas Jelinek)
dupeGuru (HKLM-x32\...\{926F26B2-8CCD-42C2-8F5A-A3F9E682BC62}) (Version: 3.8.0 - Hardcoded Software)
EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
Facebook Video Calling 1.2.0.287 (HKLM-x32\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited)
Far Cry (HKLM-x32\...\Steam App 13520) (Version: - Crytek Studios)
Far Cry 2 (HKLM-x32\...\Steam App 19900) (Version: - Ubisoft Montreal)
FormatFactory 2.90 (HKLM-x32\...\FormatFactory) (Version: 2.90 - Free Time)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
FreeRIP Toolbar v6.0 (HKLM-x32\...\{695A9F6A-6EA9-44DA-A04A-53778AC7C410}) (Version: 6.0 - Spigot, Inc.) <==== ATTENTION
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version: - Greenheart Games)
GameShadow (HKLM-x32\...\{3AE325C5-5B0F-48E5-BAC9-B55C64467681}) (Version: 2.02.0000 - GameShadow Ltd)
Gothic III (HKLM-x32\...\{A225AD86-3D03-4097-98D3-7CEE689E1ED5}) (Version: 1.0.0 - JoWooD )
Heroes of Might and Magic III Complete (HKLM-x32\...\InstallShield_{EDFB64A7-5BFD-4137-943D-5663149A15F5}) (Version: 1.00.0000 - CD Projekt)
Heroes of Might and Magic III Complete (x32 Version: 1.00.0000 - CD Projekt) Hidden
Intel(R) Desktop Utilities (HKLM-x32\...\InstallShield_{D5712598-E05C-4B51-B97B-66A2EBC80170}) (Version: 3.2.1 - Intel Corporation)
Intel(R) Desktop Utilities (x32 Version: 3.2.1 - Intel Corporation) Hidden
Intel(R) Network Connections 16.8.46.0 (HKLM\...\PROSetDX) (Version: 16.8.46.0 - Intel)
Intel(R) SMBus (HKLM\...\SMBus) (Version: - )
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Malwarebytes Anti-Malware verze 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Mass Effect™ 3 (HKLM-x32\...\{6A9D1594-7791-48f5-9CAA-DE9BCB968320}) (Version: 1.01.0.0 - Electronic Arts)
Media Player Classic - Home Cinema 1.6.0.4014 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.6.0.4014 - MPC-HC Team)
MediaHuman YouTube to MP3 Converter verze 3.6 (HKLM-x32\...\MediaHuman YouTube to MP3 Converter_is1) (Version: 3.6 - )
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft 1.6.2 (HKLM-x32\...\Minecraft 1.6.2) (Version: - )
MK LOL (HKCU\...\MK LOL) (Version: - )
MouseCraft (HKLM-x32\...\1207664833_is1) (Version: 2.0.0.1 - GOG.com)
Mozilla Firefox 32.0.3 (x86 cs) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 cs)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
MyProduct (HKLM-x32\...\MyProduct) (Version: - )
Need for Speed(TM) Hot Pursuit (HKLM-x32\...\{83A606F5-BF6F-42ED-9F33-B9F74297CDED}) (Version: 1.0.0.0 - Electronic Arts)
Nero 9 Essentials (HKLM-x32\...\{aa6b4c41-b523-498e-89ba-0c45dc927651}) (Version: - Nero AG)
Nero BurningROM 12 (HKLM-x32\...\{C0CA68BF-2963-4139-8207-1E83038F86F8}) (Version: 12.0.00800 - Nero AG)
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 344.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.60 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 344.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.46 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 344.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.60 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Období Sklizně (HKLM-x32\...\Období Sklizně) (Version: - Alawar Entertainment Inc.)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 344.60 (Version: 344.60 - NVIDIA Corporation) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
QNAP Finder (HKLM-x32\...\QNAP_FINDER) (Version: 3.4.3.0523 - QNAP Systems, Inc.)
Quake II (engine Berserker@Quake2 1.39) (HKLM-x32\...\Quake II (engine Berserker@Quake2 1.39)) (Version: - )
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Rapture3D 2.4.11 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.28.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.28.0 - Renesas Electronics Corporation) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.33.0 - SAMSUNG Electronics Co., Ltd.)
