Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-04-2015 01
Ran by Marketa (administrator) on MARKETA-PC on 20-04-2015 09:15:07
Running from C:\Users\Marketa\Desktop
Loaded Profiles: Marketa (Available profiles: Marketa)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\AtService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ActivIdentity) C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acevents.exe
(Roman Svihalek, ActivityMon Software) C:\Program Files\ActivityMon Software\ActivityMon\svchost.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(CobianSoft, Luis Cobian) C:\Program Files\Cobian Backup 11\cbVSCService11.exe
(Luis Cobian, CobianSoft) C:\Program Files\Cobian Backup 11\cbService.exe
(Bioscrypt Inc.) C:\Program Files\Hewlett-Packard\IAM\Bin\asghost.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(MyHeritage) C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
(Gadwin Systems) C:\Program Files\Gadwin\Gadwin PrintScreenPro\PrintScreenPro32.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
() C:\Program Files\ActivityMon Software\ActivityMon\rundll32.exe
() C:\Program Files\ActivityMon Software\ActivityMon\actSessionUI32.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(BitTorrent, Inc.) C:\Program Files\uTorrent\uTorrent.exe
(Microsoft Corporation) C:\Windows\System32\calc.exe
() C:\Users\Marketa\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Opera Software) C:\Program Files\Opera\28.0.1750.51\opera.exe
(Opera Software) C:\Program Files\Opera\28.0.1750.51\opera.exe
(Opera Software) C:\Program Files\Opera\28.0.1750.51\opera.exe
(Opera Software) C:\Program Files\Opera\28.0.1750.51\opera.exe
(Opera Software) C:\Program Files\Opera\28.0.1750.51\opera.exe
(Opera Software) C:\Program Files\Opera\28.0.1750.51\opera.exe
(forum.viry.cz) C:\Users\Marketa\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-08-04] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-04-05] (Avast Software s.r.o.)
HKLM\...\Run: [Family Tree Builder Update] => C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe [2477056 2015-03-02] (MyHeritage)
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-730507215-887370363-3937766701-1001\...\Run: [ShowBatteryBar] => C:\Program Files\BatteryBar\ShowBatteryBar.exe [90624 2013-04-11] ()
HKU\S-1-5-21-730507215-887370363-3937766701-1001\...\Run: [Gadwin PrintScreen Pro (32-bit)] => C:\Program Files\Gadwin\Gadwin PrintScreenPro\PrintScreenPro32.exe [13005480 2014-02-04] (Gadwin Systems)
HKU\S-1-5-21-730507215-887370363-3937766701-1001\...\Run: [Google Update] => C:\Users\Marketa\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-07-21] (Google Inc.)
HKU\S-1-5-21-730507215-887370363-3937766701-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Marketa\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-730507215-887370363-3937766701-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Marketa\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [122200 2014-04-23] (Garmin Ltd or its subsidiaries)
AppInit_DLLs: C:\PROGRA~1\HEWLET~1\IAM\Bin\APSHook.dll => C:\Program Files\Hewlett-Packard\IAM\Bin\APSHook.dll [89872 2009-07-23] (Bioscrypt Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-04-05] (Avast Software s.r.o.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-730507215-887370363-3937766701-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-730507215-887370363-3937766701-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKU\S-1-5-21-730507215-887370363-3937766701-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-730507215-887370363-3937766701-1001 -> DefaultScope {D2CE35F4-86C2-4EFC-9FF5-5D9AC6BCD231} URL = http://search.seznam.cz/?q={searchTerms ... arch_16194
SearchScopes: HKU\S-1-5-21-730507215-887370363-3937766701-1001 -> {68BCF8E0-FCA9-4596-8D88-554E77BF4EA4} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKU\S-1-5-21-730507215-887370363-3937766701-1001 -> {716DBBC2-6A0E-48CE-8282-674A7D3EE4D6} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_16194
SearchScopes: HKU\S-1-5-21-730507215-887370363-3937766701-1001 -> {84F9041D-09EE-434B-B818-FA7682681207} URL = http://www.novinky.cz/hledej?w={searchT ... arch_16194
SearchScopes: HKU\S-1-5-21-730507215-887370363-3937766701-1001 -> {9831825A-7D4F-4615-831E-D9D39E91CCC3} URL = http://www.mapy.cz/?query={searchTerms} ... arch_16194
SearchScopes: HKU\S-1-5-21-730507215-887370363-3937766701-1001 -> {AB7D3AC4-2592-4A57-BCD4-008118D643EF} URL = http://encyklopedie.seznam.cz/search?q= ... arch_16194
SearchScopes: HKU\S-1-5-21-730507215-887370363-3937766701-1001 -> {D2CE35F4-86C2-4EFC-9FF5-5D9AC6BCD231} URL = http://search.seznam.cz/?q={searchTerms ... arch_16194
SearchScopes: HKU\S-1-5-21-730507215-887370363-3937766701-1001 -> {EEB2EF08-F644-43D6-8FD9-8804D0082A2E} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKU\S-1-5-21-730507215-887370363-3937766701-1001 -> {F1F217DC-07BF-4CDF-9FD5-4D15ECC8CA4D} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_16194
SearchScopes: HKU\S-1-5-21-730507215-887370363-3937766701-1001 -> {FD8C38E8-99EA-4C7D-9B2F-C79B7E4AF633} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO: PasswordBox Helper -> {5DB69B97-934B-451D-94DB-32EF802A01CD} -> C:\Program Files\PasswordBox\Application\pbbtn.dll [2014-01-24] (PasswordBox, Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-08-11] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-05] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-08-11] (Oracle Corporation)
BHO: Credential Manager for HP ProtectTools -> {DF21F1DB-80C6-11D3-9483-B03D0EC10000} -> C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll [2009-07-23] (Bioscrypt Inc.)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03] (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://javadl-esd.sun.com/update/1.7.0/ ... s-i586.cab
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 192.168.1.1
Tcpip\..\Interfaces\{080FA4BF-28B2-4E7A-A306-E06364A2E9F9}: [NameServer] 217.77.165.81 217.77.161.131
Tcpip\..\Interfaces\{58A95CB5-18F8-4B18-929F-C7A966324B11}: [NameServer] 217.77.165.81 217.77.161.131
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll [2014-07-09] ()
FF Plugin: @real.com/nppl3260;version=15.0.0.198 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2011-11-28] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.0.198 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll [2011-11-28] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.0.198 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2011-11-28] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.0.198 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2011-11-28] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=15.0.0.198 -> c:\program files\real\realplayer\Netscape6\nprpjplug.dll [2011-11-28] (RealNetworks, Inc.)
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2014-11-06] (RocketLife, LLP)
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.19 -> C:\Program Files\Veetle\plugins\npVeetle.dll [2012-01-14] (Veetle Inc)
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files\Veetle\Player\npvlc.dll [2012-01-14] (Veetle Inc)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-11-16] (VideoLAN)
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-04-03]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: No Name - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-09-14]
FF HKU\S-1-5-21-730507215-887370363-3937766701-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR Profile: C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Wallet) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-05]
Opera:
=======
OPR Extension: (YouTube Downloader) - C:\Users\Marketa\AppData\Roaming\Opera Software\Opera Stable\Extensions\kclijeogghhkmenkommbnjobhnndpfba [2014-11-21]
OPR Extension: (FastestTube - YouTube Video Downloader) - C:\Users\Marketa\AppData\Roaming\Opera Software\Opera Stable\Extensions\phahnhbgfdhgobenebnjbgmacgpbfaag [2014-11-21]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ac.sharedstore; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [207400 2009-06-03] (ActivIdentity)
R2 ActivityMon2; C:\Program Files\ActivityMon Software\ActivityMon\svchost.exe [80568 2012-10-18] (Roman Svihalek, ActivityMon Software)
R2 ASBroker; C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll [192784 2009-07-23] (Bioscrypt Inc.)
R2 ASChannel; C:\Program Files\Hewlett-Packard\IAM\Bin\AsChnl.dll [150288 2009-07-23] (Bioscrypt Inc.)
R2 ATService; C:\Program Files\Fingerprint Sensor\AtService.exe [1201400 2009-07-29] (AuthenTec, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-05] (Avast Software s.r.o.)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3205216 2015-04-05] (Avast Software)
R2 cbVSCService11; C:\Program Files\Cobian Backup 11\cbVSCService11.exe [67584 2012-12-05] (CobianSoft, Luis Cobian) [File not signed]
R2 CobianBackup11; C:\Program Files\Cobian Backup 11\cbService.exe [1131008 2012-12-05] (Luis Cobian, CobianSoft) [File not signed]
S2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [436056 2014-04-23] (Garmin Ltd or its subsidiaries)
R2 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [124928 2009-07-10] (Hewlett-Packard) [File not signed]
S3 HP ProtectTools Service; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [45056 2009-07-30] (Hewlett-Packard Development Company, L.P) [File not signed]
R2 HpFkCryptService; C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [256544 2009-07-29] (McAfee, Inc.)
S3 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]
R2 Net Driver HPZ12; C:\windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
S3 PasswordBox; C:\Program Files\PasswordBox\pbbtnService.exe [67584 2013-11-01] (PasswordBox, Inc.) [File not signed]
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [635416 2009-06-18] (PDF Complete Inc)
R2 Pml Driver HPZ12; C:\windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
S3 Správce výběru OS; C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe [2156952 2011-12-12] ()
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S2 yksvc; C:\windows\System32\yk62x86.dll [364544 2009-09-28] (Marvell)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 5U876UVC; C:\windows\System32\DRIVERS\5U876.sys [118656 2009-06-30] (Ricoh co.,Ltd.)
R2 aswHwid; C:\windows\system32\drivers\aswHwid.sys [24144 2015-04-05] ()
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [73440 2015-04-05] (Avast Software s.r.o.)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [81728 2015-04-05] (Avast Software s.r.o.)
R0 aswRvrt; C:\windows\system32\Drivers\aswRvrt.sys [49904 2015-04-05] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [788272 2015-04-05] (Avast Software s.r.o.)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [427736 2015-04-05] (Avast Software s.r.o.)
S2 aswStm; C:\windows\system32\drivers\aswStm.sys [106912 2015-04-05] (Avast Software s.r.o.)
R0 aswVmm; C:\windows\system32\Drivers\aswVmm.sys [208024 2015-04-05] ()
R1 dtsoftbus01; C:\windows\System32\DRIVERS\dtsoftbus01.sys [232512 2011-10-07] (DT Soft Ltd)
S3 FsUsbExDisk; C:\windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] () [File not signed]
S3 grmnusb; C:\windows\System32\drivers\grmnusb.sys [15720 2012-04-18] (GARMIN Corp.)
S3 huawei_cdcacm; C:\windows\System32\DRIVERS\ew_jucdcacm.sys [89856 2011-07-12] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\windows\System32\DRIVERS\ew_juextctrl.sys [26624 2011-07-12] (Huawei Technologies Co., Ltd.)
S3 huawei_wwanecm; C:\windows\System32\DRIVERS\ew_juwwanecm.sys [182272 2011-07-12] (Huawei Technologies Co., Ltd.)
S3 MfeAVFK; C:\windows\System32\drivers\MfeAVFK.sys [79816 2009-05-16] (McAfee, Inc.)
S3 MfeBOPK; C:\windows\System32\drivers\MfeBOPK.sys [35272 2009-05-16] (McAfee, Inc.)
R1 mfehidk; C:\windows\System32\drivers\mfehidk.sys [214024 2009-05-16] (McAfee, Inc.)
S3 MfeRKDK; C:\windows\System32\drivers\MfeRKDK.sys [34248 2009-05-16] (McAfee, Inc.)
R1 mfetdik; C:\windows\System32\drivers\mfetdik.sys [55336 2009-05-16] (McAfee, Inc.)
S3 NETw1v32; C:\windows\System32\DRIVERS\NETw1v32.sys [5958656 2009-07-21] (Intel Corporation)
R2 npf; C:\windows\System32\drivers\npf.sys [50704 2010-01-27] (CACE Technologies, Inc.)
R1 RsvLock; C:\windows\system32\Drivers\RsvLock.sys [12528 2009-07-29] (SafeBoot International)
R0 SafeBoot; C:\windows\system32\Drivers\SafeBoot.sys [109216 2009-07-29] () [File not signed]
R0 SbAlg; C:\windows\system32\Drivers\SbAlg.sys [51408 2009-07-29] (SafeBoot N.V.)
R0 SbFsLock; C:\windows\system32\Drivers\SbFsLock.sys [12960 2009-07-29] (SafeBoot International)
R0 sptd; C:\windows\System32\Drivers\sptd.sys [436792 2012-06-05] () [File not signed]
S3 ss_bbus; C:\windows\System32\DRIVERS\ss_bbus.sys [98432 2010-04-27] (MCCI)
S3 ss_bmdfl; C:\windows\System32\DRIVERS\ss_bmdfl.sys [14848 2010-04-27] (MCCI Corporation)
S3 ss_bmdm; C:\windows\System32\DRIVERS\ss_bmdm.sys [123648 2010-04-27] (MCCI Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220240 2015-04-05] (Avast Software)
R3 yukonw7; C:\windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
U5 AppMgmt; C:\windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Marketa\AppData\Local\Temp\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-20 09:15 - 2015-04-20 09:15 - 00020280 _____ () C:\Users\Marketa\Desktop\FRST.txt
2015-04-20 09:13 - 2015-04-20 09:13 - 01137664 _____ (Farbar) C:\Users\Marketa\Desktop\FRST.exe
2015-04-20 09:13 - 2015-04-20 09:13 - 00112640 _____ (forum.viry.cz) C:\Users\Marketa\Desktop\FRSTLauncher.exe
2015-04-20 08:07 - 2015-04-20 08:07 - 00053000 _____ () C:\Users\Marketa\Downloads\Game.of.Thrones.S05E03.HDTV.x264-Xclusive.srt
2015-04-20 08:06 - 2015-04-20 08:06 - 00003408 _____ () C:\Users\Marketa\Desktop\DownloadManager.lnk
2015-04-20 08:06 - 2015-04-20 08:06 - 00002161 _____ () C:\Users\Default\Desktop\Google Chrome.lnk
2015-04-20 08:06 - 2015-04-20 08:06 - 00002161 _____ () C:\Users\Default User\Desktop\Google Chrome.lnk
2015-04-20 08:05 - 2015-04-20 08:05 - 00081867 _____ () C:\Users\Marketa\Downloads\[kickass.to]game.of.thrones.s05e01.720p.hdtv.x264.immerse.rarbg.torrent
2015-04-20 08:05 - 2015-04-20 08:05 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\Seznam.cz
2015-04-20 08:05 - 2015-04-20 08:05 - 00000000 ____D () C:\Program Files\Seznam.cz
2015-04-20 08:04 - 2015-04-20 08:04 - 01584656 _____ (Dummy, Ltd.) C:\Users\Marketa\Downloads\game.of.thrones.s05e01.720p.hdtv.x264.immerse_10924_i918887_il345.exe
2015-04-20 08:03 - 2015-04-20 08:03 - 00048110 _____ () C:\Users\Marketa\Downloads\Game.of.Thrones.S05E01.720p.HDTV.x264-IMMERSE.srt
2015-04-20 08:02 - 2015-04-20 08:58 - 00000000 ____D () C:\Users\Marketa\Downloads\Game.of.Thrones.S05E02.INTERNAL.720p.HDTV.x264-KILLERS[rarbg]
2015-04-20 08:01 - 2015-04-20 08:02 - 00122096 _____ () C:\Users\Marketa\Downloads\[kickass.to]game.of.thrones.s05e02.internal.720p.hdtv.x264.killers.rarbg.torrent
2015-04-20 08:01 - 2015-04-20 08:01 - 00050042 _____ () C:\Users\Marketa\Downloads\Game.of.Thrones.S05E02.INTERNAL.720p.HDTV.x264-KILLERS.srt
2015-04-20 08:00 - 2015-04-20 08:00 - 00015021 _____ () C:\Users\Marketa\Downloads\[kickass.hid.im]alkaloid.the.malkuth.grimoire.2015.ak.torrent
2015-04-20 08:00 - 2015-04-20 08:00 - 00000000 ____D () C:\Users\Marketa\Downloads\Alkaloid - The Malkuth Grimoire (2015)
2015-04-20 07:26 - 2015-04-20 07:33 - 120278260 _____ () C:\Users\Marketa\Downloads\Heaving-Earth-(CZE)---Denouncing-the-Holy-Throne-(2015)-320.rar
2015-04-20 07:16 - 2015-04-20 07:21 - 97065064 _____ () C:\Users\Marketa\Downloads\Psycroptic---Psycroptic-(2015).rar
2015-04-20 07:07 - 2015-04-20 07:09 - 00000000 ____D () C:\Users\Marketa\Downloads\Skyforger - Senprūsija (2015)
2015-04-20 07:07 - 2015-04-20 07:07 - 00019393 _____ () C:\Users\Marketa\Downloads\[Request].Sigh.-.Graveward.(2015).torrent
2015-04-20 07:07 - 2015-04-20 07:07 - 00015577 _____ () C:\Users\Marketa\Downloads\Faith.No.More.-.Sol.Invictus.(2015).torrent
2015-04-20 07:07 - 2015-04-20 07:07 - 00011746 _____ () C:\Users\Marketa\Downloads\Skyforger.-.Senprusija.(2015).torrent
2015-04-20 07:07 - 2015-04-20 07:07 - 00000000 ____D () C:\Users\Marketa\Downloads\Sigh - Graveward (2015)
2015-04-20 07:07 - 2015-04-20 07:07 - 00000000 ____D () C:\Users\Marketa\Downloads\Faith No More - Sol Invictus (2015)
2015-04-20 06:46 - 2015-04-20 06:46 - 00000000 ____D () C:\windows\LastGood
2015-04-19 18:17 - 2015-04-19 18:18 - 00000000 ____D () C:\Users\Marketa\Desktop\Adršpach 17.-19.4.2015
2015-04-16 15:43 - 2015-04-16 15:44 - 00000000 ____D () C:\Users\Marketa\Desktop\nove foto
2015-04-16 13:10 - 2015-04-20 08:46 - 00000000 ____D () C:\Users\Marketa\Desktop\RQMONEY
2015-04-15 16:12 - 2015-04-15 16:12 - 00000000 ____D () C:\Users\Marketa\Downloads\Resonance - Dunumba Negro Spirituals & African Rhythms
2015-04-15 14:29 - 2015-04-15 14:29 - 00018720 _____ () C:\Users\Marketa\Downloads\[CzT]Resonance_Dunumba_Negro_Spirituals_African_Rhythms.torrent
2015-04-15 14:27 - 2015-04-15 14:27 - 00013548 _____ () C:\Users\Marketa\Downloads\[CzT]Drumsound_Bassline_Smith_Wall_of_Sound_2013_.torrent
2015-04-15 12:34 - 2015-04-16 06:09 - 00000000 ____D () C:\Users\Marketa\Desktop\Poznávání nástrojů
2015-04-15 05:56 - 2015-04-15 05:56 - 00000000 ___RD () C:\Program Files\Skype
2015-04-15 05:56 - 2015-04-15 05:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-04-15 05:56 - 2015-04-15 05:56 - 00000000 ____D () C:\Program Files\Common Files\Skype
2015-04-15 05:49 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-04-15 05:49 - 2015-03-23 05:06 - 00860160 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-04-15 05:49 - 2015-03-23 05:06 - 00630784 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-04-15 05:49 - 2015-03-23 05:06 - 00576000 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-04-15 05:49 - 2015-03-23 05:06 - 00331264 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-04-15 05:49 - 2015-03-23 05:06 - 00202752 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-04-15 05:49 - 2015-03-23 05:06 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-04-15 05:49 - 2015-03-23 05:06 - 00026112 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-04-15 05:49 - 2015-03-23 04:59 - 00896000 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-04-15 05:49 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2015-04-15 05:49 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-04-15 05:49 - 2015-03-17 07:01 - 00137656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-04-15 05:49 - 2015-03-17 07:01 - 00067512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-04-15 05:49 - 2015-03-17 06:59 - 01306112 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-04-15 05:49 - 2015-03-17 06:57 - 01061376 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-04-15 05:49 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-04-15 05:49 - 2015-03-17 06:57 - 00400896 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-04-15 05:49 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-04-15 05:49 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-04-15 05:49 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-04-15 05:49 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-04-15 05:49 - 2015-03-17 06:57 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-04-15 05:49 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-04-15 05:49 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-04-15 05:49 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-04-15 05:49 - 2015-03-17 06:57 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-04-15 05:49 - 2015-03-17 06:56 - 00262656 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-04-15 05:49 - 2015-03-17 06:56 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-04-15 05:49 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-04-15 05:49 - 2015-03-17 06:56 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-04-15 05:49 - 2015-03-17 06:56 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-04-15 05:49 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-04-15 05:49 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-04-15 05:49 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-04-15 05:49 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-04-15 05:49 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-04-15 05:49 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-04-15 05:49 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-04-15 05:49 - 2015-03-13 05:42 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-04-15 05:49 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-04-15 05:49 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-04-15 05:49 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-04-15 05:49 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-04-15 05:49 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-04-15 05:49 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-04-15 05:49 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-04-15 05:49 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-04-15 05:49 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-04-15 05:49 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-04-15 05:49 - 2015-03-13 05:16 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-04-15 05:49 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-04-15 05:49 - 2015-03-13 05:09 - 00667648 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-04-15 05:49 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-04-15 05:49 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 05:49 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-04-15 05:49 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-04-15 05:49 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-04-15 05:49 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-04-15 05:49 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-04-15 05:49 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-04-15 05:49 - 2015-03-13 04:43 - 00685568 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-04-15 05:49 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-04-15 05:49 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-04-15 05:49 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-04-15 05:49 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-04-15 05:49 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-04-15 05:49 - 2015-03-04 06:16 - 00249784 _____ (Microsoft Corporation) C:\windows\system32\clfs.sys
2015-04-15 05:49 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\windows\system32\clfsw32.dll
2015-04-15 05:48 - 2015-03-05 06:06 - 00305152 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-04-15 05:43 - 2015-03-25 05:00 - 03088384 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-04-15 05:43 - 2015-03-25 05:00 - 02020864 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-04-15 05:43 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-04-15 05:43 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-04-15 05:43 - 2015-03-25 05:00 - 00131584 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-04-15 05:43 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-04-15 05:43 - 2015-03-25 05:00 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-04-15 05:43 - 2015-03-25 05:00 - 00035328 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-04-15 05:43 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-04-15 05:43 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-04-15 05:43 - 2015-03-25 05:00 - 00011776 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-04-15 05:43 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-04-15 05:43 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2015-04-15 05:43 - 2015-02-25 05:03 - 00514560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2015-04-14 12:16 - 2015-04-15 15:14 - 00000000 ____D () C:\Users\Marketa\Desktop\Hudební nástroje
