Zdravím,
od včerejšího dne zasílám se své firemní pošty stovky spamu vis screen.
Počítač jsem již projel pomocí Malwarebytes' a adwcleaner a děje se to stále. Díky za pomoc.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Rosta at 2015-04-15 09:00:12
Microsoft Windows 8.1
System drive C: has 68 GB (30%) free of 228 GB
Total RAM: 3984 MB (52% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:00:13, on 15. 4. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\System32\PrintDisp.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files\trend micro\Rosta.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HPUsageTrackingLEDM] "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\"
O4 - HKLM\..\Run: [HFS Activator] C:\Program Files (x86)\Paragon Software\HFS+ for Windows 10.2\activation\hfsactivator.exe /autostart
O4 - HKCU\..\Run: [Cobian Backup 11] "C:\Program Files (x86)\Cobian Backup 11\Cobian.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Služba Acronis Scheduler2 (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AtherosSvc - Unknown owner - C:\Windows\system32\AdminService.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Cobian Backup 11 Stínová kopie - Requester (cbVSCService11) - CobianSoft, Luis Cobian - C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Printer Control - Unknown owner - C:\Windows\system32\PrintCtrl.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Corel License Validation Service V2 x64, Powered by arvato (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @oem3.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
--
End of file - 9981 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\Windows\system32\AdminService.exe
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe"
dashost.exe {2167a085-8ed7-4f85-b97da283690627bc}
"C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\system32\PrintCtrl.exe
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\Windows\system32\viakaraokesrv.exe
"C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe"
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
ngservice.exe pipeserver
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ab441672-28f1-4369-b66d-c8a354646e9d -SystemEventPortName:HostProcess-b2ab26ce-f935-42d5-9949-ae651d29e3c7 -IoCancelEventPortName:HostProcess-8d9d7a75-d409-4df1-9db8-9fc5951c8aa0 -NonStateChangingEventPortName:HostProcess-3fd6c216-a5b4-405d-9ab5-d6e234b28f8d -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:504e79dd-9536-4326-8a4c-4b4a16284ff0 -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
taskhostex.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer10_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer10_Logfile.log
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Windows\System32\PrintDisp.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
taskhost.exe $(Arg0)
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"
"C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe" "C:\Users\Rosta\Desktop\1.jpg"
"C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" "-launchedbycsxs"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-188182577-3083718651-2108276629-100121_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-188182577-3083718651-2108276629-100121 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe22_ Global\UsGthrCtrlFltPipeMssGthrPipe22 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 580 584 592 65536 588
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4156 CREDAT:267521 /prefetch:2
C:\Windows\SysWOW64\DllHost.exe /Processid:{1EF75F33-893B-4E8F-9655-C3D602BA4897}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Rosta\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Rosta\AppData\Roaming\Mozilla\Firefox\Profiles\ko7hwr87.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.31.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
quickstores@quickstores.de
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-12-12 705448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-26 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-12-12 586968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-26 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2013-12-16 4689072]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-01-25 391128]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-01-25 771544]
"Persistence"=C:\Windows\system32\igfxpers.exe [2014-01-25 770520]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-07-25 2403104]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-07-25 1283136]
"Služba Acronis Scheduler2"=C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2013-08-21 519504]
"apmwinapp"=C:\Program Files (x86)\Paragon Software\HFS+ for Windows 10.2\apmwinsrv.exe [2013-11-18 66768]
"PrintDisp"=C:\Windows\system32\PrintDisp.exe [2013-06-25 877568]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Cobian Backup 11"=C:\Program Files (x86)\Cobian Backup 11\Cobian.exe [2012-12-05 720896]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-03-13 7451928]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2013-12-16 4689072]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-03-30 5227648]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
"TrueImageMonitor.exe"=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2013-09-20 7801088]
"AcronisTibMounterMonitor"=C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [2013-01-10 1105328]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-10-15 157480]
""= []
"HPUsageTrackingLEDM"=C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [2009-08-04 30264]
"HFS Activator"=C:\Program Files (x86)\Paragon Software\HFS+ for Windows 10.2\activation\hfsactivator.exe [2013-11-18 245456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2014-01-25 624640]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLinkedConnections"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"aux5"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-04-15 09:00:12 ----D---- C:\rsit
2015-04-15 09:00:12 ----D---- C:\Program Files\trend micro
2015-04-15 07:48:30 ----D---- C:\AdwCleaner
2015-04-15 07:34:28 ----RD---- C:\Program Files (x86)\Skype
2015-04-15 07:33:56 ----SHD---- C:\Config.Msi
2015-04-15 07:23:54 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-04-15 07:23:54 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-15 07:23:54 ----A---- C:\Windows\system32\tdh.dll
2015-04-15 07:23:54 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-15 07:23:54 ----A---- C:\Windows\system32\ntdll.dll
2015-04-15 07:23:53 ----A---- C:\Windows\SYSWOW64\tracerpt.exe
2015-04-15 07:23:53 ----A---- C:\Windows\SYSWOW64\sechost.dll
2015-04-15 07:23:53 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-15 07:23:53 ----A---- C:\Windows\system32\wow64.dll
2015-04-15 07:23:53 ----A---- C:\Windows\system32\tracerpt.exe
2015-04-15 07:23:53 ----A---- C:\Windows\system32\sechost.dll
2015-04-15 07:23:53 ----A---- C:\Windows\system32\microsoft-windows-system-events.dll
2015-04-15 07:23:44 ----A---- C:\Windows\SYSWOW64\msctf.dll
2015-04-15 07:23:44 ----A---- C:\Windows\system32\msctf.dll
2015-04-15 07:23:43 ----A---- C:\Windows\system32\lsm.dll
2015-04-15 07:23:42 ----A---- C:\Windows\system32\pku2u.dll
2015-04-15 07:23:41 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2015-04-15 07:23:39 ----A---- C:\Windows\system32\mshtml.dll
2015-04-15 07:23:37 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-15 07:23:36 ----A---- C:\Windows\system32\jscript9.dll
2015-04-15 07:23:35 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-15 07:23:35 ----A---- C:\Windows\system32\ieframe.dll
2015-04-15 07:23:34 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-15 07:23:34 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-15 07:23:34 ----A---- C:\Windows\system32\wininet.dll
2015-04-15 07:23:33 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-15 07:23:33 ----A---- C:\Windows\system32\iertutil.dll
2015-04-15 07:23:33 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-15 07:23:31 ----A---- C:\Windows\system32\urlmon.dll
2015-04-15 07:23:31 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-15 07:23:31 ----A---- C:\Windows\system32\inetcomm.dll
2015-04-15 07:23:30 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-15 07:23:30 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-15 07:23:30 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-15 07:23:30 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-04-15 07:23:30 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2015-04-15 07:23:30 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-15 07:23:30 ----A---- C:\Windows\system32\vbscript.dll
2015-04-15 07:23:30 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-15 07:23:30 ----A---- C:\Windows\system32\jscript.dll
2015-04-15 07:23:30 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-15 07:23:28 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-15 07:23:28 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-15 07:23:28 ----A---- C:\Windows\system32\drivers\clfs.sys
2015-04-15 07:23:28 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-15 07:23:27 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-15 07:23:27 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-15 07:23:27 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2015-04-15 07:23:27 ----A---- C:\Windows\system32\wups2.dll
2015-04-15 07:23:27 ----A---- C:\Windows\system32\wups.dll
2015-04-15 07:23:27 ----A---- C:\Windows\system32\wucltux.dll
2015-04-15 07:23:27 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-15 07:23:27 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-15 07:23:27 ----A---- C:\Windows\system32\wuapi.dll
2015-04-15 07:23:27 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 07:23:27 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-15 07:23:27 ----A---- C:\Windows\system32\storewuauth.dll
2015-04-15 07:23:26 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-15 07:23:26 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-15 07:23:26 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-15 07:23:26 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-15 07:23:26 ----A---- C:\Windows\system32\wudriver.dll
2015-04-15 07:23:26 ----A---- C:\Windows\system32\wuapp.exe
2015-04-15 07:23:25 ----A---- C:\Windows\system32\invagent.dll
2015-04-15 07:23:25 ----A---- C:\Windows\system32\generaltel.dll
2015-04-15 07:23:25 ----A---- C:\Windows\system32\devinv.dll
2015-04-15 07:23:25 ----A---- C:\Windows\system32\appraiser.dll
2015-04-15 07:23:25 ----A---- C:\Windows\system32\aepdu.dll
2015-04-15 07:23:25 ----A---- C:\Windows\system32\aeinv.dll
2015-04-15 07:23:25 ----A---- C:\Windows\system32\acmigration.dll
2015-04-07 08:47:39 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-07 08:47:39 ----SD---- C:\Windows\system32\GWX
2015-04-02 14:57:24 ----D---- C:\Users\Rosta\AppData\Roaming\PicPick
2015-04-02 14:57:24 ----D---- C:\ProgramData\PicPick
2015-04-02 14:47:27 ----A---- C:\Windows\system32\FNTCACHE.DAT
2015-03-19 11:23:57 ----D---- C:\Users\Rosta\AppData\Roaming\Thunderbird
2015-03-19 10:45:47 ----D---- C:\Program Files (x86)\MozBackup
======List of files/folders modified in the last 1 month======
2015-04-15 09:00:12 ----D---- C:\Program Files
2015-04-15 09:00:00 ----D---- C:\Windows\system32\sru
2015-04-15 08:03:05 ----D---- C:\Windows\Microsoft.NET
2015-04-15 08:02:52 ----D---- C:\Windows\Temp
2015-04-15 07:56:09 ----RD---- C:\Windows\System32
2015-04-15 07:56:09 ----D---- C:\Windows\Inf
2015-04-15 07:56:09 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-15 07:53:02 ----D---- C:\Windows\system32\config
2015-04-15 07:53:01 ----D---- C:\Windows\WinSxS
2015-04-15 07:52:59 ----D---- C:\Windows\system32\drivers
2015-04-15 07:51:49 ----D---- C:\ProgramData\NVIDIA
2015-04-15 07:51:25 ----D---- C:\Windows\Prefetch
2015-04-15 07:51:22 ----D---- C:\Windows\SysWOW64
2015-04-15 07:51:21 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-04-15 07:51:21 ----D---- C:\Windows\system32\cs-CZ
2015-04-15 07:51:21 ----D---- C:\Windows\apppatch
2015-04-15 07:51:21 ----D---- C:\Program Files\Internet Explorer
2015-04-15 07:50:40 ----SD---- C:\Windows\system32\CompatTel
2015-04-15 07:50:40 ----D---- C:\Windows\system32\appraiser
2015-04-15 07:50:34 ----HD---- C:\ProgramData
2015-04-15 07:36:51 ----SHD---- C:\Windows\Installer
2015-04-15 07:36:51 ----D---- C:\ProgramData\Microsoft Help
2015-04-15 07:36:40 ----D---- C:\Windows\system32\MRT
2015-04-15 07:35:13 ----A---- C:\Windows\system32\MRT.exe
2015-04-15 07:35:01 ----D---- C:\Windows\CbsTemp
2015-04-15 07:34:29 ----D---- C:\ProgramData\Skype