SDÍLEJ.CZ Manager (HKCU\...\69f070f18ade444c) (Version: 0.0.1.34 - SDÍLEJ.CZ)
Sherlock Holmes Crimes and Punishments (HKLM-x32\...\Sherlock Holmes Crimes and Punishments_is1) (Version: 1.0 - PLAZA)
SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Stronghold Crusader 2 (HKLM-x32\...\Stronghold Crusader 2_is1) (Version: - )
Subtitle Workshop 2.51 (HKLM-x32\...\SubtitleWorkshop) (Version: - )
Sweet Home 3D version 4.4 (HKLM\...\Sweet Home 3D_is1) (Version: - eTeks)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab Detection (HKLM-x32\...\{D9066316-2B37-42D3-8A70-658A9424DF3C}) (Version: 2.0.0.0 - Husdawg, LLC)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
The Sims 4 (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - )
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.55 public beta 3 - Ghisler Software GmbH)
Trials Fusion (HKLM-x32\...\Trials Fusion_is1) (Version: - )
TuxGuitar (HKLM-x32\...\{03534DA5-2F88-4B8E-A978-849B979E1B8F}) (Version: 1.2 - Herac)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 2.1 - Ubisoft)
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 3.74 - NCH Software)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Web Translator (HKLM-x32\...\Web Translator) (Version: - )
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinZip 15.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BE}) (Version: 15.0.9302 - WinZip Computing, S.L. )
Zoner Callisto 5 FREE (HKLM-x32\...\ZonerCallisto5_CZ_is1) (Version: 5.0.5000.16 - ZONER software)
Zoner Photo Studio 13 (HKLM\...\ZonerPhotoStudio13_CZ_is1) (Version: 13.0.1.3 - ZONER software)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-765561512-130652983-1916819721-1000_Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}\InprocServer32 -> %LOCALAPPDATA%\Pokki\ocdeskband_0.dll No File
CustomCLSID: HKU\S-1-5-21-765561512-130652983-1916819721-1000_Classes\CLSID\{BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B}\InprocServer32 -> C:\Program Files\Zoner\Photo Studio 13\Program64\SHELLEXT.DLL (ZONER software)
==================== Restore Points =========================
04-11-2014 16:58:49 Removed Skype Click to Call
04-11-2014 17:11:48 Installed Java 7 Update 71
04-11-2014 19:41:51 Nainstalováno rozhraní DirectX
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2014-03-22 09:04 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {104088C1-1943-4B2C-8CB4-659505EEB097} - System32\Tasks\Origin => C:\Users\Home_PC\AppData\Roaming\Origin\update.vbe [2014-09-07] () <==== ATTENTION
Task: {112F61B9-C631-4219-8282-CF3F44532E06} - System32\Tasks\{CA2F9B76-FB67-4AED-83F9-EC5013448E9E} => D:\štěpán\aWarcraft III\Biturn\Diablo II\Diablo II.exe
Task: {117FF4CB-3A85-44D5-B5D4-37F80EFAEB6F} - System32\Tasks\{673AE4E8-FF4E-487E-97BC-93CC61E607CE} => D:\Program Files (x86)\Steam\Steam.exe [2014-09-23] (Valve Corporation)
Task: {12081B36-58DA-4E4B-902C-BCCD8ACB2C1B} - System32\Tasks\{E4C61A85-F4B9-47D3-87FD-9A8E29878854} => C:\Users\All\Desktop\Štěpán\NTSD2.4\NTSD.exe
Task: {148A85CF-CBB6-481D-9433-46CBA9985616} - System32\Tasks\{2310C9C8-5F59-4A27-BE25-27BD8A38A756} => D:\__save league of legends\Diablo II\Diablo II.exe
Task: {1B0CDB3C-327D-4E81-8AFA-F2B3029190E8} - System32\Tasks\{E5E7DD96-76D2-44BB-B685-D7289AAD2F09} => D:\_download štěpán\League of Legends\lol.launcher.exe
Task: {1BD6BAEB-BF1E-4DF2-B0E7-947588D52C62} - System32\Tasks\{33A38BD4-E1A2-47A9-9E02-F7F3ACE8B02F} => C:\Users\All\Desktop\Štěpán\Nová složka\DEViANCE CRACK\Europa1400Gold.exe
Task: {21F6E09A-DBEA-4AA3-96C8-2BDA6A25E7C8} - System32\Tasks\{D2525F28-817C-486C-9A9C-02BF477E291F} => C:\Users\All\Desktop\Štěpán\NTSD2.4\NTSD.exe
Task: {24C45985-DD99-4FFF-9D82-BAC3231BB45F} - System32\Tasks\{A0911DD7-E8E3-4B13-A817-DB6B9FDAD331} => C:\Users\All\Desktop\Štěpán\Nová složka\DEViANCE CRACK\Europa1400Gold.exe
Task: {26CD1F58-34E1-472B-B1F0-278689F56BA8} - System32\Tasks\LuckyTab => C:\Program Files (x86)\LuckyTab\LuckyTab.exe [2014-10-20] (http://lucky-tab.com/)
Task: {2ECD702A-7FE7-40F8-A022-CF306671A1B0} - System32\Tasks\{3F558146-3219-403C-B0A0-F21F693BC40E} => M:\finálka\__games\Lego Soccer Mania\Game.exe [2002-06-20] ()