2015-04-14 05:14 - 2015-04-14 05:23 - 66195381 _____ () C:\Users\Marketa\Desktop\zasilka-EL5UT9G2ID2T854V.zip
2015-04-13 12:56 - 2015-04-13 13:02 - 00000000 ____D () C:\Users\Marketa\Downloads\Game.of.Thrones.S05E01.720p.HDTV.x264-IMMERSE[rarbg]
2015-04-13 12:53 - 2015-04-13 12:53 - 00045174 _____ () C:\Users\Marketa\Downloads\Game.of.Thrones.S05E01.HDTV.x264-Xclusive.srt
2015-04-11 23:00 - 2015-04-11 23:06 - 113396496 _____ () C:\Users\Marketa\Downloads\Sarpanitum---Blessed-Be-My-Brothers-(2015).rar
2015-04-08 00:09 - 2015-04-08 00:10 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\MyHeritage
2015-04-08 00:09 - 2015-04-08 00:10 - 00000000 ____D () C:\ProgramData\MyHeritage
2015-04-08 00:09 - 2015-04-08 00:09 - 00000000 ____D () C:\Users\Marketa\Documents\MyHeritage
2015-04-08 00:08 - 2015-04-08 00:08 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\The Complete Genealogy Reporter - FTB
2015-04-08 00:08 - 2015-04-08 00:08 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyHeritage.com
2015-04-08 00:08 - 2015-04-08 00:08 - 00000000 ____D () C:\Program Files\MyHeritage
2015-04-08 00:08 - 2012-08-02 08:56 - 00606208 _____ (Lorenzi Davide) C:\windows\system32\HexUniRTFBox.ocx
2015-04-08 00:08 - 2010-06-17 19:49 - 02029056 _____ (Bytescout) C:\windows\system32\PDFDocScout.DLL
2015-04-08 00:08 - 2004-12-07 11:11 - 00258352 _____ (Microsoft Corporation) C:\windows\system32\unicows.dll
2015-04-08 00:08 - 2003-07-06 14:07 - 00372736 _____ (Intel Corporation) C:\windows\system32\ijl15.dll
2015-04-08 00:08 - 2002-03-07 01:19 - 00454656 _____ () C:\windows\system32\PaintX.dll
2015-04-08 00:08 - 1998-06-24 01:00 - 00137000 _____ (Microsoft Corporation) C:\windows\system32\msmapi32.ocx
2015-04-07 23:58 - 2015-04-08 00:04 - 36843992 _____ () C:\Users\Marketa\Downloads\family_tree_builder_7143.exe
2015-04-05 08:11 - 2015-04-05 08:11 - 00000000 ___SD () C:\windows\system32\GWX
2015-04-05 06:15 - 2015-04-05 06:14 - 00291312 _____ (Avast Software s.r.o.) C:\windows\system32\aswBoot.exe
2015-04-05 06:14 - 2015-04-05 06:14 - 00043112 _____ (Avast Software s.r.o.) C:\windows\avastSS.scr
2015-03-31 03:46 - 2015-03-31 03:50 - 00000000 ____D () C:\Users\Marketa\Downloads\MTP S02
2015-03-31 03:44 - 2015-03-31 03:46 - 00000000 ____D () C:\Users\Marketa\Downloads\MTP S01
2015-03-30 21:25 - 2015-03-30 23:36 - 00000000 ____D () C:\Users\Marketa\Downloads\FARGO Season 1 COMPLETE 720p
2015-03-30 21:23 - 2015-03-31 01:34 - 545263066 _____ () C:\Users\Marketa\Downloads\Fargo.1996.720p.BluRay.x264-SiNNERS.mkv
2015-03-30 21:17 - 2015-04-11 23:03 - 00000000 ____D () C:\Users\Marketa\Downloads\TRUE DETECTIVE S01
2015-03-30 14:11 - 2015-03-30 23:19 - 1644912472 _____ () C:\Users\Marketa\Downloads\Seventh.Son.2015.HDRip.XViD+CZ-tit.Super-Fantasy.avi
2015-03-28 18:00 - 2015-03-28 18:00 - 00000000 ____D () C:\Users\Marketa\Downloads\Andrzej Sapkowski-Zaklinac I.Posledni prani (CZ)(2013)
2015-03-24 09:21 - 2015-03-24 10:32 - 00000000 ____D () C:\Users\Marketa\Downloads\PORCUPINE TREE
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-20 09:16 - 2013-01-28 23:49 - 00000000 ____D () C:\ProgramData\ActivityMon
2015-04-20 09:15 - 2014-11-26 23:04 - 00000000 ____D () C:\FRST
2015-04-20 09:14 - 2013-07-26 21:31 - 01559025 _____ () C:\windows\WindowsUpdate.log
2015-04-20 09:10 - 2011-09-14 11:39 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\uTorrent
2015-04-20 09:07 - 2011-09-22 20:43 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\Winamp
2015-04-20 09:07 - 2011-09-14 11:35 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\Media Player Classic
2015-04-20 08:50 - 2015-02-06 14:45 - 00000970 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001UA.job
2015-04-20 08:48 - 2012-03-17 08:21 - 00000000 ____D () C:\windows\Minidump
2015-04-20 08:40 - 2015-02-05 19:35 - 00000940 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-20 08:30 - 2014-12-13 09:10 - 00000342 _____ () C:\windows\Tasks\HP Photo Creations Communicator.job
2015-04-20 06:51 - 2009-07-14 06:34 - 00022688 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-20 06:51 - 2009-07-14 06:34 - 00022688 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-20 06:50 - 2012-04-09 17:13 - 13531648 ___SH () C:\Users\Marketa\Desktop\Thumbs.db
2015-04-20 06:49 - 2009-07-14 04:04 - 00000513 _____ () C:\windows\win.ini
2015-04-20 06:47 - 2011-09-12 16:50 - 00000000 ____D () C:\Users\Marketa\AppData\Local\PDFC
2015-04-20 06:47 - 2009-07-14 06:52 - 00000000 ____D () C:\windows\twain_32
2015-04-20 06:40 - 2013-05-06 21:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-04-20 06:19 - 2015-02-05 19:35 - 00000936 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-20 06:19 - 2009-07-14 06:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-04-20 05:53 - 2009-09-20 09:17 - 00006432 _____ () C:\windows\system32\PerfStringBackup.INI
2015-04-16 19:47 - 2011-09-15 20:00 - 00000052 _____ () C:\windows\system32\DOErrors.log
2015-04-16 19:45 - 2011-09-20 13:54 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\HpUpdate
2015-04-16 18:44 - 2013-11-13 11:48 - 00000000 ____D () C:\Users\Marketa\Desktop\Tea foto
2015-04-16 14:28 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\Microsoft.NET
2015-04-16 13:50 - 2015-02-06 14:45 - 00000918 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001Core.job
2015-04-16 06:09 - 2014-08-11 12:01 - 00000000 ____D () C:\Users\Marketa\Desktop\MŠ Rybička
2015-04-16 05:56 - 2009-09-20 09:18 - 00000000 ____D () C:\ProgramData\PDFC
2015-04-15 18:00 - 2012-03-08 19:05 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\Audacity
2015-04-15 07:21 - 2013-09-13 19:59 - 00000000 ____D () C:\windows\rescache
2015-04-15 07:21 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\AppCompat
2015-04-15 06:31 - 2014-12-11 07:25 - 00000000 ____D () C:\windows\system32\appraiser
2015-04-15 06:31 - 2014-05-07 06:16 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-04-15 06:10 - 2009-09-20 09:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-15 06:09 - 2013-08-05 09:25 - 00000000 ____D () C:\windows\system32\MRT
2015-04-15 06:01 - 2011-09-16 06:32 - 125832184 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-04-15 05:56 - 2011-09-12 16:37 - 00000000 ____D () C:\ProgramData\Skype
2015-04-12 07:46 - 2013-12-14 11:03 - 00000000 ____D () C:\Users\Marketa\Desktop\Foto rodina
2015-04-12 07:38 - 2013-07-21 12:34 - 00000000 ____D () C:\Users\Marketa\Desktop\Foto vyvolat
2015-04-08 18:53 - 2014-06-25 05:28 - 00000000 ____D () C:\Users\Marketa\AppData\Local\Battle.net
2015-04-08 18:13 - 2014-06-25 05:28 - 00000000 ____D () C:\Program Files\Battle.net
2015-04-08 18:11 - 2014-06-25 05:29 - 00000000 ____D () C:\Program Files\Hearthstone
2015-04-08 17:56 - 2014-05-11 10:52 - 00000000 ____D () C:\Program Files\Opera
2015-04-05 12:49 - 2011-09-20 13:04 - 00000000 ____D () C:\Users\Marketa\Desktop\Noty
2015-04-05 12:19 - 2011-09-23 17:30 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\BatteryBar
2015-04-05 07:13 - 2013-12-30 17:32 - 00000746 _____ () C:\Users\Marketa\Desktop\The Brunette Juice Zdravý fingerfood )).website
2015-04-05 06:45 - 2014-05-06 05:00 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-04-05 06:16 - 2011-09-14 19:14 - 00000000 ____D () C:\Users\Marketa\AppData\Local\Adobe
2015-04-05 06:15 - 2014-04-25 20:17 - 00024144 _____ () C:\windows\system32\Drivers\aswHwid.sys
2015-04-05 06:15 - 2013-12-26 16:31 - 00106912 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswStm.sys
2015-04-05 06:15 - 2013-03-02 00:39 - 00208024 _____ () C:\windows\system32\Drivers\aswVmm.sys
2015-04-05 06:15 - 2013-03-02 00:39 - 00049904 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2015-04-05 06:15 - 2012-02-25 23:34 - 00081728 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswRdr2.sys
2015-04-05 06:15 - 2011-09-14 11:28 - 00427736 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswSP.sys
2015-04-05 06:15 - 2011-09-14 11:28 - 00073440 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswMonFlt.sys
2015-04-05 06:14 - 2011-09-14 11:28 - 00788272 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswSnx.sys
2015-04-05 06:11 - 2012-04-02 05:04 - 00778928 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2015-04-05 06:11 - 2011-09-26 20:32 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2015-03-30 14:44 - 2014-06-30 11:21 - 00114904 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-29 09:25 - 2009-07-14 06:53 - 00032580 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2015-03-28 22:30 - 2013-12-18 08:54 - 00000000 ____D () C:\Users\Marketa\Desktop\Montessori pomůcky
2015-03-28 08:24 - 2011-10-15 22:13 - 00000000 ____D () C:\Users\Marketa\Desktop\Sokol
2015-03-28 08:22 - 2015-02-15 19:58 - 00000000 ____D () C:\Users\Marketa\Desktop\Mentoring
==================== Files in the root of some directories =======
2007-02-16 15:17 - 2007-02-16 15:17 - 3792183 ____N (Cambridge University Press) C:\Program Files\face2face.exe
2006-01-26 18:48 - 2006-01-26 18:48 - 2673430 ____N () C:\Program Files\Resources.swf
2011-10-07 19:16 - 2010-01-26 11:11 - 0444283 ____N () C:\Program Files\Common Files\WinPcapNmap.exe
2012-01-15 13:56 - 2013-12-06 09:56 - 0000132 _____ () C:\Users\Marketa\AppData\Roaming\Adobe Formát BMP CS5 – předvolby
2013-10-27 10:10 - 2013-10-27 10:10 - 0000132 _____ () C:\Users\Marketa\AppData\Roaming\Filtr IIIExport Adobe CS5 – předvolby
2011-09-12 16:50 - 2011-09-12 16:50 - 0000000 _____ () C:\Users\Marketa\AppData\Local\AtStart.txt
2013-11-06 00:47 - 2014-11-12 16:31 - 0000058 _____ () C:\Users\Marketa\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2011-09-12 16:50 - 2011-09-12 16:50 - 0000000 _____ () C:\Users\Marketa\AppData\Local\DSwitch.txt
2011-09-12 16:50 - 2011-09-12 16:50 - 0000000 _____ () C:\Users\Marketa\AppData\Local\QSwitch.txt
2012-11-10 07:12 - 2012-11-10 07:12 - 0005124 _____ () C:\ProgramData\content.ie5
2011-07-12 14:02 - 2011-07-12 14:02 - 0232496 ____R () C:\ProgramData\DeviceManager.xml.rc4
2011-11-19 20:32 - 2011-11-19 20:32 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2009-09-20 09:39 - 2009-09-20 09:39 - 0000191 _____ () C:\ProgramData\HPWALog.txt
2011-09-20 13:46 - 2012-04-09 18:16 - 0017331 _____ () C:\ProgramData\hpzinstall.log
Some content of TEMP:
====================
C:\Users\Marketa\AppData\Local\Temp\ecacabfbdfbj.exe
C:\Users\Marketa\AppData\Local\Temp\game.of.thrones.s05e01.720p.hdtv.x264.immerse__10924_i1501510443_il18508.exe
C:\Users\Marketa\AppData\Local\Temp\setup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001Core.job => C:\Users\Marketa\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001UA.job => C:\Users\Marketa\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Marketa\Desktop" je 68499 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\accrdsub
"C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\acevents
"C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\actSessionUI32.exe
"C:\Program Files\ActivityMon Software\ActivityMon\actSessionUI32.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ANT Agent
c:\program files\garmin\ant agent\ant agent.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cobian Backup 11 interface
"C:\Program Files\Cobian Backup 11\cbInterface.exe" -service [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CognizanceTS
rundll32.exe C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarminExpressTrayApp
"C:\Program Files\Garmin\Express Tray\ExpressTray.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPADVISOR
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileBroadband
C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NCPluginUpdater
"C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PTHOSTTR
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files\QuickTime\QTTask.exe" -atboottime [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX
C:\Program Files\Analog Devices\SoundMAX\soundmax.exe /tray [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP
C:\Program Files\Analog Devices\Core\smax4pnp.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh
%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vidalia
"C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WirelessAssistant
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk
C:\PROGRA~1\WinZip\WZQKPICK.EXE [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Marketa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk
C:\Users\Marketa\AppData\Roaming\Dropbox\bin\Dropbox.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Marketa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^V��ezy obrazovky a spu�t�n� aplikace OneNote 2010.lnk
C:\PROGRA~1\MICROS~2\Office14\ONENOTEM.EXE
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000001
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu. Díky
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu. Díky
Zdravim 
Odinstalujte vse od McAfee, pak pouzijte jejich cistic http://download.mcafee.com/products/lic ... s/MCPR.exe
Velikost plochy by nemela presahovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku 
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Odinstalujte vse od McAfee, pak pouzijte jejich cistic http://download.mcafee.com/products/lic ... s/MCPR.execica18 píše:***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Marketa\Desktop" je 68499 MB.
Velikost plochy by nemela presahovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu. Díky
neco je spatne.....okna se mi sama deaktivuji, jako by se na neco stale system prepinal
# AdwCleaner v4.102 - Report created 26/11/2014 at 22:27:43
# Updated 23/11/2014 by Xplode
# Database : 2014-11-26.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Marketa - MARKETA-PC
# Running from : C:\Users\Marketa\Desktop\adwcleaner_4.102.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\ytd video downloader
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
Folder Deleted : C:\Program Files\Allin1Convert_8h
Folder Deleted : C:\Program Files\GreenTree Applications
Folder Deleted : C:\Users\Marketa\AppData\Local\Allin1Convert_8h
Folder Deleted : C:\Users\Marketa\AppData\LocalLow\Allin1Convert_8h
Folder Deleted : C:\Users\Marketa\AppData\LocalLow\HPAppData
Folder Deleted : C:\Users\Marketa\AppData\LocalLow\iac
Folder Deleted : C:\Users\Public\Conduit
Folder Deleted : C:\Users\Marketa\AppData\Roaming\Mozilla\Firefox\Profiles\0\Extensions\8hffxtbr@Allin1Convert_8h.com
Folder Deleted : C:\Users\Marketa\AppData\Roaming\Mozilla\Firefox\Profiles\0\Extensions\ascsurfingprotection@iobit.com
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.feedmanager
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.feedmanager.1
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.htmlmenu
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.htmlmenu.1
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.htmlpanel
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.htmlpanel.1
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.multiplebutton
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.multiplebutton.1
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.pseudotransparentplugin
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.pseudotransparentplugin.1
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.scriptbutton
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.scriptbutton.1
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.settingsplugin
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.settingsplugin.1
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.thirdpartyinstaller
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.thirdpartyinstaller.1
Key Deleted : HKLM\SOFTWARE\Classes\Allin1Convert_8h.ToolbarProtector
Key Deleted : HKLM\SOFTWARE\Classes\Allin1Convert_8h.ToolbarProtector.1
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@Allin1Convert_8h.com/Plugin
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{248B3E95-17A4-482D-A8A8-6B3DF4D05C35}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27F49273-DE3A-4111-90F9-6C474C37AEFB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{39D4F1A1-A94D-4B7D-BF1D-7446308800ED}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{443321F7-E46C-42F8-812B-F35E98CBB44F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7CAEFAFC-9A1E-4BCC-94DD-BC7D8D52717A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7EB7381C-FB01-47FC-9C42-ED64122C1B92}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{889F49D2-6CEA-40BE-BE5F-7217485F9745}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8F83D657-5993-4FFA-9AEE-DA0B20D828A7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE0F6787-9D1C-42B7-A0B9-EAC630F87902}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E4EF697F-434B-4DC7-A464-4412462206DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF3F28C8-0330-4D18-B901-D24CB83E5AA1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF5DB804-585B-472E-B415-BC63F8F01BF6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F2C368C5-9F44-4D43-89F3-A1CC87F1DA96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F99DDD9A-07D0-47AB-86F1-193533DD2C60}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0B79C149-3B19-40DE-92BF-1A3AD9C1DA9D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{229C56BB-A36A-4323-8C82-B136DF45697D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33E2B3CB-322E-4CBE-89F2-C06F5A35DB46}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{51080E66-F357-4F2A-9BFC-2456695883B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{537AD3CF-DE2B-4A1C-8279-C946B7E490D4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5BF7365D-25FF-40F3-8DEE-06ABEDF177CC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A10A1344-B533-4C9E-BE4E-4C5BC4953047}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA94BCE1-7E60-422D-9E7D-B853BC03FE78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BDCE611F-FDAA-4B10-A8E8-220A7897A69F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D0F1E414-1FAE-466C-B122-DE735B7BFF9D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E458510C-1DD5-4A05-8C4C-53BEF69C05E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5E58CDA9-3B21-4611-A859-26EE28950E61}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C5561B6-3DD2-46B5-83BE-EAE744366046}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2561FD25-FE31-4E56-A120-AF7FEAAE3124}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4BD0FCFF-AD64-4315-9F2C-960EF3C21623}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{507C73BB-FC69-425E-8A49-9204F886B328}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6EC57031-1740-4151-93C5-C465D6063DD2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{76FC1003-0825-48BD-B59B-3B7A5754972C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9D217B94-6FC9-44FE-94B1-30C711871266}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B48AC2CD-9662-47E0-A3C0-3B01BB3F463E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BE698E51-830B-447A-954D-901D6E05DDE2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BFCF748F-A56E-451F-AA45-0D7EB699E416}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D617CF84-B0BC-441F-9984-B676AFBA1E8D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A4C2FB10-84C3-44EB-9F9E-860FA1D9A797}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FBCBC43A-DCA9-4192-A4C8-B57FD0F77D4D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7CAEFAFC-9A1E-4BCC-94DD-BC7D8D52717A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C2FB10-84C3-44EB-9F9E-860FA1D9A797}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FBCBC43A-DCA9-4192-A4C8-B57FD0F77D4D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{27F49273-DE3A-4111-90F9-6C474C37AEFB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7CAEFAFC-9A1E-4BCC-94DD-BC7D8D52717A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7EB7381C-FB01-47FC-9C42-ED64122C1B92}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E4EF697F-434B-4DC7-A464-4412462206DB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F99DDD9A-07D0-47AB-86F1-193533DD2C60}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{248B3E95-17A4-482D-A8A8-6B3DF4D05C35}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E58CDA9-3B21-4611-A859-26EE28950E61}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C5561B6-3DD2-46B5-83BE-EAE744366046}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{88E44198-D164-4EC0-B2C0-F679D866C6DA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F671C1B3-9776-426D-A350-55FB2D9B53F7}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CD1A63BA-A08C-431B-9A34-F240AADC728D}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CD1A63BA-A08C-431B-9A34-F240AADC728D}]
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}
Key Deleted : HKCU\Software\allin1convert_8h
Key Deleted : HKCU\Software\AppDataLow\Software\allin1convert_8h
Key Deleted : HKLM\SOFTWARE\allin1convert_8h
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\allin1convert_8hbar uninstall firefox
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17420
-\\ Mozilla Firefox v
-\\ Google Chrome v39.0.2171.71
-\\ Opera v26.0.1656.24
*************************
AdwCleaner[R1].txt - [8702 octets] - [26/11/2014 22:23:13]
AdwCleaner[S1].txt - [8811 octets] - [26/11/2014 22:27:43]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [8871 octets] ##########
# AdwCleaner v4.201 - Log vytvořen 20/04/2015 v 12:27:40
# Aktualizováno 08/04/2015 by Xplode
# Databáze : 2015-04-19.4 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x86)
# Uživatelské jméno : Marketa - MARKETA-PC
# Spuštěno z : C:\Users\Marketa\Desktop\adwcleaner_4.201.exe
# Nastavení : Čištění
***** [ Služby ] *****
***** [ Soubory / Složky ] *****
Složka Smazáno : C:\Program Files\GreenTree Applications
Složka Smazáno : C:\Program Files\GotClip
Složka Smazáno : C:\Users\Marketa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GotClip
Složka Smazáno : C:\Users\Marketa\AppData\Roaming\Mozilla\Firefox\Profiles\0\Extensions\ascsurfingprotection@iobit.com
Soubor Smazáno : C:\Users\Public\Desktop\YTD Video Downloader.lnk
Soubor Smazáno : C:\windows\system32\drivers\sp_rsdrv2.sys
***** [ Naplánované úlohy ] *****
***** [ Zástupci ] *****
***** [ Registry ] *****
Klíč Smazáno : HKLM\SOFTWARE\Classes\allin1convert_8h.settingsplugin
Klíč Smazáno : HKLM\SOFTWARE\Classes\allin1convert_8h.settingsplugin.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{C43F0D7D-78F0-47B8-954C-8FB36960B785}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{5E58CDA9-3B21-4611-A859-26EE28950E61}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{6C5561B6-3DD2-46B5-83BE-EAE744366046}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{C43F0D7D-78F0-47B8-954C-8FB36960B785}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{76FC1003-0825-48BD-B59B-3B7A5754972C}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{B48AC2CD-9662-47E0-A3C0-3B01BB3F463E}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7CAEFAFC-9A1E-4BCC-94DD-BC7D8D52717A}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7CAEFAFC-9A1E-4BCC-94DD-BC7D8D52717A}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E58CDA9-3B21-4611-A859-26EE28950E61}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C5561B6-3DD2-46B5-83BE-EAE744366046}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{88E44198-D164-4EC0-B2C0-F679D866C6DA}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F671C1B3-9776-426D-A350-55FB2D9B53F7}