2015-04-15 07:34:29 ----D---- C:\Program Files (x86)\Common Files
2015-04-15 07:34:28 ----RD---- C:\Program Files (x86)
2015-04-15 07:33:31 ----A---- C:\Windows\win.ini
2015-04-15 07:32:34 ----SHD---- C:\System Volume Information
2015-04-15 07:22:43 ----D---- C:\Windows\system32\catroot2
2015-04-15 07:21:47 ----A---- C:\Windows\system32\wuaext.dll
2015-04-13 10:18:00 ----D---- C:\Windows\AppReadiness
2015-04-10 20:09:09 ----D---- C:\Program Files (x86)\TeamViewer
2015-04-07 08:47:43 ----D---- C:\Windows\Logs
2015-04-05 11:23:41 ----D---- C:\Users\Rosta\AppData\Roaming\TeamViewer
2015-04-05 09:35:24 ----HD---- C:\Program Files\WindowsApps
2015-04-02 14:47:24 ----D---- C:\Windows
2015-04-02 08:38:33 ----D---- C:\Windows\system32\Tasks
2015-03-29 18:04:05 ----D---- C:\Windows\system32\DriverStore
2015-03-29 11:13:30 ----D---- C:\Windows\debug
2015-03-28 17:53:26 ----D---- C:\Windows\SoftwareDistribution
2015-03-28 13:07:14 ----D---- C:\Users\Rosta\AppData\Roaming\uTorrent
2015-03-26 09:38:10 ----D---- C:\Windows\system32\catroot
2015-03-25 18:36:38 ----D---- C:\Program Files\CCleaner
2015-03-25 14:58:50 ----D---- C:\Windows\system32\wbem
2015-03-21 09:35:31 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-18 12:08:25 ----D---- C:\Windows\rescache
2015-03-17 14:55:09 ----RSD---- C:\Windows\assembly
2015-03-16 13:55:15 ----D---- C:\Windows\system32\drivers\UMDF
2015-03-16 13:54:21 ----RD---- C:\Windows\ToastData
2015-03-16 13:54:21 ----D---- C:\Windows\MediaViewer
2015-03-16 13:54:21 ----D---- C:\Windows\FileManager
2015-03-16 13:54:21 ----D---- C:\Windows\Camera
2015-03-16 13:54:18 ----D---- C:\Windows\SYSWOW64\oobe
2015-03-16 13:54:18 ----D---- C:\Windows\SYSWOW64\migration
2015-03-16 13:54:18 ----D---- C:\Windows\SYSWOW64\en-US
2015-03-16 13:54:18 ----D---- C:\Windows\SYSWOW64\Com
2015-03-16 13:54:18 ----D---- C:\Windows\servicing
2015-03-16 13:54:18 ----D---- C:\Program Files\Windows Portable Devices
2015-03-16 13:54:18 ----D---- C:\Program Files\Windows Photo Viewer
2015-03-16 13:54:18 ----D---- C:\Program Files\Windows Multimedia Platform
2015-03-16 13:54:18 ----D---- C:\Program Files\Windows Media Player
2015-03-16 13:54:18 ----D---- C:\Program Files\Windows Mail
2015-03-16 13:54:18 ----D---- C:\Program Files\Windows Journal
2015-03-16 13:54:18 ----D---- C:\Program Files\Common Files\System
2015-03-16 13:54:17 ----D---- C:\Windows\SYSWOW64\wbem
2015-03-16 13:54:17 ----D---- C:\Windows\SYSWOW64\sppui
2015-03-16 13:54:17 ----D---- C:\Windows\SYSWOW64\setup
2015-03-16 13:54:17 ----D---- C:\Windows\SYSWOW64\migwiz
2015-03-16 13:54:17 ----D---- C:\Windows\SYSWOW64\Dism
2015-03-16 13:54:10 ----RD---- C:\Windows\ImmersiveControlPanel
2015-03-16 13:54:10 ----D---- C:\Windows\twain_32
2015-03-16 13:54:10 ----D---- C:\Windows\system32\Sysprep
2015-03-16 13:54:10 ----D---- C:\Windows\system32\setup
2015-03-16 13:54:10 ----D---- C:\Windows\system32\oobe
2015-03-16 13:54:10 ----D---- C:\Windows\system32\migration
2015-03-16 13:54:10 ----D---- C:\Windows\system32\en-US
2015-03-16 13:54:10 ----D---- C:\Windows\system32\Com
2015-03-16 13:54:10 ----D---- C:\Windows\IME
2015-03-16 13:54:09 ----SD---- C:\Windows\system32\dsc
2015-03-16 13:54:09 ----D---- C:\Windows\system32\WinBioPlugIns
2015-03-16 13:54:09 ----D---- C:\Windows\system32\SystemResetPlatform
2015-03-16 13:54:09 ----D---- C:\Windows\system32\sppui
2015-03-16 13:54:09 ----D---- C:\Windows\system32\migwiz
2015-03-16 13:54:09 ----D---- C:\Windows\system32\drivers\cs-CZ
2015-03-16 13:54:08 ----D---- C:\Windows\system32\Dism
2015-03-16 13:54:00 ----D---- C:\Program Files (x86)\Windows Portable Devices
2015-03-16 13:54:00 ----D---- C:\Program Files (x86)\Windows Multimedia Platform
2015-03-16 13:54:00 ----D---- C:\Program Files (x86)\Windows Media Player
2015-03-16 13:54:00 ----D---- C:\Program Files (x86)\Windows Mail
2015-03-16 13:54:00 ----D---- C:\Program Files (x86)\Internet Explorer
2015-03-16 13:53:59 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2015-03-16 13:53:59 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2015-03-16 13:53:58 ----D---- C:\Program Files\WindowsPowerShell
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 apmwin;apmwin; C:\Windows\system32\DRIVERS\apmwin.sys [2013-11-18 50896]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-12-12 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-12-12 267632]
R0 fltsrv;Acronis Storage Filter Management; C:\Windows\system32\DRIVERS\fltsrv.sys [2014-10-19 116000]
R0 gpt_loader;GUID Partition table support driver; C:\Windows\system32\DRIVERS\gpt_loader.sys [2013-11-18 61136]
R0 mounthlp;Mounter helper driver for HFS+ volumes; C:\Windows\system32\DRIVERS\mounthlp.sys [2013-11-18 42704]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2014-10-19 269600]
R0 tib;Acronis TIB Manager; C:\Windows\system32\DRIVERS\tib.sys [2014-10-19 1120032]
R0 tib_mounter;Acronis TIB Mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [2014-10-19 183224]
R0 timounter;@oem64.inf,%TimounterServiceName%;Acronis Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2014-10-19 970336]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-12-12 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-12-12 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-12-12 436624]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-12-12 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-12-12 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-12-12 116728]
R2 HfsplusRec;HfsplusRec; C:\Windows\system32\DRIVERS\hfsplusrec.sys [2013-11-18 15568]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2014-12-12 271752]
R3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2014-10-19 367200]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athw8x.sys [2013-06-18 3680256]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2013-10-14 583272]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-01-25 4221440]
R3 iwdbus;@oem56.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2013-12-27 27032]
R3 L1C;@oem4.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C63x64.sys [2012-07-19 110744]
R3 MEIx64;@oem1.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-07-25 20256]
R3 nvvad_WaveExtensible;@oem62.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-03-31 40392]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\System32\drivers\serscan.sys [2014-10-29 11776]
R3 VIAHdAudAddService;@oem3.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2013-12-16 691888]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2012-09-01 647736]
S2 Aspi32;Aspi32; C:\Windows\System32\drivers\aspi32.sys []
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 dg_ssudbus;@oem48.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 DigiartyVirtualCDBus;Digiarty Virtual Driver; C:\Windows\system32\drivers\DigiartyVirtualCDBus.sys [2014-11-19 276256]
S3 EtronXHCI;@oem2.inf,%Etron_XHCI.DriverDesc%;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2012-08-07 88832]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2013-12-31 25640]
S3 Hfsplus;Hfsplus; C:\Windows\system32\DRIVERS\hfsplus.sys [2013-11-18 205520]
S3 intaud_WaveExtensible;@oem55.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2013-12-27 38296]
S3 ivusb;@oem7.inf,%INI.SvcDesc.USB%;Initio Driver for USB Default Controller; C:\Windows\System32\drivers\ivusb.sys [2010-07-29 29720]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-04-15 129752]
S3 mvusbews;@oem82.inf,%mvusbews.SvcDesc%;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2012-12-24 20480]
S3 NVHDA;@oem18.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-11-28 197408]
S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2014-07-02 12866008]
S3 PcaSp60;@oem53.inf,%PCASP60_Desc%;Rawether NDIS 6.X SPR Protocol Driver; C:\Windows\system32\DRIVERS\PcaSp60.sys [2010-09-07 38912]
S3 ssudmdm;@oem49.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 tdrpman;Acronis Try&Decide and Restore Points filter; C:\Windows\system32\DRIVERS\tdrpman.sys [2014-10-19 1464096]
S3 USBAAPL64;@oem71.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-06-10 54784]
S3 usbrndis6;@netrndis.inf,%usbrndis6.Service.DispName%;Adaptér USB RNDIS6; C:\Windows\system32\DRIVERS\usb80236.sys [2013-08-22 20992]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2013-08-21 1144688]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 afcdpsrv;Acronis Nonstop Backup Service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2014-10-19 3869688]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]
R2 AtherosSvc;AtherosSvc; C:\Windows\system32\AdminService.exe [2012-08-29 208384]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-12-12 50344]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 cbVSCService11;Cobian Backup 11 Stínová kopie - Requester; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [2012-12-05 67584]
R2 NovaPdfServer;novaPDF Server; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [2014-11-21 35616]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-07-25 1720608]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-07-25 18956064]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-07-02 935368]
R2 Printer Control;Printer Control; C:\Windows\system32\PrintCtrl.exe [2012-10-21 121856]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728]
R2 PSI_SVC_2_x64;Corel License Validation Service V2 x64, Powered by arvato; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2014-04-30 337776]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-07-02 411936]
R2 syncagentsrv;Acronis Sync Agent Service; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2013-09-02 9742080]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-03-30 5448464]
R2 VIAKaraokeService;@oem3.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2012-12-11 27768]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2014-12-12 4012248]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 HP LaserJet Service;HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2009-06-24 136704]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-01-25 279000]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-10-15 643880]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu, rozesílaní nevyžádené pošty
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu logu, rozesílaní nevyžádené pošty
Zdravim 
Vlozte prosim logy z AdwCleaneru a MBAMu, co se mazalo.
V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).
Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101
Vlozte prosim logy z AdwCleaneru a MBAMu, co se mazalo. V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose). Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o kontrolu logu, rozesílaní nevyžádené pošty
Spíš bych řekl, že můj PC není infikován, ale, že někdo zneužil mou adresu. Momentálně se už nemůžu přihlásit na mou firemní adresu - chce to mě po kontrolu jména a hesla.
Heslo si vyresetuji, ale tím se ten problém nevyřeší.. Napadá mne jediné řešení - zakázat na úrovni serveru reporty o nedoručitelných zprávách.
MBAM nic nenašel.
# AdwCleaner v4.201 - Log vytvořen 15/04/2015 v 07:50:34
# Aktualizováno 08/04/2015 by Xplode
# Databáze : 2015-04-08.1 [Server]
# Operační system : Windows 8.1 (x64)
# Uživatelské jméno : Rosta - PC1
# Spuštěno z : C:\Users\Rosta\Desktop\adwcleaner_4.201.exe
# Nastavení : Čištění
***** [ Služby ] *****
***** [ Soubory / Složky ] *****
Složka Smazáno : C:\ProgramData\Babylon
Složka Smazáno : C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar
Složka Smazáno : C:\Users\Rosta\AppData\Local\Babylon
Složka Smazáno : C:\Users\Rosta\AppData\Local\PackageAware
Složka Smazáno : C:\Users\Rosta\AppData\Roaming\Babylon
Soubor Smazáno : C:\Users\Rosta\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
Soubor Smazáno : C:\Users\Rosta\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url
Soubor Smazáno : C:\Users\Rosta\AppData\Roaming\Mozilla\Firefox\Profiles\ko7hwr87.default\invalidprefs.js
***** [ Naplánované úlohy ] *****
***** [ Zástupci ] *****
***** [ Registry ] *****
Klíč Smazáno : HKLM\SOFTWARE\Classes\Prod.cap
Klíč Smazáno : HKCU\Software\Conduit
Klíč Smazáno : HKLM\SOFTWARE\Conduit
Data Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
***** [ Prohlížeče ] *****
-\\ Internet Explorer v11.0.9600.17416
-\\ Mozilla Firefox v34.0.5 (x86 cs)
*************************
AdwCleaner[R0].txt - [1716 bytů] - [15/04/2015 07:48:33]
AdwCleaner[S0].txt - [1477 bytů] - [15/04/2015 07:50:34]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1535 bytů] ##########
Heslo si vyresetuji, ale tím se ten problém nevyřeší.. Napadá mne jediné řešení - zakázat na úrovni serveru reporty o nedoručitelných zprávách.
MBAM nic nenašel.