Task: {2F86DD56-C19D-4FE0-A989-EACB67C51CFA} - System32\Tasks\{01931EE4-C673-4CBD-A14A-967399AA54F3} => D:\Program Files\JoWooD\Gothic III\Gothic3.exe
Task: {36818234-7712-4795-8D22-D790B18A65DD} - System32\Tasks\{F216BCA2-B789-4FAA-AACA-D86803803093} => D:\Program Files (x86)\Steam\Steam.exe [2014-09-23] (Valve Corporation)
Task: {368F234A-B49C-4121-B8A1-66EAC1E81028} - System32\Tasks\{B1890918-60BF-4DD7-8BB7-5BAFDE3D390A} => D:\štěpán\aWarcraft III\Biturn\Diablo II\Diablo II.exe
Task: {49D8586B-D8CA-43FC-B1D3-DD241C572552} - System32\Tasks\{D2887CAF-01FC-4523-9935-E837ED347E7A} => C:\Program Files (x86)\Cyanide\Loki\Autorun\Autorun.exe
Task: {4BD6FB5C-182F-4DF7-9790-0274E791F90C} - System32\Tasks\{9EA05D69-2188-4FF5-B2AF-D7EDE04C6B84} => C:\Program Files (x86)\Strategy First\Europa Universalis 2\EU2.exe
Task: {56979844-5852-40DA-BEB0-073F1DEB4E84} - System32\Tasks\{233A2164-5832-424A-9E99-8B5E4DC7AA04} => D:\Program Files (x86)\Steam\Steam.exe [2014-09-23] (Valve Corporation)
Task: {743C48A5-5892-4EAA-A2CC-19011A02CDE7} - System32\Tasks\{73A57097-106A-4826-82ED-DE5E203CA487} => C:\Program Files (x86)\Bethesda Softworks\Oblivion\OblivionLauncher.exe
Task: {74494891-1520-4526-9400-7B20565C36DD} - System32\Tasks\{B0B95F2C-F97A-4457-90B0-064372259606} => D:\Program Files\JoWooD\Gothic III\Gothic3.exe
Task: {77A2CF29-AFFF-452E-8123-58B0E945962F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {793CB69C-AF5D-4A33-9F1A-CB50F5B064E8} - System32\Tasks\{3208FBF5-6C02-47B7-B199-048C6A7D11A8} => D:\Riot Games\League of Legends\lol.launcher.exe [2012-10-29] ()
Task: {7D29E84E-7046-41AB-97BA-F5A44A0C9AC6} - System32\Tasks\{BCE1E09F-4E24-4673-B05D-56571494039B} => C:\Program Files (x86)\Mount&Blade\mount&blade.exe
Task: {7D328EF0-54A1-4585-9D32-4E10842D422E} - System32\Tasks\{6B749465-4AEC-45BA-814C-D7CC8AF68AB2} => D:\__save league of legends\Diablo II\Diablo II.exe
Task: {836D1CBF-E58F-457D-9C41-F96F45731DA1} - System32\Tasks\{708AB068-FEC5-46DA-ABF5-54CFA21FB4AE} => C:\Users\All\Desktop\Torchlight\Torchlight.exe
Task: {88156D89-D62D-48BD-BB75-CC781B4F4C66} - System32\Tasks\{1BF52BAB-47A9-42C2-9447-D19BF7801E57} => C:\Users\All\Desktop\Minecraft-warez.exe
Task: {8BD0B81F-7C62-48AD-A3FF-636539951F90} - System32\Tasks\{ABCE0E8E-E9BD-4624-91FD-B057141F5A05} => C:\Program Files (x86)\Telestream\Wirecast\Wirecast.exe
Task: {962BFB90-C0D8-4F2E-8990-FF60BB2B284E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9D8AC9A1-5804-4184-8BDE-D43A972F4568} - System32\Tasks\{726A7B5F-C16E-4B11-B574-F24F949D9C30} => D:\Legend\The Elder Scrolls V Skyrim\SkyrimLauncher.exe
Task: {A0F15DB5-2988-4A5C-B54D-4D060A08923F} - System32\Tasks\{F79E2209-7F4D-4A86-ABFF-6FC017D07D88} => C:\Program Files (x86)\Activision\Prototype\prototypef.exe
Task: {B1436FDA-8779-42D2-B7D8-338ADF5F3372} - System32\Tasks\{FB2D14B0-A45C-4A3B-A3AE-C9BB2208901A} => K:\steam\GameOverlayUI.exe
Task: {B9377B18-C77F-46B1-8795-98F75CE5DCDA} - System32\Tasks\{552798B6-30B8-4034-B746-4E6484A35F06} => C:\Program Files (x86)\Bethesda Softworks\Oblivion\OblivionLauncher.exe
Task: {B964A853-0861-4CAA-BEE1-0D02DCB9DF7F} - System32\Tasks\{76A3FC08-FA59-42E9-BD71-C7AC4C906641} => E:\browsercall.exe
Task: {BFC50117-F298-4F94-BF7A-0B5E26CEC925} - System32\Tasks\{4DA45FC8-5B31-40C7-A019-F2C94F3013D5} => C:\Users\All\Desktop\Štěpán\Warcraft III PLUS DATADISC CZ\World Editor.exe
Task: {C2B08289-35A3-4F50-8B8D-63914D90D7AC} - System32\Tasks\{32AA287E-D7A9-4412-86B9-F4AD102EDBD0} => D:\Program Files (x86)\Steam\Steam.exe [2014-09-23] (Valve Corporation)
Task: {D0C07638-1EC4-40EC-94CC-F6BB64C305D3} - System32\Tasks\{F6731524-BC90-4945-9A19-9EE3B168B4CB} => D:\Program Files (x86)\Steam\Steam.exe [2014-09-23] (Valve Corporation)
Task: {E03E1D26-5004-40E1-9BE8-5FDCBF912EA5} - System32\Tasks\{F1D8CA28-26C3-406A-9C19-43D2803BBF9F} => C:\Users\All\Desktop\Štěpán\Nová složka\DEViANCE CRACK\Europa1400Gold.exe
Task: {E145CDAA-13F0-4CBD-A1A5-9FE03907AB21} - System32\Tasks\{0787F179-7985-458B-BC8E-39896C7C1181} => D:\Program Files\JoWooD\Gothic III\Gothic3.exe
Task: {E3CC9947-C41E-4FD7-A578-8D307045596C} - System32\Tasks\SW.Booster-S-1935984173 => c:\programdata\puresafe\sw.booster\SW.Booster.exe <==== ATTENTION