Klíč Smazáno : HKCU\Software\Local AppWizard-Generated Applications
Klíč Smazáno : HKU\.DEFAULT\Software\AVG SafeGuard toolbar
Data Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - local
***** [ Prohlížeče ] *****
-\\ Internet Explorer v11.0.9600.17728
-\\ Mozilla Firefox v
-\\ Google Chrome v42.0.2311.90
-\\ Opera v28.0.1750.51
*************************
AdwCleaner[R1].txt - [11887 bytů] - [26/11/2014 23:23:13]
AdwCleaner[S1].txt - [11976 bytů] - [26/11/2014 23:27:43]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [12035 bytů] ##########
# AdwCleaner v4.102 - Report created 26/11/2014 at 22:27:43
# Updated 23/11/2014 by Xplode
# Database : 2014-11-26.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Marketa - MARKETA-PC
# Running from : C:\Users\Marketa\Desktop\adwcleaner_4.102.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\ytd video downloader
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
Folder Deleted : C:\Program Files\Allin1Convert_8h
Folder Deleted : C:\Program Files\GreenTree Applications
Folder Deleted : C:\Users\Marketa\AppData\Local\Allin1Convert_8h
Folder Deleted : C:\Users\Marketa\AppData\LocalLow\Allin1Convert_8h
Folder Deleted : C:\Users\Marketa\AppData\LocalLow\HPAppData
Folder Deleted : C:\Users\Marketa\AppData\LocalLow\iac
Folder Deleted : C:\Users\Public\Conduit
Folder Deleted : C:\Users\Marketa\AppData\Roaming\Mozilla\Firefox\Profiles\0\Extensions\8hffxtbr@Allin1Convert_8h.com
Folder Deleted : C:\Users\Marketa\AppData\Roaming\Mozilla\Firefox\Profiles\0\Extensions\ascsurfingprotection@iobit.com
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.feedmanager
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.feedmanager.1
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.htmlmenu
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.htmlmenu.1
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.htmlpanel
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.htmlpanel.1
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.multiplebutton
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.multiplebutton.1
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.pseudotransparentplugin
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.pseudotransparentplugin.1
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.scriptbutton
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.scriptbutton.1
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.settingsplugin
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.settingsplugin.1
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.thirdpartyinstaller
Key Deleted : HKLM\SOFTWARE\Classes\allin1convert_8h.thirdpartyinstaller.1
Key Deleted : HKLM\SOFTWARE\Classes\Allin1Convert_8h.ToolbarProtector
Key Deleted : HKLM\SOFTWARE\Classes\Allin1Convert_8h.ToolbarProtector.1
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@Allin1Convert_8h.com/Plugin
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{248B3E95-17A4-482D-A8A8-6B3DF4D05C35}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27F49273-DE3A-4111-90F9-6C474C37AEFB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{39D4F1A1-A94D-4B7D-BF1D-7446308800ED}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{443321F7-E46C-42F8-812B-F35E98CBB44F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7CAEFAFC-9A1E-4BCC-94DD-BC7D8D52717A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7EB7381C-FB01-47FC-9C42-ED64122C1B92}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{889F49D2-6CEA-40BE-BE5F-7217485F9745}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8F83D657-5993-4FFA-9AEE-DA0B20D828A7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE0F6787-9D1C-42B7-A0B9-EAC630F87902}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E4EF697F-434B-4DC7-A464-4412462206DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF3F28C8-0330-4D18-B901-D24CB83E5AA1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF5DB804-585B-472E-B415-BC63F8F01BF6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F2C368C5-9F44-4D43-89F3-A1CC87F1DA96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F99DDD9A-07D0-47AB-86F1-193533DD2C60}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0B79C149-3B19-40DE-92BF-1A3AD9C1DA9D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{229C56BB-A36A-4323-8C82-B136DF45697D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33E2B3CB-322E-4CBE-89F2-C06F5A35DB46}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{51080E66-F357-4F2A-9BFC-2456695883B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{537AD3CF-DE2B-4A1C-8279-C946B7E490D4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5BF7365D-25FF-40F3-8DEE-06ABEDF177CC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A10A1344-B533-4C9E-BE4E-4C5BC4953047}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA94BCE1-7E60-422D-9E7D-B853BC03FE78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BDCE611F-FDAA-4B10-A8E8-220A7897A69F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D0F1E414-1FAE-466C-B122-DE735B7BFF9D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E458510C-1DD5-4A05-8C4C-53BEF69C05E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5E58CDA9-3B21-4611-A859-26EE28950E61}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C5561B6-3DD2-46B5-83BE-EAE744366046}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2561FD25-FE31-4E56-A120-AF7FEAAE3124}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4BD0FCFF-AD64-4315-9F2C-960EF3C21623}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{507C73BB-FC69-425E-8A49-9204F886B328}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6EC57031-1740-4151-93C5-C465D6063DD2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{76FC1003-0825-48BD-B59B-3B7A5754972C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9D217B94-6FC9-44FE-94B1-30C711871266}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B48AC2CD-9662-47E0-A3C0-3B01BB3F463E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BE698E51-830B-447A-954D-901D6E05DDE2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BFCF748F-A56E-451F-AA45-0D7EB699E416}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D617CF84-B0BC-441F-9984-B676AFBA1E8D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A4C2FB10-84C3-44EB-9F9E-860FA1D9A797}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FBCBC43A-DCA9-4192-A4C8-B57FD0F77D4D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7CAEFAFC-9A1E-4BCC-94DD-BC7D8D52717A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C2FB10-84C3-44EB-9F9E-860FA1D9A797}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FBCBC43A-DCA9-4192-A4C8-B57FD0F77D4D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{27F49273-DE3A-4111-90F9-6C474C37AEFB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7CAEFAFC-9A1E-4BCC-94DD-BC7D8D52717A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7EB7381C-FB01-47FC-9C42-ED64122C1B92}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E4EF697F-434B-4DC7-A464-4412462206DB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F99DDD9A-07D0-47AB-86F1-193533DD2C60}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{248B3E95-17A4-482D-A8A8-6B3DF4D05C35}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E58CDA9-3B21-4611-A859-26EE28950E61}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C5561B6-3DD2-46B5-83BE-EAE744366046}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{88E44198-D164-4EC0-B2C0-F679D866C6DA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F671C1B3-9776-426D-A350-55FB2D9B53F7}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CD1A63BA-A08C-431B-9A34-F240AADC728D}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CD1A63BA-A08C-431B-9A34-F240AADC728D}]
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}
Key Deleted : HKCU\Software\allin1convert_8h
Key Deleted : HKCU\Software\AppDataLow\Software\allin1convert_8h
Key Deleted : HKLM\SOFTWARE\allin1convert_8h
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\allin1convert_8hbar uninstall firefox
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17420
-\\ Mozilla Firefox v
-\\ Google Chrome v39.0.2171.71
-\\ Opera v26.0.1656.24
*************************
AdwCleaner[R1].txt - [8702 octets] - [26/11/2014 22:23:13]
AdwCleaner[S1].txt - [8811 octets] - [26/11/2014 22:27:43]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [8871 octets] ##########
# AdwCleaner v4.201 - Log vytvořen 20/04/2015 v 12:27:40
# Aktualizováno 08/04/2015 by Xplode
# Databáze : 2015-04-19.4 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x86)
# Uživatelské jméno : Marketa - MARKETA-PC
# Spuštěno z : C:\Users\Marketa\Desktop\adwcleaner_4.201.exe
# Nastavení : Čištění
***** [ Služby ] *****
***** [ Soubory / Složky ] *****
Složka Smazáno : C:\Program Files\GreenTree Applications
Složka Smazáno : C:\Program Files\GotClip
Složka Smazáno : C:\Users\Marketa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GotClip
Složka Smazáno : C:\Users\Marketa\AppData\Roaming\Mozilla\Firefox\Profiles\0\Extensions\ascsurfingprotection@iobit.com
Soubor Smazáno : C:\Users\Public\Desktop\YTD Video Downloader.lnk
Soubor Smazáno : C:\windows\system32\drivers\sp_rsdrv2.sys
***** [ Naplánované úlohy ] *****
***** [ Zástupci ] *****
***** [ Registry ] *****
Klíč Smazáno : HKLM\SOFTWARE\Classes\allin1convert_8h.settingsplugin
Klíč Smazáno : HKLM\SOFTWARE\Classes\allin1convert_8h.settingsplugin.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{C43F0D7D-78F0-47B8-954C-8FB36960B785}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{5E58CDA9-3B21-4611-A859-26EE28950E61}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{6C5561B6-3DD2-46B5-83BE-EAE744366046}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{C43F0D7D-78F0-47B8-954C-8FB36960B785}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{76FC1003-0825-48BD-B59B-3B7A5754972C}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{B48AC2CD-9662-47E0-A3C0-3B01BB3F463E}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7CAEFAFC-9A1E-4BCC-94DD-BC7D8D52717A}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7CAEFAFC-9A1E-4BCC-94DD-BC7D8D52717A}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E58CDA9-3B21-4611-A859-26EE28950E61}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C5561B6-3DD2-46B5-83BE-EAE744366046}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{88E44198-D164-4EC0-B2C0-F679D866C6DA}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F671C1B3-9776-426D-A350-55FB2D9B53F7}
Klíč Smazáno : HKCU\Software\Local AppWizard-Generated Applications
Klíč Smazáno : HKU\.DEFAULT\Software\AVG SafeGuard toolbar
Data Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - local
***** [ Prohlížeče ] *****
-\\ Internet Explorer v11.0.9600.17728
-\\ Mozilla Firefox v
-\\ Google Chrome v42.0.2311.90
-\\ Opera v28.0.1750.51
*************************
AdwCleaner[R1].txt - [11887 bytů] - [26/11/2014 23:23:13]
AdwCleaner[S1].txt - [11976 bytů] - [26/11/2014 23:27:43]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [12035 bytů] ##########
Re: Prosím o kontrolu. Díky
Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu. Díky
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 20.4.2015
Scan Time: 23:18:38
Logfile: log.txt
Administrator: Yes
Version: 2.00.4.1028
Malware Database: v2015.04.20.06
Rootkit Database: v2015.04.20.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: Marketa
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 341442
Time Elapsed: 19 min, 54 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 2
PUP.Optional.OutBrowse, C:\Users\Marketa\AppData\Local\Temp\setup.exe, , [0accd49a602a9f972baf1d2ccc3622de],
PUP.Optional.Amonetize, C:\Users\Marketa\Downloads\game.of.thrones.s05e01.720p.hdtv.x264.immerse_10924_i918887_il345.exe, , [ad298fdf0882de5805d9f243d62c8f71],
Physical Sectors: 0
(No malicious items detected)
(end)
www.malwarebytes.org
Scan Date: 20.4.2015
Scan Time: 23:18:38
Logfile: log.txt
Administrator: Yes
Version: 2.00.4.1028
Malware Database: v2015.04.20.06
Rootkit Database: v2015.04.20.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: Marketa
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 341442
Time Elapsed: 19 min, 54 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 2
PUP.Optional.OutBrowse, C:\Users\Marketa\AppData\Local\Temp\setup.exe, , [0accd49a602a9f972baf1d2ccc3622de],
PUP.Optional.Amonetize, C:\Users\Marketa\Downloads\game.of.thrones.s05e01.720p.hdtv.x264.immerse_10924_i918887_il345.exe, , [ad298fdf0882de5805d9f243d62c8f71],
Physical Sectors: 0
(No malicious items detected)
(end)
Re: Prosím o kontrolu. Díky
Test byl nastaven spatne. Nalezy nechte odstranit, po restartu pc udelejte novy sken, ale se spravnym nastavenim. Musite dat Custom scan, aby program prohledl cely pocitac.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu. Díky
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 21.4.2015
Scan Time: 8:18:06
Logfile: lof.txt
Administrator: Yes
Version: 2.00.4.1028
Malware Database: v2015.04.21.01
Rootkit Database: v2015.04.20.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: Marketa
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 1354856
Time Elapsed: 14 hr, 2 min, 45 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Deep Rootkit Scan: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 1
FraudTool.YAC, C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\old_Cache_000\f_000dc6, , [894b600e9af03ef83d7cbf85c73b6b95],
Physical Sectors: 0
(No malicious items detected)
(end)
www.malwarebytes.org
Scan Date: 21.4.2015
Scan Time: 8:18:06
Logfile: lof.txt
Administrator: Yes
Version: 2.00.4.1028
Malware Database: v2015.04.21.01
Rootkit Database: v2015.04.20.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: Marketa
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 1354856
Time Elapsed: 14 hr, 2 min, 45 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Deep Rootkit Scan: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 1
FraudTool.YAC, C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\old_Cache_000\f_000dc6, , [894b600e9af03ef83d7cbf85c73b6b95],
Physical Sectors: 0
(No malicious items detected)
(end)
Re: Prosím o kontrolu. Díky
Nalez nechte odstranit, pak muzete MBAM odinstalovat. Dejte nove logy z FRST Dejte i log z RSIT, navod zde http://forum.viry.cz/viewtopic.php?f=30&t=130787Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu. Díky
Logfile of random's system information tool 1.10 (written by random/random)
Run by Marketa at 2015-04-22 07:14:23
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 42 GB (9%) free of 459 GB
Total RAM: 3066 MB (47% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:14:38, on 22.4.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\windows\system32\taskhost.exe
C:\windows\Explorer.EXE
C:\Program Files\Hewlett-Packard\IAM\Bin\AsGHost.exe
C:\Program Files\ActivityMon Software\ActivityMon\rundll32.exe
C:\Program Files\ActivityMon Software\ActivityMon\actSessionUI32.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Gadwin\Gadwin PrintScreenPro\PrintScreenPro32.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Opera\28.0.1750.51\opera.exe
C:\Program Files\Opera\28.0.1750.51\opera.exe
C:\Program Files\Opera\28.0.1750.51\opera.exe
C:\Program Files\Opera\28.0.1750.51\opera.exe
C:\Program Files\Opera\28.0.1750.51\opera.exe
C:\Program Files\Opera\28.0.1750.51\opera.exe
C:\Program Files\Opera\28.0.1750.51\opera.exe
C:\Program Files\Opera\28.0.1750.51\opera.exe
C:\Program Files\Opera\28.0.1750.51\opera.exe
C:\Program Files\Opera\28.0.1750.51\opera.exe
C:\Program Files\Opera\28.0.1750.51\opera.exe
C:\windows\system32\SearchFilterHost.exe
C:\Users\Marketa\Desktop\RSIT.exe
C:\Program Files\trend micro\Marketa.exe
C:\windows\system32\DllHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: PasswordBox Helper - {5DB69B97-934B-451D-94DB-32EF802A01CD} - C:\Program Files\PasswordBox\Application\pbbtn.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKCU\..\Run: [ShowBatteryBar] "C:\Program Files\BatteryBar\ShowBatteryBar.exe" show
O4 - HKCU\..\Run: [Gadwin PrintScreen Pro (32-bit)] "C:\Program Files\Gadwin\Gadwin PrintScreenPro\PrintScreenPro32.exe" /nosplash
O4 - HKCU\..\Run: [Google Update] "C:\Users\Marketa\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 10.67.2) - http://javadl-esd.sun.com/update/1.7.0/ ... s-i586.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{080FA4BF-28B2-4E7A-A306-E06364A2E9F9}: NameServer = 217.77.165.81 217.77.161.131
O17 - HKLM\System\CCS\Services\Tcpip\..\{58A95CB5-18F8-4B18-929F-C7A966324B11}: NameServer = 217.77.165.81 217.77.161.131
O17 - HKLM\System\CS1\Services\Tcpip\..\{080FA4BF-28B2-4E7A-A306-E06364A2E9F9}: NameServer = 217.77.165.81 217.77.161.131
O17 - HKLM\System\CS2\Services\Tcpip\..\{080FA4BF-28B2-4E7A-A306-E06364A2E9F9}: NameServer = 217.77.165.81 217.77.161.131
O17 - HKLM\System\CS3\Services\Tcpip\..\{080FA4BF-28B2-4E7A-A306-E06364A2E9F9}: NameServer = 217.77.165.81 217.77.161.131
O17 - HKLM\System\CS4\Services\Tcpip\..\{080FA4BF-28B2-4E7A-A306-E06364A2E9F9}: NameServer = 217.77.165.81 217.77.161.131
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\HEWLET~1\IAM\Bin\APSHook.dll
O23 - Service: ActivIdentity Shared Store Service (ac.sharedstore) - ActivIdentity - C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
O23 - Service: ActivityMon (ActivityMon2) - Roman Svihalek, ActivityMon Software - C:\Program Files\ActivityMon Software\ActivityMon\svchost.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\windows\system32\AEADISRV.EXE
O23 - Service: AMD External Events Utility - AMD - C:\windows\system32\atiesrxx.exe
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files\Fingerprint Sensor\AtService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Cobian Backup 11 Volume Shadow Copy Requester (cbVSCService11) - CobianSoft, Luis Cobian - C:\Program Files\Cobian Backup 11\cbVSCService11.exe
O23 - Service: Cobian Backup 11 Gravity (CobianBackup11) - Luis Cobian, CobianSoft - C:\Program Files\Cobian Backup 11\cbService.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\windows\system32\Hpservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: PasswordBox - PasswordBox, Inc. - C:\Program Files\PasswordBox\pbbtnService.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: Aktivátor Správce výběru OS Acronis (Správce výběru OS) - Unknown owner - C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
--
End of file - 11593 bytes
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001Core.job - C:\Users\Marketa\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001UA.job - C:\Users\Marketa\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\HP Photo Creations Communicator.job - C:\ProgramData\HP Photo Creations\Communicator.exe --auto
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5DB69B97-934B-451D-94DB-32EF802A01CD}]
PasswordBox Helper - C:\Program Files\PasswordBox\Application\pbbtn.dll [2014-01-24 129032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-08-11 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-05 565304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03 194504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-08-11 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
Credential Manager for HP ProtectTools - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll [2009-07-23 98576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03 194504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-08-04 98304]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-04-05 5512912]
"Family Tree Builder Update"=C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe [2015-03-02 2477056]
"TkBellExe"=C:\Program Files\Real\RealPlayer\update\realsched.exe [2011-11-28 296056]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ShowBatteryBar"=C:\Program Files\BatteryBar\ShowBatteryBar.exe [2013-04-11 90624]
"Gadwin PrintScreen Pro (32-bit)"=C:\Program Files\Gadwin\Gadwin PrintScreenPro\PrintScreenPro32.exe [2014-02-04 13005480]
"Google Update"=C:\Users\Marketa\AppData\Local\Google\Update\GoogleUpdate.exe [2014-07-21 116648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\accrdsub]
C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [2009-06-03 400936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\acevents]
C:\Program Files\ActivIdentity\ActivClient\acevents.exe [2009-06-03 153640]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\actSessionUI32.exe]
C:\Program Files\ActivityMon Software\ActivityMon\actSessionUI32.exe [2012-10-18 59064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ANT Agent]
c:\program files\garmin\ant agent\ant agent.exe [2013-02-15 14731776]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-02-20 59240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cobian Backup 11 interface]
C:\Program Files\Cobian Backup 11\cbInterface.exe [2012-12-05 4407808]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CognizanceTS]
C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll [2009-07-23 24848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarminExpressTrayApp]
C:\Program Files\Garmin\Express Tray\ExpressTray.exe [2014-04-23 122200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPADVISOR]
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [2009-07-16 1668664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-08-25 186904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2009-06-17 2363392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileBroadband]
C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe [2011-07-14 279552]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NCPluginUpdater]
C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2015-04-07 21304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PTHOSTTR]
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2009-07-30 354360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-07-28 288312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2014-01-17 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX]
C:\Program Files\Analog Devices\SoundMAX\soundmax.exe [2009-05-18 3866624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
C:\Program Files\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-04 1791272]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vidalia]
C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe [2011-04-12 5735369]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WirelessAssistant]
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-07-23 498744]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2009-07-30 795936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2009-11-18 275072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
C:\PROGRA~1\WinZip\WZQKPICK.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Marketa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\Marketa\AppData\Roaming\Dropbox\bin\Dropbox.exe [2014-03-19 32667896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Marketa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk]
C:\PROGRA~1\MICROS~2\Office14\ONENOTEM.EXE [2013-06-25 228552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\HEWLET~1\IAM\Bin\APSHook.dll "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2015-04-22 07:14:23 ----D---- C:\rsit
2015-04-20 08:05:38 ----D---- C:\Program Files\Seznam.cz
2015-04-20 08:05:03 ----D---- C:\Users\Marketa\AppData\Roaming\Seznam.cz