# AdwCleaner v4.201 - Log vytvořen 15/04/2015 v 07:50:34
# Aktualizováno 08/04/2015 by Xplode
# Databáze : 2015-04-08.1 [Server]
# Operační system : Windows 8.1 (x64)
# Uživatelské jméno : Rosta - PC1
# Spuštěno z : C:\Users\Rosta\Desktop\adwcleaner_4.201.exe
# Nastavení : Čištění
***** [ Služby ] *****
***** [ Soubory / Složky ] *****
Složka Smazáno : C:\ProgramData\Babylon
Složka Smazáno : C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar
Složka Smazáno : C:\Users\Rosta\AppData\Local\Babylon
Složka Smazáno : C:\Users\Rosta\AppData\Local\PackageAware
Složka Smazáno : C:\Users\Rosta\AppData\Roaming\Babylon
Soubor Smazáno : C:\Users\Rosta\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
Soubor Smazáno : C:\Users\Rosta\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url
Soubor Smazáno : C:\Users\Rosta\AppData\Roaming\Mozilla\Firefox\Profiles\ko7hwr87.default\invalidprefs.js
***** [ Naplánované úlohy ] *****
***** [ Zástupci ] *****
***** [ Registry ] *****
Klíč Smazáno : HKLM\SOFTWARE\Classes\Prod.cap
Klíč Smazáno : HKCU\Software\Conduit
Klíč Smazáno : HKLM\SOFTWARE\Conduit
Data Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
***** [ Prohlížeče ] *****
-\\ Internet Explorer v11.0.9600.17416
-\\ Mozilla Firefox v34.0.5 (x86 cs)
*************************
AdwCleaner[R0].txt - [1716 bytů] - [15/04/2015 07:48:33]
AdwCleaner[S0].txt - [1477 bytů] - [15/04/2015 07:50:34]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1535 bytů] ##########
Re: Prosím o kontrolu logu, rozesílaní nevyžádené pošty
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-04-2015 04
Ran by Rosta (administrator) on PC1 on 16-04-2015 09:35:42
Running from C:\Users\Rosta\Desktop
Loaded Profiles: Rosta (Available profiles: Rosta)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros Commnucations) C:\Windows\System32\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CobianSoft, Luis Cobian) C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ActMask Co.,Ltd - http://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [4689072 2013-12-16] (VIA)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Slu~ba Acronis Scheduler2] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519504 2013-08-21] (Acronis)
HKLM\...\Run: [apmwinapp] => C:\Program Files (x86)\Paragon Software\HFS+ for Windows 10.2\apmwinsrv.exe [66768 2013-11-18] ()
HKLM\...\Run: [PrintDisp] => C:\Windows\system32\PrintDisp.exe [877568 2013-06-25] (ActMask Co.,Ltd - http://www.all2pdf.com)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [4689072 2013-12-16] (VIA)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227648 2015-03-30] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7801088 2013-09-20] ()
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1105328 2013-01-10] (Acronis)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-08-04] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HFS Activator] => C:\Program Files (x86)\Paragon Software\HFS+ for Windows 10.2\activation\hfsactivator.exe [245456 2013-11-18] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-188182577-3083718651-2108276629-1001\...\Run: [Cobian Backup 11] => C:\Program Files (x86)\Cobian Backup 11\Cobian.exe [720896 2012-12-05] (Luis Cobian, CobianSoft)
HKU\S-1-5-21-188182577-3083718651-2108276629-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-188182577-3083718651-2108276629-1001\...\MountPoints2: {a26ddc0e-83bd-11e4-82ed-24fd521f9bc1} - "F:\SISetup.exe"
HKU\S-1-5-21-188182577-3083718651-2108276629-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [589312 2014-10-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll ()
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll ()
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-188182577-3083718651-2108276629-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-12-12] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-26] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-12-12] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-26] (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Hosts: 127.0.0.1 activation.acronis.com
Tcpip\Parameters: [DhcpNameServer] 10.1.1.41 8.8.8.8 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Rosta\AppData\Roaming\Mozilla\Firefox\Profiles\ko7hwr87.default
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: QuickStores-Toolbar - C:\Program Files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de [2015-01-12]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: No Name - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-25]
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2014-12-16]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-12]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Windows\system32\AdminService.exe [208384 2012-08-29] (Atheros Commnucations)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-12] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-12] (Avast Software)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2012-12-05] (CobianSoft, Luis Cobian) [File not signed]
S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136704 2009-06-24] (HP) [File not signed]
R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [35616 2014-11-21] (Microsoft)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 Printer Control; C:\Windows\system32\PrintCtrl.exe [121856 2012-10-21] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) [File not signed]
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448464 2015-03-30] (TeamViewer GmbH)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-12-11] (VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-08-01] (Atheros) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 apmwin; C:\Windows\System32\DRIVERS\apmwin.sys [50896 2013-11-18] (Paragon Software Group)
S2 Aspi32; C:\Windows\SysWOW64\drivers\aspi32.sys [16877 2002-07-17] (Adaptec) [File not signed]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-12] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-12] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-12] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-12] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-12] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-12] ()
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 DigiartyVirtualCDBus; C:\Windows\System32\drivers\DigiartyVirtualCDBus.sys [276256 2014-11-19] (Digiarty Software, Inc.)
R0 gpt_loader; C:\Windows\System32\DRIVERS\gpt_loader.sys [61136 2013-11-18] (Paragon Software Group)
S3 Hfsplus; C:\Windows\System32\DRIVERS\hfsplus.sys [205520 2013-11-18] (Paragon Software Group)
R2 HfsplusRec; C:\Windows\System32\DRIVERS\hfsplusrec.sys [15568 2013-11-18] (Paragon Software Group)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-04-15] (Malwarebytes Corporation)
R0 mounthlp; C:\Windows\System32\DRIVERS\mounthlp.sys [42704 2013-11-18] (Paragon Software Group)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-12-24] (Marvell Semiconductor, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-10-19] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2014-10-19] (Acronis)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-06-10] (Apple, Inc.) [File not signed]
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-12] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-16 09:35 - 2015-04-16 09:35 - 00017249 _____ () C:\Users\Rosta\Desktop\FRST.txt
2015-04-16 09:35 - 2015-04-16 09:35 - 00000000 ____D () C:\FRST
2015-04-16 09:34 - 2015-04-16 09:34 - 02097664 _____ (Farbar) C:\Users\Rosta\Desktop\FRST64.exe
2015-04-16 09:33 - 2015-04-16 09:34 - 00029696 _____ () C:\Users\Rosta\AppData\Local\MSGBOX.EXE
2015-04-15 19:38 - 2015-04-16 09:31 - 00000505 _____ () C:\Users\Rosta\Desktop\Undelivered Mail Returned to Sender.website
2015-04-15 19:35 - 2015-04-15 19:35 - 00388608 _____ (Trend Micro Inc.) C:\Users\Rosta\Desktop\hijackthis.exe
2015-04-15 19:35 - 2015-04-15 19:35 - 00010254 _____ () C:\Users\Rosta\Desktop\hijackthis.log
2015-04-15 16:15 - 2015-04-15 16:15 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-04-15 09:04 - 2015-04-16 09:26 - 00000652 _____ () C:\Users\Rosta\Desktop\VIRY.CZ • Zobrazit téma - Posílám spam.website
2015-04-15 09:00 - 2015-04-15 09:00 - 01222144 _____ () C:\Users\Rosta\Desktop\RSITx64.exe
2015-04-15 09:00 - 2015-04-15 09:00 - 00000000 ____D () C:\rsit
2015-04-15 09:00 - 2015-04-15 09:00 - 00000000 ____D () C:\Program Files\trend micro
2015-04-15 07:48 - 2015-04-15 07:50 - 00000000 ____D () C:\AdwCleaner
2015-04-15 07:34 - 2015-04-15 07:34 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-15 07:34 - 2015-04-15 07:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-04-15 07:23 - 2015-03-23 23:59 - 07476032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 07:23 - 2015-03-23 23:59 - 01733952 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 07:23 - 2015-03-23 23:59 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-04-15 07:23 - 2015-03-23 23:58 - 01498872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 07:23 - 2015-03-23 23:45 - 00257216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-04-15 07:23 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 07:23 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 07:23 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 07:23 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 07:23 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 07:23 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 07:23 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 07:23 - 2015-03-20 06:12 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2015-04-15 07:23 - 2015-03-20 06:10 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 07:23 - 2015-03-20 06:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 07:23 - 2015-03-20 05:17 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-04-15 07:23 - 2015-03-20 04:41 - 00369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-04-15 07:23 - 2015-03-20 04:40 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-04-15 07:23 - 2015-03-20 04:16 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-04-15 07:23 - 2015-03-14 10:54 - 00133256 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 07:23 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-04-15 07:23 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-04-15 07:23 - 2015-03-14 03:56 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 07:23 - 2015-03-14 03:56 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 07:23 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 07:23 - 2015-03-14 03:37 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 07:23 - 2015-03-14 03:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 07:23 - 2015-03-14 02:22 - 03678720 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 07:23 - 2015-03-14 02:12 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 07:23 - 2015-03-14 02:12 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 07:23 - 2015-03-14 02:09 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-04-15 07:23 - 2015-03-14 02:08 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-04-15 07:23 - 2015-03-14 02:08 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 07:23 - 2015-03-14 02:06 - 02373632 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 07:23 - 2015-03-14 02:06 - 00891392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 07:23 - 2015-03-14 02:02 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 07:23 - 2015-03-14 02:02 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 07:23 - 2015-03-14 01:59 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 07:23 - 2015-03-14 01:59 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 07:23 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 07:23 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 07:23 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 07:23 - 2015-03-13 05:53 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-15 07:23 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 07:23 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 07:23 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 07:23 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 07:23 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 07:23 - 2015-03-13 05:17 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-04-15 07:23 - 2015-03-13 05:16 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-04-15 07:23 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 07:23 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 07:23 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 07:23 - 2015-03-13 04:58 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-04-15 07:23 - 2015-03-13 04:50 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-04-15 07:23 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 07:23 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 07:23 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 07:23 - 2015-03-13 04:37 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-04-15 07:23 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 07:23 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 07:23 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 07:23 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 07:23 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 07:23 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-15 07:23 - 2015-03-04 12:25 - 00377152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2015-04-15 07:23 - 2015-03-04 05:04 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 07:23 - 2015-03-04 04:19 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-15 07:23 - 2015-02-24 10:32 - 00991552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 07:23 - 2015-02-21 01:49 - 00780800 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2015-04-08 14:02 - 2015-04-15 16:39 - 00000674 _____ () C:\Users\Rosta\Desktop\Uspání USB externích disků.website
2015-04-07 08:47 - 2015-04-07 08:47 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-07 08:47 - 2015-04-07 08:47 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-04 08:16 - 2015-04-04 08:16 - 00000000 ____D () C:\Users\Rosta\AppData\Local\Apple
2015-04-03 19:07 - 2015-04-03 19:07 - 05581328 _____ (Avast Software s.r.o.) C:\Users\Rosta\Desktop\avastclear.exe
2015-04-02 14:57 - 2015-04-02 14:57 - 00000000 ____D () C:\Users\Rosta\AppData\Roaming\PicPick
2015-04-02 14:57 - 2015-04-02 14:57 - 00000000 ____D () C:\ProgramData\PicPick
2015-04-02 14:57 - 2015-04-02 14:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PicPick
2015-04-02 14:47 - 2015-04-15 07:51 - 00026180 _____ () C:\Windows\PFRO.log
2015-04-02 14:47 - 2015-04-02 14:47 - 05056048 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-29 18:03 - 2015-03-29 18:03 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2015-03-28 18:13 - 2015-03-31 16:42 - 00000000 ____D () C:\Users\Rosta\AppData\Local\Adobe
2015-03-28 17:53 - 2015-04-15 19:21 - 02045828 _____ () C:\Windows\WindowsUpdate.log
2015-03-28 17:52 - 2015-04-15 07:51 - 00075541 _____ () C:\Windows\setupact.log
2015-03-28 17:52 - 2015-03-28 17:52 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-25 19:14 - 2015-03-25 19:14 - 00000000 ____D () C:\Users\Rosta\Downloads\Jasmine Rain - Super Soaker Slut
2015-03-25 19:08 - 2015-03-25 19:08 - 00000000 ____D () C:\Users\Rosta\Downloads\18YearsOld - Jasmine Rain (Brunette Honey)
2015-03-19 11:35 - 2015-03-19 11:35 - 00030535 _____ () C:\Users\Rosta\Documents\Thunderbird 31.5.0 (cs) - 2015-03-19.pcv
2015-03-19 11:23 - 2015-03-19 11:24 - 00000000 ____D () C:\Users\Rosta\AppData\Local\Thunderbird
2015-03-19 11:23 - 2015-03-19 11:23 - 00000000 ____D () C:\Users\Rosta\AppData\Roaming\Thunderbird
2015-03-19 10:46 - 2015-03-19 10:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup
2015-03-19 10:45 - 2015-03-19 10:45 - 00000000 ____D () C:\Program Files (x86)\MozBackup
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-16 09:31 - 2013-12-31 15:20 - 00000000 ____D () C:\Users\Rosta\Documents\Soubory aplikace Outlook
2015-04-16 09:26 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2015-04-15 16:39 - 2014-08-02 22:45 - 00000000 ____D () C:\Users\Rosta\Documents\MailStore Home
2015-04-15 09:17 - 2015-03-16 11:15 - 00000485 _____ () C:\Users\Rosta\Desktop\Alza.cz.website