Task: {E727ED13-DFFE-4349-B01B-B5C4E76FD21E} - System32\Tasks\{E6293900-65EF-427B-B411-D14FCD090C72} => M:\finálka\__games\Lego Soccer Mania\Game.exe [2002-06-20] ()
Task: {EBBCCE8D-B8D6-4BF5-B189-AF3589985F5F} - System32\Tasks\{7C677327-A16A-4937-B8A3-8CE1E80F036D} => C:\Program Files (x86)\Worms Armageddon - New Edition\WA.exe
Task: {F7CC549B-351B-4D85-92C3-11006BAAEB89} - System32\Tasks\{6463B2A4-7555-43A0-9865-F69F0D283A95} => C:\Program Files (x86)\Mount&Blade\mount&blade.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\SW.Booster-S-1935984173.job => c:\programdata\puresafe\sw.booster\SW.Booster.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2014-03-17 21:04 - 2014-08-26 20:52 - 00066872 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-03-17 21:04 - 2014-08-26 20:52 - 00107832 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2012-02-29 00:38 - 2014-10-30 03:10 - 00117064 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 15:04 - 2014-04-23 15:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-09-21 16:57 - 2014-09-25 17:05 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Users^Home_PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenBitCoin.exe.lnk => C:\Windows\pss\OpenBitCoin.exe.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Home_PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Registration Heroes of Might & Magic 5.LNK => C:\Windows\pss\Registration Heroes of Might & Magic 5.LNK.Startup
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
========================= Accounts: ==========================
Administrator (S-1-5-21-765561512-130652983-1916819721-500 - Administrator - Disabled)
All (S-1-5-21-765561512-130652983-1916819721-1002 - Limited - Enabled) => C:\Users\All
ASPNET (S-1-5-21-765561512-130652983-1916819721-1004 - Limited - Enabled)
Guest (S-1-5-21-765561512-130652983-1916819721-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-765561512-130652983-1916819721-1006 - Limited - Enabled)
Home_PC (S-1-5-21-765561512-130652983-1916819721-1000 - Administrator - Enabled) => C:\Users\Home_PC
==================== Faulty Device Manager Devices =============
Name: USB camera
Description: USB camera
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: WD My Book Device USB Device
Description: WD My Book Device USB Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: SBRE
Description: SBRE
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SBRE
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standardní hostitelský řadič USB)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/04/2014 08:48:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/04/2014 08:41:52 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcSSAS and NSS certificates mismatching after deletion and regeneration [0]
Error: (11/04/2014 06:06:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/04/2014 05:51:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/04/2014 05:03:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/03/2014 07:07:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/03/2014 06:32:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program mbam.exe verze 1.0.0.532 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 11b4
Čas spuštění: 01cff78bfff19184
Čas ukončení: 0
Cesta k aplikaci: D:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
ID hlášení: 516b362d-637f-11e4-8745-3860771bc34b
Error: (11/03/2014 06:31:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program mbam.exe verze 1.0.0.532 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 834
Čas spuštění: 01cff78bdb0b0c8d
Čas ukončení: 0
Cesta k aplikaci: D:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
ID hlášení: 31b05562-637f-11e4-8745-3860771bc34b
Error: (11/03/2014 06:25:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/03/2014 05:05:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (11/04/2014 08:46:32 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
SBRE
Error: (11/04/2014 08:41:52 PM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.