2015-04-15 05:56:46 ----D---- C:\Program Files\Common Files\Skype
2015-04-15 05:56:45 ----RD---- C:\Program Files\Skype
2015-04-15 05:49:55 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 05:49:55 ----A---- C:\windows\system32\ieetwproxystub.dll
2015-04-15 05:49:55 ----A---- C:\windows\system32\ieetwcollector.exe
2015-04-15 05:49:54 ----A---- C:\windows\system32\urlmon.dll
2015-04-15 05:49:54 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2015-04-15 05:49:54 ----A---- C:\windows\system32\iernonce.dll
2015-04-15 05:49:54 ----A---- C:\windows\system32\iedkcs32.dll
2015-04-15 05:49:54 ----A---- C:\windows\system32\ie4uinit.exe
2015-04-15 05:49:53 ----A---- C:\windows\system32\jsproxy.dll
2015-04-15 05:49:53 ----A---- C:\windows\system32\jscript9diag.dll
2015-04-15 05:49:53 ----A---- C:\windows\system32\ieUnatt.exe
2015-04-15 05:49:53 ----A---- C:\windows\system32\ieapfltr.dll
2015-04-15 05:49:53 ----A---- C:\windows\system32\dxtmsft.dll
2015-04-15 05:49:52 ----A---- C:\windows\system32\msfeeds.dll
2015-04-15 05:49:51 ----A---- C:\windows\system32\msrating.dll
2015-04-15 05:49:51 ----A---- C:\windows\system32\iesetup.dll
2015-04-15 05:49:50 ----A---- C:\windows\system32\wininet.dll
2015-04-15 05:49:50 ----A---- C:\windows\system32\ieetwcollectorres.dll
2015-04-15 05:49:49 ----A---- C:\windows\system32\ieui.dll
2015-04-15 05:49:49 ----A---- C:\windows\system32\dxtrans.dll
2015-04-15 05:49:48 ----A---- C:\windows\system32\ieframe.dll
2015-04-15 05:49:47 ----A---- C:\windows\system32\mshtmled.dll
2015-04-15 05:49:46 ----A---- C:\windows\system32\mshtmlmedia.dll
2015-04-15 05:49:46 ----A---- C:\windows\system32\MshtmlDac.dll
2015-04-15 05:49:46 ----A---- C:\windows\system32\iertutil.dll
2015-04-15 05:49:44 ----A---- C:\windows\system32\mshtml.dll
2015-04-15 05:49:43 ----A---- C:\windows\system32\vbscript.dll
2015-04-15 05:49:43 ----A---- C:\windows\system32\jscript9.dll
2015-04-15 05:49:38 ----A---- C:\windows\system32\invagent.dll
2015-04-15 05:49:38 ----A---- C:\windows\system32\generaltel.dll
2015-04-15 05:49:38 ----A---- C:\windows\system32\devinv.dll
2015-04-15 05:49:38 ----A---- C:\windows\system32\appraiser.dll
2015-04-15 05:49:38 ----A---- C:\windows\system32\aepic.dll
2015-04-15 05:49:38 ----A---- C:\windows\system32\aepdu.dll
2015-04-15 05:49:38 ----A---- C:\windows\system32\aeinv.dll
2015-04-15 05:49:38 ----A---- C:\windows\system32\acmigration.dll
2015-04-15 05:49:32 ----A---- C:\windows\system32\clfsw32.dll
2015-04-15 05:49:32 ----A---- C:\windows\system32\clfs.sys
2015-04-15 05:49:24 ----A---- C:\windows\system32\ntoskrnl.exe
2015-04-15 05:49:24 ----A---- C:\windows\system32\ntdll.dll
2015-04-15 05:49:23 ----A---- C:\windows\system32\ntkrnlpa.exe
2015-04-15 05:49:22 ----A---- C:\windows\system32\srcore.dll
2015-04-15 05:49:22 ----A---- C:\windows\system32\smss.exe
2015-04-15 05:49:22 ----A---- C:\windows\system32\schannel.dll
2015-04-15 05:49:22 ----A---- C:\windows\system32\rstrui.exe
2015-04-15 05:49:22 ----A---- C:\windows\system32\ncrypt.dll
2015-04-15 05:49:22 ----A---- C:\windows\system32\msv1_0.dll
2015-04-15 05:49:22 ----A---- C:\windows\system32\lsasrv.dll
2015-04-15 05:49:22 ----A---- C:\windows\system32\kerberos.dll
2015-04-15 05:49:22 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2015-04-15 05:49:22 ----A---- C:\windows\system32\drivers\ksecdd.sys
2015-04-15 05:49:21 ----A---- C:\windows\system32\wdigest.dll
2015-04-15 05:49:21 ----A---- C:\windows\system32\TSpkg.dll
2015-04-15 05:49:21 ----A---- C:\windows\system32\lsass.exe
2015-04-15 05:49:21 ----A---- C:\windows\system32\auditpol.exe
2015-04-15 05:49:20 ----A---- C:\windows\system32\sspisrv.dll
2015-04-15 05:49:20 ----A---- C:\windows\system32\sspicli.dll
2015-04-15 05:49:20 ----A---- C:\windows\system32\srclient.dll
2015-04-15 05:49:20 ----A---- C:\windows\system32\secur32.dll
2015-04-15 05:49:20 ----A---- C:\windows\system32\msobjs.dll
2015-04-15 05:49:20 ----A---- C:\windows\system32\msaudite.dll
2015-04-15 05:49:20 ----A---- C:\windows\system32\csrsrv.dll
2015-04-15 05:49:20 ----A---- C:\windows\system32\credssp.dll
2015-04-15 05:49:20 ----A---- C:\windows\system32\apisetschema.dll
2015-04-15 05:49:20 ----A---- C:\windows\system32\adtschema.dll
2015-04-15 05:48:24 ----A---- C:\windows\system32\gdi32.dll
2015-04-15 05:43:40 ----A---- C:\windows\system32\wuwebv.dll
2015-04-15 05:43:40 ----A---- C:\windows\system32\wups2.dll
2015-04-15 05:43:40 ----A---- C:\windows\system32\wups.dll
2015-04-15 05:43:40 ----A---- C:\windows\system32\wudriver.dll
2015-04-15 05:43:40 ----A---- C:\windows\system32\wucltux.dll
2015-04-15 05:43:40 ----A---- C:\windows\system32\wuaueng.dll
2015-04-15 05:43:40 ----A---- C:\windows\system32\wuauclt.exe
2015-04-15 05:43:40 ----A---- C:\windows\system32\wuapp.exe
2015-04-15 05:43:40 ----A---- C:\windows\system32\wuapi.dll
2015-04-15 05:43:40 ----A---- C:\windows\system32\wu.upgrade.ps.dll
2015-04-15 05:43:40 ----A---- C:\windows\system32\WinSetupUI.dll
2015-04-15 05:43:10 ----A---- C:\windows\system32\drivers\http.sys
2015-04-15 05:43:08 ----A---- C:\windows\system32\msxml3.dll
2015-04-15 05:43:07 ----A---- C:\windows\system32\msxml3r.dll
2015-04-08 00:09:04 ----D---- C:\Users\Marketa\AppData\Roaming\MyHeritage
2015-04-08 00:09:04 ----D---- C:\ProgramData\MyHeritage
2015-04-08 00:08:41 ----A---- C:\windows\system32\unicows.dll
2015-04-08 00:08:41 ----A---- C:\windows\system32\PDFDocScout.DLL
2015-04-08 00:08:41 ----A---- C:\windows\system32\PaintX.dll
2015-04-08 00:08:41 ----A---- C:\windows\system32\ijl15.dll
2015-04-08 00:08:40 ----D---- C:\Users\Marketa\AppData\Roaming\The Complete Genealogy Reporter - FTB
2015-04-08 00:08:12 ----D---- C:\Program Files\MyHeritage
2015-04-05 08:11:16 ----SD---- C:\windows\system32\GWX
2015-04-05 06:15:14 ----A---- C:\windows\system32\aswBoot.exe
2015-04-05 06:14:57 ----A---- C:\windows\avastSS.scr
======List of files/folders modified in the last 1 month======
2015-04-22 07:14:41 ----D---- C:\ProgramData\ActivityMon
2015-04-22 07:14:38 ----D---- C:\Program Files\trend micro
2015-04-22 07:14:33 ----D---- C:\windows\Temp
2015-04-22 07:11:05 ----D---- C:\windows\System32
2015-04-22 07:11:05 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-04-22 07:04:24 ----D---- C:\windows\system32\config
2015-04-22 05:51:36 ----D---- C:\windows\Prefetch
2015-04-22 05:49:25 ----D---- C:\Windows
2015-04-22 05:49:22 ----D---- C:\windows\system32\drivers
2015-04-22 05:49:22 ----D---- C:\windows\Cursors
2015-04-21 23:23:11 ----D---- C:\Users\Marketa\AppData\Roaming\uTorrent
2015-04-21 23:13:46 ----D---- C:\Users\Marketa\AppData\Roaming\Winamp
2015-04-21 19:41:40 ----SHD---- C:\windows\Installer
2015-04-21 19:41:40 ----D---- C:\Config.Msi
2015-04-21 00:14:52 ----D---- C:\windows\ModemLogs
2015-04-20 12:27:45 ----D---- C:\AdwCleaner
2015-04-20 12:27:42 ----D---- C:\Program Files
2015-04-20 12:17:15 ----D---- C:\windows\Tasks
2015-04-20 12:16:10 ----D---- C:\windows\inf
2015-04-20 12:13:15 ----D---- C:\windows\system32\Tasks
2015-04-20 12:11:33 ----D---- C:\Program Files\Hewlett-Packard
2015-04-20 12:10:49 ----SHD---- C:\System Volume Information
2015-04-20 09:15:10 ----D---- C:\FRST
2015-04-20 09:07:19 ----D---- C:\Users\Marketa\AppData\Roaming\Media Player Classic
2015-04-20 08:48:32 ----D---- C:\windows\Minidump
2015-04-20 08:48:32 ----D---- C:\windows\debug
2015-04-20 06:49:28 ----A---- C:\windows\win.ini
2015-04-20 06:47:27 ----D---- C:\windows\twain_32
2015-04-16 19:45:32 ----D---- C:\Users\Marketa\AppData\Roaming\HpUpdate
2015-04-16 14:28:30 ----D---- C:\windows\Microsoft.NET
2015-04-16 05:56:23 ----D---- C:\ProgramData\PDFC
2015-04-15 18:00:05 ----D---- C:\Users\Marketa\AppData\Roaming\Audacity
2015-04-15 07:21:42 ----D---- C:\windows\AppCompat
2015-04-15 07:21:35 ----D---- C:\windows\rescache
2015-04-15 06:42:37 ----RSD---- C:\windows\assembly
2015-04-15 06:34:46 ----D---- C:\windows\winsxs
2015-04-15 06:31:38 ----SD---- C:\windows\system32\CompatTel
2015-04-15 06:31:37 ----D---- C:\windows\system32\appraiser
2015-04-15 06:31:37 ----D---- C:\windows\AppPatch
2015-04-15 06:31:35 ----D---- C:\windows\system32\cs-CZ
2015-04-15 06:31:33 ----D---- C:\windows\system32\en-US
2015-04-15 06:31:32 ----D---- C:\Program Files\Internet Explorer
2015-04-15 06:31:30 ----D---- C:\windows\PolicyDefinitions
2015-04-15 06:10:27 ----D---- C:\ProgramData\Microsoft Help
2015-04-15 06:09:52 ----D---- C:\windows\system32\MRT
2015-04-15 06:01:39 ----A---- C:\windows\system32\MRT.exe
2015-04-15 05:56:46 ----D---- C:\Program Files\Common Files
2015-04-15 05:56:41 ----D---- C:\ProgramData\Skype
2015-04-15 05:27:51 ----D---- C:\windows\system32\catroot2
2015-04-08 18:13:44 ----D---- C:\Program Files\Battle.net
2015-04-08 18:11:10 ----D---- C:\Program Files\Hearthstone
2015-04-08 17:56:53 ----D---- C:\Program Files\Opera
2015-04-08 00:09:04 ----D---- C:\ProgramData
2015-04-05 12:19:22 ----D---- C:\Users\Marketa\AppData\Roaming\BatteryBar
2015-04-05 08:11:25 ----D---- C:\windows\Logs
2015-04-05 06:11:16 ----A---- C:\windows\system32\FlashPlayerApp.exe
2015-03-25 12:24:56 ----D---- C:\windows\system32\wbem
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2015-04-05 49904]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2015-04-05 208024]
R0 fltsrv;Acronis Storage Filter Management; C:\windows\system32\DRIVERS\fltsrv.sys [2013-11-09 86304]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 25656]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2009-08-07 330264]
R0 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 PxHelp20;PxHelp20; C:\windows\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 snapman;Acronis Snapshots Manager; C:\windows\system32\DRIVERS\snapman.sys [2013-11-09 185120]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2012-06-05 436792]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2015-04-05 81728]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2015-04-05 788272]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2015-04-05 427736]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-10-07 232512]
R1 mfetdik;McAfee Inc. mfetdik; C:\windows\system32\drivers\mfetdik.sys [2009-05-16 55336]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswHwid;avast! HardwareID; C:\windows\system32\drivers\aswHwid.sys [2015-04-05 24144]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2015-04-05 73440]
R2 npf;NetGroup Packet Filter Driver; C:\windows\system32\drivers\npf.sys [2010-01-27 50704]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-04-05 220240]
R3 5U876UVC;HP Webcam [2 MP series]; C:\windows\system32\DRIVERS\5U876.sys [2009-06-30 118656]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 35896]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\ADIHdAud.sys [2009-05-18 381440]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\windows\system32\drivers\AtiHdmi.sys [2009-07-24 103440]
R3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2009-08-04 4994048]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 15872]
R3 huawei_enumerator;huawei_enumerator; C:\windows\system32\DRIVERS\ew_jubusenum.sys [2011-07-12 73344]
R3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit; C:\windows\system32\DRIVERS\NETw5s32.sys [2010-01-13 6755840]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2010-06-04 1303728]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2015-04-05 106912]
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2009-07-14 1035776]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2009-07-01 86056]
S3 btwavdt;Bluetooth AVDT; C:\windows\system32\DRIVERS\btwavdt.sys [2009-07-01 108072]
S3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-08 29472]
S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2009-07-01 18344]
S3 catchme;catchme; \??\C:\Users\Marketa\AppData\Local\Temp\catchme.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\windows\system32\DRIVERS\ew_hwusbdev.sys [2011-07-12 102784]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\windows\system32\DRIVERS\ew_usbenumfilter.sys [2011-07-12 11136]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
S3 grmnusb;grmnusb; C:\windows\system32\drivers\grmnusb.sys [2012-04-18 15720]
S3 huawei_cdcacm;huawei_cdcacm; C:\windows\system32\DRIVERS\ew_jucdcacm.sys [2011-07-12 89856]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\windows\system32\DRIVERS\ew_juextctrl.sys [2011-07-12 26624]
S3 huawei_wwanecm;huawei_wwanecm; C:\windows\system32\DRIVERS\ew_juwwanecm.sys [2011-07-12 182272]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\windows\system32\DRIVERS\ewusbmdm.sys [2011-07-12 192768]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480]
S3 NETw1v32;Intel(R) Wireless WiFi Link 1000 Series Adapter Driver for Windows Vista 32 Bit; C:\windows\system32\DRIVERS\NETw1v32.sys [2009-07-21 5958656]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 sisagp;Filtr SIS sběrnice AGP; C:\windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 123648]
S3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\windows\system32\DRIVERS\serscan.sys [2009-07-14 9216]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 30720]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 viaagp;Filtr VIA sběrnice AGP; C:\windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ac.sharedstore;ActivIdentity Shared Store Service; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-03 207400]
R2 ActivityMon2;ActivityMon; C:\Program Files\ActivityMon Software\ActivityMon\svchost.exe [2012-10-18 80568]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AEADIFilters;Andrea ADI Filters Service; C:\windows\system32\AEADISRV.EXE [2008-07-15 90112]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2009-08-04 176128]
R2 ASBroker;Logon Session Broker; C:\windows\System32\svchost.exe [2009-07-14 20992]
R2 ASChannel;Local Communication Channel; C:\windows\System32\svchost.exe [2009-07-14 20992]
R2 ATService;AuthenTec Fingerprint Service; C:\Program Files\Fingerprint Sensor\AtService.exe [2009-07-29 1201400]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-04-05 343336]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-30 582944]
R2 cbVSCService11;Cobian Backup 11 Volume Shadow Copy Requester; C:\Program Files\Cobian Backup 11\cbVSCService11.exe [2012-12-05 67584]
R2 CobianBackup11;Cobian Backup 11 Gravity; C:\Program Files\Cobian Backup 11\cbService.exe [2012-12-05 1131008]
R2 Garmin Core Update Service;Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2014-04-23 436056]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2009-07-10 124928]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\windows\system32\svchost.exe [2009-07-14 20992]
R2 HPSLPSVC;HP Network Devices Support; C:\windows\system32\svchost.exe [2009-07-14 20992]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2011-05-13 26168]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-08-25 354840]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 20992]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2009-06-18 635416]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 20992]
R3 hpqcxs08;hpqcxs08; C:\windows\system32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-20 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-05 268464]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-11 45744]
S3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-04-05 3205216]
S3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-20 107912]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-21 194032]
S3 HP ProtectTools Service;HP ProtectTools Service; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2009-07-30 45056]
S3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2009-05-01 229944]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2015-03-13 102912]
S3 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PasswordBox;PasswordBox; C:\Program Files\PasswordBox\pbbtnService.exe [2013-11-01 67584]
S3 RoxMediaDB10;RoxMediaDB10; c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-06-13 1120752]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 Správce výběru OS;Aktivátor Správce výběru OS Acronis; C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe [2011-12-12 2156952]
S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2009-04-30 74392]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Run by Marketa at 2015-04-22 07:14:23
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 42 GB (9%) free of 459 GB
Total RAM: 3066 MB (47% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:14:38, on 22.4.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\windows\system32\taskhost.exe
C:\windows\Explorer.EXE
C:\Program Files\Hewlett-Packard\IAM\Bin\AsGHost.exe
C:\Program Files\ActivityMon Software\ActivityMon\rundll32.exe
C:\Program Files\ActivityMon Software\ActivityMon\actSessionUI32.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Gadwin\Gadwin PrintScreenPro\PrintScreenPro32.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Opera\28.0.1750.51\opera.exe
C:\Program Files\Opera\28.0.1750.51\opera.exe
C:\Program Files\Opera\28.0.1750.51\opera.exe
C:\Program Files\Opera\28.0.1750.51\opera.exe
C:\Program Files\Opera\28.0.1750.51\opera.exe
C:\Program Files\Opera\28.0.1750.51\opera.exe
C:\Program Files\Opera\28.0.1750.51\opera.exe
C:\Program Files\Opera\28.0.1750.51\opera.exe
C:\Program Files\Opera\28.0.1750.51\opera.exe
C:\Program Files\Opera\28.0.1750.51\opera.exe
C:\Program Files\Opera\28.0.1750.51\opera.exe
C:\windows\system32\SearchFilterHost.exe
C:\Users\Marketa\Desktop\RSIT.exe
C:\Program Files\trend micro\Marketa.exe
C:\windows\system32\DllHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: PasswordBox Helper - {5DB69B97-934B-451D-94DB-32EF802A01CD} - C:\Program Files\PasswordBox\Application\pbbtn.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKCU\..\Run: [ShowBatteryBar] "C:\Program Files\BatteryBar\ShowBatteryBar.exe" show
O4 - HKCU\..\Run: [Gadwin PrintScreen Pro (32-bit)] "C:\Program Files\Gadwin\Gadwin PrintScreenPro\PrintScreenPro32.exe" /nosplash
O4 - HKCU\..\Run: [Google Update] "C:\Users\Marketa\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 10.67.2) - http://javadl-esd.sun.com/update/1.7.0/ ... s-i586.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{080FA4BF-28B2-4E7A-A306-E06364A2E9F9}: NameServer = 217.77.165.81 217.77.161.131
O17 - HKLM\System\CCS\Services\Tcpip\..\{58A95CB5-18F8-4B18-929F-C7A966324B11}: NameServer = 217.77.165.81 217.77.161.131
O17 - HKLM\System\CS1\Services\Tcpip\..\{080FA4BF-28B2-4E7A-A306-E06364A2E9F9}: NameServer = 217.77.165.81 217.77.161.131
O17 - HKLM\System\CS2\Services\Tcpip\..\{080FA4BF-28B2-4E7A-A306-E06364A2E9F9}: NameServer = 217.77.165.81 217.77.161.131
O17 - HKLM\System\CS3\Services\Tcpip\..\{080FA4BF-28B2-4E7A-A306-E06364A2E9F9}: NameServer = 217.77.165.81 217.77.161.131
O17 - HKLM\System\CS4\Services\Tcpip\..\{080FA4BF-28B2-4E7A-A306-E06364A2E9F9}: NameServer = 217.77.165.81 217.77.161.131
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\HEWLET~1\IAM\Bin\APSHook.dll
O23 - Service: ActivIdentity Shared Store Service (ac.sharedstore) - ActivIdentity - C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
O23 - Service: ActivityMon (ActivityMon2) - Roman Svihalek, ActivityMon Software - C:\Program Files\ActivityMon Software\ActivityMon\svchost.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\windows\system32\AEADISRV.EXE
O23 - Service: AMD External Events Utility - AMD - C:\windows\system32\atiesrxx.exe
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files\Fingerprint Sensor\AtService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Cobian Backup 11 Volume Shadow Copy Requester (cbVSCService11) - CobianSoft, Luis Cobian - C:\Program Files\Cobian Backup 11\cbVSCService11.exe
O23 - Service: Cobian Backup 11 Gravity (CobianBackup11) - Luis Cobian, CobianSoft - C:\Program Files\Cobian Backup 11\cbService.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\windows\system32\Hpservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: PasswordBox - PasswordBox, Inc. - C:\Program Files\PasswordBox\pbbtnService.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: Aktivátor Správce výběru OS Acronis (Správce výběru OS) - Unknown owner - C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
--
End of file - 11593 bytes
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001Core.job - C:\Users\Marketa\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001UA.job - C:\Users\Marketa\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\HP Photo Creations Communicator.job - C:\ProgramData\HP Photo Creations\Communicator.exe --auto
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5DB69B97-934B-451D-94DB-32EF802A01CD}]
PasswordBox Helper - C:\Program Files\PasswordBox\Application\pbbtn.dll [2014-01-24 129032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-08-11 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-05 565304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03 194504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-08-11 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
Credential Manager for HP ProtectTools - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll [2009-07-23 98576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03 194504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-08-04 98304]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-04-05 5512912]
"Family Tree Builder Update"=C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe [2015-03-02 2477056]
"TkBellExe"=C:\Program Files\Real\RealPlayer\update\realsched.exe [2011-11-28 296056]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ShowBatteryBar"=C:\Program Files\BatteryBar\ShowBatteryBar.exe [2013-04-11 90624]
"Gadwin PrintScreen Pro (32-bit)"=C:\Program Files\Gadwin\Gadwin PrintScreenPro\PrintScreenPro32.exe [2014-02-04 13005480]
"Google Update"=C:\Users\Marketa\AppData\Local\Google\Update\GoogleUpdate.exe [2014-07-21 116648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\accrdsub]
C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [2009-06-03 400936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\acevents]
C:\Program Files\ActivIdentity\ActivClient\acevents.exe [2009-06-03 153640]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\actSessionUI32.exe]
C:\Program Files\ActivityMon Software\ActivityMon\actSessionUI32.exe [2012-10-18 59064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ANT Agent]
c:\program files\garmin\ant agent\ant agent.exe [2013-02-15 14731776]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-02-20 59240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cobian Backup 11 interface]
C:\Program Files\Cobian Backup 11\cbInterface.exe [2012-12-05 4407808]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CognizanceTS]
C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll [2009-07-23 24848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarminExpressTrayApp]
C:\Program Files\Garmin\Express Tray\ExpressTray.exe [2014-04-23 122200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPADVISOR]
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [2009-07-16 1668664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-08-25 186904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2009-06-17 2363392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileBroadband]
C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe [2011-07-14 279552]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NCPluginUpdater]
C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2015-04-07 21304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PTHOSTTR]