2015-04-15 08:02 - 2013-12-31 13:28 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-188182577-3083718651-2108276629-1001
2015-04-15 07:56 - 2013-12-31 13:24 - 00338484 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-15 07:56 - 2013-08-23 00:08 - 04568662 _____ () C:\Windows\system32\perfh005.dat
2015-04-15 07:56 - 2013-08-23 00:08 - 01442138 _____ () C:\Windows\system32\perfc005.dat
2015-04-15 07:51 - 2013-12-31 15:04 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-15 07:51 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-15 07:50 - 2014-12-10 20:45 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-15 07:50 - 2014-07-10 17:42 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-15 07:41 - 2014-08-21 20:09 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-15 07:36 - 2013-12-31 15:33 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-15 07:36 - 2013-12-31 15:05 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 07:35 - 2013-12-31 15:05 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-15 07:35 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-04-15 07:34 - 2014-01-02 16:40 - 00000000 ____D () C:\ProgramData\Skype
2015-04-15 07:33 - 2013-08-22 15:25 - 00000208 _____ () C:\Windows\win.ini
2015-04-15 07:21 - 2014-11-13 21:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2015-04-13 10:18 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-04-10 20:09 - 2013-12-31 20:21 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-04-09 11:08 - 2013-12-31 13:17 - 00000000 ____D () C:\Users\Rosta
2015-04-07 16:08 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-04-05 11:23 - 2013-12-31 20:36 - 00000000 ____D () C:\Users\Rosta\AppData\Roaming\TeamViewer
2015-04-02 08:38 - 2014-12-16 09:46 - 00000992 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-03-30 12:25 - 2014-12-28 16:23 - 00000000 ____D () C:\Users\Rosta\AppData\Local\CrashDumps
2015-03-28 13:07 - 2014-12-28 17:09 - 00000000 ____D () C:\Users\Rosta\AppData\Roaming\uTorrent
2015-03-25 18:36 - 2013-12-31 16:39 - 00000000 ____D () C:\Program Files\CCleaner
2015-03-25 14:48 - 2014-07-06 16:01 - 00000132 _____ () C:\Users\Rosta\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2015-03-21 09:35 - 2014-01-05 14:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-18 12:08 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
==================== Files in the root of some directories =======
2014-07-06 16:01 - 2015-03-25 14:48 - 0000132 _____ () C:\Users\Rosta\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2015-04-16 09:33 - 2015-04-16 09:34 - 0029696 _____ () C:\Users\Rosta\AppData\Local\MSGBOX.EXE
2014-01-04 14:27 - 2014-01-04 14:27 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-01-21 21:02 - 2014-01-21 21:02 - 0000074 _____ () C:\ProgramData\Sls.ini
Some content of TEMP:
====================
C:\Users\Rosta\AppData\Local\Temp\exe2pin.exe
C:\Users\Rosta\AppData\Local\Temp\Quarantine.exe
C:\Users\Rosta\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-08 10:14
==================== End Of Log ============================
Ran by Rosta (administrator) on PC1 on 16-04-2015 09:35:42
Running from C:\Users\Rosta\Desktop
Loaded Profiles: Rosta (Available profiles: Rosta)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros Commnucations) C:\Windows\System32\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CobianSoft, Luis Cobian) C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ActMask Co.,Ltd - http://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [4689072 2013-12-16] (VIA)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Slu~ba Acronis Scheduler2] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519504 2013-08-21] (Acronis)
HKLM\...\Run: [apmwinapp] => C:\Program Files (x86)\Paragon Software\HFS+ for Windows 10.2\apmwinsrv.exe [66768 2013-11-18] ()
HKLM\...\Run: [PrintDisp] => C:\Windows\system32\PrintDisp.exe [877568 2013-06-25] (ActMask Co.,Ltd - http://www.all2pdf.com)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [4689072 2013-12-16] (VIA)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227648 2015-03-30] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7801088 2013-09-20] ()
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1105328 2013-01-10] (Acronis)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-08-04] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HFS Activator] => C:\Program Files (x86)\Paragon Software\HFS+ for Windows 10.2\activation\hfsactivator.exe [245456 2013-11-18] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-188182577-3083718651-2108276629-1001\...\Run: [Cobian Backup 11] => C:\Program Files (x86)\Cobian Backup 11\Cobian.exe [720896 2012-12-05] (Luis Cobian, CobianSoft)
HKU\S-1-5-21-188182577-3083718651-2108276629-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-188182577-3083718651-2108276629-1001\...\MountPoints2: {a26ddc0e-83bd-11e4-82ed-24fd521f9bc1} - "F:\SISetup.exe"
HKU\S-1-5-21-188182577-3083718651-2108276629-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [589312 2014-10-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll ()
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll ()
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-188182577-3083718651-2108276629-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-12-12] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-26] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-12-12] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-26] (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Hosts: 127.0.0.1 activation.acronis.com
Tcpip\Parameters: [DhcpNameServer] 10.1.1.41 8.8.8.8 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Rosta\AppData\Roaming\Mozilla\Firefox\Profiles\ko7hwr87.default
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: QuickStores-Toolbar - C:\Program Files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de [2015-01-12]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: No Name - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-25]
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2014-12-16]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-12]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Windows\system32\AdminService.exe [208384 2012-08-29] (Atheros Commnucations)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-12] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-12] (Avast Software)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2012-12-05] (CobianSoft, Luis Cobian) [File not signed]
S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136704 2009-06-24] (HP) [File not signed]
R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [35616 2014-11-21] (Microsoft)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 Printer Control; C:\Windows\system32\PrintCtrl.exe [121856 2012-10-21] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) [File not signed]
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448464 2015-03-30] (TeamViewer GmbH)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-12-11] (VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-08-01] (Atheros) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 apmwin; C:\Windows\System32\DRIVERS\apmwin.sys [50896 2013-11-18] (Paragon Software Group)
S2 Aspi32; C:\Windows\SysWOW64\drivers\aspi32.sys [16877 2002-07-17] (Adaptec) [File not signed]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-12] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-12] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-12] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-12] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-12] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-12] ()
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 DigiartyVirtualCDBus; C:\Windows\System32\drivers\DigiartyVirtualCDBus.sys [276256 2014-11-19] (Digiarty Software, Inc.)
R0 gpt_loader; C:\Windows\System32\DRIVERS\gpt_loader.sys [61136 2013-11-18] (Paragon Software Group)
S3 Hfsplus; C:\Windows\System32\DRIVERS\hfsplus.sys [205520 2013-11-18] (Paragon Software Group)
R2 HfsplusRec; C:\Windows\System32\DRIVERS\hfsplusrec.sys [15568 2013-11-18] (Paragon Software Group)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-04-15] (Malwarebytes Corporation)
R0 mounthlp; C:\Windows\System32\DRIVERS\mounthlp.sys [42704 2013-11-18] (Paragon Software Group)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-12-24] (Marvell Semiconductor, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-10-19] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2014-10-19] (Acronis)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-06-10] (Apple, Inc.) [File not signed]
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-12] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-16 09:35 - 2015-04-16 09:35 - 00017249 _____ () C:\Users\Rosta\Desktop\FRST.txt
2015-04-16 09:35 - 2015-04-16 09:35 - 00000000 ____D () C:\FRST
2015-04-16 09:34 - 2015-04-16 09:34 - 02097664 _____ (Farbar) C:\Users\Rosta\Desktop\FRST64.exe
2015-04-16 09:33 - 2015-04-16 09:34 - 00029696 _____ () C:\Users\Rosta\AppData\Local\MSGBOX.EXE
2015-04-15 19:38 - 2015-04-16 09:31 - 00000505 _____ () C:\Users\Rosta\Desktop\Undelivered Mail Returned to Sender.website
2015-04-15 19:35 - 2015-04-15 19:35 - 00388608 _____ (Trend Micro Inc.) C:\Users\Rosta\Desktop\hijackthis.exe
2015-04-15 19:35 - 2015-04-15 19:35 - 00010254 _____ () C:\Users\Rosta\Desktop\hijackthis.log
2015-04-15 16:15 - 2015-04-15 16:15 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-04-15 09:04 - 2015-04-16 09:26 - 00000652 _____ () C:\Users\Rosta\Desktop\VIRY.CZ • Zobrazit téma - Posílám spam.website
2015-04-15 09:00 - 2015-04-15 09:00 - 01222144 _____ () C:\Users\Rosta\Desktop\RSITx64.exe
2015-04-15 09:00 - 2015-04-15 09:00 - 00000000 ____D () C:\rsit
2015-04-15 09:00 - 2015-04-15 09:00 - 00000000 ____D () C:\Program Files\trend micro
2015-04-15 07:48 - 2015-04-15 07:50 - 00000000 ____D () C:\AdwCleaner
2015-04-15 07:34 - 2015-04-15 07:34 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-15 07:34 - 2015-04-15 07:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-04-15 07:23 - 2015-03-23 23:59 - 07476032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 07:23 - 2015-03-23 23:59 - 01733952 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 07:23 - 2015-03-23 23:59 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-04-15 07:23 - 2015-03-23 23:58 - 01498872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 07:23 - 2015-03-23 23:45 - 00257216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-04-15 07:23 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 07:23 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 07:23 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 07:23 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 07:23 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 07:23 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 07:23 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 07:23 - 2015-03-20 06:12 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2015-04-15 07:23 - 2015-03-20 06:10 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 07:23 - 2015-03-20 06:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 07:23 - 2015-03-20 05:17 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-04-15 07:23 - 2015-03-20 04:41 - 00369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-04-15 07:23 - 2015-03-20 04:40 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-04-15 07:23 - 2015-03-20 04:16 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-04-15 07:23 - 2015-03-14 10:54 - 00133256 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 07:23 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-04-15 07:23 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-04-15 07:23 - 2015-03-14 03:56 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 07:23 - 2015-03-14 03:56 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 07:23 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 07:23 - 2015-03-14 03:37 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 07:23 - 2015-03-14 03:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 07:23 - 2015-03-14 02:22 - 03678720 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 07:23 - 2015-03-14 02:12 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 07:23 - 2015-03-14 02:12 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 07:23 - 2015-03-14 02:09 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-04-15 07:23 - 2015-03-14 02:08 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-04-15 07:23 - 2015-03-14 02:08 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 07:23 - 2015-03-14 02:06 - 02373632 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 07:23 - 2015-03-14 02:06 - 00891392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 07:23 - 2015-03-14 02:02 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 07:23 - 2015-03-14 02:02 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 07:23 - 2015-03-14 01:59 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 07:23 - 2015-03-14 01:59 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 07:23 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 07:23 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 07:23 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 07:23 - 2015-03-13 05:53 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-15 07:23 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 07:23 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 07:23 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 07:23 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 07:23 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 07:23 - 2015-03-13 05:17 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-04-15 07:23 - 2015-03-13 05:16 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-04-15 07:23 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 07:23 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 07:23 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 07:23 - 2015-03-13 04:58 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-04-15 07:23 - 2015-03-13 04:50 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-04-15 07:23 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 07:23 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 07:23 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 07:23 - 2015-03-13 04:37 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-04-15 07:23 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 07:23 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 07:23 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 07:23 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 07:23 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 07:23 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-15 07:23 - 2015-03-04 12:25 - 00377152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2015-04-15 07:23 - 2015-03-04 05:04 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 07:23 - 2015-03-04 04:19 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-15 07:23 - 2015-02-24 10:32 - 00991552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 07:23 - 2015-02-21 01:49 - 00780800 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2015-04-08 14:02 - 2015-04-15 16:39 - 00000674 _____ () C:\Users\Rosta\Desktop\Uspání USB externích disků.website
2015-04-07 08:47 - 2015-04-07 08:47 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-07 08:47 - 2015-04-07 08:47 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-04 08:16 - 2015-04-04 08:16 - 00000000 ____D () C:\Users\Rosta\AppData\Local\Apple
2015-04-03 19:07 - 2015-04-03 19:07 - 05581328 _____ (Avast Software s.r.o.) C:\Users\Rosta\Desktop\avastclear.exe
2015-04-02 14:57 - 2015-04-02 14:57 - 00000000 ____D () C:\Users\Rosta\AppData\Roaming\PicPick
2015-04-02 14:57 - 2015-04-02 14:57 - 00000000 ____D () C:\ProgramData\PicPick
2015-04-02 14:57 - 2015-04-02 14:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PicPick
2015-04-02 14:47 - 2015-04-15 07:51 - 00026180 _____ () C:\Windows\PFRO.log
2015-04-02 14:47 - 2015-04-02 14:47 - 05056048 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-29 18:03 - 2015-03-29 18:03 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2015-03-28 18:13 - 2015-03-31 16:42 - 00000000 ____D () C:\Users\Rosta\AppData\Local\Adobe