Error: (11/04/2014 08:41:49 PM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.
Error: (11/04/2014 07:05:30 PM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.
Error: (11/04/2014 06:57:19 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.
Error: (11/04/2014 06:57:19 PM) (Source: atapi) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.
Error: (11/04/2014 06:04:51 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
SBRE
Error: (11/04/2014 05:51:55 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
SBRE
Error: (11/04/2014 05:03:27 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
SBRE
Error: (11/03/2014 07:07:38 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
SBRE
Microsoft Office Sessions:
=========================
Error: (04/09/2014 08:56:47 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 29 seconds with 0 seconds of active time. This session ended with a crash.
Error: (11/18/2012 09:38:52 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 15 seconds with 0 seconds of active time. This session ended with a crash.
Error: (11/18/2012 09:38:19 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 291 seconds with 240 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2014-03-22 08:59:43.333
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-22 08:59:43.293
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-22 08:59:43.243
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-22 08:59:43.203
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-21 21:52:34.041
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-21 21:52:34.001
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-21 21:52:33.961
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-21 21:52:33.921
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-21 21:49:31.176
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-21 21:49:31.136
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-2130 CPU @ 3.40GHz
Percentage of memory in use: 22%
Total physical RAM: 8169.33 MB
Available physical RAM: 6368.98 MB
Total Pagefile: 16336.84 MB
Available Pagefile: 14380.71 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (System W7) (Fixed) (Total:83.75 GB) (Free:5.62 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.51 GB) (Free:47.72 GB) NTFS
Drive m: () (Fixed) (Total:931.5 GB) (Free:8.67 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 3A9E720B)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Re: Prosím o preventivku
Upozornete syna na mnozstvi warezu a taktez velice doporucuji omezit instalaci nejruznejsich "youtube downloaderu", ktere byvaji temer 100% zdrojem (nejmene) adwaru.
- Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
- ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
- znovu spustte FRST a kliknete na Fix
- po restartu na Vas vyskoci fixlog, jehoz obsah mi vlozte do pristi odpovedi
Kód: Vybrat vše
Start CloseProcesses: HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation) HKU\S-1-5-21-765561512-130652983-1916819721-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3481408 2012-02-13] (DT Soft Ltd) Startup: C:\Users\Home_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler.exe () CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-765561512-130652983-1916819721-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION SearchScopes: HKCU - {88249AB9-9129-4AD5-93AC-7F8B889E2B9F} URL = http://search.yahoo.com/search?fr=chr-g ... =386496&p={searchTerms} FF NetworkProxy: "type", 4 FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Extension: BitAccelerator - C:\Program Files (x86)\Mozilla Firefox\extensions\{5ddeb737-082c-48fb-8c06-aa4b38d61e5f} [2014-09-21] S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X] S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [X] 2014-10-20 17:21 - 2014-10-20 17:21 - 00003402 _____ () C:\Windows\System32\Tasks\LuckyTab 2014-10-20 17:21 - 2014-10-20 17:21 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\Microsoft\Windows\Start Menu\LuckyTab 2014-10-20 17:21 - 2014-10-20 17:21 - 00000000 ____D () C:\Program Files (x86)\LuckyTab 2014-11-04 18:04 - 2014-08-10 05:25 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-11-04 17:58 - 2012-03-11 23:06 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy Folder: C:\Users\Home_PC\Desktop\antiviry C:\Users\Home_PC\AppData\Roaming\Origin\update.vbe REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Home_PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenBitCoin.exe.lnk" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Home_PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Registration Heroes of Might & Magic 5.LNK" /f Task: {104088C1-1943-4B2C-8CB4-659505EEB097} - System32\Tasks\Origin => C:\Users\Home_PC\AppData\Roaming\Origin\update.vbe [2014-09-07] () <==== ATTENTION Task: {26CD1F58-34E1-472B-B1F0-278689F56BA8} - System32\Tasks\LuckyTab => C:\Program Files (x86)\LuckyTab\LuckyTab.exe [2014-10-20] (http://lucky-tab.com/) Task: C:\Windows\Tasks\SW.Booster-S-1935984173.job => c:\programdata\puresafe\sw.booster\SW.Booster.exe <==== ATTENTION c:\programdata\puresafe Hosts: EmptyTemp: End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o preventivku
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-11-2014
Ran by Home_PC at 2014-11-05 05:34:24 Run:3
Running from C:\Users\Home_PC\Desktop
Loaded Profile: Home_PC (Available profiles: Home_PC & All)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-765561512-130652983-1916819721-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3481408 2012-02-13] (DT Soft Ltd)
Startup: C:\Users\Home_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler.exe ()
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-765561512-130652983-1916819721-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKCU - {88249AB9-9129-4AD5-93AC-7F8B889E2B9F} URL = http://search.yahoo.com/search?fr=chr-g ... =386496&p={searchTerms}
FF NetworkProxy: "type", 4
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Extension: BitAccelerator - C:\Program Files (x86)\Mozilla Firefox\extensions\{5ddeb737-082c-48fb-8c06-aa4b38d61e5f} [2014-09-21]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [X]
2014-10-20 17:21 - 2014-10-20 17:21 - 00003402 _____ () C:\Windows\System32\Tasks\LuckyTab
2014-10-20 17:21 - 2014-10-20 17:21 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\Microsoft\Windows\Start Menu\LuckyTab
2014-10-20 17:21 - 2014-10-20 17:21 - 00000000 ____D () C:\Program Files (x86)\LuckyTab
2014-11-04 18:04 - 2014-08-10 05:25 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-11-04 17:58 - 2012-03-11 23:06 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
Folder: C:\Users\Home_PC\Desktop\antiviry
C:\Users\Home_PC\AppData\Roaming\Origin\update.vbe
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Home_PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenBitCoin.exe.lnk" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Home_PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Registration Heroes of Might & Magic 5.LNK" /f
Task: {104088C1-1943-4B2C-8CB4-659505EEB097} - System32\Tasks\Origin => C:\Users\Home_PC\AppData\Roaming\Origin\update.vbe [2014-09-07] () <==== ATTENTION
Task: {26CD1F58-34E1-472B-B1F0-278689F56BA8} - System32\Tasks\LuckyTab => C:\Program Files (x86)\LuckyTab\LuckyTab.exe [2014-10-20] (http://lucky-tab.com/)
Task: C:\Windows\Tasks\SW.Booster-S-1935984173.job => c:\programdata\puresafe\sw.booster\SW.Booster.exe <==== ATTENTION
c:\programdata\puresafe
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NvBackend => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKU\S-1-5-21-765561512-130652983-1916819721-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
C:\Users\Home_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler.exe => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-765561512-130652983-1916819721-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{88249AB9-9129-4AD5-93AC-7F8B889E2B9F}" => Key deleted successfully.
"HKCR\CLSID\{88249AB9-9129-4AD5-93AC-7F8B889E2B9F}" => Key not found.
Firefox Proxy settings were reset.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key Deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{5ddeb737-082c-48fb-8c06-aa4b38d61e5f} => Moved successfully.
catchme => Service deleted successfully.
EagleX64 => Service deleted successfully.
GGSAFERDriver => Service deleted successfully.
SBRE => Service deleted successfully.
C:\Windows\System32\Tasks\LuckyTab => Moved successfully.
C:\Users\Home_PC\AppData\Roaming\Microsoft\Windows\Start Menu\LuckyTab => Moved successfully.
C:\Program Files (x86)\LuckyTab => Moved successfully.
C:\Program Files (x86)\Spybot - Search & Destroy 2 => Moved successfully.
C:\ProgramData\Spybot - Search & Destroy => Moved successfully.