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2009-07-30 354360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-07-28 288312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2014-01-17 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX]
C:\Program Files\Analog Devices\SoundMAX\soundmax.exe [2009-05-18 3866624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
C:\Program Files\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-04 1791272]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vidalia]
C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe [2011-04-12 5735369]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WirelessAssistant]
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-07-23 498744]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2009-07-30 795936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2009-11-18 275072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
C:\PROGRA~1\WinZip\WZQKPICK.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Marketa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\Marketa\AppData\Roaming\Dropbox\bin\Dropbox.exe [2014-03-19 32667896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Marketa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk]
C:\PROGRA~1\MICROS~2\Office14\ONENOTEM.EXE [2013-06-25 228552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\HEWLET~1\IAM\Bin\APSHook.dll "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2015-04-22 07:14:23 ----D---- C:\rsit
2015-04-20 08:05:38 ----D---- C:\Program Files\Seznam.cz
2015-04-20 08:05:03 ----D---- C:\Users\Marketa\AppData\Roaming\Seznam.cz
2015-04-15 05:56:46 ----D---- C:\Program Files\Common Files\Skype
2015-04-15 05:56:45 ----RD---- C:\Program Files\Skype
2015-04-15 05:49:55 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 05:49:55 ----A---- C:\windows\system32\ieetwproxystub.dll
2015-04-15 05:49:55 ----A---- C:\windows\system32\ieetwcollector.exe
2015-04-15 05:49:54 ----A---- C:\windows\system32\urlmon.dll
2015-04-15 05:49:54 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2015-04-15 05:49:54 ----A---- C:\windows\system32\iernonce.dll
2015-04-15 05:49:54 ----A---- C:\windows\system32\iedkcs32.dll
2015-04-15 05:49:54 ----A---- C:\windows\system32\ie4uinit.exe
2015-04-15 05:49:53 ----A---- C:\windows\system32\jsproxy.dll
2015-04-15 05:49:53 ----A---- C:\windows\system32\jscript9diag.dll
2015-04-15 05:49:53 ----A---- C:\windows\system32\ieUnatt.exe
2015-04-15 05:49:53 ----A---- C:\windows\system32\ieapfltr.dll
2015-04-15 05:49:53 ----A---- C:\windows\system32\dxtmsft.dll
2015-04-15 05:49:52 ----A---- C:\windows\system32\msfeeds.dll
2015-04-15 05:49:51 ----A---- C:\windows\system32\msrating.dll
2015-04-15 05:49:51 ----A---- C:\windows\system32\iesetup.dll
2015-04-15 05:49:50 ----A---- C:\windows\system32\wininet.dll
2015-04-15 05:49:50 ----A---- C:\windows\system32\ieetwcollectorres.dll
2015-04-15 05:49:49 ----A---- C:\windows\system32\ieui.dll
2015-04-15 05:49:49 ----A---- C:\windows\system32\dxtrans.dll
2015-04-15 05:49:48 ----A---- C:\windows\system32\ieframe.dll
2015-04-15 05:49:47 ----A---- C:\windows\system32\mshtmled.dll
2015-04-15 05:49:46 ----A---- C:\windows\system32\mshtmlmedia.dll
2015-04-15 05:49:46 ----A---- C:\windows\system32\MshtmlDac.dll
2015-04-15 05:49:46 ----A---- C:\windows\system32\iertutil.dll
2015-04-15 05:49:44 ----A---- C:\windows\system32\mshtml.dll
2015-04-15 05:49:43 ----A---- C:\windows\system32\vbscript.dll
2015-04-15 05:49:43 ----A---- C:\windows\system32\jscript9.dll
2015-04-15 05:49:38 ----A---- C:\windows\system32\invagent.dll
2015-04-15 05:49:38 ----A---- C:\windows\system32\generaltel.dll
2015-04-15 05:49:38 ----A---- C:\windows\system32\devinv.dll
2015-04-15 05:49:38 ----A---- C:\windows\system32\appraiser.dll
2015-04-15 05:49:38 ----A---- C:\windows\system32\aepic.dll
2015-04-15 05:49:38 ----A---- C:\windows\system32\aepdu.dll
2015-04-15 05:49:38 ----A---- C:\windows\system32\aeinv.dll
2015-04-15 05:49:38 ----A---- C:\windows\system32\acmigration.dll
2015-04-15 05:49:32 ----A---- C:\windows\system32\clfsw32.dll
2015-04-15 05:49:32 ----A---- C:\windows\system32\clfs.sys
2015-04-15 05:49:24 ----A---- C:\windows\system32\ntoskrnl.exe
2015-04-15 05:49:24 ----A---- C:\windows\system32\ntdll.dll
2015-04-15 05:49:23 ----A---- C:\windows\system32\ntkrnlpa.exe
2015-04-15 05:49:22 ----A---- C:\windows\system32\srcore.dll
2015-04-15 05:49:22 ----A---- C:\windows\system32\smss.exe
2015-04-15 05:49:22 ----A---- C:\windows\system32\schannel.dll
2015-04-15 05:49:22 ----A---- C:\windows\system32\rstrui.exe
2015-04-15 05:49:22 ----A---- C:\windows\system32\ncrypt.dll
2015-04-15 05:49:22 ----A---- C:\windows\system32\msv1_0.dll
2015-04-15 05:49:22 ----A---- C:\windows\system32\lsasrv.dll
2015-04-15 05:49:22 ----A---- C:\windows\system32\kerberos.dll
2015-04-15 05:49:22 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2015-04-15 05:49:22 ----A---- C:\windows\system32\drivers\ksecdd.sys
2015-04-15 05:49:21 ----A---- C:\windows\system32\wdigest.dll
2015-04-15 05:49:21 ----A---- C:\windows\system32\TSpkg.dll
2015-04-15 05:49:21 ----A---- C:\windows\system32\lsass.exe
2015-04-15 05:49:21 ----A---- C:\windows\system32\auditpol.exe
2015-04-15 05:49:20 ----A---- C:\windows\system32\sspisrv.dll
2015-04-15 05:49:20 ----A---- C:\windows\system32\sspicli.dll
2015-04-15 05:49:20 ----A---- C:\windows\system32\srclient.dll
2015-04-15 05:49:20 ----A---- C:\windows\system32\secur32.dll
2015-04-15 05:49:20 ----A---- C:\windows\system32\msobjs.dll
2015-04-15 05:49:20 ----A---- C:\windows\system32\msaudite.dll
2015-04-15 05:49:20 ----A---- C:\windows\system32\csrsrv.dll
2015-04-15 05:49:20 ----A---- C:\windows\system32\credssp.dll
2015-04-15 05:49:20 ----A---- C:\windows\system32\apisetschema.dll
2015-04-15 05:49:20 ----A---- C:\windows\system32\adtschema.dll
2015-04-15 05:48:24 ----A---- C:\windows\system32\gdi32.dll
2015-04-15 05:43:40 ----A---- C:\windows\system32\wuwebv.dll
2015-04-15 05:43:40 ----A---- C:\windows\system32\wups2.dll
2015-04-15 05:43:40 ----A---- C:\windows\system32\wups.dll
2015-04-15 05:43:40 ----A---- C:\windows\system32\wudriver.dll
2015-04-15 05:43:40 ----A---- C:\windows\system32\wucltux.dll
2015-04-15 05:43:40 ----A---- C:\windows\system32\wuaueng.dll
2015-04-15 05:43:40 ----A---- C:\windows\system32\wuauclt.exe
2015-04-15 05:43:40 ----A---- C:\windows\system32\wuapp.exe
2015-04-15 05:43:40 ----A---- C:\windows\system32\wuapi.dll
2015-04-15 05:43:40 ----A---- C:\windows\system32\wu.upgrade.ps.dll
2015-04-15 05:43:40 ----A---- C:\windows\system32\WinSetupUI.dll
2015-04-15 05:43:10 ----A---- C:\windows\system32\drivers\http.sys
2015-04-15 05:43:08 ----A---- C:\windows\system32\msxml3.dll
2015-04-15 05:43:07 ----A---- C:\windows\system32\msxml3r.dll
2015-04-08 00:09:04 ----D---- C:\Users\Marketa\AppData\Roaming\MyHeritage
2015-04-08 00:09:04 ----D---- C:\ProgramData\MyHeritage
2015-04-08 00:08:41 ----A---- C:\windows\system32\unicows.dll
2015-04-08 00:08:41 ----A---- C:\windows\system32\PDFDocScout.DLL
2015-04-08 00:08:41 ----A---- C:\windows\system32\PaintX.dll
2015-04-08 00:08:41 ----A---- C:\windows\system32\ijl15.dll
2015-04-08 00:08:40 ----D---- C:\Users\Marketa\AppData\Roaming\The Complete Genealogy Reporter - FTB
2015-04-08 00:08:12 ----D---- C:\Program Files\MyHeritage
2015-04-05 08:11:16 ----SD---- C:\windows\system32\GWX
2015-04-05 06:15:14 ----A---- C:\windows\system32\aswBoot.exe
2015-04-05 06:14:57 ----A---- C:\windows\avastSS.scr
======List of files/folders modified in the last 1 month======
2015-04-22 07:14:41 ----D---- C:\ProgramData\ActivityMon
2015-04-22 07:14:38 ----D---- C:\Program Files\trend micro
2015-04-22 07:14:33 ----D---- C:\windows\Temp
2015-04-22 07:11:05 ----D---- C:\windows\System32
2015-04-22 07:11:05 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-04-22 07:04:24 ----D---- C:\windows\system32\config
2015-04-22 05:51:36 ----D---- C:\windows\Prefetch
2015-04-22 05:49:25 ----D---- C:\Windows
2015-04-22 05:49:22 ----D---- C:\windows\system32\drivers
2015-04-22 05:49:22 ----D---- C:\windows\Cursors
2015-04-21 23:23:11 ----D---- C:\Users\Marketa\AppData\Roaming\uTorrent
2015-04-21 23:13:46 ----D---- C:\Users\Marketa\AppData\Roaming\Winamp
2015-04-21 19:41:40 ----SHD---- C:\windows\Installer
2015-04-21 19:41:40 ----D---- C:\Config.Msi
2015-04-21 00:14:52 ----D---- C:\windows\ModemLogs
2015-04-20 12:27:45 ----D---- C:\AdwCleaner
2015-04-20 12:27:42 ----D---- C:\Program Files
2015-04-20 12:17:15 ----D---- C:\windows\Tasks
2015-04-20 12:16:10 ----D---- C:\windows\inf
2015-04-20 12:13:15 ----D---- C:\windows\system32\Tasks
2015-04-20 12:11:33 ----D---- C:\Program Files\Hewlett-Packard
2015-04-20 12:10:49 ----SHD---- C:\System Volume Information
2015-04-20 09:15:10 ----D---- C:\FRST
2015-04-20 09:07:19 ----D---- C:\Users\Marketa\AppData\Roaming\Media Player Classic
2015-04-20 08:48:32 ----D---- C:\windows\Minidump
2015-04-20 08:48:32 ----D---- C:\windows\debug
2015-04-20 06:49:28 ----A---- C:\windows\win.ini
2015-04-20 06:47:27 ----D---- C:\windows\twain_32
2015-04-16 19:45:32 ----D---- C:\Users\Marketa\AppData\Roaming\HpUpdate
2015-04-16 14:28:30 ----D---- C:\windows\Microsoft.NET
2015-04-16 05:56:23 ----D---- C:\ProgramData\PDFC
2015-04-15 18:00:05 ----D---- C:\Users\Marketa\AppData\Roaming\Audacity
2015-04-15 07:21:42 ----D---- C:\windows\AppCompat
2015-04-15 07:21:35 ----D---- C:\windows\rescache
2015-04-15 06:42:37 ----RSD---- C:\windows\assembly
2015-04-15 06:34:46 ----D---- C:\windows\winsxs
2015-04-15 06:31:38 ----SD---- C:\windows\system32\CompatTel
2015-04-15 06:31:37 ----D---- C:\windows\system32\appraiser
2015-04-15 06:31:37 ----D---- C:\windows\AppPatch
2015-04-15 06:31:35 ----D---- C:\windows\system32\cs-CZ
2015-04-15 06:31:33 ----D---- C:\windows\system32\en-US
2015-04-15 06:31:32 ----D---- C:\Program Files\Internet Explorer
2015-04-15 06:31:30 ----D---- C:\windows\PolicyDefinitions
2015-04-15 06:10:27 ----D---- C:\ProgramData\Microsoft Help
2015-04-15 06:09:52 ----D---- C:\windows\system32\MRT
2015-04-15 06:01:39 ----A---- C:\windows\system32\MRT.exe
2015-04-15 05:56:46 ----D---- C:\Program Files\Common Files
2015-04-15 05:56:41 ----D---- C:\ProgramData\Skype
2015-04-15 05:27:51 ----D---- C:\windows\system32\catroot2
2015-04-08 18:13:44 ----D---- C:\Program Files\Battle.net
2015-04-08 18:11:10 ----D---- C:\Program Files\Hearthstone
2015-04-08 17:56:53 ----D---- C:\Program Files\Opera
2015-04-08 00:09:04 ----D---- C:\ProgramData
2015-04-05 12:19:22 ----D---- C:\Users\Marketa\AppData\Roaming\BatteryBar
2015-04-05 08:11:25 ----D---- C:\windows\Logs
2015-04-05 06:11:16 ----A---- C:\windows\system32\FlashPlayerApp.exe
2015-03-25 12:24:56 ----D---- C:\windows\system32\wbem
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2015-04-05 49904]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2015-04-05 208024]
R0 fltsrv;Acronis Storage Filter Management; C:\windows\system32\DRIVERS\fltsrv.sys [2013-11-09 86304]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 25656]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2009-08-07 330264]
R0 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 PxHelp20;PxHelp20; C:\windows\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 snapman;Acronis Snapshots Manager; C:\windows\system32\DRIVERS\snapman.sys [2013-11-09 185120]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2012-06-05 436792]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2015-04-05 81728]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2015-04-05 788272]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2015-04-05 427736]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-10-07 232512]
R1 mfetdik;McAfee Inc. mfetdik; C:\windows\system32\drivers\mfetdik.sys [2009-05-16 55336]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswHwid;avast! HardwareID; C:\windows\system32\drivers\aswHwid.sys [2015-04-05 24144]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2015-04-05 73440]
R2 npf;NetGroup Packet Filter Driver; C:\windows\system32\drivers\npf.sys [2010-01-27 50704]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-04-05 220240]
R3 5U876UVC;HP Webcam [2 MP series]; C:\windows\system32\DRIVERS\5U876.sys [2009-06-30 118656]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 35896]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\ADIHdAud.sys [2009-05-18 381440]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\windows\system32\drivers\AtiHdmi.sys [2009-07-24 103440]
R3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2009-08-04 4994048]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 15872]
R3 huawei_enumerator;huawei_enumerator; C:\windows\system32\DRIVERS\ew_jubusenum.sys [2011-07-12 73344]
R3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit; C:\windows\system32\DRIVERS\NETw5s32.sys [2010-01-13 6755840]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2010-06-04 1303728]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2015-04-05 106912]
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2009-07-14 1035776]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2009-07-01 86056]
S3 btwavdt;Bluetooth AVDT; C:\windows\system32\DRIVERS\btwavdt.sys [2009-07-01 108072]
S3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-08 29472]
S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2009-07-01 18344]
S3 catchme;catchme; \??\C:\Users\Marketa\AppData\Local\Temp\catchme.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\windows\system32\DRIVERS\ew_hwusbdev.sys [2011-07-12 102784]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\windows\system32\DRIVERS\ew_usbenumfilter.sys [2011-07-12 11136]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
S3 grmnusb;grmnusb; C:\windows\system32\drivers\grmnusb.sys [2012-04-18 15720]
S3 huawei_cdcacm;huawei_cdcacm; C:\windows\system32\DRIVERS\ew_jucdcacm.sys [2011-07-12 89856]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\windows\system32\DRIVERS\ew_juextctrl.sys [2011-07-12 26624]
S3 huawei_wwanecm;huawei_wwanecm; C:\windows\system32\DRIVERS\ew_juwwanecm.sys [2011-07-12 182272]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\windows\system32\DRIVERS\ewusbmdm.sys [2011-07-12 192768]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480]
S3 NETw1v32;Intel(R) Wireless WiFi Link 1000 Series Adapter Driver for Windows Vista 32 Bit; C:\windows\system32\DRIVERS\NETw1v32.sys [2009-07-21 5958656]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 sisagp;Filtr SIS sběrnice AGP; C:\windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 123648]
S3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\windows\system32\DRIVERS\serscan.sys [2009-07-14 9216]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 30720]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 viaagp;Filtr VIA sběrnice AGP; C:\windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ac.sharedstore;ActivIdentity Shared Store Service; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-03 207400]
R2 ActivityMon2;ActivityMon; C:\Program Files\ActivityMon Software\ActivityMon\svchost.exe [2012-10-18 80568]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AEADIFilters;Andrea ADI Filters Service; C:\windows\system32\AEADISRV.EXE [2008-07-15 90112]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2009-08-04 176128]
R2 ASBroker;Logon Session Broker; C:\windows\System32\svchost.exe [2009-07-14 20992]
R2 ASChannel;Local Communication Channel; C:\windows\System32\svchost.exe [2009-07-14 20992]
R2 ATService;AuthenTec Fingerprint Service; C:\Program Files\Fingerprint Sensor\AtService.exe [2009-07-29 1201400]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-04-05 343336]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-30 582944]
R2 cbVSCService11;Cobian Backup 11 Volume Shadow Copy Requester; C:\Program Files\Cobian Backup 11\cbVSCService11.exe [2012-12-05 67584]
R2 CobianBackup11;Cobian Backup 11 Gravity; C:\Program Files\Cobian Backup 11\cbService.exe [2012-12-05 1131008]
R2 Garmin Core Update Service;Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2014-04-23 436056]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2009-07-10 124928]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\windows\system32\svchost.exe [2009-07-14 20992]
R2 HPSLPSVC;HP Network Devices Support; C:\windows\system32\svchost.exe [2009-07-14 20992]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2011-05-13 26168]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-08-25 354840]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 20992]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2009-06-18 635416]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 20992]
R3 hpqcxs08;hpqcxs08; C:\windows\system32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-20 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-05 268464]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-11 45744]
S3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-04-05 3205216]
S3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-20 107912]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-21 194032]
S3 HP ProtectTools Service;HP ProtectTools Service; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2009-07-30 45056]
S3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2009-05-01 229944]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2015-03-13 102912]
S3 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PasswordBox;PasswordBox; C:\Program Files\PasswordBox\pbbtnService.exe [2013-11-01 67584]
S3 RoxMediaDB10;RoxMediaDB10; c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-06-13 1120752]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 Správce výběru OS;Aktivátor Správce výběru OS Acronis; C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe [2011-12-12 2156952]
S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2009-04-30 74392]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Re: Prosím o kontrolu. Díky
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-04-2015
Ran by Marketa (administrator) on MARKETA-PC on 22-04-2015 07:22:28
Running from C:\Users\Marketa\Desktop
Loaded Profiles: Marketa (Available profiles: Marketa)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\AtService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ActivIdentity) C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acevents.exe
(Roman Svihalek, ActivityMon Software) C:\Program Files\ActivityMon Software\ActivityMon\svchost.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(CobianSoft, Luis Cobian) C:\Program Files\Cobian Backup 11\cbVSCService11.exe
(Luis Cobian, CobianSoft) C:\Program Files\Cobian Backup 11\cbService.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Bioscrypt Inc.) C:\Program Files\Hewlett-Packard\IAM\Bin\asghost.exe
() C:\Program Files\ActivityMon Software\ActivityMon\rundll32.exe
() C:\Program Files\ActivityMon Software\ActivityMon\actSessionUI32.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(MyHeritage) C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Gadwin Systems) C:\Program Files\Gadwin\Gadwin PrintScreenPro\PrintScreenPro32.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Opera Software) C:\Program Files\Opera\28.0.1750.51\opera.exe
(Opera Software) C:\Program Files\Opera\28.0.1750.51\opera.exe
(Opera Software) C:\Program Files\Opera\28.0.1750.51\opera.exe
(Opera Software) C:\Program Files\Opera\28.0.1750.51\opera.exe
(Opera Software) C:\Program Files\Opera\28.0.1750.51\opera.exe
(Opera Software) C:\Program Files\Opera\28.0.1750.51\opera.exe
(Opera Software) C:\Program Files\Opera\28.0.1750.51\opera.exe
(Opera Software) C:\Program Files\Opera\28.0.1750.51\opera.exe
(Opera Software) C:\Program Files\Opera\28.0.1750.51\opera.exe
(Opera Software) C:\Program Files\Opera\28.0.1750.51\opera.exe
(Opera Software) C:\Program Files\Opera\28.0.1750.51\opera.exe
(forum.viry.cz) C:\Users\Marketa\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-08-04] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-04-05] (Avast Software s.r.o.)
HKLM\...\Run: [Family Tree Builder Update] => C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe [2477056 2015-03-02] (MyHeritage)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [296056 2011-11-28] (RealNetworks, Inc.)
HKU\S-1-5-21-730507215-887370363-3937766701-1001\...\Run: [ShowBatteryBar] => C:\Program Files\BatteryBar\ShowBatteryBar.exe [90624 2013-04-11] ()
HKU\S-1-5-21-730507215-887370363-3937766701-1001\...\Run: [Gadwin PrintScreen Pro (32-bit)] => C:\Program Files\Gadwin\Gadwin PrintScreenPro\PrintScreenPro32.exe [13005480 2014-02-04] (Gadwin Systems)
HKU\S-1-5-21-730507215-887370363-3937766701-1001\...\Run: [Google Update] => C:\Users\Marketa\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-07-21] (Google Inc.)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [122200 2014-04-23] (Garmin Ltd or its subsidiaries)
AppInit_DLLs: C:\PROGRA~1\HEWLET~1\IAM\Bin\APSHook.dll => C:\Program Files\Hewlett-Packard\IAM\Bin\APSHook.dll [89872 2009-07-23] (Bioscrypt Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-04-05] (Avast Software s.r.o.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-730507215-887370363-3937766701-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-730507215-887370363-3937766701-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKU\S-1-5-21-730507215-887370363-3937766701-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-730507215-887370363-3937766701-1001 -> DefaultScope {D2CE35F4-86C2-4EFC-9FF5-5D9AC6BCD231} URL = http://search.seznam.cz/?q={searchTerms ... arch_16194
SearchScopes: HKU\S-1-5-21-730507215-887370363-3937766701-1001 -> {D2CE35F4-86C2-4EFC-9FF5-5D9AC6BCD231} URL = http://search.seznam.cz/?q={searchTerms ... arch_16194
SearchScopes: HKU\S-1-5-21-730507215-887370363-3937766701-1001 -> {FD8C38E8-99EA-4C7D-9B2F-C79B7E4AF633} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO: PasswordBox Helper -> {5DB69B97-934B-451D-94DB-32EF802A01CD} -> C:\Program Files\PasswordBox\Application\pbbtn.dll [2014-01-24] (PasswordBox, Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-08-11] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-05] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-08-11] (Oracle Corporation)
BHO: Credential Manager for HP ProtectTools -> {DF21F1DB-80C6-11D3-9483-B03D0EC10000} -> C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll [2009-07-23] (Bioscrypt Inc.)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03] (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://javadl-esd.sun.com/update/1.7.0/ ... s-i586.cab
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 192.168.1.1
Tcpip\..\Interfaces\{080FA4BF-28B2-4E7A-A306-E06364A2E9F9}: [NameServer] 217.77.165.81 217.77.161.131
Tcpip\..\Interfaces\{58A95CB5-18F8-4B18-929F-C7A966324B11}: [NameServer] 217.77.165.81 217.77.161.131
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll [2014-07-09] ()
FF Plugin: @real.com/nppl3260;version=15.0.0.198 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2011-11-28] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.0.198 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll [2011-11-28] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.0.198 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2011-11-28] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.0.198 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2011-11-28] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=15.0.0.198 -> c:\program files\real\realplayer\Netscape6\nprpjplug.dll [2011-11-28] (RealNetworks, Inc.)