2015-03-28 17:53 - 2015-04-15 19:21 - 02045828 _____ () C:\Windows\WindowsUpdate.log
2015-03-28 17:52 - 2015-04-15 07:51 - 00075541 _____ () C:\Windows\setupact.log
2015-03-28 17:52 - 2015-03-28 17:52 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-25 19:14 - 2015-03-25 19:14 - 00000000 ____D () C:\Users\Rosta\Downloads\Jasmine Rain - Super Soaker Slut
2015-03-25 19:08 - 2015-03-25 19:08 - 00000000 ____D () C:\Users\Rosta\Downloads\18YearsOld - Jasmine Rain (Brunette Honey)
2015-03-19 11:35 - 2015-03-19 11:35 - 00030535 _____ () C:\Users\Rosta\Documents\Thunderbird 31.5.0 (cs) - 2015-03-19.pcv
2015-03-19 11:23 - 2015-03-19 11:24 - 00000000 ____D () C:\Users\Rosta\AppData\Local\Thunderbird
2015-03-19 11:23 - 2015-03-19 11:23 - 00000000 ____D () C:\Users\Rosta\AppData\Roaming\Thunderbird
2015-03-19 10:46 - 2015-03-19 10:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup
2015-03-19 10:45 - 2015-03-19 10:45 - 00000000 ____D () C:\Program Files (x86)\MozBackup
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-16 09:31 - 2013-12-31 15:20 - 00000000 ____D () C:\Users\Rosta\Documents\Soubory aplikace Outlook
2015-04-16 09:26 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2015-04-15 16:39 - 2014-08-02 22:45 - 00000000 ____D () C:\Users\Rosta\Documents\MailStore Home
2015-04-15 09:17 - 2015-03-16 11:15 - 00000485 _____ () C:\Users\Rosta\Desktop\Alza.cz.website
2015-04-15 08:02 - 2013-12-31 13:28 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-188182577-3083718651-2108276629-1001
2015-04-15 07:56 - 2013-12-31 13:24 - 00338484 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-15 07:56 - 2013-08-23 00:08 - 04568662 _____ () C:\Windows\system32\perfh005.dat
2015-04-15 07:56 - 2013-08-23 00:08 - 01442138 _____ () C:\Windows\system32\perfc005.dat
2015-04-15 07:51 - 2013-12-31 15:04 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-15 07:51 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-15 07:50 - 2014-12-10 20:45 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-15 07:50 - 2014-07-10 17:42 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-15 07:41 - 2014-08-21 20:09 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-15 07:36 - 2013-12-31 15:33 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-15 07:36 - 2013-12-31 15:05 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 07:35 - 2013-12-31 15:05 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-15 07:35 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-04-15 07:34 - 2014-01-02 16:40 - 00000000 ____D () C:\ProgramData\Skype
2015-04-15 07:33 - 2013-08-22 15:25 - 00000208 _____ () C:\Windows\win.ini
2015-04-15 07:21 - 2014-11-13 21:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2015-04-13 10:18 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-04-10 20:09 - 2013-12-31 20:21 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-04-09 11:08 - 2013-12-31 13:17 - 00000000 ____D () C:\Users\Rosta
2015-04-07 16:08 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-04-05 11:23 - 2013-12-31 20:36 - 00000000 ____D () C:\Users\Rosta\AppData\Roaming\TeamViewer
2015-04-02 08:38 - 2014-12-16 09:46 - 00000992 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-03-30 12:25 - 2014-12-28 16:23 - 00000000 ____D () C:\Users\Rosta\AppData\Local\CrashDumps
2015-03-28 13:07 - 2014-12-28 17:09 - 00000000 ____D () C:\Users\Rosta\AppData\Roaming\uTorrent
2015-03-25 18:36 - 2013-12-31 16:39 - 00000000 ____D () C:\Program Files\CCleaner
2015-03-25 14:48 - 2014-07-06 16:01 - 00000132 _____ () C:\Users\Rosta\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2015-03-21 09:35 - 2014-01-05 14:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-18 12:08 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
==================== Files in the root of some directories =======
2014-07-06 16:01 - 2015-03-25 14:48 - 0000132 _____ () C:\Users\Rosta\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2015-04-16 09:33 - 2015-04-16 09:34 - 0029696 _____ () C:\Users\Rosta\AppData\Local\MSGBOX.EXE
2014-01-04 14:27 - 2014-01-04 14:27 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-01-21 21:02 - 2014-01-21 21:02 - 0000074 _____ () C:\ProgramData\Sls.ini
Some content of TEMP:
====================
C:\Users\Rosta\AppData\Local\Temp\exe2pin.exe
C:\Users\Rosta\AppData\Local\Temp\Quarantine.exe
C:\Users\Rosta\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-08 10:14
==================== End Of Log ============================
Re: Prosím o kontrolu logu, rozesílaní nevyžádené pošty
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-04-2015 04
Ran by Rosta at 2015-04-16 09:36:02
Running from C:\Users\Rosta\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-188182577-3083718651-2108276629-1001\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
Acronis True Image 2014 (HKLM-x32\...\{77261AC1-DF95-4212-A6AD-19FF44131B80}Visible) (Version: 17.0.5560 - Acronis)
Acronis True Image 2014 (x32 Version: 17.0.5560 - Acronis) Hidden
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Aktualizace NVIDIA 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
BDlot DVD ISO Master 3.0.2 (HKLM-x32\...\BDlot DVD ISO Master_is1) (Version: - LotSoft)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.66.1075 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.3.4746 - CDBurnerXP)
CGS17_Setup_x64 (Version: 17.1 - Corel Corporation) Hidden
Cobian Backup 11 Gravity (HKLM-x32\...\CobBackup11) (Version: - )
Corel Graphics - Windows Shell Extension (HKLM\...\_{4DC318F5-1640-4417-A218-912ED9905FAA}) (Version: 17.1.0.572 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 17.1.572 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.1.572 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Capture (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Common (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Connect (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Custom Data (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - CZ (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Draw (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Filters (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - FontNav (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - IPM (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - PHOTO-PAINT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Photozoom Plugin (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Redist (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Setup Files (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VBA (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VideoBrowser (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VSTA (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - WT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - CZ (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.1.0.572 - Corel Corporation)
CorelDRAW(R) Graphics Suite X5 (HKLM-x32\...\_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}) (Version: 15.2.0.686 - Corel Corporation)
CPUID HWMonitor 1.24 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
CrystalDiskInfo 6.0.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.0.2 - Crystal Dew World)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
doPDF (Version: 8.1.920 - Softland) Hidden
doPDF 8 (HKLM-x32\...\{7ced5c6b-4b09-4bd7-8707-b3cce8eead22}) (Version: 8.1.920 - Softland)
Doplněk Microsoft Outlook Hotmail Connector (64bitový) (HKLM\...\{95140000-007A-0405-1000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
EncryptOnClick (HKLM-x32\...\EncryptOnClick_is1) (Version: - 2BrightSparks)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.115 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.115 - Etron Technology) Hidden
GetDataBack for NTFS (HKLM-x32\...\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}) (Version: 4.21.000 - Runtime Software)
HeavyLoad V2.4 (HKLM-x32\...\HeavyLoad_is1) (Version: - JAM Software GmbH)
hppLaserJetService (x32 Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppP1100P1560P1600SeriesLaserJetService (x32 Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppusgP1100P1560P1600Series (x32 Version: 1.0.0.1 - Hewlett-Packard) Hidden
ICQ 8.2 (verze 6901) (HKU\S-1-5-21-188182577-3083718651-2108276629-1001\...\ICQ) (Version: 8.2.6901.0 - ICQ)
Infix PDF Editor verze 6.3.6.0 (HKLM-x32\...\83FFB914-6FA7-4F1F-807E-E0FFBA2E49E1_is1) (Version: 6.3.6.0 - Iceni Technology)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MailStore Home 8.0.5.8779 (HKLM-x32\...\MailStore Home_universal1) (Version: 8.0.5.8779 - MailStore Software GmbH)
Malwarebytes Anti-Malware verze 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2010 pro podnikatele (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 34.0.5 (x86 cs) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 cs)) (Version: 34.0.5 - Mozilla)
novaPDF 8 add-in for Microsoft Office (x64) (HKLM\...\{17BD99A4-9C11-47D4-91AF-8814DD3FFCC2}) (Version: 8.1.920 - Softland)
novaPDF 8 add-in for Microsoft Office (x86) (HKLM-x32\...\{B6E0BB99-B532-4EC1-9D84-ACC8CED590B3}) (Version: 8.1.920 - Softland)
novaPDF 8 Printer Driver (HKLM\...\{3A1637B5-233D-47B1-B89F-EBF718C04CFD}) (Version: 8.1.920 - Softland)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Ovládací panel NVIDIA 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Paragon HFS+ for Windows™ 10.2 (HKLM-x32\...\{456534C0-51E7-11DF-B336-005056C00008}) (Version: 1.00 - Paragon Software)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
PROFIT 2015.02 (HKLM-x32\...\{670A9A20-E29D-40C3-9937-2AFF89C3AC82}_is1) (Version: - LPsoft)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Samsung Easy Wireless Setup (HKLM-x32\...\Easy Wireless Setup) (Version: 3.70.18.0 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.40798 - TeamViewer)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.51 - Ghisler Software GmbH)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VIA Platforma Ovladače zařízení (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
XnView 2.13 (HKLM-x32\...\XnView_is1) (Version: 2.13 - Gougelet Pierre-e)
XXClone ver 2.05.2b (HKLM\...\XXClone) (Version: 2.05.2b - Pixelab)
Základní software zařízení HP Photosmart 5510 series (HKLM\...\{22E8B03A-9094-45AC-910A-CB491A16A593}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Zoner Photo Studio 16 - Obálky a šablony (HKLM\...\ZonerPhotoStudio16_Templates_CZ_is1) (Version: 16.0.1.2 - ZONER software)
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_CZ_is1) (Version: 16.0.1.3 - ZONER software)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
24-03-2015 16:26:17 Naplánovaný kontrolní bod
01-04-2015 10:06:20 Naplánovaný kontrolní bod
07-04-2015 08:47:17 Windows Update
15-04-2015 07:32:20 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2014-10-19 13:36 - 00000862 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activation.acronis.com
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {07C13134-5371-4760-A718-52B70CEC7E85} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {238215E5-97FB-4F36-8BEC-576F71E210CD} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {35EBBD08-FB7A-4500-8DB9-D1A01B03BE98} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-04-15] (Microsoft Corporation)
Task: {5117008D-A469-4143-B61F-319244F2E8F1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7C92152F-159B-4EA4-9479-690A66F78377} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {87E2F999-AAA2-4A6B-A626-8F115B73E108} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {8EFCCF86-5221-42C9-9174-DADCE93CC7BF} - System32\Tasks\doPDF Update => C:\Program Files\Softland\novaPDF 8\Driver\UpdateApplication.exe [2014-11-21] ()
Task: {9131F18A-C50F-4B37-9616-D724C71D5D16} - System32\Tasks\AdobeAAMUpdater-1.0-PC1-Rosta => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {9B260F7E-4EB8-4052-A1FE-1192183A2500} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-12] (AVAST Software)
Task: {A8FC768D-BD86-4D99-9862-A635B25824C2} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {B88D3DE4-8E89-4866-B544-F37642FBAECC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {D8915DF9-4F4F-4A6B-937B-F530CAAD718E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {EE161034-A71E-446F-9B11-AE1EF7BE5EF2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2014-01-04 14:09 - 2012-09-18 16:27 - 00192512 _____ () C:\Windows\System32\zlhp1020.dll
2014-01-04 14:09 - 2012-09-18 16:27 - 00065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\pphp1020.dll
2014-12-16 18:05 - 2012-08-31 16:02 - 00074240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HP1100PP.DLL
2014-01-04 14:09 - 2012-09-18 16:27 - 03162624 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\suhp1020.dll
2014-01-04 14:09 - 2012-09-18 16:27 - 01236992 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\gchp1020.dll
2014-11-21 21:06 - 2014-11-21 21:06 - 00137368 _____ () C:\Program Files\Softland\novaPDF 8\Server\AgileDotNetRT64.dll
2014-11-21 21:06 - 2014-11-21 21:06 - 00032032 _____ () C:\Program Files\Softland\novaPDF 8\Server\CryptUtil.dll
2014-11-21 21:06 - 2014-11-21 21:06 - 00026912 _____ () C:\Program Files\Softland\novaPDF 8\Server\WAFServicePlugin.dll
2014-12-12 11:47 - 2014-12-12 11:47 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-12-12 11:47 - 2014-12-12 11:47 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2013-08-23 10:16 - 2013-08-23 10:16 - 02827128 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2014-02-18 20:16 - 2012-11-14 09:22 - 00078456 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2014-02-18 20:16 - 2012-11-14 09:22 - 00386168 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2014-01-25 02:22 - 2014-01-25 02:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-12-12 11:47 - 2014-12-12 11:47 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2015-04-15 07:52 - 2015-04-15 07:52 - 02925568 _____ () C:\Program Files\AVAST Software\Avast\defs\15041400\algo.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-20 03:04 - 2013-09-20 03:04 - 00276800 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\resource.dll
2013-09-20 03:04 - 2013-09-20 03:04 - 00028992 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2013-09-20 03:06 - 2013-09-20 03:06 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2015-03-13 20:09 - 2015-03-13 20:09 - 38714440 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2009-08-04 18:23 - 2009-08-04 18:23 - 00063032 _____ () C:\Program Files (x86)\HP\HP UT LEDM\bin\HPTools.dll
2009-08-04 18:23 - 2009-08-04 18:23 - 00075320 _____ () C:\Program Files (x86)\HP\HP UT LEDM\bin\HPToolkit.dll
2013-08-23 10:58 - 2013-08-23 10:58 - 00022336 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-188182577-3083718651-2108276629-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Rosta\Pictures\babochka-i-robot-1920-1080.jpg
DNS Servers: 10.1.1.41 - 8.8.8.8
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "Služba Acronis Scheduler2"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKU\S-1-5-21-188182577-3083718651-2108276629-1001\...\StartupApproved\Run: => "HP Photosmart 5510 series (NET)"
HKU\S-1-5-21-188182577-3083718651-2108276629-1001\...\StartupApproved\Run: => "Cobian Backup 11"
HKU\S-1-5-21-188182577-3083718651-2108276629-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
==================== Accounts: =============================
Administrator (S-1-5-21-188182577-3083718651-2108276629-500 - Administrator - Disabled)
Guest (S-1-5-21-188182577-3083718651-2108276629-501 - Limited - Disabled)
Rosta (S-1-5-21-188182577-3083718651-2108276629-1001 - Administrator - Enabled) => C:\Users\Rosta
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/15/2015 07:56:09 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Error: (04/15/2015 07:36:06 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1 se nezdařilo.
Závislé sestavení Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (04/15/2015 07:36:05 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1 se nezdařilo.
Závislé sestavení Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (04/15/2015 07:36:05 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1 se nezdařilo.