========================= Folder: C:\Users\Home_PC\Desktop\antiviry ========================
2014-03-20 20:53 - 2014-03-20 10:18 - 1950720 _____ () C:\Users\Home_PC\Desktop\antiviry\adwcleaner.exe
2014-03-20 20:50 - 2014-03-20 20:50 - 5190052 ____R (Swearware) C:\Users\Home_PC\Desktop\antiviry\ComboFix.exe
2014-03-20 20:54 - 2014-03-20 19:54 - 0045286 _____ () C:\Users\Home_PC\Desktop\antiviry\FRST.txt
2014-03-20 20:53 - 2014-03-20 18:56 - 0401720 _____ (Trend Micro Inc.) C:\Users\Home_PC\Desktop\antiviry\HijackThis.exe
2014-03-20 20:53 - 2014-03-20 10:19 - 1037734 _____ (Thisisu) C:\Users\Home_PC\Desktop\antiviry\JRT.exe
2014-03-20 20:53 - 2014-03-20 10:23 - 0935175 _____ () C:\Users\Home_PC\Desktop\antiviry\RSITx64.exe
2014-03-20 20:53 - 2014-03-20 10:20 - 0165888 _____ () C:\Users\Home_PC\Desktop\antiviry\T-Cleaner.exe
2014-03-20 20:53 - 2014-03-20 10:20 - 0448512 _____ (OldTimer Tools) C:\Users\Home_PC\Desktop\antiviry\TFC.exe
2014-04-16 17:49 - 2014-07-02 05:19 - 0000000 ____D () C:\Users\Home_PC\Desktop\antiviry\FRST-OlderVersion
2014-03-20 19:41 - 2014-04-17 21:22 - 2158592 _____ (Farbar) C:\Users\Home_PC\Desktop\antiviry\FRST-OlderVersion\FRST64.exe
2014-03-20 19:42 - 2014-03-20 19:42 - 0112640 _____ (forum.viry.cz) C:\Users\Home_PC\Desktop\antiviry\FRST-OlderVersion\FRSTLauncher.exe
====== End of Folder: ======
C:\Users\Home_PC\AppData\Roaming\Origin\update.vbe => Moved successfully.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Home_PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenBitCoin.exe.lnk" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Home_PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Registration Heroes of Might & Magic 5.LNK" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{104088C1-1943-4B2C-8CB4-659505EEB097}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{104088C1-1943-4B2C-8CB4-659505EEB097}" => Key deleted successfully.
C:\Windows\System32\Tasks\Origin => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Origin" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{26CD1F58-34E1-472B-B1F0-278689F56BA8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{26CD1F58-34E1-472B-B1F0-278689F56BA8}" => Key deleted successfully.
C:\Windows\System32\Tasks\LuckyTab not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LuckyTab" => Key deleted successfully.
C:\Windows\Tasks\SW.Booster-S-1935984173.job => Moved successfully.
"c:\programdata\puresafe" => File/Directory not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 1.3 GB temporary data.
The system needed a reboot.
==== End of Fixlog ====
Ran by Home_PC at 2014-11-05 05:34:24 Run:3
Running from C:\Users\Home_PC\Desktop
Loaded Profile: Home_PC (Available profiles: Home_PC & All)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-765561512-130652983-1916819721-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3481408 2012-02-13] (DT Soft Ltd)
Startup: C:\Users\Home_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler.exe ()
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-765561512-130652983-1916819721-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKCU - {88249AB9-9129-4AD5-93AC-7F8B889E2B9F} URL = http://search.yahoo.com/search?fr=chr-g ... =386496&p={searchTerms}
FF NetworkProxy: "type", 4
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Extension: BitAccelerator - C:\Program Files (x86)\Mozilla Firefox\extensions\{5ddeb737-082c-48fb-8c06-aa4b38d61e5f} [2014-09-21]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [X]
2014-10-20 17:21 - 2014-10-20 17:21 - 00003402 _____ () C:\Windows\System32\Tasks\LuckyTab
2014-10-20 17:21 - 2014-10-20 17:21 - 00000000 ____D () C:\Users\Home_PC\AppData\Roaming\Microsoft\Windows\Start Menu\LuckyTab
2014-10-20 17:21 - 2014-10-20 17:21 - 00000000 ____D () C:\Program Files (x86)\LuckyTab
2014-11-04 18:04 - 2014-08-10 05:25 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-11-04 17:58 - 2012-03-11 23:06 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
Folder: C:\Users\Home_PC\Desktop\antiviry
C:\Users\Home_PC\AppData\Roaming\Origin\update.vbe
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Home_PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenBitCoin.exe.lnk" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Home_PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Registration Heroes of Might & Magic 5.LNK" /f
Task: {104088C1-1943-4B2C-8CB4-659505EEB097} - System32\Tasks\Origin => C:\Users\Home_PC\AppData\Roaming\Origin\update.vbe [2014-09-07] () <==== ATTENTION
Task: {26CD1F58-34E1-472B-B1F0-278689F56BA8} - System32\Tasks\LuckyTab => C:\Program Files (x86)\LuckyTab\LuckyTab.exe [2014-10-20] (http://lucky-tab.com/)
Task: C:\Windows\Tasks\SW.Booster-S-1935984173.job => c:\programdata\puresafe\sw.booster\SW.Booster.exe <==== ATTENTION
c:\programdata\puresafe
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NvBackend => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKU\S-1-5-21-765561512-130652983-1916819721-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
C:\Users\Home_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler.exe => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-765561512-130652983-1916819721-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{88249AB9-9129-4AD5-93AC-7F8B889E2B9F}" => Key deleted successfully.