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2014-11-06] (RocketLife, LLP)
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.19 -> C:\Program Files\Veetle\plugins\npVeetle.dll [2012-01-14] (Veetle Inc)
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files\Veetle\Player\npvlc.dll [2012-01-14] (Veetle Inc)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-11-16] (VideoLAN)
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-04-03]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: No Name - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-09-14]
FF HKU\S-1-5-21-730507215-887370363-3937766701-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR Profile: C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Wallet) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-05]
Opera:
=======
OPR Extension: (YouTube Downloader) - C:\Users\Marketa\AppData\Roaming\Opera Software\Opera Stable\Extensions\kclijeogghhkmenkommbnjobhnndpfba [2014-11-21]
OPR Extension: (FastestTube - YouTube Video Downloader) - C:\Users\Marketa\AppData\Roaming\Opera Software\Opera Stable\Extensions\phahnhbgfdhgobenebnjbgmacgpbfaag [2014-11-21]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ac.sharedstore; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [207400 2009-06-03] (ActivIdentity)
R2 ActivityMon2; C:\Program Files\ActivityMon Software\ActivityMon\svchost.exe [80568 2012-10-18] (Roman Svihalek, ActivityMon Software)
R2 ASBroker; C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll [192784 2009-07-23] (Bioscrypt Inc.)
R2 ASChannel; C:\Program Files\Hewlett-Packard\IAM\Bin\AsChnl.dll [150288 2009-07-23] (Bioscrypt Inc.)
R2 ATService; C:\Program Files\Fingerprint Sensor\AtService.exe [1201400 2009-07-29] (AuthenTec, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-05] (Avast Software s.r.o.)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3205216 2015-04-05] (Avast Software)
R2 cbVSCService11; C:\Program Files\Cobian Backup 11\cbVSCService11.exe [67584 2012-12-05] (CobianSoft, Luis Cobian) [File not signed]
R2 CobianBackup11; C:\Program Files\Cobian Backup 11\cbService.exe [1131008 2012-12-05] (Luis Cobian, CobianSoft) [File not signed]
R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [436056 2014-04-23] (Garmin Ltd or its subsidiaries)
R2 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [124928 2009-07-10] (Hewlett-Packard) [File not signed]
S3 HP ProtectTools Service; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [45056 2009-07-30] (Hewlett-Packard Development Company, L.P) [File not signed]
S3 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]
R2 Net Driver HPZ12; C:\windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
S3 PasswordBox; C:\Program Files\PasswordBox\pbbtnService.exe [67584 2013-11-01] (PasswordBox, Inc.) [File not signed]
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [635416 2009-06-18] (PDF Complete Inc)
R2 Pml Driver HPZ12; C:\windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
S3 Správce výběru OS; C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe [2156952 2011-12-12] ()
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S2 yksvc; C:\windows\System32\yk62x86.dll [364544 2009-09-28] (Marvell)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 5U876UVC; C:\windows\System32\DRIVERS\5U876.sys [118656 2009-06-30] (Ricoh co.,Ltd.)
R2 aswHwid; C:\windows\system32\drivers\aswHwid.sys [24144 2015-04-05] ()
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [73440 2015-04-05] (Avast Software s.r.o.)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [81728 2015-04-05] (Avast Software s.r.o.)
R0 aswRvrt; C:\windows\system32\Drivers\aswRvrt.sys [49904 2015-04-05] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [788272 2015-04-05] (Avast Software s.r.o.)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [427736 2015-04-05] (Avast Software s.r.o.)
S2 aswStm; C:\windows\system32\drivers\aswStm.sys [106912 2015-04-05] (Avast Software s.r.o.)
R0 aswVmm; C:\windows\system32\Drivers\aswVmm.sys [208024 2015-04-05] ()
R1 dtsoftbus01; C:\windows\System32\DRIVERS\dtsoftbus01.sys [232512 2011-10-07] (DT Soft Ltd)
S3 FsUsbExDisk; C:\windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] () [File not signed]
S3 grmnusb; C:\windows\System32\drivers\grmnusb.sys [15720 2012-04-18] (GARMIN Corp.)
S3 huawei_cdcacm; C:\windows\System32\DRIVERS\ew_jucdcacm.sys [89856 2011-07-12] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\windows\System32\DRIVERS\ew_juextctrl.sys [26624 2011-07-12] (Huawei Technologies Co., Ltd.)
S3 huawei_wwanecm; C:\windows\System32\DRIVERS\ew_juwwanecm.sys [182272 2011-07-12] (Huawei Technologies Co., Ltd.)
R1 mfetdik; C:\windows\System32\drivers\mfetdik.sys [55336 2009-05-16] (McAfee, Inc.)
S3 NETw1v32; C:\windows\System32\DRIVERS\NETw1v32.sys [5958656 2009-07-21] (Intel Corporation)
R2 npf; C:\windows\System32\drivers\npf.sys [50704 2010-01-27] (CACE Technologies, Inc.)
R0 sptd; C:\windows\System32\Drivers\sptd.sys [436792 2012-06-05] () [File not signed]
S3 ss_bbus; C:\windows\System32\DRIVERS\ss_bbus.sys [98432 2010-04-27] (MCCI)
S3 ss_bmdfl; C:\windows\System32\DRIVERS\ss_bmdfl.sys [14848 2010-04-27] (MCCI Corporation)
S3 ss_bmdm; C:\windows\System32\DRIVERS\ss_bmdm.sys [123648 2010-04-27] (MCCI Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220240 2015-04-05] (Avast Software)
R3 yukonw7; C:\windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
U5 AppMgmt; C:\windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Marketa\AppData\Local\Temp\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-22 07:22 - 2015-04-22 07:22 - 00018241 _____ () C:\Users\Marketa\Desktop\FRST.txt
2015-04-22 07:14 - 2015-04-22 07:14 - 00000000 ____D () C:\rsit
2015-04-22 07:13 - 2015-04-22 07:13 - 01139200 _____ (Farbar) C:\Users\Marketa\Desktop\FRST.exe
2015-04-22 07:13 - 2015-04-22 07:13 - 01107968 _____ () C:\Users\Marketa\Desktop\RSIT.exe
2015-04-22 07:13 - 2015-04-22 07:13 - 00112640 _____ (forum.viry.cz) C:\Users\Marketa\Desktop\FRSTLauncher.exe
2015-04-22 05:49 - 2015-04-22 07:03 - 00001590 _____ () C:\windows\PFRO.log
2015-04-21 23:22 - 2015-04-21 23:22 - 26746441 _____ () C:\Users\Marketa\Downloads\HELLOWEEN _ Battle's Won (OFFICIAL TRACK AND LYRIC VIDEO).mp4
2015-04-21 23:22 - 2015-04-21 23:22 - 17699085 _____ () C:\Users\Marketa\Downloads\BEHEMOTH - Messe Noir (OFFICIAL VIDEO).mp4
2015-04-21 23:21 - 2015-04-21 23:22 - 12628751 _____ () C:\Users\Marketa\Downloads\SLAYER _ When The Stillness Comes (OFFICIAL TRACK).mp4
2015-04-21 23:21 - 2015-04-21 23:22 - 08502565 _____ () C:\Users\Marketa\Downloads\AGNOSTIC FRONT - The American Dream Died (OFFICIAL VIDEO).mp4
2015-04-21 23:21 - 2015-04-21 23:21 - 11999659 _____ () C:\Users\Marketa\Downloads\AGNOSTIC FRONT - 'A Wise Man' featuring Matt Henderson (OFFICIAL VIDEO).mp4
2015-04-21 23:20 - 2015-04-21 23:20 - 17169901 _____ () C:\Users\Marketa\Downloads\UNLEASHED - Defenders Of Midgard (OFFICIAL LYRIC VIDEO).mp4
2015-04-21 22:56 - 2015-04-21 23:14 - 00128000 _____ () C:\Users\Marketa\Documents\Nase_finance.rqm.01
2015-04-21 22:56 - 2015-04-21 22:29 - 00128000 _____ () C:\Users\Marketa\Documents\Nase_finance.rqm.02
2015-04-20 09:28 - 2015-04-22 07:03 - 00002756 _____ () C:\windows\setupact.log
2015-04-20 09:28 - 2015-04-20 09:28 - 00000000 _____ () C:\windows\setuperr.log
2015-04-20 08:06 - 2015-04-20 08:06 - 00002161 _____ () C:\Users\Default\Desktop\Google Chrome.lnk
2015-04-20 08:06 - 2015-04-20 08:06 - 00002161 _____ () C:\Users\Default User\Desktop\Google Chrome.lnk
2015-04-20 08:05 - 2015-04-21 06:54 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\Seznam.cz
2015-04-20 08:05 - 2015-04-21 06:54 - 00000000 ____D () C:\Program Files\Seznam.cz
2015-04-20 08:03 - 2015-04-20 08:03 - 00048110 _____ () C:\Users\Marketa\Downloads\Game.of.Thrones.S05E01.720p.HDTV.x264-IMMERSE.srt
2015-04-20 08:02 - 2015-04-20 08:58 - 00000000 ____D () C:\Users\Marketa\Downloads\Game.of.Thrones.S05E02.INTERNAL.720p.HDTV.x264-KILLERS[rarbg]
2015-04-20 08:01 - 2015-04-20 08:01 - 00050042 _____ () C:\Users\Marketa\Downloads\Game.of.Thrones.S05E02.INTERNAL.720p.HDTV.x264-KILLERS.srt
2015-04-19 18:17 - 2015-04-20 13:12 - 00000000 ____D () C:\Users\Marketa\Desktop\Adršpach 17.-19.4.2015
2015-04-16 15:43 - 2015-04-16 15:44 - 00000000 ____D () C:\Users\Marketa\Desktop\nove foto
2015-04-16 13:10 - 2015-04-21 23:14 - 00000000 ____D () C:\Users\Marketa\Desktop\RQMONEY
2015-04-15 16:12 - 2015-04-15 16:12 - 00000000 ____D () C:\Users\Marketa\Downloads\Resonance - Dunumba Negro Spirituals & African Rhythms
2015-04-15 12:34 - 2015-04-16 06:09 - 00000000 ____D () C:\Users\Marketa\Desktop\Poznávání nástrojů
2015-04-15 05:56 - 2015-04-15 05:56 - 00000000 ___RD () C:\Program Files\Skype
2015-04-15 05:56 - 2015-04-15 05:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-04-15 05:56 - 2015-04-15 05:56 - 00000000 ____D () C:\Program Files\Common Files\Skype
2015-04-15 05:49 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-04-15 05:49 - 2015-03-23 05:06 - 00860160 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-04-15 05:49 - 2015-03-23 05:06 - 00630784 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-04-15 05:49 - 2015-03-23 05:06 - 00576000 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-04-15 05:49 - 2015-03-23 05:06 - 00331264 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-04-15 05:49 - 2015-03-23 05:06 - 00202752 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-04-15 05:49 - 2015-03-23 05:06 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-04-15 05:49 - 2015-03-23 05:06 - 00026112 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-04-15 05:49 - 2015-03-23 04:59 - 00896000 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-04-15 05:49 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2015-04-15 05:49 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-04-15 05:49 - 2015-03-17 07:01 - 00137656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-04-15 05:49 - 2015-03-17 07:01 - 00067512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-04-15 05:49 - 2015-03-17 06:59 - 01306112 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-04-15 05:49 - 2015-03-17 06:57 - 01061376 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-04-15 05:49 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-04-15 05:49 - 2015-03-17 06:57 - 00400896 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-04-15 05:49 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-04-15 05:49 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-04-15 05:49 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-04-15 05:49 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-04-15 05:49 - 2015-03-17 06:57 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-04-15 05:49 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-04-15 05:49 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-04-15 05:49 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-04-15 05:49 - 2015-03-17 06:57 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-04-15 05:49 - 2015-03-17 06:56 - 00262656 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-04-15 05:49 - 2015-03-17 06:56 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-04-15 05:49 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-04-15 05:49 - 2015-03-17 06:56 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-04-15 05:49 - 2015-03-17 06:56 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-04-15 05:49 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-04-15 05:49 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-04-15 05:49 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-04-15 05:49 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-04-15 05:49 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-04-15 05:49 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-04-15 05:49 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-04-15 05:49 - 2015-03-13 05:42 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-04-15 05:49 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-04-15 05:49 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-04-15 05:49 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-04-15 05:49 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-04-15 05:49 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-04-15 05:49 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-04-15 05:49 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-04-15 05:49 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-04-15 05:49 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-04-15 05:49 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-04-15 05:49 - 2015-03-13 05:16 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-04-15 05:49 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-04-15 05:49 - 2015-03-13 05:09 - 00667648 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-04-15 05:49 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-04-15 05:49 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 05:49 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-04-15 05:49 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-04-15 05:49 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-04-15 05:49 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-04-15 05:49 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-04-15 05:49 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-04-15 05:49 - 2015-03-13 04:43 - 00685568 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-04-15 05:49 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-04-15 05:49 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-04-15 05:49 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-04-15 05:49 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-04-15 05:49 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-04-15 05:49 - 2015-03-04 06:16 - 00249784 _____ (Microsoft Corporation) C:\windows\system32\clfs.sys
2015-04-15 05:49 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\windows\system32\clfsw32.dll
2015-04-15 05:48 - 2015-03-05 06:06 - 00305152 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-04-15 05:43 - 2015-03-25 05:00 - 03088384 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-04-15 05:43 - 2015-03-25 05:00 - 02020864 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-04-15 05:43 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-04-15 05:43 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-04-15 05:43 - 2015-03-25 05:00 - 00131584 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-04-15 05:43 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-04-15 05:43 - 2015-03-25 05:00 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-04-15 05:43 - 2015-03-25 05:00 - 00035328 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-04-15 05:43 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-04-15 05:43 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-04-15 05:43 - 2015-03-25 05:00 - 00011776 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-04-15 05:43 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-04-15 05:43 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2015-04-15 05:43 - 2015-02-25 05:03 - 00514560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2015-04-14 12:16 - 2015-04-15 15:14 - 00000000 ____D () C:\Users\Marketa\Desktop\Hudební nástroje
2015-04-14 05:14 - 2015-04-14 05:23 - 66195381 _____ () C:\Users\Marketa\Desktop\zasilka-EL5UT9G2ID2T854V.zip
2015-04-13 12:56 - 2015-04-13 13:02 - 00000000 ____D () C:\Users\Marketa\Downloads\Game.of.Thrones.S05E01.720p.HDTV.x264-IMMERSE[rarbg]
2015-04-08 00:09 - 2015-04-08 00:10 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\MyHeritage
2015-04-08 00:09 - 2015-04-08 00:10 - 00000000 ____D () C:\ProgramData\MyHeritage
2015-04-08 00:09 - 2015-04-08 00:09 - 00000000 ____D () C:\Users\Marketa\Documents\MyHeritage
2015-04-08 00:08 - 2015-04-08 00:08 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\The Complete Genealogy Reporter - FTB
2015-04-08 00:08 - 2015-04-08 00:08 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyHeritage.com
2015-04-08 00:08 - 2015-04-08 00:08 - 00000000 ____D () C:\Program Files\MyHeritage
2015-04-08 00:08 - 2012-08-02 08:56 - 00606208 _____ (Lorenzi Davide) C:\windows\system32\HexUniRTFBox.ocx
2015-04-08 00:08 - 2010-06-17 19:49 - 02029056 _____ (Bytescout) C:\windows\system32\PDFDocScout.DLL
2015-04-08 00:08 - 2004-12-07 11:11 - 00258352 _____ (Microsoft Corporation) C:\windows\system32\unicows.dll
2015-04-08 00:08 - 2003-07-06 14:07 - 00372736 _____ (Intel Corporation) C:\windows\system32\ijl15.dll
2015-04-08 00:08 - 2002-03-07 01:19 - 00454656 _____ () C:\windows\system32\PaintX.dll
2015-04-08 00:08 - 1998-06-24 01:00 - 00137000 _____ (Microsoft Corporation) C:\windows\system32\msmapi32.ocx
2015-04-05 08:11 - 2015-04-05 08:11 - 00000000 ___SD () C:\windows\system32\GWX
2015-04-05 06:15 - 2015-04-05 06:14 - 00291312 _____ (Avast Software s.r.o.) C:\windows\system32\aswBoot.exe
2015-04-05 06:14 - 2015-04-05 06:14 - 00043112 _____ (Avast Software s.r.o.) C:\windows\avastSS.scr
2015-03-31 03:46 - 2015-03-31 03:50 - 00000000 ____D () C:\Users\Marketa\Downloads\MTP S02
2015-03-31 03:44 - 2015-03-31 03:46 - 00000000 ____D () C:\Users\Marketa\Downloads\MTP S01
2015-03-30 21:25 - 2015-03-30 23:36 - 00000000 ____D () C:\Users\Marketa\Downloads\FARGO Season 1 COMPLETE 720p
2015-03-30 21:23 - 2015-03-31 01:34 - 545263066 _____ () C:\Users\Marketa\Downloads\Fargo.1996.720p.BluRay.x264-SiNNERS.mkv
2015-03-30 21:17 - 2015-04-21 23:09 - 00000000 ____D () C:\Users\Marketa\Downloads\TRUE DETECTIVE S01
2015-03-30 14:11 - 2015-03-30 23:19 - 1644912472 _____ () C:\Users\Marketa\Downloads\Seventh.Son.2015.HDRip.XViD+CZ-tit.Super-Fantasy.avi
2015-03-28 18:00 - 2015-03-28 18:00 - 00000000 ____D () C:\Users\Marketa\Downloads\Andrzej Sapkowski-Zaklinac I.Posledni prani (CZ)(2013)
2015-03-24 09:21 - 2015-03-24 10:32 - 00000000 ____D () C:\Users\Marketa\Downloads\PORCUPINE TREE
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-22 07:23 - 2013-01-28 23:49 - 00000000 ____D () C:\ProgramData\ActivityMon
2015-04-22 07:22 - 2014-11-26 23:04 - 00000000 ____D () C:\FRST
2015-04-22 07:14 - 2011-10-19 12:23 - 00000000 ____D () C:\Program Files\trend micro
2015-04-22 07:13 - 2009-07-14 06:34 - 00022688 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-22 07:13 - 2009-07-14 06:34 - 00022688 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-22 07:11 - 2013-07-26 21:31 - 01759166 _____ () C:\windows\WindowsUpdate.log
2015-04-22 07:11 - 2009-09-20 09:17 - 00006432 _____ () C:\windows\system32\PerfStringBackup.INI
2015-04-22 07:03 - 2015-02-05 19:35 - 00000936 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-22 07:03 - 2009-07-14 06:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-04-22 05:51 - 2015-02-06 14:45 - 00000970 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001UA.job
2015-04-22 05:49 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\Cursors
2015-04-21 23:23 - 2011-09-14 11:39 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\uTorrent
2015-04-21 23:13 - 2011-09-22 20:43 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\Winamp
2015-04-21 22:40 - 2015-02-05 19:35 - 00000940 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-21 22:30 - 2014-12-13 09:10 - 00000342 _____ () C:\windows\Tasks\HP Photo Creations Communicator.job
2015-04-21 19:41 - 2013-05-06 21:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-04-21 13:50 - 2015-02-06 14:45 - 00000918 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001Core.job
2015-04-21 08:18 - 2014-06-30 11:21 - 00114904 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-20 20:33 - 2014-08-11 12:01 - 00000000 ____D () C:\Users\Marketa\Desktop\MŠ Rybička
2015-04-20 12:27 - 2014-11-26 23:22 - 00000000 ____D () C:\AdwCleaner
2015-04-20 12:14 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\config\Journal
2015-04-20 12:11 - 2009-09-20 09:08 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2015-04-20 09:16 - 2012-04-09 17:13 - 13531648 ___SH () C:\Users\Marketa\Desktop\Thumbs.db
2015-04-20 09:07 - 2011-09-14 11:35 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\Media Player Classic
2015-04-20 08:48 - 2012-03-17 08:21 - 00000000 ____D () C:\windows\Minidump
2015-04-20 06:49 - 2009-07-14 04:04 - 00000513 _____ () C:\windows\win.ini
2015-04-20 06:47 - 2011-09-12 16:50 - 00000000 ____D () C:\Users\Marketa\AppData\Local\PDFC
2015-04-20 06:47 - 2009-07-14 06:52 - 00000000 ____D () C:\windows\twain_32
2015-04-16 19:47 - 2011-09-15 20:00 - 00000052 _____ () C:\windows\system32\DOErrors.log
2015-04-16 19:45 - 2011-09-20 13:54 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\HpUpdate
2015-04-16 18:44 - 2013-11-13 11:48 - 00000000 ____D () C:\Users\Marketa\Desktop\Tea foto
2015-04-16 14:28 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\Microsoft.NET
2015-04-16 05:56 - 2009-09-20 09:18 - 00000000 ____D () C:\ProgramData\PDFC
2015-04-15 18:00 - 2012-03-08 19:05 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\Audacity
2015-04-15 07:21 - 2013-09-13 19:59 - 00000000 ____D () C:\windows\rescache
2015-04-15 07:21 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\AppCompat
2015-04-15 06:31 - 2014-12-11 07:25 - 00000000 ____D () C:\windows\system32\appraiser
2015-04-15 06:31 - 2014-05-07 06:16 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-04-15 06:10 - 2009-09-20 09:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-15 06:09 - 2013-08-05 09:25 - 00000000 ____D () C:\windows\system32\MRT
2015-04-15 06:01 - 2011-09-16 06:32 - 125832184 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-04-15 05:56 - 2011-09-12 16:37 - 00000000 ____D () C:\ProgramData\Skype
2015-04-12 07:46 - 2013-12-14 11:03 - 00000000 ____D () C:\Users\Marketa\Desktop\Foto rodina
2015-04-12 07:38 - 2013-07-21 12:34 - 00000000 ____D () C:\Users\Marketa\Desktop\Foto vyvolat
2015-04-08 18:53 - 2014-06-25 05:28 - 00000000 ____D () C:\Users\Marketa\AppData\Local\Battle.net
2015-04-08 18:13 - 2014-06-25 05:28 - 00000000 ____D () C:\Program Files\Battle.net
2015-04-08 18:11 - 2014-06-25 05:29 - 00000000 ____D () C:\Program Files\Hearthstone
2015-04-08 17:56 - 2014-05-11 10:52 - 00000000 ____D () C:\Program Files\Opera
2015-04-05 12:49 - 2011-09-20 13:04 - 00000000 ____D () C:\Users\Marketa\Desktop\Noty
2015-04-05 12:19 - 2011-09-23 17:30 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\BatteryBar
2015-04-05 07:13 - 2013-12-30 17:32 - 00000746 _____ () C:\Users\Marketa\Desktop\The Brunette Juice Zdravý fingerfood )).website
2015-04-05 06:45 - 2014-05-06 05:00 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-04-05 06:16 - 2011-09-14 19:14 - 00000000 ____D () C:\Users\Marketa\AppData\Local\Adobe
2015-04-05 06:15 - 2014-04-25 20:17 - 00024144 _____ () C:\windows\system32\Drivers\aswHwid.sys
2015-04-05 06:15 - 2013-12-26 16:31 - 00106912 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswStm.sys
2015-04-05 06:15 - 2013-03-02 00:39 - 00208024 _____ () C:\windows\system32\Drivers\aswVmm.sys
2015-04-05 06:15 - 2013-03-02 00:39 - 00049904 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2015-04-05 06:15 - 2012-02-25 23:34 - 00081728 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswRdr2.sys
2015-04-05 06:15 - 2011-09-14 11:28 - 00427736 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswSP.sys
2015-04-05 06:15 - 2011-09-14 11:28 - 00073440 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswMonFlt.sys
2015-04-05 06:14 - 2011-09-14 11:28 - 00788272 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswSnx.sys