Závislé sestavení Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (04/15/2015 07:36:05 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1 se nezdařilo.
Závislé sestavení Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (04/15/2015 07:33:00 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1 se nezdařilo.
Závislé sestavení Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (04/15/2015 07:33:00 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1 se nezdařilo.
Závislé sestavení Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (04/15/2015 07:33:00 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1 se nezdařilo.
Závislé sestavení Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (04/15/2015 07:32:59 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1 se nezdařilo.
Závislé sestavení Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (04/14/2015 07:32:33 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1 se nezdařilo.
Závislé sestavení Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
System errors:
=============
Error: (04/15/2015 04:08:28 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Výstraha o závažné chybě byla vygenerována a zaslána na vzdálený koncový bod. To může vést k ukončení připojení. Kód závažné chyby definovaný protokolem TLS: 20. Stav chyby Windows SChannel: 960
Error: (04/15/2015 07:51:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Aspi32 neuspěla při spuštění v důsledku následující chyby:
%%1275
Error: (04/15/2015 07:51:51 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\drivers\aspi32.sys
Error: (04/15/2015 07:51:05 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
%%1056
Error: (04/15/2015 07:51:04 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
%%1056
Error: (04/15/2015 07:50:35 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (04/15/2015 07:50:34 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Adaptér výkonu rozhraní WMI byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error: (04/15/2015 07:50:34 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (04/15/2015 07:50:33 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Acronis Sync Agent Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
Error: (04/15/2015 07:50:33 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Office Software Protection Platform byla neočekávaně ukončena. Tento stav nastal již 1krát.
Microsoft Office Sessions:
=========================
Error: (04/15/2015 07:56:09 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance163707000000000000000000008F020000
Error: (04/15/2015 07:36:06 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdDefrag.dll
Error: (04/15/2015 07:36:05 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKEngine.dll
Error: (04/15/2015 07:36:05 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdFS.dll
Error: (04/15/2015 07:36:05 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdCaps.dll
Error: (04/15/2015 07:33:00 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdDefrag.dll
Error: (04/15/2015 07:33:00 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKEngine.dll
Error: (04/15/2015 07:33:00 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdFS.dll
Error: (04/15/2015 07:32:59 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdCaps.dll
Error: (04/14/2015 07:32:33 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdDefrag.dll
CodeIntegrity Errors:
===================================
Date: 2015-01-20 10:33:21.351
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Rosta\Documents\Zálohy\Servisní flash\Service\SW inst\Systém, konfigurace a diagnostika\Unlocker\x86\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-01-20 10:33:21.304
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Rosta\Documents\Zálohy\Servisní flash\Service\SW inst\Systém, konfigurace a diagnostika\Unlocker\x86\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-01-20 10:30:08.478
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Rosta\Documents\Zálohy\Servisní flash\Service\SW inst\Systém, konfigurace a diagnostika\Unlocker\x86\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-01-20 10:30:08.431
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Rosta\Documents\Zálohy\Servisní flash\Service\SW inst\Systém, konfigurace a diagnostika\Unlocker\x86\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-14 18:56:40.651
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Rosta\Documents\Zálohy\Servisní flash\Service\SW inst\Systém, konfigurace a diagnostika\Unlocker\x86\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-14 18:56:40.604
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Rosta\Documents\Zálohy\Servisní flash\Service\SW inst\Systém, konfigurace a diagnostika\Unlocker\x86\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-14 18:55:10.088
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Rosta\Documents\Zálohy\Servisní flash\Service\SW inst\Systém, konfigurace a diagnostika\Unlocker\x86\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-14 18:55:10.041
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Rosta\Documents\Zálohy\Servisní flash\Service\SW inst\Systém, konfigurace a diagnostika\Unlocker\x86\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-14 18:55:03.495
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Rosta\Documents\Zálohy\Servisní flash\Service\SW inst\Systém, konfigurace a diagnostika\Unlocker\x86\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-14 18:55:03.433
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Rosta\Documents\Zálohy\Servisní flash\Service\SW inst\Systém, konfigurace a diagnostika\Unlocker\x86\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
Percentage of memory in use: 37%
Total physical RAM: 3983.8 MB
Available physical RAM: 2473.46 MB
Total Pagefile: 4687.8 MB
Available Pagefile: 3057.65 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: (Windows 8) (Fixed) (Total:223.05 GB) (Free:66.72 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: 597B244E)
Partition: GPT Partition Type.
==================== End Of Log ============================
Ran by Rosta at 2015-04-16 09:36:02
Running from C:\Users\Rosta\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-188182577-3083718651-2108276629-1001\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
Acronis True Image 2014 (HKLM-x32\...\{77261AC1-DF95-4212-A6AD-19FF44131B80}Visible) (Version: 17.0.5560 - Acronis)
Acronis True Image 2014 (x32 Version: 17.0.5560 - Acronis) Hidden
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Aktualizace NVIDIA 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
BDlot DVD ISO Master 3.0.2 (HKLM-x32\...\BDlot DVD ISO Master_is1) (Version: - LotSoft)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.66.1075 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.3.4746 - CDBurnerXP)
CGS17_Setup_x64 (Version: 17.1 - Corel Corporation) Hidden
Cobian Backup 11 Gravity (HKLM-x32\...\CobBackup11) (Version: - )
Corel Graphics - Windows Shell Extension (HKLM\...\_{4DC318F5-1640-4417-A218-912ED9905FAA}) (Version: 17.1.0.572 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 17.1.572 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.1.572 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Capture (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Common (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Connect (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Custom Data (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - CZ (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Draw (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Filters (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - FontNav (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - IPM (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - PHOTO-PAINT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Photozoom Plugin (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Redist (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Setup Files (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VBA (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VideoBrowser (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VSTA (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - WT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - CZ (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.1.0.572 - Corel Corporation)
CorelDRAW(R) Graphics Suite X5 (HKLM-x32\...\_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}) (Version: 15.2.0.686 - Corel Corporation)
CPUID HWMonitor 1.24 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
CrystalDiskInfo 6.0.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.0.2 - Crystal Dew World)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
doPDF (Version: 8.1.920 - Softland) Hidden
doPDF 8 (HKLM-x32\...\{7ced5c6b-4b09-4bd7-8707-b3cce8eead22}) (Version: 8.1.920 - Softland)
Doplněk Microsoft Outlook Hotmail Connector (64bitový) (HKLM\...\{95140000-007A-0405-1000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
EncryptOnClick (HKLM-x32\...\EncryptOnClick_is1) (Version: - 2BrightSparks)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.115 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.115 - Etron Technology) Hidden
GetDataBack for NTFS (HKLM-x32\...\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}) (Version: 4.21.000 - Runtime Software)
HeavyLoad V2.4 (HKLM-x32\...\HeavyLoad_is1) (Version: - JAM Software GmbH)
hppLaserJetService (x32 Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppP1100P1560P1600SeriesLaserJetService (x32 Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppusgP1100P1560P1600Series (x32 Version: 1.0.0.1 - Hewlett-Packard) Hidden
ICQ 8.2 (verze 6901) (HKU\S-1-5-21-188182577-3083718651-2108276629-1001\...\ICQ) (Version: 8.2.6901.0 - ICQ)
Infix PDF Editor verze 6.3.6.0 (HKLM-x32\...\83FFB914-6FA7-4F1F-807E-E0FFBA2E49E1_is1) (Version: 6.3.6.0 - Iceni Technology)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MailStore Home 8.0.5.8779 (HKLM-x32\...\MailStore Home_universal1) (Version: 8.0.5.8779 - MailStore Software GmbH)
Malwarebytes Anti-Malware verze 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2010 pro podnikatele (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 34.0.5 (x86 cs) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 cs)) (Version: 34.0.5 - Mozilla)
novaPDF 8 add-in for Microsoft Office (x64) (HKLM\...\{17BD99A4-9C11-47D4-91AF-8814DD3FFCC2}) (Version: 8.1.920 - Softland)
novaPDF 8 add-in for Microsoft Office (x86) (HKLM-x32\...\{B6E0BB99-B532-4EC1-9D84-ACC8CED590B3}) (Version: 8.1.920 - Softland)
novaPDF 8 Printer Driver (HKLM\...\{3A1637B5-233D-47B1-B89F-EBF718C04CFD}) (Version: 8.1.920 - Softland)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Ovládací panel NVIDIA 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Paragon HFS+ for Windows™ 10.2 (HKLM-x32\...\{456534C0-51E7-11DF-B336-005056C00008}) (Version: 1.00 - Paragon Software)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
PROFIT 2015.02 (HKLM-x32\...\{670A9A20-E29D-40C3-9937-2AFF89C3AC82}_is1) (Version: - LPsoft)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Samsung Easy Wireless Setup (HKLM-x32\...\Easy Wireless Setup) (Version: 3.70.18.0 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.40798 - TeamViewer)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.51 - Ghisler Software GmbH)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VIA Platforma Ovladače zařízení (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
XnView 2.13 (HKLM-x32\...\XnView_is1) (Version: 2.13 - Gougelet Pierre-e)
XXClone ver 2.05.2b (HKLM\...\XXClone) (Version: 2.05.2b - Pixelab)
Základní software zařízení HP Photosmart 5510 series (HKLM\...\{22E8B03A-9094-45AC-910A-CB491A16A593}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Zoner Photo Studio 16 - Obálky a šablony (HKLM\...\ZonerPhotoStudio16_Templates_CZ_is1) (Version: 16.0.1.2 - ZONER software)
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_CZ_is1) (Version: 16.0.1.3 - ZONER software)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
24-03-2015 16:26:17 Naplánovaný kontrolní bod
01-04-2015 10:06:20 Naplánovaný kontrolní bod
07-04-2015 08:47:17 Windows Update
15-04-2015 07:32:20 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2014-10-19 13:36 - 00000862 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activation.acronis.com
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {07C13134-5371-4760-A718-52B70CEC7E85} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {238215E5-97FB-4F36-8BEC-576F71E210CD} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {35EBBD08-FB7A-4500-8DB9-D1A01B03BE98} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-04-15] (Microsoft Corporation)
Task: {5117008D-A469-4143-B61F-319244F2E8F1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7C92152F-159B-4EA4-9479-690A66F78377} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {87E2F999-AAA2-4A6B-A626-8F115B73E108} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {8EFCCF86-5221-42C9-9174-DADCE93CC7BF} - System32\Tasks\doPDF Update => C:\Program Files\Softland\novaPDF 8\Driver\UpdateApplication.exe [2014-11-21] ()
Task: {9131F18A-C50F-4B37-9616-D724C71D5D16} - System32\Tasks\AdobeAAMUpdater-1.0-PC1-Rosta => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {9B260F7E-4EB8-4052-A1FE-1192183A2500} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-12] (AVAST Software)
Task: {A8FC768D-BD86-4D99-9862-A635B25824C2} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {B88D3DE4-8E89-4866-B544-F37642FBAECC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {D8915DF9-4F4F-4A6B-937B-F530CAAD718E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {EE161034-A71E-446F-9B11-AE1EF7BE5EF2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2014-01-04 14:09 - 2012-09-18 16:27 - 00192512 _____ () C:\Windows\System32\zlhp1020.dll
2014-01-04 14:09 - 2012-09-18 16:27 - 00065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\pphp1020.dll
2014-12-16 18:05 - 2012-08-31 16:02 - 00074240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HP1100PP.DLL
2014-01-04 14:09 - 2012-09-18 16:27 - 03162624 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\suhp1020.dll
2014-01-04 14:09 - 2012-09-18 16:27 - 01236992 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\gchp1020.dll
2014-11-21 21:06 - 2014-11-21 21:06 - 00137368 _____ () C:\Program Files\Softland\novaPDF 8\Server\AgileDotNetRT64.dll
2014-11-21 21:06 - 2014-11-21 21:06 - 00032032 _____ () C:\Program Files\Softland\novaPDF 8\Server\CryptUtil.dll
2014-11-21 21:06 - 2014-11-21 21:06 - 00026912 _____ () C:\Program Files\Softland\novaPDF 8\Server\WAFServicePlugin.dll
2014-12-12 11:47 - 2014-12-12 11:47 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-12-12 11:47 - 2014-12-12 11:47 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2013-08-23 10:16 - 2013-08-23 10:16 - 02827128 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2014-02-18 20:16 - 2012-11-14 09:22 - 00078456 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2014-02-18 20:16 - 2012-11-14 09:22 - 00386168 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2014-01-25 02:22 - 2014-01-25 02:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-12-12 11:47 - 2014-12-12 11:47 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2015-04-15 07:52 - 2015-04-15 07:52 - 02925568 _____ () C:\Program Files\AVAST Software\Avast\defs\15041400\algo.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-20 03:04 - 2013-09-20 03:04 - 00276800 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\resource.dll
2013-09-20 03:04 - 2013-09-20 03:04 - 00028992 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2013-09-20 03:06 - 2013-09-20 03:06 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2015-03-13 20:09 - 2015-03-13 20:09 - 38714440 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2009-08-04 18:23 - 2009-08-04 18:23 - 00063032 _____ () C:\Program Files (x86)\HP\HP UT LEDM\bin\HPTools.dll
2009-08-04 18:23 - 2009-08-04 18:23 - 00075320 _____ () C:\Program Files (x86)\HP\HP UT LEDM\bin\HPToolkit.dll
2013-08-23 10:58 - 2013-08-23 10:58 - 00022336 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-188182577-3083718651-2108276629-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Rosta\Pictures\babochka-i-robot-1920-1080.jpg
DNS Servers: 10.1.1.41 - 8.8.8.8
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "Služba Acronis Scheduler2"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKU\S-1-5-21-188182577-3083718651-2108276629-1001\...\StartupApproved\Run: => "HP Photosmart 5510 series (NET)"
HKU\S-1-5-21-188182577-3083718651-2108276629-1001\...\StartupApproved\Run: => "Cobian Backup 11"
HKU\S-1-5-21-188182577-3083718651-2108276629-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
==================== Accounts: =============================
Administrator (S-1-5-21-188182577-3083718651-2108276629-500 - Administrator - Disabled)
Guest (S-1-5-21-188182577-3083718651-2108276629-501 - Limited - Disabled)
Rosta (S-1-5-21-188182577-3083718651-2108276629-1001 - Administrator - Enabled) => C:\Users\Rosta
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/15/2015 07:56:09 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Error: (04/15/2015 07:36:06 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1 se nezdařilo.