"HKCR\CLSID\{88249AB9-9129-4AD5-93AC-7F8B889E2B9F}" => Key not found.
Firefox Proxy settings were reset.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key Deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{5ddeb737-082c-48fb-8c06-aa4b38d61e5f} => Moved successfully.
catchme => Service deleted successfully.
EagleX64 => Service deleted successfully.
GGSAFERDriver => Service deleted successfully.
SBRE => Service deleted successfully.
C:\Windows\System32\Tasks\LuckyTab => Moved successfully.
C:\Users\Home_PC\AppData\Roaming\Microsoft\Windows\Start Menu\LuckyTab => Moved successfully.
C:\Program Files (x86)\LuckyTab => Moved successfully.
C:\Program Files (x86)\Spybot - Search & Destroy 2 => Moved successfully.
C:\ProgramData\Spybot - Search & Destroy => Moved successfully.
========================= Folder: C:\Users\Home_PC\Desktop\antiviry ========================
2014-03-20 20:53 - 2014-03-20 10:18 - 1950720 _____ () C:\Users\Home_PC\Desktop\antiviry\adwcleaner.exe
2014-03-20 20:50 - 2014-03-20 20:50 - 5190052 ____R (Swearware) C:\Users\Home_PC\Desktop\antiviry\ComboFix.exe
2014-03-20 20:54 - 2014-03-20 19:54 - 0045286 _____ () C:\Users\Home_PC\Desktop\antiviry\FRST.txt
2014-03-20 20:53 - 2014-03-20 18:56 - 0401720 _____ (Trend Micro Inc.) C:\Users\Home_PC\Desktop\antiviry\HijackThis.exe
2014-03-20 20:53 - 2014-03-20 10:19 - 1037734 _____ (Thisisu) C:\Users\Home_PC\Desktop\antiviry\JRT.exe
2014-03-20 20:53 - 2014-03-20 10:23 - 0935175 _____ () C:\Users\Home_PC\Desktop\antiviry\RSITx64.exe
2014-03-20 20:53 - 2014-03-20 10:20 - 0165888 _____ () C:\Users\Home_PC\Desktop\antiviry\T-Cleaner.exe
2014-03-20 20:53 - 2014-03-20 10:20 - 0448512 _____ (OldTimer Tools) C:\Users\Home_PC\Desktop\antiviry\TFC.exe
2014-04-16 17:49 - 2014-07-02 05:19 - 0000000 ____D () C:\Users\Home_PC\Desktop\antiviry\FRST-OlderVersion
2014-03-20 19:41 - 2014-04-17 21:22 - 2158592 _____ (Farbar) C:\Users\Home_PC\Desktop\antiviry\FRST-OlderVersion\FRST64.exe
2014-03-20 19:42 - 2014-03-20 19:42 - 0112640 _____ (forum.viry.cz) C:\Users\Home_PC\Desktop\antiviry\FRST-OlderVersion\FRSTLauncher.exe
====== End of Folder: ======
C:\Users\Home_PC\AppData\Roaming\Origin\update.vbe => Moved successfully.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Home_PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenBitCoin.exe.lnk" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Home_PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Registration Heroes of Might & Magic 5.LNK" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{104088C1-1943-4B2C-8CB4-659505EEB097}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{104088C1-1943-4B2C-8CB4-659505EEB097}" => Key deleted successfully.
C:\Windows\System32\Tasks\Origin => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Origin" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{26CD1F58-34E1-472B-B1F0-278689F56BA8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{26CD1F58-34E1-472B-B1F0-278689F56BA8}" => Key deleted successfully.
C:\Windows\System32\Tasks\LuckyTab not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LuckyTab" => Key deleted successfully.
C:\Windows\Tasks\SW.Booster-S-1935984173.job => Moved successfully.
"c:\programdata\puresafe" => File/Directory not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 1.3 GB temporary data.
The system needed a reboot.
==== End of Fixlog ====
Re: Prosím o preventivku
Vyborne, vse probehlo, jak melo 
Jak se pocitac chova ted?
Jak se pocitac chova ted?
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o preventivku
funguje 
je rychlejší, zdá se, i myš přesnější, ale to už si snad namlouvám..
děkuju mockrát
je rychlejší, zdá se, i myš přesnější, ale to už si snad namlouvám..
děkuju mockrát
Re: Prosím o preventivku
Takze jeste uklidime.
- Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
- Oznacte jen moznost "Remove disinfection tools"
- kliknete na Run
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o preventivku
hotovo, děkuji moc
Re: Prosím o preventivku
Nemate zac, rad jsem pomohl 
Mejte se
Mejte se
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Přispějete na provoz fóra?