2015-04-05 06:11 - 2012-04-02 05:04 - 00778928 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2015-04-05 06:11 - 2011-09-26 20:32 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2015-03-29 09:25 - 2009-07-14 06:53 - 00032580 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2015-03-28 22:30 - 2013-12-18 08:54 - 00000000 ____D () C:\Users\Marketa\Desktop\Montessori pomůcky
2015-03-28 08:24 - 2011-10-15 22:13 - 00000000 ____D () C:\Users\Marketa\Desktop\Sokol
2015-03-28 08:22 - 2015-02-15 19:58 - 00000000 ____D () C:\Users\Marketa\Desktop\Mentoring
==================== Files in the root of some directories =======
2007-02-16 15:17 - 2007-02-16 15:17 - 3792183 ____N (Cambridge University Press) C:\Program Files\face2face.exe
2006-01-26 18:48 - 2006-01-26 18:48 - 2673430 ____N () C:\Program Files\Resources.swf
2011-10-07 19:16 - 2010-01-26 11:11 - 0444283 ____N () C:\Program Files\Common Files\WinPcapNmap.exe
2012-01-15 13:56 - 2013-12-06 09:56 - 0000132 _____ () C:\Users\Marketa\AppData\Roaming\Adobe Formát BMP CS5 – předvolby
2013-10-27 10:10 - 2013-10-27 10:10 - 0000132 _____ () C:\Users\Marketa\AppData\Roaming\Filtr IIIExport Adobe CS5 – předvolby
2011-09-12 16:50 - 2011-09-12 16:50 - 0000000 _____ () C:\Users\Marketa\AppData\Local\AtStart.txt
2013-11-06 00:47 - 2014-11-12 16:31 - 0000058 _____ () C:\Users\Marketa\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2011-09-12 16:50 - 2011-09-12 16:50 - 0000000 _____ () C:\Users\Marketa\AppData\Local\DSwitch.txt
2011-09-12 16:50 - 2011-09-12 16:50 - 0000000 _____ () C:\Users\Marketa\AppData\Local\QSwitch.txt
2012-11-10 07:12 - 2012-11-10 07:12 - 0005124 _____ () C:\ProgramData\content.ie5
2011-07-12 14:02 - 2011-07-12 14:02 - 0232496 ____R () C:\ProgramData\DeviceManager.xml.rc4
2011-11-19 20:32 - 2011-11-19 20:32 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2009-09-20 09:39 - 2009-09-20 09:39 - 0000191 _____ () C:\ProgramData\HPWALog.txt
2011-09-20 13:46 - 2012-04-09 18:16 - 0017331 _____ () C:\ProgramData\hpzinstall.log
Some content of TEMP:
====================
C:\Users\Marketa\AppData\Local\Temp\ecacabfbdfbj.exe
C:\Users\Marketa\AppData\Local\Temp\game.of.thrones.s05e01.720p.hdtv.x264.immerse__10924_i1501510443_il18508.exe
C:\Users\Marketa\AppData\Local\Temp\Quarantine.exe
C:\Users\Marketa\AppData\Local\Temp\sqlite3.dll
C:\Users\Marketa\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001Core.job => C:\Users\Marketa\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001UA.job => C:\Users\Marketa\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Marketa\Desktop" je 68514 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\accrdsub
"C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\acevents
"C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\actSessionUI32.exe
"C:\Program Files\ActivityMon Software\ActivityMon\actSessionUI32.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ANT Agent
c:\program files\garmin\ant agent\ant agent.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cobian Backup 11 interface
"C:\Program Files\Cobian Backup 11\cbInterface.exe" -service [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CognizanceTS
rundll32.exe C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarminExpressTrayApp
"C:\Program Files\Garmin\Express Tray\ExpressTray.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPADVISOR
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileBroadband
C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NCPluginUpdater
"C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PTHOSTTR
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files\QuickTime\QTTask.exe" -atboottime [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX
C:\Program Files\Analog Devices\SoundMAX\soundmax.exe /tray [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP
C:\Program Files\Analog Devices\Core\smax4pnp.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh
%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vidalia
"C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WirelessAssistant
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk
C:\PROGRA~1\WinZip\WZQKPICK.EXE [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Marketa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk
C:\Users\Marketa\AppData\Roaming\Dropbox\bin\Dropbox.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Marketa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^V��ezy obrazovky a spu�t�n� aplikace OneNote 2010.lnk
C:\PROGRA~1\MICROS~2\Office14\ONENOTEM.EXE
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000001
==================== End Of Log ==============================
Ran by Marketa (administrator) on MARKETA-PC on 22-04-2015 07:22:28
Running from C:\Users\Marketa\Desktop
Loaded Profiles: Marketa (Available profiles: Marketa)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\AtService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ActivIdentity) C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acevents.exe
(Roman Svihalek, ActivityMon Software) C:\Program Files\ActivityMon Software\ActivityMon\svchost.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(CobianSoft, Luis Cobian) C:\Program Files\Cobian Backup 11\cbVSCService11.exe
(Luis Cobian, CobianSoft) C:\Program Files\Cobian Backup 11\cbService.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Bioscrypt Inc.) C:\Program Files\Hewlett-Packard\IAM\Bin\asghost.exe
() C:\Program Files\ActivityMon Software\ActivityMon\rundll32.exe
() C:\Program Files\ActivityMon Software\ActivityMon\actSessionUI32.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(MyHeritage) C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Gadwin Systems) C:\Program Files\Gadwin\Gadwin PrintScreenPro\PrintScreenPro32.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Opera Software) C:\Program Files\Opera\28.0.1750.51\opera.exe
(Opera Software) C:\Program Files\Opera\28.0.1750.51\opera.exe
(Opera Software) C:\Program Files\Opera\28.0.1750.51\opera.exe
(Opera Software) C:\Program Files\Opera\28.0.1750.51\opera.exe
(Opera Software) C:\Program Files\Opera\28.0.1750.51\opera.exe
(Opera Software) C:\Program Files\Opera\28.0.1750.51\opera.exe
(Opera Software) C:\Program Files\Opera\28.0.1750.51\opera.exe
(Opera Software) C:\Program Files\Opera\28.0.1750.51\opera.exe
(Opera Software) C:\Program Files\Opera\28.0.1750.51\opera.exe
(Opera Software) C:\Program Files\Opera\28.0.1750.51\opera.exe
(Opera Software) C:\Program Files\Opera\28.0.1750.51\opera.exe
(forum.viry.cz) C:\Users\Marketa\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-08-04] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-04-05] (Avast Software s.r.o.)
HKLM\...\Run: [Family Tree Builder Update] => C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe [2477056 2015-03-02] (MyHeritage)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [296056 2011-11-28] (RealNetworks, Inc.)
HKU\S-1-5-21-730507215-887370363-3937766701-1001\...\Run: [ShowBatteryBar] => C:\Program Files\BatteryBar\ShowBatteryBar.exe [90624 2013-04-11] ()
HKU\S-1-5-21-730507215-887370363-3937766701-1001\...\Run: [Gadwin PrintScreen Pro (32-bit)] => C:\Program Files\Gadwin\Gadwin PrintScreenPro\PrintScreenPro32.exe [13005480 2014-02-04] (Gadwin Systems)
HKU\S-1-5-21-730507215-887370363-3937766701-1001\...\Run: [Google Update] => C:\Users\Marketa\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-07-21] (Google Inc.)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [122200 2014-04-23] (Garmin Ltd or its subsidiaries)
AppInit_DLLs: C:\PROGRA~1\HEWLET~1\IAM\Bin\APSHook.dll => C:\Program Files\Hewlett-Packard\IAM\Bin\APSHook.dll [89872 2009-07-23] (Bioscrypt Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-04-05] (Avast Software s.r.o.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-730507215-887370363-3937766701-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-730507215-887370363-3937766701-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKU\S-1-5-21-730507215-887370363-3937766701-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-730507215-887370363-3937766701-1001 -> DefaultScope {D2CE35F4-86C2-4EFC-9FF5-5D9AC6BCD231} URL = http://search.seznam.cz/?q={searchTerms ... arch_16194
SearchScopes: HKU\S-1-5-21-730507215-887370363-3937766701-1001 -> {D2CE35F4-86C2-4EFC-9FF5-5D9AC6BCD231} URL = http://search.seznam.cz/?q={searchTerms ... arch_16194
SearchScopes: HKU\S-1-5-21-730507215-887370363-3937766701-1001 -> {FD8C38E8-99EA-4C7D-9B2F-C79B7E4AF633} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO: PasswordBox Helper -> {5DB69B97-934B-451D-94DB-32EF802A01CD} -> C:\Program Files\PasswordBox\Application\pbbtn.dll [2014-01-24] (PasswordBox, Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-08-11] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-05] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-08-11] (Oracle Corporation)
BHO: Credential Manager for HP ProtectTools -> {DF21F1DB-80C6-11D3-9483-B03D0EC10000} -> C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll [2009-07-23] (Bioscrypt Inc.)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03] (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://javadl-esd.sun.com/update/1.7.0/ ... s-i586.cab
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 192.168.1.1
Tcpip\..\Interfaces\{080FA4BF-28B2-4E7A-A306-E06364A2E9F9}: [NameServer] 217.77.165.81 217.77.161.131
Tcpip\..\Interfaces\{58A95CB5-18F8-4B18-929F-C7A966324B11}: [NameServer] 217.77.165.81 217.77.161.131
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll [2014-07-09] ()
FF Plugin: @real.com/nppl3260;version=15.0.0.198 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2011-11-28] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.0.198 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll [2011-11-28] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.0.198 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2011-11-28] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.0.198 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2011-11-28] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=15.0.0.198 -> c:\program files\real\realplayer\Netscape6\nprpjplug.dll [2011-11-28] (RealNetworks, Inc.)
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2014-11-06] (RocketLife, LLP)
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.19 -> C:\Program Files\Veetle\plugins\npVeetle.dll [2012-01-14] (Veetle Inc)
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files\Veetle\Player\npvlc.dll [2012-01-14] (Veetle Inc)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-11-16] (VideoLAN)
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-04-03]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: No Name - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-09-14]
FF HKU\S-1-5-21-730507215-887370363-3937766701-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR Profile: C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Wallet) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-05]
Opera:
=======
OPR Extension: (YouTube Downloader) - C:\Users\Marketa\AppData\Roaming\Opera Software\Opera Stable\Extensions\kclijeogghhkmenkommbnjobhnndpfba [2014-11-21]
OPR Extension: (FastestTube - YouTube Video Downloader) - C:\Users\Marketa\AppData\Roaming\Opera Software\Opera Stable\Extensions\phahnhbgfdhgobenebnjbgmacgpbfaag [2014-11-21]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ac.sharedstore; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [207400 2009-06-03] (ActivIdentity)
R2 ActivityMon2; C:\Program Files\ActivityMon Software\ActivityMon\svchost.exe [80568 2012-10-18] (Roman Svihalek, ActivityMon Software)
R2 ASBroker; C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll [192784 2009-07-23] (Bioscrypt Inc.)
R2 ASChannel; C:\Program Files\Hewlett-Packard\IAM\Bin\AsChnl.dll [150288 2009-07-23] (Bioscrypt Inc.)
R2 ATService; C:\Program Files\Fingerprint Sensor\AtService.exe [1201400 2009-07-29] (AuthenTec, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-05] (Avast Software s.r.o.)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3205216 2015-04-05] (Avast Software)
R2 cbVSCService11; C:\Program Files\Cobian Backup 11\cbVSCService11.exe [67584 2012-12-05] (CobianSoft, Luis Cobian) [File not signed]
R2 CobianBackup11; C:\Program Files\Cobian Backup 11\cbService.exe [1131008 2012-12-05] (Luis Cobian, CobianSoft) [File not signed]
R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [436056 2014-04-23] (Garmin Ltd or its subsidiaries)
R2 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [124928 2009-07-10] (Hewlett-Packard) [File not signed]
S3 HP ProtectTools Service; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [45056 2009-07-30] (Hewlett-Packard Development Company, L.P) [File not signed]
S3 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]
R2 Net Driver HPZ12; C:\windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
S3 PasswordBox; C:\Program Files\PasswordBox\pbbtnService.exe [67584 2013-11-01] (PasswordBox, Inc.) [File not signed]
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [635416 2009-06-18] (PDF Complete Inc)
R2 Pml Driver HPZ12; C:\windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
S3 Správce výběru OS; C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe [2156952 2011-12-12] ()
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S2 yksvc; C:\windows\System32\yk62x86.dll [364544 2009-09-28] (Marvell)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 5U876UVC; C:\windows\System32\DRIVERS\5U876.sys [118656 2009-06-30] (Ricoh co.,Ltd.)
R2 aswHwid; C:\windows\system32\drivers\aswHwid.sys [24144 2015-04-05] ()
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [73440 2015-04-05] (Avast Software s.r.o.)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [81728 2015-04-05] (Avast Software s.r.o.)
R0 aswRvrt; C:\windows\system32\Drivers\aswRvrt.sys [49904 2015-04-05] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [788272 2015-04-05] (Avast Software s.r.o.)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [427736 2015-04-05] (Avast Software s.r.o.)
S2 aswStm; C:\windows\system32\drivers\aswStm.sys [106912 2015-04-05] (Avast Software s.r.o.)
R0 aswVmm; C:\windows\system32\Drivers\aswVmm.sys [208024 2015-04-05] ()
R1 dtsoftbus01; C:\windows\System32\DRIVERS\dtsoftbus01.sys [232512 2011-10-07] (DT Soft Ltd)
S3 FsUsbExDisk; C:\windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] () [File not signed]
S3 grmnusb; C:\windows\System32\drivers\grmnusb.sys [15720 2012-04-18] (GARMIN Corp.)
S3 huawei_cdcacm; C:\windows\System32\DRIVERS\ew_jucdcacm.sys [89856 2011-07-12] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\windows\System32\DRIVERS\ew_juextctrl.sys [26624 2011-07-12] (Huawei Technologies Co., Ltd.)
S3 huawei_wwanecm; C:\windows\System32\DRIVERS\ew_juwwanecm.sys [182272 2011-07-12] (Huawei Technologies Co., Ltd.)
R1 mfetdik; C:\windows\System32\drivers\mfetdik.sys [55336 2009-05-16] (McAfee, Inc.)
S3 NETw1v32; C:\windows\System32\DRIVERS\NETw1v32.sys [5958656 2009-07-21] (Intel Corporation)
R2 npf; C:\windows\System32\drivers\npf.sys [50704 2010-01-27] (CACE Technologies, Inc.)
R0 sptd; C:\windows\System32\Drivers\sptd.sys [436792 2012-06-05] () [File not signed]
S3 ss_bbus; C:\windows\System32\DRIVERS\ss_bbus.sys [98432 2010-04-27] (MCCI)
S3 ss_bmdfl; C:\windows\System32\DRIVERS\ss_bmdfl.sys [14848 2010-04-27] (MCCI Corporation)
S3 ss_bmdm; C:\windows\System32\DRIVERS\ss_bmdm.sys [123648 2010-04-27] (MCCI Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220240 2015-04-05] (Avast Software)
R3 yukonw7; C:\windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
U5 AppMgmt; C:\windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Marketa\AppData\Local\Temp\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-22 07:22 - 2015-04-22 07:22 - 00018241 _____ () C:\Users\Marketa\Desktop\FRST.txt
2015-04-22 07:14 - 2015-04-22 07:14 - 00000000 ____D () C:\rsit
2015-04-22 07:13 - 2015-04-22 07:13 - 01139200 _____ (Farbar) C:\Users\Marketa\Desktop\FRST.exe
2015-04-22 07:13 - 2015-04-22 07:13 - 01107968 _____ () C:\Users\Marketa\Desktop\RSIT.exe
2015-04-22 07:13 - 2015-04-22 07:13 - 00112640 _____ (forum.viry.cz) C:\Users\Marketa\Desktop\FRSTLauncher.exe
2015-04-22 05:49 - 2015-04-22 07:03 - 00001590 _____ () C:\windows\PFRO.log
2015-04-21 23:22 - 2015-04-21 23:22 - 26746441 _____ () C:\Users\Marketa\Downloads\HELLOWEEN _ Battle's Won (OFFICIAL TRACK AND LYRIC VIDEO).mp4
2015-04-21 23:22 - 2015-04-21 23:22 - 17699085 _____ () C:\Users\Marketa\Downloads\BEHEMOTH - Messe Noir (OFFICIAL VIDEO).mp4
2015-04-21 23:21 - 2015-04-21 23:22 - 12628751 _____ () C:\Users\Marketa\Downloads\SLAYER _ When The Stillness Comes (OFFICIAL TRACK).mp4
2015-04-21 23:21 - 2015-04-21 23:22 - 08502565 _____ () C:\Users\Marketa\Downloads\AGNOSTIC FRONT - The American Dream Died (OFFICIAL VIDEO).mp4
2015-04-21 23:21 - 2015-04-21 23:21 - 11999659 _____ () C:\Users\Marketa\Downloads\AGNOSTIC FRONT - 'A Wise Man' featuring Matt Henderson (OFFICIAL VIDEO).mp4
2015-04-21 23:20 - 2015-04-21 23:20 - 17169901 _____ () C:\Users\Marketa\Downloads\UNLEASHED - Defenders Of Midgard (OFFICIAL LYRIC VIDEO).mp4
2015-04-21 22:56 - 2015-04-21 23:14 - 00128000 _____ () C:\Users\Marketa\Documents\Nase_finance.rqm.01
2015-04-21 22:56 - 2015-04-21 22:29 - 00128000 _____ () C:\Users\Marketa\Documents\Nase_finance.rqm.02
2015-04-20 09:28 - 2015-04-22 07:03 - 00002756 _____ () C:\windows\setupact.log
2015-04-20 09:28 - 2015-04-20 09:28 - 00000000 _____ () C:\windows\setuperr.log
2015-04-20 08:06 - 2015-04-20 08:06 - 00002161 _____ () C:\Users\Default\Desktop\Google Chrome.lnk
2015-04-20 08:06 - 2015-04-20 08:06 - 00002161 _____ () C:\Users\Default User\Desktop\Google Chrome.lnk
2015-04-20 08:05 - 2015-04-21 06:54 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\Seznam.cz
2015-04-20 08:05 - 2015-04-21 06:54 - 00000000 ____D () C:\Program Files\Seznam.cz
2015-04-20 08:03 - 2015-04-20 08:03 - 00048110 _____ () C:\Users\Marketa\Downloads\Game.of.Thrones.S05E01.720p.HDTV.x264-IMMERSE.srt
2015-04-20 08:02 - 2015-04-20 08:58 - 00000000 ____D () C:\Users\Marketa\Downloads\Game.of.Thrones.S05E02.INTERNAL.720p.HDTV.x264-KILLERS[rarbg]
2015-04-20 08:01 - 2015-04-20 08:01 - 00050042 _____ () C:\Users\Marketa\Downloads\Game.of.Thrones.S05E02.INTERNAL.720p.HDTV.x264-KILLERS.srt
2015-04-19 18:17 - 2015-04-20 13:12 - 00000000 ____D () C:\Users\Marketa\Desktop\Adršpach 17.-19.4.2015
2015-04-16 15:43 - 2015-04-16 15:44 - 00000000 ____D () C:\Users\Marketa\Desktop\nove foto
2015-04-16 13:10 - 2015-04-21 23:14 - 00000000 ____D () C:\Users\Marketa\Desktop\RQMONEY
2015-04-15 16:12 - 2015-04-15 16:12 - 00000000 ____D () C:\Users\Marketa\Downloads\Resonance - Dunumba Negro Spirituals & African Rhythms
2015-04-15 12:34 - 2015-04-16 06:09 - 00000000 ____D () C:\Users\Marketa\Desktop\Poznávání nástrojů
2015-04-15 05:56 - 2015-04-15 05:56 - 00000000 ___RD () C:\Program Files\Skype
2015-04-15 05:56 - 2015-04-15 05:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-04-15 05:56 - 2015-04-15 05:56 - 00000000 ____D () C:\Program Files\Common Files\Skype
2015-04-15 05:49 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-04-15 05:49 - 2015-03-23 05:06 - 00860160 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-04-15 05:49 - 2015-03-23 05:06 - 00630784 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-04-15 05:49 - 2015-03-23 05:06 - 00576000 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-04-15 05:49 - 2015-03-23 05:06 - 00331264 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-04-15 05:49 - 2015-03-23 05:06 - 00202752 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-04-15 05:49 - 2015-03-23 05:06 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-04-15 05:49 - 2015-03-23 05:06 - 00026112 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-04-15 05:49 - 2015-03-23 04:59 - 00896000 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-04-15 05:49 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2015-04-15 05:49 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-04-15 05:49 - 2015-03-17 07:01 - 00137656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-04-15 05:49 - 2015-03-17 07:01 - 00067512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-04-15 05:49 - 2015-03-17 06:59 - 01306112 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-04-15 05:49 - 2015-03-17 06:57 - 01061376 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-04-15 05:49 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-04-15 05:49 - 2015-03-17 06:57 - 00400896 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-04-15 05:49 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-04-15 05:49 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-04-15 05:49 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-04-15 05:49 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-04-15 05:49 - 2015-03-17 06:57 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-04-15 05:49 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-04-15 05:49 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-04-15 05:49 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-04-15 05:49 - 2015-03-17 06:57 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-04-15 05:49 - 2015-03-17 06:56 - 00262656 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-04-15 05:49 - 2015-03-17 06:56 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-04-15 05:49 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-04-15 05:49 - 2015-03-17 06:56 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-04-15 05:49 - 2015-03-17 06:56 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-04-15 05:49 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-04-15 05:49 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-04-15 05:49 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-04-15 05:49 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-04-15 05:49 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-04-15 05:49 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-04-15 05:49 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-04-15 05:49 - 2015-03-13 05:42 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-04-15 05:49 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-04-15 05:49 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-04-15 05:49 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-04-15 05:49 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-04-15 05:49 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-04-15 05:49 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-04-15 05:49 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-04-15 05:49 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-04-15 05:49 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-04-15 05:49 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-04-15 05:49 - 2015-03-13 05:16 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-04-15 05:49 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-04-15 05:49 - 2015-03-13 05:09 - 00667648 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-04-15 05:49 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-04-15 05:49 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 05:49 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-04-15 05:49 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-04-15 05:49 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-04-15 05:49 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-04-15 05:49 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-04-15 05:49 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-04-15 05:49 - 2015-03-13 04:43 - 00685568 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-04-15 05:49 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-04-15 05:49 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-04-15 05:49 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-04-15 05:49 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-04-15 05:49 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-04-15 05:49 - 2015-03-04 06:16 - 00249784 _____ (Microsoft Corporation) C:\windows\system32\clfs.sys