Závislé sestavení Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (04/15/2015 07:36:05 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1 se nezdařilo.
Závislé sestavení Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (04/15/2015 07:36:05 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1 se nezdařilo.
Závislé sestavení Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (04/15/2015 07:36:05 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1 se nezdařilo.
Závislé sestavení Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (04/15/2015 07:33:00 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1 se nezdařilo.
Závislé sestavení Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (04/15/2015 07:33:00 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1 se nezdařilo.
Závislé sestavení Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (04/15/2015 07:33:00 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1 se nezdařilo.
Závislé sestavení Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (04/15/2015 07:32:59 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1 se nezdařilo.
Závislé sestavení Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (04/14/2015 07:32:33 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1 se nezdařilo.
Závislé sestavení Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
System errors:
=============
Error: (04/15/2015 04:08:28 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Výstraha o závažné chybě byla vygenerována a zaslána na vzdálený koncový bod. To může vést k ukončení připojení. Kód závažné chyby definovaný protokolem TLS: 20. Stav chyby Windows SChannel: 960
Error: (04/15/2015 07:51:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Aspi32 neuspěla při spuštění v důsledku následující chyby:
%%1275
Error: (04/15/2015 07:51:51 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\drivers\aspi32.sys
Error: (04/15/2015 07:51:05 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
%%1056
Error: (04/15/2015 07:51:04 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
%%1056
Error: (04/15/2015 07:50:35 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (04/15/2015 07:50:34 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Adaptér výkonu rozhraní WMI byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error: (04/15/2015 07:50:34 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (04/15/2015 07:50:33 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Acronis Sync Agent Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
Error: (04/15/2015 07:50:33 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Office Software Protection Platform byla neočekávaně ukončena. Tento stav nastal již 1krát.
Microsoft Office Sessions:
=========================
Error: (04/15/2015 07:56:09 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance163707000000000000000000008F020000
Error: (04/15/2015 07:36:06 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdDefrag.dll
Error: (04/15/2015 07:36:05 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKEngine.dll
Error: (04/15/2015 07:36:05 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdFS.dll
Error: (04/15/2015 07:36:05 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdCaps.dll
Error: (04/15/2015 07:33:00 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdDefrag.dll
Error: (04/15/2015 07:33:00 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKEngine.dll
Error: (04/15/2015 07:33:00 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdFS.dll
Error: (04/15/2015 07:32:59 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdCaps.dll
Error: (04/14/2015 07:32:33 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdDefrag.dll
CodeIntegrity Errors:
===================================
Date: 2015-01-20 10:33:21.351
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Rosta\Documents\Zálohy\Servisní flash\Service\SW inst\Systém, konfigurace a diagnostika\Unlocker\x86\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-01-20 10:33:21.304
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Rosta\Documents\Zálohy\Servisní flash\Service\SW inst\Systém, konfigurace a diagnostika\Unlocker\x86\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-01-20 10:30:08.478
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Rosta\Documents\Zálohy\Servisní flash\Service\SW inst\Systém, konfigurace a diagnostika\Unlocker\x86\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-01-20 10:30:08.431
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Rosta\Documents\Zálohy\Servisní flash\Service\SW inst\Systém, konfigurace a diagnostika\Unlocker\x86\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-14 18:56:40.651
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Rosta\Documents\Zálohy\Servisní flash\Service\SW inst\Systém, konfigurace a diagnostika\Unlocker\x86\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-14 18:56:40.604
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Rosta\Documents\Zálohy\Servisní flash\Service\SW inst\Systém, konfigurace a diagnostika\Unlocker\x86\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-14 18:55:10.088
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Rosta\Documents\Zálohy\Servisní flash\Service\SW inst\Systém, konfigurace a diagnostika\Unlocker\x86\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-14 18:55:10.041
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Rosta\Documents\Zálohy\Servisní flash\Service\SW inst\Systém, konfigurace a diagnostika\Unlocker\x86\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-14 18:55:03.495
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Rosta\Documents\Zálohy\Servisní flash\Service\SW inst\Systém, konfigurace a diagnostika\Unlocker\x86\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-14 18:55:03.433
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Rosta\Documents\Zálohy\Servisní flash\Service\SW inst\Systém, konfigurace a diagnostika\Unlocker\x86\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
Percentage of memory in use: 37%
Total physical RAM: 3983.8 MB
Available physical RAM: 2473.46 MB
Total Pagefile: 4687.8 MB
Available Pagefile: 3057.65 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: (Windows 8) (Fixed) (Total:223.05 GB) (Free:66.72 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: 597B244E)
Partition: GPT Partition Type.
==================== End Of Log ============================
Re: Prosím o kontrolu logu, rozesílaní nevyžádené pošty
- Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
- ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
- znovu spustte FRST a kliknete na Fix
- po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi
Kód: Vybrat vše
Start CloseProcesses: HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [] => [X] HKU\S-1-5-21-188182577-3083718651-2108276629-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd) HKU\S-1-5-21-188182577-3083718651-2108276629-1001\...\MountPoints2: {a26ddc0e-83bd-11e4-82ed-24fd521f9bc1} - "F:\SISetup.exe" HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File FF Extension: QuickStores-Toolbar - C:\Program Files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de [2015-01-12] 2015-04-16 09:33 - 2015-04-16 09:34 - 00029696 _____ () C:\Users\Rosta\AppData\Local\MSGBOX.EXE 2015-04-15 09:00 - 2015-04-15 09:00 - 01222144 _____ () C:\Users\Rosta\Desktop\RSITx64.exe 2015-04-15 09:00 - 2015-04-15 09:00 - 00000000 ____D () C:\rsit 2015-04-15 09:00 - 2015-04-15 09:00 - 00000000 ____D () C:\Program Files\trend micro 2015-04-15 07:48 - 2015-04-15 07:50 - 00000000 ____D () C:\AdwCleaner 2015-04-15 19:35 - 2015-04-15 19:35 - 00388608 _____ (Trend Micro Inc.) C:\Users\Rosta\Desktop\hijackthis.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe End
- Ulozte na plochu OTM - http://oldtimer.geekstogo.com/OTM.exe
- ukoncete vsechny programy
- kliknete pravym na ikonu OTM.exe a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
- obsah bileho pole zkopirujte do leveho okna OTM a kliknete na MoveIt!
- po restartu vlozte log, ktery bude v C:\_OTM\MovedFiles\mmddyyyy_hhmmss.log
Kód: Vybrat vše
:commands [Purity] [EmptyTemp] [EmptyFlash] [EmptyJava] :files %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp /s
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o kontrolu logu, rozesílaní nevyžádené pošty
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 15-04-2015 04
Ran by Rosta at 2015-04-17 08:31:48 Run:1
Running from C:\Users\Rosta\Desktop
Loaded Profiles: Rosta (Available profiles: Rosta)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-188182577-3083718651-2108276629-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-188182577-3083718651-2108276629-1001\...\MountPoints2: {a26ddc0e-83bd-11e4-82ed-24fd521f9bc1} - "F:\SISetup.exe"
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
FF Extension: QuickStores-Toolbar - C:\Program Files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de [2015-01-12]
2015-04-16 09:33 - 2015-04-16 09:34 - 00029696 _____ () C:\Users\Rosta\AppData\Local\MSGBOX.EXE
2015-04-15 09:00 - 2015-04-15 09:00 - 01222144 _____ () C:\Users\Rosta\Desktop\RSITx64.exe
2015-04-15 09:00 - 2015-04-15 09:00 - 00000000 ____D () C:\rsit
2015-04-15 09:00 - 2015-04-15 09:00 - 00000000 ____D () C:\Program Files\trend micro
2015-04-15 07:48 - 2015-04-15 07:50 - 00000000 ____D () C:\AdwCleaner
2015-04-15 19:35 - 2015-04-15 19:35 - 00388608 _____ (Trend Micro Inc.) C:\Users\Rosta\Desktop\hijackthis.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
End
*****************
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NvBackend => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKU\S-1-5-21-188182577-3083718651-2108276629-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value deleted successfully.
"HKU\S-1-5-21-188182577-3083718651-2108276629-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a26ddc0e-83bd-11e4-82ed-24fd521f9bc1}" => Key deleted successfully.
HKCR\CLSID\{a26ddc0e-83bd-11e4-82ed-24fd521f9bc1} => Key not found.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully.
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => Key not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9" => Key deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de => Moved successfully.
C:\Users\Rosta\AppData\Local\MSGBOX.EXE => Moved successfully.
"C:\Users\Rosta\Desktop\RSITx64.exe" => File/Directory not found.
C:\rsit => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\AdwCleaner => Moved successfully.
"C:\Users\Rosta\Desktop\hijackthis.exe" => File/Directory not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
The system needed a reboot.
==== End of Fixlog 08:31:48 ====
Ran by Rosta at 2015-04-17 08:31:48 Run:1
Running from C:\Users\Rosta\Desktop
Loaded Profiles: Rosta (Available profiles: Rosta)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-188182577-3083718651-2108276629-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-188182577-3083718651-2108276629-1001\...\MountPoints2: {a26ddc0e-83bd-11e4-82ed-24fd521f9bc1} - "F:\SISetup.exe"
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
FF Extension: QuickStores-Toolbar - C:\Program Files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de [2015-01-12]
2015-04-16 09:33 - 2015-04-16 09:34 - 00029696 _____ () C:\Users\Rosta\AppData\Local\MSGBOX.EXE
2015-04-15 09:00 - 2015-04-15 09:00 - 01222144 _____ () C:\Users\Rosta\Desktop\RSITx64.exe
2015-04-15 09:00 - 2015-04-15 09:00 - 00000000 ____D () C:\rsit
2015-04-15 09:00 - 2015-04-15 09:00 - 00000000 ____D () C:\Program Files\trend micro
2015-04-15 07:48 - 2015-04-15 07:50 - 00000000 ____D () C:\AdwCleaner
2015-04-15 19:35 - 2015-04-15 19:35 - 00388608 _____ (Trend Micro Inc.) C:\Users\Rosta\Desktop\hijackthis.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
End
*****************
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NvBackend => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKU\S-1-5-21-188182577-3083718651-2108276629-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value deleted successfully.
"HKU\S-1-5-21-188182577-3083718651-2108276629-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a26ddc0e-83bd-11e4-82ed-24fd521f9bc1}" => Key deleted successfully.
HKCR\CLSID\{a26ddc0e-83bd-11e4-82ed-24fd521f9bc1} => Key not found.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully.
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => Key not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9" => Key deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de => Moved successfully.
C:\Users\Rosta\AppData\Local\MSGBOX.EXE => Moved successfully.
"C:\Users\Rosta\Desktop\RSITx64.exe" => File/Directory not found.
C:\rsit => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\AdwCleaner => Moved successfully.
"C:\Users\Rosta\Desktop\hijackthis.exe" => File/Directory not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
The system needed a reboot.
==== End of Fixlog 08:31:48 ====
Re: Prosím o kontrolu logu, rozesílaní nevyžádené pošty
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
User: Rosta
->Temp folder emptied: 315506744 bytes
->Temporary Internet Files folder emptied: 395619525 bytes
->Java cache emptied: 2019623 bytes
->FireFox cache emptied: 6380863 bytes
->Flash cache emptied: 506 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 11524879 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 697,00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Public
User: Rosta
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
[EMPTYJAVA]
User: All Users
User: Default
User: Default User
User: Public
User: Rosta
->Java cache emptied: 0 bytes
Total Java Files Cleaned = 0,00 mb
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPBAF1.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP1484.tmp folder moved successfully.
C:\Windows\Inf\Intel Storage Counters\tmpEB07.tmp moved successfully.
C:\Windows\Inf\Intel Storage Counters\tmpEB17.tmp moved successfully.
C:\Windows\Inf\Intel Storage Counters\0000\tmpEB07.tmp moved successfully.
C:\Windows\Inf\Intel Storage Counters\0005\tmpEB07.tmp moved successfully.