2015-04-15 05:49 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\windows\system32\clfsw32.dll
2015-04-15 05:48 - 2015-03-05 06:06 - 00305152 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-04-15 05:43 - 2015-03-25 05:00 - 03088384 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-04-15 05:43 - 2015-03-25 05:00 - 02020864 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-04-15 05:43 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-04-15 05:43 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-04-15 05:43 - 2015-03-25 05:00 - 00131584 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-04-15 05:43 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-04-15 05:43 - 2015-03-25 05:00 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-04-15 05:43 - 2015-03-25 05:00 - 00035328 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-04-15 05:43 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-04-15 05:43 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-04-15 05:43 - 2015-03-25 05:00 - 00011776 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-04-15 05:43 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-04-15 05:43 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2015-04-15 05:43 - 2015-02-25 05:03 - 00514560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2015-04-14 12:16 - 2015-04-15 15:14 - 00000000 ____D () C:\Users\Marketa\Desktop\Hudební nástroje
2015-04-14 05:14 - 2015-04-14 05:23 - 66195381 _____ () C:\Users\Marketa\Desktop\zasilka-EL5UT9G2ID2T854V.zip
2015-04-13 12:56 - 2015-04-13 13:02 - 00000000 ____D () C:\Users\Marketa\Downloads\Game.of.Thrones.S05E01.720p.HDTV.x264-IMMERSE[rarbg]
2015-04-08 00:09 - 2015-04-08 00:10 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\MyHeritage
2015-04-08 00:09 - 2015-04-08 00:10 - 00000000 ____D () C:\ProgramData\MyHeritage
2015-04-08 00:09 - 2015-04-08 00:09 - 00000000 ____D () C:\Users\Marketa\Documents\MyHeritage
2015-04-08 00:08 - 2015-04-08 00:08 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\The Complete Genealogy Reporter - FTB
2015-04-08 00:08 - 2015-04-08 00:08 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyHeritage.com
2015-04-08 00:08 - 2015-04-08 00:08 - 00000000 ____D () C:\Program Files\MyHeritage
2015-04-08 00:08 - 2012-08-02 08:56 - 00606208 _____ (Lorenzi Davide) C:\windows\system32\HexUniRTFBox.ocx
2015-04-08 00:08 - 2010-06-17 19:49 - 02029056 _____ (Bytescout) C:\windows\system32\PDFDocScout.DLL
2015-04-08 00:08 - 2004-12-07 11:11 - 00258352 _____ (Microsoft Corporation) C:\windows\system32\unicows.dll
2015-04-08 00:08 - 2003-07-06 14:07 - 00372736 _____ (Intel Corporation) C:\windows\system32\ijl15.dll
2015-04-08 00:08 - 2002-03-07 01:19 - 00454656 _____ () C:\windows\system32\PaintX.dll
2015-04-08 00:08 - 1998-06-24 01:00 - 00137000 _____ (Microsoft Corporation) C:\windows\system32\msmapi32.ocx
2015-04-05 08:11 - 2015-04-05 08:11 - 00000000 ___SD () C:\windows\system32\GWX
2015-04-05 06:15 - 2015-04-05 06:14 - 00291312 _____ (Avast Software s.r.o.) C:\windows\system32\aswBoot.exe
2015-04-05 06:14 - 2015-04-05 06:14 - 00043112 _____ (Avast Software s.r.o.) C:\windows\avastSS.scr
2015-03-31 03:46 - 2015-03-31 03:50 - 00000000 ____D () C:\Users\Marketa\Downloads\MTP S02
2015-03-31 03:44 - 2015-03-31 03:46 - 00000000 ____D () C:\Users\Marketa\Downloads\MTP S01
2015-03-30 21:25 - 2015-03-30 23:36 - 00000000 ____D () C:\Users\Marketa\Downloads\FARGO Season 1 COMPLETE 720p
2015-03-30 21:23 - 2015-03-31 01:34 - 545263066 _____ () C:\Users\Marketa\Downloads\Fargo.1996.720p.BluRay.x264-SiNNERS.mkv
2015-03-30 21:17 - 2015-04-21 23:09 - 00000000 ____D () C:\Users\Marketa\Downloads\TRUE DETECTIVE S01
2015-03-30 14:11 - 2015-03-30 23:19 - 1644912472 _____ () C:\Users\Marketa\Downloads\Seventh.Son.2015.HDRip.XViD+CZ-tit.Super-Fantasy.avi
2015-03-28 18:00 - 2015-03-28 18:00 - 00000000 ____D () C:\Users\Marketa\Downloads\Andrzej Sapkowski-Zaklinac I.Posledni prani (CZ)(2013)
2015-03-24 09:21 - 2015-03-24 10:32 - 00000000 ____D () C:\Users\Marketa\Downloads\PORCUPINE TREE
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-22 07:23 - 2013-01-28 23:49 - 00000000 ____D () C:\ProgramData\ActivityMon
2015-04-22 07:22 - 2014-11-26 23:04 - 00000000 ____D () C:\FRST
2015-04-22 07:14 - 2011-10-19 12:23 - 00000000 ____D () C:\Program Files\trend micro
2015-04-22 07:13 - 2009-07-14 06:34 - 00022688 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-22 07:13 - 2009-07-14 06:34 - 00022688 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-22 07:11 - 2013-07-26 21:31 - 01759166 _____ () C:\windows\WindowsUpdate.log
2015-04-22 07:11 - 2009-09-20 09:17 - 00006432 _____ () C:\windows\system32\PerfStringBackup.INI
2015-04-22 07:03 - 2015-02-05 19:35 - 00000936 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-22 07:03 - 2009-07-14 06:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-04-22 05:51 - 2015-02-06 14:45 - 00000970 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001UA.job
2015-04-22 05:49 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\Cursors
2015-04-21 23:23 - 2011-09-14 11:39 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\uTorrent
2015-04-21 23:13 - 2011-09-22 20:43 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\Winamp
2015-04-21 22:40 - 2015-02-05 19:35 - 00000940 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-21 22:30 - 2014-12-13 09:10 - 00000342 _____ () C:\windows\Tasks\HP Photo Creations Communicator.job
2015-04-21 19:41 - 2013-05-06 21:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-04-21 13:50 - 2015-02-06 14:45 - 00000918 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001Core.job
2015-04-21 08:18 - 2014-06-30 11:21 - 00114904 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-20 20:33 - 2014-08-11 12:01 - 00000000 ____D () C:\Users\Marketa\Desktop\MŠ Rybička
2015-04-20 12:27 - 2014-11-26 23:22 - 00000000 ____D () C:\AdwCleaner
2015-04-20 12:14 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\config\Journal
2015-04-20 12:11 - 2009-09-20 09:08 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2015-04-20 09:16 - 2012-04-09 17:13 - 13531648 ___SH () C:\Users\Marketa\Desktop\Thumbs.db
2015-04-20 09:07 - 2011-09-14 11:35 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\Media Player Classic
2015-04-20 08:48 - 2012-03-17 08:21 - 00000000 ____D () C:\windows\Minidump
2015-04-20 06:49 - 2009-07-14 04:04 - 00000513 _____ () C:\windows\win.ini
2015-04-20 06:47 - 2011-09-12 16:50 - 00000000 ____D () C:\Users\Marketa\AppData\Local\PDFC
2015-04-20 06:47 - 2009-07-14 06:52 - 00000000 ____D () C:\windows\twain_32
2015-04-16 19:47 - 2011-09-15 20:00 - 00000052 _____ () C:\windows\system32\DOErrors.log
2015-04-16 19:45 - 2011-09-20 13:54 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\HpUpdate
2015-04-16 18:44 - 2013-11-13 11:48 - 00000000 ____D () C:\Users\Marketa\Desktop\Tea foto
2015-04-16 14:28 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\Microsoft.NET
2015-04-16 05:56 - 2009-09-20 09:18 - 00000000 ____D () C:\ProgramData\PDFC
2015-04-15 18:00 - 2012-03-08 19:05 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\Audacity
2015-04-15 07:21 - 2013-09-13 19:59 - 00000000 ____D () C:\windows\rescache
2015-04-15 07:21 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\AppCompat
2015-04-15 06:31 - 2014-12-11 07:25 - 00000000 ____D () C:\windows\system32\appraiser
2015-04-15 06:31 - 2014-05-07 06:16 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-04-15 06:10 - 2009-09-20 09:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-15 06:09 - 2013-08-05 09:25 - 00000000 ____D () C:\windows\system32\MRT
2015-04-15 06:01 - 2011-09-16 06:32 - 125832184 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-04-15 05:56 - 2011-09-12 16:37 - 00000000 ____D () C:\ProgramData\Skype
2015-04-12 07:46 - 2013-12-14 11:03 - 00000000 ____D () C:\Users\Marketa\Desktop\Foto rodina
2015-04-12 07:38 - 2013-07-21 12:34 - 00000000 ____D () C:\Users\Marketa\Desktop\Foto vyvolat
2015-04-08 18:53 - 2014-06-25 05:28 - 00000000 ____D () C:\Users\Marketa\AppData\Local\Battle.net
2015-04-08 18:13 - 2014-06-25 05:28 - 00000000 ____D () C:\Program Files\Battle.net
2015-04-08 18:11 - 2014-06-25 05:29 - 00000000 ____D () C:\Program Files\Hearthstone
2015-04-08 17:56 - 2014-05-11 10:52 - 00000000 ____D () C:\Program Files\Opera
2015-04-05 12:49 - 2011-09-20 13:04 - 00000000 ____D () C:\Users\Marketa\Desktop\Noty
2015-04-05 12:19 - 2011-09-23 17:30 - 00000000 ____D () C:\Users\Marketa\AppData\Roaming\BatteryBar
2015-04-05 07:13 - 2013-12-30 17:32 - 00000746 _____ () C:\Users\Marketa\Desktop\The Brunette Juice Zdravý fingerfood )).website
2015-04-05 06:45 - 2014-05-06 05:00 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-04-05 06:16 - 2011-09-14 19:14 - 00000000 ____D () C:\Users\Marketa\AppData\Local\Adobe
2015-04-05 06:15 - 2014-04-25 20:17 - 00024144 _____ () C:\windows\system32\Drivers\aswHwid.sys
2015-04-05 06:15 - 2013-12-26 16:31 - 00106912 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswStm.sys
2015-04-05 06:15 - 2013-03-02 00:39 - 00208024 _____ () C:\windows\system32\Drivers\aswVmm.sys
2015-04-05 06:15 - 2013-03-02 00:39 - 00049904 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2015-04-05 06:15 - 2012-02-25 23:34 - 00081728 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswRdr2.sys
2015-04-05 06:15 - 2011-09-14 11:28 - 00427736 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswSP.sys
2015-04-05 06:15 - 2011-09-14 11:28 - 00073440 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswMonFlt.sys
2015-04-05 06:14 - 2011-09-14 11:28 - 00788272 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswSnx.sys
2015-04-05 06:11 - 2012-04-02 05:04 - 00778928 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2015-04-05 06:11 - 2011-09-26 20:32 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2015-03-29 09:25 - 2009-07-14 06:53 - 00032580 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2015-03-28 22:30 - 2013-12-18 08:54 - 00000000 ____D () C:\Users\Marketa\Desktop\Montessori pomůcky
2015-03-28 08:24 - 2011-10-15 22:13 - 00000000 ____D () C:\Users\Marketa\Desktop\Sokol
2015-03-28 08:22 - 2015-02-15 19:58 - 00000000 ____D () C:\Users\Marketa\Desktop\Mentoring
==================== Files in the root of some directories =======
2007-02-16 15:17 - 2007-02-16 15:17 - 3792183 ____N (Cambridge University Press) C:\Program Files\face2face.exe
2006-01-26 18:48 - 2006-01-26 18:48 - 2673430 ____N () C:\Program Files\Resources.swf
2011-10-07 19:16 - 2010-01-26 11:11 - 0444283 ____N () C:\Program Files\Common Files\WinPcapNmap.exe
2012-01-15 13:56 - 2013-12-06 09:56 - 0000132 _____ () C:\Users\Marketa\AppData\Roaming\Adobe Formát BMP CS5 – předvolby
2013-10-27 10:10 - 2013-10-27 10:10 - 0000132 _____ () C:\Users\Marketa\AppData\Roaming\Filtr IIIExport Adobe CS5 – předvolby
2011-09-12 16:50 - 2011-09-12 16:50 - 0000000 _____ () C:\Users\Marketa\AppData\Local\AtStart.txt
2013-11-06 00:47 - 2014-11-12 16:31 - 0000058 _____ () C:\Users\Marketa\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2011-09-12 16:50 - 2011-09-12 16:50 - 0000000 _____ () C:\Users\Marketa\AppData\Local\DSwitch.txt
2011-09-12 16:50 - 2011-09-12 16:50 - 0000000 _____ () C:\Users\Marketa\AppData\Local\QSwitch.txt
2012-11-10 07:12 - 2012-11-10 07:12 - 0005124 _____ () C:\ProgramData\content.ie5
2011-07-12 14:02 - 2011-07-12 14:02 - 0232496 ____R () C:\ProgramData\DeviceManager.xml.rc4
2011-11-19 20:32 - 2011-11-19 20:32 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2009-09-20 09:39 - 2009-09-20 09:39 - 0000191 _____ () C:\ProgramData\HPWALog.txt
2011-09-20 13:46 - 2012-04-09 18:16 - 0017331 _____ () C:\ProgramData\hpzinstall.log
Some content of TEMP:
====================
C:\Users\Marketa\AppData\Local\Temp\ecacabfbdfbj.exe
C:\Users\Marketa\AppData\Local\Temp\game.of.thrones.s05e01.720p.hdtv.x264.immerse__10924_i1501510443_il18508.exe
C:\Users\Marketa\AppData\Local\Temp\Quarantine.exe
C:\Users\Marketa\AppData\Local\Temp\sqlite3.dll
C:\Users\Marketa\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001Core.job => C:\Users\Marketa\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001UA.job => C:\Users\Marketa\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Marketa\Desktop" je 68514 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\accrdsub
"C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\acevents
"C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\actSessionUI32.exe
"C:\Program Files\ActivityMon Software\ActivityMon\actSessionUI32.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ANT Agent
c:\program files\garmin\ant agent\ant agent.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cobian Backup 11 interface
"C:\Program Files\Cobian Backup 11\cbInterface.exe" -service [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CognizanceTS
rundll32.exe C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarminExpressTrayApp
"C:\Program Files\Garmin\Express Tray\ExpressTray.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPADVISOR
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileBroadband
C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NCPluginUpdater
"C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PTHOSTTR
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files\QuickTime\QTTask.exe" -atboottime [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX
C:\Program Files\Analog Devices\SoundMAX\soundmax.exe /tray [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP
C:\Program Files\Analog Devices\Core\smax4pnp.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh
%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vidalia
"C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WirelessAssistant
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk
C:\PROGRA~1\WinZip\WZQKPICK.EXE [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Marketa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk
C:\Users\Marketa\AppData\Roaming\Dropbox\bin\Dropbox.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Marketa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^V��ezy obrazovky a spu�t�n� aplikace OneNote 2010.lnk
C:\PROGRA~1\MICROS~2\Office14\ONENOTEM.EXE
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000001
==================== End Of Log ==============================
Re: Prosím o kontrolu. Díky
Vidim, ze velikost plochy je porad stejna 
Vypnete trvale Windows Defender
Otevrete si poznamkovy blok a zkopirujte do nej tento skript
Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.
Vypnete trvale Windows Defender Otevrete si poznamkovy blok a zkopirujte do nej tento skript
Kód: Vybrat vše
Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [296056 2011-11-28] (RealNetworks, Inc.)
HKU\S-1-5-21-730507215-887370363-3937766701-1001\...\Run: [Google Update] => C:\Users\Marketa\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-07-21] (Google Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-730507215-887370363-3937766701-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03] (Google Inc.)
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R1 mfetdik; C:\windows\System32\drivers\mfetdik.sys [55336 2009-05-16] (McAfee, Inc.)
S3 catchme; \??\C:\Users\Marketa\AppData\Local\Temp\catchme.sys [X]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-20 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-05 268464]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-20 107912]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-21 194032]
C:\Users\Marketa\AppData\Local\Temp\ecacabfbdfbj.exe
C:\Users\Marketa\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001Core.job => C:\Users\Marketa\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001UA.job => C:\Users\Marketa\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f
Hosts:
EmptyTemp:
Reboot:
EndKliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu. Díky
ten windows defender mam vypnout naporad?
plochu bude cistit zena, je to jeji notas, reknu ji to, diky
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 20-04-2015
Ran by Marketa at 2015-04-22 09:52:57 Run:2
Running from C:\Users\Marketa\Desktop
Loaded Profiles: Marketa (Available profiles: Marketa)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [296056 2011-11-28] (RealNetworks, Inc.)
HKU\S-1-5-21-730507215-887370363-3937766701-1001\...\Run: [Google Update] => C:\Users\Marketa\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-07-21] (Google Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-730507215-887370363-3937766701-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03] (Google Inc.)
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R1 mfetdik; C:\windows\System32\drivers\mfetdik.sys [55336 2009-05-16] (McAfee, Inc.)
S3 catchme; \??\C:\Users\Marketa\AppData\Local\Temp\catchme.sys [X]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-20 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-05 268464]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-20 107912]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-21 194032]
C:\Users\Marketa\AppData\Local\Temp\ecacabfbdfbj.exe
C:\Users\Marketa\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001Core.job => C:\Users\Marketa\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001UA.job => C:\Users\Marketa\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\TkBellExe => value deleted successfully.
HKU\S-1-5-21-730507215-887370363-3937766701-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => value deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-730507215-887370363-3937766701-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
"HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => Key deleted successfully.
SwitchBoard => Service deleted successfully.
mfetdik => Unable to stop service
mfetdik => Service deleted successfully.
catchme => Service deleted successfully.
AdobeARMservice => Service deleted successfully.
gupdate => Service deleted successfully.
SkypeUpdate => Service deleted successfully.
AdobeFlashPlayerUpdateSvc => Service deleted successfully.
gupdatem => Service deleted successfully.
gusvc => Service deleted successfully.
C:\Users\Marketa\AppData\Local\Temp\ecacabfbdfbj.exe => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe => Moved successfully.
C:\windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001Core.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001UA.job => Moved successfully.
C:\windows\Tasks\HP Photo Creations Communicator.job => Moved successfully.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 224.1 MB temporary data.
The system needed a reboot.
==== End of Fixlog 09:54:38 ====
plochu bude cistit zena, je to jeji notas, reknu ji to, diky
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 20-04-2015
Ran by Marketa at 2015-04-22 09:52:57 Run:2
Running from C:\Users\Marketa\Desktop
Loaded Profiles: Marketa (Available profiles: Marketa)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [296056 2011-11-28] (RealNetworks, Inc.)
HKU\S-1-5-21-730507215-887370363-3937766701-1001\...\Run: [Google Update] => C:\Users\Marketa\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-07-21] (Google Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-730507215-887370363-3937766701-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03] (Google Inc.)
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R1 mfetdik; C:\windows\System32\drivers\mfetdik.sys [55336 2009-05-16] (McAfee, Inc.)
S3 catchme; \??\C:\Users\Marketa\AppData\Local\Temp\catchme.sys [X]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-20 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-05 268464]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-20 107912]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-21 194032]
C:\Users\Marketa\AppData\Local\Temp\ecacabfbdfbj.exe
C:\Users\Marketa\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001Core.job => C:\Users\Marketa\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001UA.job => C:\Users\Marketa\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\TkBellExe => value deleted successfully.
HKU\S-1-5-21-730507215-887370363-3937766701-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => value deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-730507215-887370363-3937766701-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
"HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => Key deleted successfully.
SwitchBoard => Service deleted successfully.
mfetdik => Unable to stop service
mfetdik => Service deleted successfully.
catchme => Service deleted successfully.
AdobeARMservice => Service deleted successfully.
gupdate => Service deleted successfully.
SkypeUpdate => Service deleted successfully.
AdobeFlashPlayerUpdateSvc => Service deleted successfully.
gupdatem => Service deleted successfully.
gusvc => Service deleted successfully.
C:\Users\Marketa\AppData\Local\Temp\ecacabfbdfbj.exe => Moved successfully.
C:\Users\Marketa\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe => Moved successfully.
C:\windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001Core.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-730507215-887370363-3937766701-1001UA.job => Moved successfully.
C:\windows\Tasks\HP Photo Creations Communicator.job => Moved successfully.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 224.1 MB temporary data.
The system needed a reboot.
==== End of Fixlog 09:54:38 ====
Re: Prosím o kontrolu. Díky
Anocica18 píše:ten windows defender mam vypnout naporad?
Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce) vyosek píše:
- Stahnete a spustte
- Ponechte zatrzitkou pouze u volby Remove disinfection tools
- Kliknete na Run
Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)
Defragmentujte disk(y) (SSD Disky ne!)Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.
Pak napiste, jak je na tom pc.Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu. Díky
hmm tak nic moc
po startu mi jako prvni vyrazi nova hlaska ze jakysi server je zaneprazdneny.....v ccleaneru jsem tedy pozaviral vsechny nesmysly po startu pocinaje prave ccleanerem a asi dalsich 5......v prubehu prace mi pocitac zamrzal.....ted se to zda lepsi ovsem zase mi nejsou psat na klavesnici pismena s diaktrikou pouze....ř a ž, ostatni klavesy v teto rade nereaguji....tak nevim
po startu mi jako prvni vyrazi nova hlaska ze jakysi server je zaneprazdneny.....v ccleaneru jsem tedy pozaviral vsechny nesmysly po startu pocinaje prave ccleanerem a asi dalsich 5......v prubehu prace mi pocitac zamrzal.....ted se to zda lepsi ovsem zase mi nejsou psat na klavesnici pismena s diaktrikou pouze....ř a ž, ostatni klavesy v teto rade nereaguji....tak nevim
Re: Prosím o kontrolu. Díky
Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)
Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.) Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc! Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte
Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradkuPokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?