C:\Windows\Inf\Intel Storage Counters\0009\tmpEB07.tmp moved successfully.
C:\Windows\Installer\MSI2152.tmp moved successfully.
C:\Windows\Installer\MSI220F.tmp moved successfully.
C:\Windows\Installer\MSI2240.tmp moved successfully.
C:\Windows\Installer\MSI235C.tmp moved successfully.
C:\Windows\Installer\MSI23DA.tmp moved successfully.
C:\Windows\Installer\MSI2477.tmp moved successfully.
C:\Windows\Installer\MSI728E.tmp moved successfully.
C:\Windows\Installer\MSI733B.tmp moved successfully.
C:\Windows\Installer\MSI73C8.tmp moved successfully.
C:\Windows\Installer\MSI8F2B.tmp moved successfully.
C:\Windows\Installer\MSI8FD8.tmp moved successfully.
C:\Windows\Installer\MSI9066.tmp moved successfully.
C:\Windows\Installer\MSI97D1.tmp moved successfully.
C:\Windows\Installer\MSI9929.tmp moved successfully.
C:\Windows\Installer\MSI99D6.tmp moved successfully.
C:\Windows\Installer\MSI9A3B.tmp moved successfully.
C:\Windows\Installer\MSI9A54.tmp moved successfully.
C:\Windows\Installer\MSI9A61.tmp moved successfully.
C:\Windows\Installer\MSI9AD8.tmp moved successfully.
C:\Windows\Installer\MSI9B75.tmp moved successfully.
C:\Windows\Installer\MSI9BBC.tmp moved successfully.
C:\Windows\Installer\MSI9C69.tmp moved successfully.
C:\Windows\Installer\MSI9D06.tmp moved successfully.
C:\Windows\Installer\MSI9FC3.tmp moved successfully.
C:\Windows\Installer\MSIA246.tmp moved successfully.
C:\Windows\Installer\MSIA336.tmp moved successfully.
C:\Windows\Installer\MSIA570.tmp moved successfully.
C:\Windows\Installer\MSIA62D.tmp moved successfully.
C:\Windows\Installer\MSIA6CA.tmp moved successfully.
C:\Windows\Installer\MSIA983.tmp moved successfully.
C:\Windows\Installer\MSIB005.tmp moved successfully.
C:\Windows\Installer\MSIB2BC.tmp moved successfully.
C:\Windows\Installer\MSIB369.tmp moved successfully.
C:\Windows\Installer\MSIB3E7.tmp moved successfully.
C:\Windows\Installer\MSIB5C8.tmp moved successfully.
C:\Windows\Installer\MSIBECD.tmp moved successfully.
C:\Windows\Installer\MSIC1B3.tmp moved successfully.
C:\Windows\Installer\MSIC682.tmp moved successfully.
C:\Windows\Installer\MSIC73C.tmp moved successfully.
C:\Windows\Installer\MSICB20.tmp moved successfully.
C:\Windows\Installer\MSICB4.tmp moved successfully.
C:\Windows\Installer\MSICBDC.tmp moved successfully.
C:\Windows\Installer\MSICC5A.tmp moved successfully.
C:\Windows\Installer\MSICE95.tmp moved successfully.
C:\Windows\Installer\MSICF62.tmp moved successfully.
C:\Windows\Installer\MSID00E.tmp moved successfully.
C:\Windows\Installer\MSID608.tmp moved successfully.
C:\Windows\Installer\MSID70.tmp moved successfully.
C:\Windows\Installer\MSIDE99.tmp moved successfully.
C:\Windows\Installer\MSIDF33.tmp moved successfully.
C:\Windows\Installer\MSIDF37.tmp moved successfully.
C:\Windows\Installer\MSIE0E.tmp moved successfully.
C:\Windows\Installer\MSIE22D.tmp moved successfully.
C:\Windows\Installer\MSIE359.tmp moved successfully.
C:\Windows\Installer\MSIE3E6.tmp moved successfully.
C:\Windows\Installer\MSIE46.tmp moved successfully.
C:\Windows\Installer\MSIE483.tmp moved successfully.
C:\Windows\Installer\MSIF0CE.tmp moved successfully.
C:\Windows\Installer\MSIF17B.tmp moved successfully.
C:\Windows\Installer\MSIF209.tmp moved successfully.
C:\Windows\Installer\MSIFC82.tmp moved successfully.
C:\Windows\Panther\_s_230.tmp moved successfully.
C:\Windows\Panther\_s_FE17.tmp moved successfully.
OTM by OldTimer - Version 3.1.21.0 log created on 04172015_083550
Files moved on Reboot...
File C:\Users\Rosta\AppData\Local\Microsoft\Windows\INetCache\Low\IE\Z08WQKLC\httpErrorPagesScripts[1] not found!
File C:\Users\Rosta\AppData\Local\Microsoft\Windows\INetCache\Low\IE\Z08WQKLC\loading[1].gif not found!
File C:\Users\Rosta\AppData\Local\Microsoft\Windows\INetCache\Low\IE\Z08WQKLC\partner[1].gif not found!
File C:\Users\Rosta\AppData\Local\Microsoft\Windows\INetCache\Low\IE\Z08WQKLC\posting[1].htm not found!
File move failed. C:\Users\Rosta\AppData\Local\Microsoft\Windows\INetCache\counters.dat scheduled to be moved on reboot.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
User: Rosta
->Temp folder emptied: 315506744 bytes
->Temporary Internet Files folder emptied: 395619525 bytes
->Java cache emptied: 2019623 bytes
->FireFox cache emptied: 6380863 bytes
->Flash cache emptied: 506 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 11524879 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 697,00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Public
User: Rosta
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
[EMPTYJAVA]
User: All Users
User: Default
User: Default User
User: Public
User: Rosta
->Java cache emptied: 0 bytes
Total Java Files Cleaned = 0,00 mb
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPBAF1.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP1484.tmp folder moved successfully.
C:\Windows\Inf\Intel Storage Counters\tmpEB07.tmp moved successfully.
C:\Windows\Inf\Intel Storage Counters\tmpEB17.tmp moved successfully.
C:\Windows\Inf\Intel Storage Counters\0000\tmpEB07.tmp moved successfully.
C:\Windows\Inf\Intel Storage Counters\0005\tmpEB07.tmp moved successfully.
C:\Windows\Inf\Intel Storage Counters\0009\tmpEB07.tmp moved successfully.
C:\Windows\Installer\MSI2152.tmp moved successfully.
C:\Windows\Installer\MSI220F.tmp moved successfully.
C:\Windows\Installer\MSI2240.tmp moved successfully.
C:\Windows\Installer\MSI235C.tmp moved successfully.
C:\Windows\Installer\MSI23DA.tmp moved successfully.
C:\Windows\Installer\MSI2477.tmp moved successfully.
C:\Windows\Installer\MSI728E.tmp moved successfully.
C:\Windows\Installer\MSI733B.tmp moved successfully.
C:\Windows\Installer\MSI73C8.tmp moved successfully.
C:\Windows\Installer\MSI8F2B.tmp moved successfully.
C:\Windows\Installer\MSI8FD8.tmp moved successfully.
C:\Windows\Installer\MSI9066.tmp moved successfully.
C:\Windows\Installer\MSI97D1.tmp moved successfully.
C:\Windows\Installer\MSI9929.tmp moved successfully.
C:\Windows\Installer\MSI99D6.tmp moved successfully.
C:\Windows\Installer\MSI9A3B.tmp moved successfully.
C:\Windows\Installer\MSI9A54.tmp moved successfully.
C:\Windows\Installer\MSI9A61.tmp moved successfully.
C:\Windows\Installer\MSI9AD8.tmp moved successfully.
C:\Windows\Installer\MSI9B75.tmp moved successfully.
C:\Windows\Installer\MSI9BBC.tmp moved successfully.
C:\Windows\Installer\MSI9C69.tmp moved successfully.
C:\Windows\Installer\MSI9D06.tmp moved successfully.
C:\Windows\Installer\MSI9FC3.tmp moved successfully.
C:\Windows\Installer\MSIA246.tmp moved successfully.
C:\Windows\Installer\MSIA336.tmp moved successfully.
C:\Windows\Installer\MSIA570.tmp moved successfully.
C:\Windows\Installer\MSIA62D.tmp moved successfully.
C:\Windows\Installer\MSIA6CA.tmp moved successfully.
C:\Windows\Installer\MSIA983.tmp moved successfully.
C:\Windows\Installer\MSIB005.tmp moved successfully.
C:\Windows\Installer\MSIB2BC.tmp moved successfully.
C:\Windows\Installer\MSIB369.tmp moved successfully.
C:\Windows\Installer\MSIB3E7.tmp moved successfully.
C:\Windows\Installer\MSIB5C8.tmp moved successfully.
C:\Windows\Installer\MSIBECD.tmp moved successfully.
C:\Windows\Installer\MSIC1B3.tmp moved successfully.
C:\Windows\Installer\MSIC682.tmp moved successfully.
C:\Windows\Installer\MSIC73C.tmp moved successfully.
C:\Windows\Installer\MSICB20.tmp moved successfully.
C:\Windows\Installer\MSICB4.tmp moved successfully.
C:\Windows\Installer\MSICBDC.tmp moved successfully.
C:\Windows\Installer\MSICC5A.tmp moved successfully.
C:\Windows\Installer\MSICE95.tmp moved successfully.
C:\Windows\Installer\MSICF62.tmp moved successfully.
C:\Windows\Installer\MSID00E.tmp moved successfully.
C:\Windows\Installer\MSID608.tmp moved successfully.
C:\Windows\Installer\MSID70.tmp moved successfully.
C:\Windows\Installer\MSIDE99.tmp moved successfully.
C:\Windows\Installer\MSIDF33.tmp moved successfully.
C:\Windows\Installer\MSIDF37.tmp moved successfully.
C:\Windows\Installer\MSIE0E.tmp moved successfully.
C:\Windows\Installer\MSIE22D.tmp moved successfully.
C:\Windows\Installer\MSIE359.tmp moved successfully.
C:\Windows\Installer\MSIE3E6.tmp moved successfully.
C:\Windows\Installer\MSIE46.tmp moved successfully.
C:\Windows\Installer\MSIE483.tmp moved successfully.
C:\Windows\Installer\MSIF0CE.tmp moved successfully.
C:\Windows\Installer\MSIF17B.tmp moved successfully.
C:\Windows\Installer\MSIF209.tmp moved successfully.
C:\Windows\Installer\MSIFC82.tmp moved successfully.
C:\Windows\Panther\_s_230.tmp moved successfully.
C:\Windows\Panther\_s_FE17.tmp moved successfully.
OTM by OldTimer - Version 3.1.21.0 log created on 04172015_083550
Files moved on Reboot...
File C:\Users\Rosta\AppData\Local\Microsoft\Windows\INetCache\Low\IE\Z08WQKLC\httpErrorPagesScripts[1] not found!
File C:\Users\Rosta\AppData\Local\Microsoft\Windows\INetCache\Low\IE\Z08WQKLC\loading[1].gif not found!
File C:\Users\Rosta\AppData\Local\Microsoft\Windows\INetCache\Low\IE\Z08WQKLC\partner[1].gif not found!
File C:\Users\Rosta\AppData\Local\Microsoft\Windows\INetCache\Low\IE\Z08WQKLC\posting[1].htm not found!
File move failed. C:\Users\Rosta\AppData\Local\Microsoft\Windows\INetCache\counters.dat scheduled to be moved on reboot.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
Re: Prosím o kontrolu logu, rozesílaní nevyžádené pošty
Vyborne, stale rozesilate nevyzadanou postu? Jedna se o pracovni PC?
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o kontrolu logu, rozesílaní nevyžádené pošty
Momentálně již ne. Bylo v logu něco podezřelého co by to mohlo způsobovat? Ano jedná se o pracovní stanici.
Re: Prosím o kontrolu logu, rozesílaní nevyžádené pošty
Zadna aktivni havet videt nebyla. Pro priste Vas poprosim, abyste pracovni stanice resil formou sluzby placene vzdalene pomoci napr. http://neslape.cz/
My jsme zde zdarma a ve svem volnem case resime praci nekoho jineho, ktery za ni navic dostane zaplaceno vizte pravidla fora c. 6 http://forum.viry.cz/viewtopic.php?f=12&t=5601 Dekuji za pochopeni.
Takze jeste uklidime.
My jsme zde zdarma a ve svem volnem case resime praci nekoho jineho, ktery za ni navic dostane zaplaceno vizte pravidla fora c. 6 http://forum.viry.cz/viewtopic.php?f=12&t=5601 Dekuji za pochopeni.
Takze jeste uklidime.
- Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
- Oznacte jen moznost "Remove disinfection tools"
- kliknete na Run
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o kontrolu logu, rozesílaní nevyžádené pošty
Budu to mít na paměti a díky
Re: Prosím o kontrolu logu, rozesílaní nevyžádené pošty
Nemate zac, rad jsem pomohl 
Mejte se krasne a treba zase nekdy
Mejte se krasne a treba zase nekdy
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Přispějete na provoz fóra?